fix(mana-core-auth): add Matrix Synapse as trusted OIDC client

Configure Matrix Synapse as a trusted client that skips the consent screen. This enables seamless SSO login without requiring user consent for each login. Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
2026-05-14 20:21:09 +02:00 · 2026-01-30 18:26:30 +01:00 · 2026-01-30 18:26:30 +01:00 · bb428d4b38
commit bb428d4b38
parent ee05b6c3ca
1 changed files with 11 additions and 0 deletions
--- a/services/mana-core-auth/src/auth/better-auth.config.ts
+++ b/services/mana-core-auth/src/auth/better-auth.config.ts
@ -323,6 +323,17 @@ export function createBetterAuth(databaseUrl: string) {
 				metadata: {
 					issuer: process.env.BASE_URL || 'http://localhost:3001',
 				},
+				// Trusted clients that skip consent screen
+				// These clients are considered first-party and don't need user consent
+				trustedClients: [
+					{
+						clientId: 'matrix-synapse',
+						clientSecret: process.env.SYNAPSE_OIDC_CLIENT_SECRET || '',
+						name: 'Matrix Synapse',
+						redirectUrls: ['https://matrix.mana.how/_synapse/client/oidc/callback'],
+						skipConsent: true,
+					},
+				],
 			}),
 		],
 	});