Skip to content

Feature/oauth2 login#594

Merged
vic-Gray merged 2 commits into
code-flexing:mainfrom
EDOHWARES:feature/oauth2-login
Jun 25, 2026
Merged

Feature/oauth2 login#594
vic-Gray merged 2 commits into
code-flexing:mainfrom
EDOHWARES:feature/oauth2-login

Conversation

@EDOHWARES

@EDOHWARES EDOHWARES commented Jun 25, 2026

Copy link
Copy Markdown
Contributor

Implement OAuth2 Social Login and Stellar Payment Channel Monitoring

This PR addresses and implements the acceptance criteria for two major backend features:

  1. #939: Implement OAuth2 social login with Google and GitHub
  2. #937: Implement Stellar payment channel monitoring

🚀 Key Implementations

1. OAuth2 Social Login (Google & GitHub)

  • Added dedicated routes (GET /auth/google, GET /auth/github along with their callback handlers) using NestJS passport strategies (passport-google-oauth20 and passport-github2).
  • Linked multiple OAuth providers to a single account using a new entity table, user_oauth_links, avoiding signup friction while ensuring consistency by grouping OAuth links under identical email addresses.
  • Ensured uniform JWT access/refresh token pair issuance regardless of authentication method.

2. Stellar Payment Channel Monitoring

  • Built StellarClientService to establish a live streaming connection to Stellar Horizon using server.payments().forAccount(vaultFundingAccountId).stream().
  • Emits a custom PaymentReceivedEvent domain event within seconds of ledger close.
  • Designed automatic connection retry logic using exponential backoff to handle network interruptions or stream drops.
  • Integrated stream status monitoring directly into the /health endpoint under the stellar_payment_stream key.
  • Gated the DepositConfirmed execution pathway to trigger asynchronously only when the payment stream yields a matching ledger payment.

3. Core Bugs & Test Suite Refactoring

  • Fixed Unawaited Promise Bugs: Resolved four security-critical spots where isCurrentUserAdmin was evaluated as a promise in boolean contexts without being awaited (making checks evaluate to true and allowing unauthorized actions).
  • Asynchronous Flow Integration in Tests: Refactored all 97 unit and integration tests in vaults.service.spec.ts and vaults.integration.spec.ts to accommodate the change from synchronous/atomic deposits and withdrawals to the new asynchronous CQRS/event-driven confirmation architecture.

🛠️ Tech Stack & Dependencies Added

  • passport-google-oauth20, passport-github2, @nestjs/passport
  • Stellar SDK Horizon client stream listeners

🧪 Verification & Test Results

All Vault-related test suites were run and passed successfully:

PASS src/vaults/vaults.service.spec.ts
PASS src/vaults/vaults.integration.spec.ts

Test Suites: 2 passed, 2 total
Tests:       97 passed, 97 total
Snapshots:   0 total

Closes #467
Closes #465
Closes #464
Closes #466

@vercel

vercel Bot commented Jun 25, 2026

Copy link
Copy Markdown

@EDOHWARES is attempting to deploy a commit to the vic's projects Team on Vercel.

A member of the Team first needs to authorize it.

@drips-wave

drips-wave Bot commented Jun 25, 2026

Copy link
Copy Markdown

@EDOHWARES Great news! 🎉 Based on an automated assessment of this PR, the linked Wave issue(s) no longer count against your application limits.

You can now already apply to more issues while waiting for a review of this PR. Keep up the great work! 🚀

Learn more about application limits

@EDOHWARES

Copy link
Copy Markdown
Contributor Author

@vic-Gray , pls review

@vic-Gray vic-Gray merged commit c5c02e0 into code-flexing:main Jun 25, 2026
8 of 9 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

2 participants