diff --git a/services/mana-core-auth/src/db/schema/auth.schema.ts b/services/mana-core-auth/src/db/schema/auth.schema.ts index cb28a5b21..8c67140b7 100644 --- a/services/mana-core-auth/src/db/schema/auth.schema.ts +++ b/services/mana-core-auth/src/db/schema/auth.schema.ts @@ -135,7 +135,7 @@ export const oauthApplications = authSchema.table('oauth_applications', { metadata: text('metadata'), clientId: text('client_id').unique().notNull(), clientSecret: text('client_secret').notNull(), - redirectURLs: text('redirect_urls').notNull(), // JSON array as text + redirectURLs: text('redirect_urls').notNull(), // Comma-separated URLs (Better Auth expects this format, NOT JSON) type: text('type').notNull().default('web'), // web, native, spa disabled: boolean('disabled').default(false).notNull(), userId: text('user_id').references(() => users.id, { onDelete: 'cascade' }), diff --git a/services/mana-core-auth/src/db/seeds/seed-oidc-clients.ts b/services/mana-core-auth/src/db/seeds/seed-oidc-clients.ts index 84f7f7470..926b329db 100644 --- a/services/mana-core-auth/src/db/seeds/seed-oidc-clients.ts +++ b/services/mana-core-auth/src/db/seeds/seed-oidc-clients.ts @@ -62,7 +62,8 @@ async function seed() { .update(oauthApplications) .set({ clientSecret: synapseClientSecret, - redirectURLs: JSON.stringify(['https://matrix.mana.how/_synapse/client/oidc/callback']), + // Better Auth expects comma-separated string, NOT JSON array + redirectURLs: 'https://matrix.mana.how/_synapse/client/oidc/callback', updatedAt: new Date(), }) .where(eq(oauthApplications.clientId, 'synapse')); @@ -77,7 +78,8 @@ async function seed() { icon: 'https://matrix.org/images/matrix-logo.svg', clientId: 'synapse', clientSecret: synapseClientSecret, - redirectURLs: JSON.stringify(['https://matrix.mana.how/_synapse/client/oidc/callback']), + // Better Auth expects comma-separated string, NOT JSON array + redirectURLs: 'https://matrix.mana.how/_synapse/client/oidc/callback', type: 'web', disabled: false, metadata: JSON.stringify({