Support new Supabase API key format#36
Open
sankar4n wants to merge 3 commits intosupabase-community:devfrom
Open
Support new Supabase API key format#36sankar4n wants to merge 3 commits intosupabase-community:devfrom
sankar4n wants to merge 3 commits intosupabase-community:devfrom
Conversation
Co-authored-by: sankar4n <501259+sankar4n@users.noreply.github.com>
…-key-changes Support new Supabase API key format (sb_publishable / sb_secret)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This pull request updates the way HTTP headers are set for authentication in the
NewClientfunction to correctly support both legacy JWT tokens and new-style Supabase API keys. It also adds comprehensive tests to verify the new behavior.Authentication header handling:
NewClientinclient.goto set theAuthorizationheader differently based on the token type: new-style Supabase API keys (those starting withsb_) are now sent as-is (without aBearerprefix), while legacy JWT tokens continue to use theBearerscheme. Theapikeyheader is always set to the raw token. This ensures compatibility with Supabase's evolving authentication requirements.Testing:
TestNewClientHeadersinclient_test.goto verify that bothapikeyandAuthorizationheaders are set correctly for different token formats, covering legacy JWTs, new publishable/secret keys, and the empty token case.Dependency update:
stringspackage inclient.goto facilitate token prefix checking.