Skip to content

Add appwrite OAuth2 provider to migration allow-list#207

Merged
Meldiron merged 1 commit into
mainfrom
feat-oauth2-appwrite-provider
Jul 9, 2026
Merged

Add appwrite OAuth2 provider to migration allow-list#207
Meldiron merged 1 commit into
mainfrom
feat-oauth2-appwrite-provider

Conversation

@Meldiron

@Meldiron Meldiron commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

What

Adds the appwrite provider key (Appwrite-as-an-identity-provider, e.g. sign in with Appwrite Cloud) to the OAuth2Provider::PROVIDERS allow-list, inserted alphabetically between apple and auth0.

Why

Appwrite server is adding a built-in appwrite OAuth2 provider. Migrations that include the oauth2-provider resource currently fail with:

No migration resource for OAuth2 provider 'appwrite'; skipped.

Details

  • Only clientId migrates, targeting the destination's appwriteAppid project attribute — same shape as github/discord.
  • clientSecret is write-only on the server and is never copied, consistent with the class's secret-redaction policy.
  • The OAuth endpoint is hardcoded server-side (https://cloud.appwrite.io/v1/oauth2/console), so there is no endpoint/domain setting to carry over.
  • No changes needed in Sources/Appwrite.php or Destinations/Appwrite.php — both are driven by the PROVIDERS descriptor.

Tests

New OAuth2ProviderTest unit test covering fromArray() for the appwrite key, secret redaction across every provider in the allow-list, and unknown-provider handling.

A release should follow this merge so appwrite/appwrite can bump utopia-php/migration past 1.16.0.

🤖 Generated with Claude Code

Appwrite server is adding a built-in 'appwrite' OAuth2 provider
(sign in with Appwrite Cloud). Without an entry in the PROVIDERS
allow-list, migrations report "No migration resource for OAuth2
provider 'appwrite'; skipped."

Only clientId migrates (to the appwriteAppid attribute); clientSecret
is write-only and stays redacted per the existing policy. The OAuth
endpoint is hardcoded server-side, so there is no endpoint setting.

Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
@greptile-apps

greptile-apps Bot commented Jul 9, 2026

Copy link
Copy Markdown
Contributor

Greptile Summary

This PR adds appwrite to the OAuth2Provider::PROVIDERS allow-list so that migrations including an Appwrite-as-identity-provider OAuth2 configuration no longer fail with an "unknown provider" skip. The change is a single-line addition in alphabetical order and a new unit test covering the new entry, secret-redaction for every provider, and unknown-provider handling.

  • appwrite is mapped with only clientId → TARGET_APP_ID (written to appwriteAppid on the destination), consistent with providers like github and discord; clientSecret and the hardcoded OAuth endpoint are intentionally excluded from migration.
  • The new OAuth2ProviderTest class correctly uses the project's Utopia\Tests\Unit\Resources namespace and covers the redaction invariant across the entire allow-list in a single parameterised loop.

Confidence Score: 5/5

The change is a single allow-list entry and a new test file; no existing logic is modified.

The addition follows the established pattern exactly, is placed correctly in alphabetical order, deliberately omits clientSecret (consistent with the class's redaction policy), and is covered by a well-structured test that also exercises secret-redaction across every provider in the list.

No files require special attention.

Important Files Changed

Filename Overview
src/Migration/Resources/Auth/OAuth2/OAuth2Provider.php Adds appwrite to the PROVIDERS allow-list in alphabetical order with only clientId → TARGET_APP_ID; no secrets or endpoint fields included. Change is a single line and follows the exact same pattern as other simple providers (e.g. github, discord).
tests/Migration/Unit/Resources/OAuth2ProviderTest.php New test class covering fromArray for the appwrite key, secret-redaction invariant across every provider in the allow-list, and unknown-provider null return. Namespace and directory match the project's autoload-dev PSR-4 mapping.

Reviews (1): Last reviewed commit: "Add appwrite OAuth2 provider to migratio..." | Re-trigger Greptile

@Meldiron Meldiron merged commit 80f7f49 into main Jul 9, 2026
4 checks passed
@Meldiron Meldiron deleted the feat-oauth2-appwrite-provider branch July 9, 2026 19:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant