AeThex-Corporation/AeThex-OS
1
0
Fork 0
mirror of https://github.com/AeThex-Corporation/AeThex-OS.git synced 2026-04-17 22:27:19 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions
AeThex-OS/OAUTH_SETUP.md
MrPiglr a15b5b1015 feat: integrate AeThex Language across entire OS ecosystem 
Major Features:
- Custom .aethex programming language with cross-platform compilation
- Compiles to JavaScript, Lua (Roblox), Verse (UEFN), and C# (Unity)
- Built-in COPPA compliance and PII detection for safe metaverse development

Integration Points:
1. Terminal Integration
   - Added 'aethex' command for in-terminal compilation
   - Support for all compilation targets with --target flag
   - Real-time error reporting and syntax highlighting

2. IDE Integration
   - Native .aethex file support in Monaco editor
   - One-click compilation with target selector
   - Download compiled code functionality
   - Two example files: hello.aethex and auth.aethex

3. Curriculum Integration
   - New "AeThex Language" section in Foundry tech tree
   - Three modules: Realities & Journeys, Cross-Platform Sync, COPPA Compliance
   - Certification path for students

4. Documentation Site
   - Complete docs at /docs route (client/src/pages/aethex-docs.tsx)
   - Searchable documentation with sidebar navigation
   - Language guide, standard library reference, and examples
   - Ready for deployment to aethex.dev

5. npm Package Publishing
   - @aethex.os/core@1.0.0 - Standard library (published)
   - @aethex.os/cli@1.0.1 - Command line compiler (published)
   - Both packages live on npm and globally installable

Domain Configuration:
- DNS setup for 29+ domains (aethex.app, aethex.co, etc.)
- nginx reverse proxy configuration
- CORS configuration for cross-domain requests
- OAuth redirect fixes for hash-based routing

Standard Library Features:
- Passport: Universal identity across platforms
- DataSync: Cross-platform data synchronization
- SafeInput: PII detection (phone, email, SSN, credit cards)
- Compliance: COPPA/FERPA age gates and audit logging

Documentation Package:
- Created aethex-dev-docs.zip with complete documentation
- Ready for static site deployment
- Includes examples, API reference, and quickstart guide

Technical Improvements:
- Fixed OAuth blank page issue (hash routing)
- Added .gitignore rules for temp files
- Cleaned up build artifacts and temporary files
- Updated all package references to @aethex.os namespace

Co-Authored-By: Claude <noreply@anthropic.com>
2026-02-11 22:28:05 -07:00

9.7 KiB
Raw Blame History

OAuth Provider Configuration for All AeThex Domains

This document contains the redirect URIs and configuration needed for each OAuth provider across all AeThex domains.

OAuth Redirect URI Pattern

All redirect URIs follow this pattern:

https://{domain}/auth/{provider}/callback

Provider Configurations

1. Discord OAuth

Discord Developer Portal: https://discord.com/developers/applications

Navigate to: Your Application → OAuth2 → Redirects

Add these redirect URIs:

https://aethex.app/auth/discord/callback
https://aethex.co/auth/discord/callback
https://aethex.tech/auth/discord/callback
https://aethex.id/auth/discord/callback
https://aethex.online/auth/discord/callback
https://aethex.fun/auth/discord/callback
https://aethex.live/auth/discord/callback
http://localhost:5173/auth/discord/callback (development)

Environment Variables:

DISCORD_CLIENT_ID=your_client_id
DISCORD_CLIENT_SECRET=your_client_secret

2. GitHub OAuth

GitHub Developer Settings: https://github.com/settings/developers

Navigate to: OAuth Apps → Your App → Authorization callback URL

Add these redirect URIs:

https://aethex.app/auth/github/callback
https://aethex.co/auth/github/callback
https://aethex.tech/auth/github/callback
https://aethex.id/auth/github/callback
https://aethex.dev/auth/github/callback
https://aethex.pro/auth/github/callback
http://localhost:5173/auth/github/callback (development)

Note: GitHub only allows ONE callback URL per OAuth App. You'll need to create multiple OAuth Apps (one per domain) OR use a single primary domain.

Recommended Approach:

  • Primary: https://aethex.app/auth/github/callback
  • Development: http://localhost:5173/auth/github/callback

Environment Variables:

GITHUB_CLIENT_ID=your_client_id
GITHUB_CLIENT_SECRET=your_client_secret

3. Roblox OAuth

Roblox Creator Hub: https://create.roblox.com/credentials

Navigate to: OAuth 2.0 Apps → Your App → Redirect URIs

Add these redirect URIs:

https://aethex.app/auth/roblox/callback
https://aethex.co/auth/roblox/callback
https://aethex.tech/auth/roblox/callback
https://aethex.id/auth/roblox/callback
https://aethex.fun/auth/roblox/callback
https://aethex.space/auth/roblox/callback
http://localhost:5173/auth/roblox/callback (development)

Environment Variables:

ROBLOX_CLIENT_ID=your_client_id
ROBLOX_CLIENT_SECRET=your_client_secret

4. Twitch OAuth

Twitch Developer Console: https://dev.twitch.tv/console/apps

Navigate to: Applications → Your App → OAuth Redirect URLs

Add these redirect URIs:

https://aethex.app/auth/twitch/callback
https://aethex.co/auth/twitch/callback
https://aethex.tech/auth/twitch/callback
https://aethex.id/auth/twitch/callback
https://aethex.live/auth/twitch/callback
https://aethex.fun/auth/twitch/callback
http://localhost:5173/auth/twitch/callback (development)

Environment Variables:

TWITCH_CLIENT_ID=your_client_id
TWITCH_CLIENT_SECRET=your_client_secret

5. Microsoft OAuth (Minecraft)

Azure Portal: https://portal.azure.com → Azure Active Directory → App registrations

Navigate to: Your App → Authentication → Redirect URIs

Add these redirect URIs:

https://aethex.app/auth/minecraft/callback
https://aethex.co/auth/minecraft/callback
https://aethex.tech/auth/minecraft/callback
https://aethex.id/auth/minecraft/callback
https://aethex.fun/auth/minecraft/callback
https://aethex.space/auth/minecraft/callback
http://localhost:5173/auth/minecraft/callback (development)

Platform Configuration:

  • Type: Web
  • Implicit grant: Access tokens, ID tokens

Environment Variables:

MICROSOFT_CLIENT_ID=your_client_id
MICROSOFT_CLIENT_SECRET=your_client_secret
MICROSOFT_TENANT_ID=consumers

Stripe Configuration

Stripe Dashboard: https://dashboard.stripe.com

Navigate to: Settings → Checkout settings → Success/Cancel URLs

Success URLs:

https://aethex.shop/upgrade/success
https://aethex.tech/upgrade/success
https://aethex.app/upgrade/success
https://aethex.biz/upgrade/success
https://aethex.pro/upgrade/success

Cancel URLs:

https://aethex.shop/upgrade/cancel
https://aethex.tech/upgrade/cancel
https://aethex.app/upgrade/cancel
https://aethex.biz/upgrade/cancel
https://aethex.pro/upgrade/cancel

Environment Variables:

STRIPE_SECRET_KEY=sk_live_...
STRIPE_PUBLISHABLE_KEY=pk_live_...
STRIPE_SUCCESS_URL=https://aethex.shop/upgrade/success
STRIPE_CANCEL_URL=https://aethex.shop/upgrade/cancel

Supabase Configuration

Supabase Dashboard: https://app.supabase.com

Navigate to: Authentication → URL Configuration

Site URL:

https://aethex.app

Redirect URLs (wildcards allowed):

https://aethex.app/**
https://aethex.co/**
https://aethex.tech/**
https://aethex.id/**
https://aethex.online/**
https://aethex.network/**
https://aethex.cloud/**
https://aethex.dev/**
https://*.aethex.app/**
https://*.aethex.cloud/**
http://localhost:5173/**

Environment Variables:

SUPABASE_URL=https://kmdeisowhtsalsekkzqd.supabase.co
SUPABASE_SERVICE_KEY=your_service_role_key
SUPABASE_ANON_KEY=your_anon_key
VITE_SUPABASE_URL=https://kmdeisowhtsalsekkzqd.supabase.co
VITE_SUPABASE_ANON_KEY=your_anon_key

Testing OAuth Flows

Test Script

Create a test script to verify OAuth flows across domains:

#!/bin/bash

DOMAINS=(
  "aethex.app"
  "aethex.tech"
  "aethex.id"
)

PROVIDERS=(
  "discord"
  "github"
  "roblox"
  "twitch"
  "minecraft"
)

for domain in "${DOMAINS[@]}"; do
  for provider in "${PROVIDERS[@]}"; do
    echo "Testing https://$domain/auth/$provider"
    status=$(curl -s -o /dev/null -w "%{http_code}" "https://$domain/auth/$provider" --max-time 5)
    if [ "$status" -eq 302 ] || [ "$status" -eq 301 ]; then
      echo "  ✓ Redirects correctly ($status)"
    else
      echo "  ✗ Unexpected status: $status"
    fi
  done
done

Manual Testing

  1. Test Discord OAuth:

    https://aethex.app/auth/discord
https://aethex.tech/auth/discord

  2. Test GitHub OAuth:

    https://aethex.app/auth/github
https://aethex.dev/auth/github

  3. Test Roblox OAuth:

    https://aethex.app/auth/roblox
https://aethex.fun/auth/roblox

  4. Test Twitch OAuth:

    https://aethex.app/auth/twitch
https://aethex.live/auth/twitch

  5. Test Minecraft OAuth:

    https://aethex.app/auth/minecraft
https://aethex.fun/auth/minecraft

Domain-Specific Recommendations

Primary Auth Domain: aethex.tech & aethex.id

Use these domains for all authentication-related flows:

  • OAuth callbacks
  • Password reset links
  • Email verification links
  • Magic link authentication

Benefits:

  • Clear separation of concerns
  • Better security isolation
  • Easier to manage SSL certificates
  • Simplified rate limiting

Primary App Domain: aethex.app

Use this as the main entry point for users:

  • User dashboard
  • Application interface
  • Profile management

E-commerce Domain: aethex.shop

Use this for all commerce-related flows:

  • Stripe checkout
  • Payment success/cancel pages
  • Order management

Environment Variables Summary

Create .env.production with ALL OAuth credentials:

# OAuth Providers
DISCORD_CLIENT_ID=...
DISCORD_CLIENT_SECRET=...

GITHUB_CLIENT_ID=...
GITHUB_CLIENT_SECRET=...

ROBLOX_CLIENT_ID=...
ROBLOX_CLIENT_SECRET=...

TWITCH_CLIENT_ID=...
TWITCH_CLIENT_SECRET=...

MICROSOFT_CLIENT_ID=...
MICROSOFT_CLIENT_SECRET=...
MICROSOFT_TENANT_ID=consumers

# Stripe
STRIPE_SECRET_KEY=sk_live_...
STRIPE_PUBLISHABLE_KEY=pk_live_...
STRIPE_SUCCESS_URL=https://aethex.shop/upgrade/success
STRIPE_CANCEL_URL=https://aethex.shop/upgrade/cancel

# Supabase
SUPABASE_URL=https://kmdeisowhtsalsekkzqd.supabase.co
SUPABASE_SERVICE_KEY=...
SUPABASE_ANON_KEY=...
VITE_SUPABASE_URL=https://kmdeisowhtsalsekkzqd.supabase.co
VITE_SUPABASE_ANON_KEY=...

# Session
SESSION_SECRET=<generate-32-char-secret>

# General
NODE_ENV=production
OAUTH_REDIRECT_URI=https://aethex.app
PRIMARY_DOMAIN=aethex.app
AUTH_DOMAIN=aethex.tech

Security Checklist

  • All redirect URIs use HTTPS (except localhost)
  • OAuth secrets are stored in environment variables, not code
  • Session secret is strong (32+ characters) and unique
  • CORS origins include all valid domains
  • Rate limiting is configured for auth endpoints
  • SSL certificates are valid and auto-renewing
  • Redirect URIs exactly match configured values (including trailing slashes)
  • Test OAuth flows on each domain before production deployment

Troubleshooting

"Redirect URI mismatch" error

Cause: The redirect URI doesn't match exactly

Solution:

  1. Check the OAuth provider's dashboard
  2. Ensure protocol matches (http vs https)
  3. Ensure domain matches (including subdomain)
  4. Check for trailing slashes
  5. Verify the callback path (e.g., /auth/discord/callback)

OAuth works on one domain but not another

Cause: Redirect URI not configured for that domain

Solution:

  1. Add the redirect URI to the OAuth provider
  2. Wait a few minutes for propagation
  3. Clear browser cookies and try again

Session not persisting across domains

Cause: Cookies are domain-specific

Solution:

  1. This is expected behavior - sessions are isolated per domain
  2. Use a shared auth domain (aethex.tech or aethex.id)
  3. Implement token-based auth for cross-domain sessions

Next Steps

  1. Create OAuth applications for each provider
  2. Add all redirect URIs to each provider
  3. Copy client IDs and secrets to .env.production
  4. Test OAuth flows on primary domains
  5. Deploy and test on all domains
  6. Monitor auth logs for errors

For deployment instructions, see /DOMAIN_SETUP_GUIDE.md.