feat: added amzon provider

Author: xeladotbe

internal/api/external.go

@@ -608,6 +608,9 @@ func (a *API) Provider(ctx context.Context, name string, scopes string) (provide
 	case "facebook":
 		pConfig = config.External.Facebook
 		p, err = provider.NewFacebookProvider(pConfig, scopes)
+	case "amazon":
+		pConfig = config.External.Amazon
+		p, err = provider.NewAmazonProvider(pConfig, scopes)
 	case "figma":
 		pConfig = config.External.Figma
 		p, err = provider.NewFigmaProvider(pConfig, scopes)

internal/api/provider/amazon.go

@@ -0,0 +1,89 @@
+package provider
+
+import (
+	"context"
+	"strings"
+
+	"github.com/supabase/auth/internal/conf"
+	"golang.org/x/oauth2"
+)
+
+// Amazon
+// Reference: https://developer.amazon.com/docs/login-with-amazon/web-docs.html
+
+const (
+	defaultAmazonAuthBase = "www.amazon.com"
+	defaultAmazonAPIBase  = "api.amazon.com"
+)
+
+type amazonProvider struct {
+	*oauth2.Config
+	APIHost string
+}
+
+type amazonUser struct {
+	ID    string `json:"user_id"`
+	Email string `json:"email"`
+	Name  string `json:"name"`
+}
+
+// NewAmazonProvider creates a Amazon account provider.
+func NewAmazonProvider(ext conf.OAuthProviderConfiguration, scopes string) (OAuthProvider, error) {
+	if err := ext.ValidateOAuth(); err != nil {
+		return nil, err
+	}
+
+	authHost := chooseHost(ext.URL, defaultAmazonAuthBase)
+	apiHost := chooseHost(ext.URL, defaultAmazonAPIBase)
+
+	oauthScopes := []string{
+		"profile",
+	}
+
+	if scopes != "" {
+		oauthScopes = append(oauthScopes, strings.Split(scopes, ",")...)
+	}
+
+	return &amazonProvider{
+		Config: &oauth2.Config{
+			ClientID:     ext.ClientID[0],
+			ClientSecret: ext.Secret,
+			Endpoint: oauth2.Endpoint{
+				AuthURL:  authHost + "/ap/oa",
+				TokenURL: apiHost + "/auth/o2/token",
+			},
+			RedirectURL: ext.RedirectURI,
+			Scopes:      oauthScopes,
+		},
+		APIHost: apiHost,
+	}, nil
+}
+
+func (p amazonProvider) GetOAuthToken(code string) (*oauth2.Token, error) {
+	return p.Exchange(context.Background(), code)
+}
+
+func (p amazonProvider) GetUserData(ctx context.Context, tok *oauth2.Token) (*UserProvidedData, error) {
+	var u amazonUser
+	if err := makeRequest(ctx, tok, p.Config, p.APIHost+"/user/profile", &u); err != nil {
+		return nil, err
+	}
+
+	data := &UserProvidedData{}
+	if u.Email != "" {
+		data.Emails = []Email{{
+			Email:    u.Email,
+			Verified: true,
+			Primary:  true,
+		}}
+	}
+
+	data.Metadata = &Claims{
+		Issuer:        p.APIHost,
+		Subject:       u.ID,
+		Name:          u.Name,
+		Email:         u.Email,
+		EmailVerified: true,
+	}
+	return data, nil
+}

internal/api/settings.go

@@ -4,6 +4,7 @@ import "net/http"
 
 type ProviderSettings struct {
 	AnonymousUsers bool `json:"anonymous_users"`
+	Amazon         bool `json:"amazon"`
 	Apple          bool `json:"apple"`
 	Azure          bool `json:"azure"`
 	Bitbucket      bool `json:"bitbucket"`
@@ -46,6 +47,7 @@ func (a *API) Settings(w http.ResponseWriter, r *http.Request) error {
 	return sendJSON(w, http.StatusOK, &Settings{
 		ExternalProviders: ProviderSettings{
 			AnonymousUsers: config.External.AnonymousUsers.Enabled,
+			Amazon:         config.External.Amazon.Enabled,
 			Apple:          config.External.Apple.Enabled,
 			Azure:          config.External.Azure.Enabled,
 			Bitbucket:      config.External.Bitbucket.Enabled,

internal/conf/configuration.go

@@ -401,6 +401,7 @@ type NotificationsConfiguration struct {
 
 type ProviderConfiguration struct {
 	AnonymousUsers          AnonymousProviderConfiguration `json:"anonymous_users" split_words:"true"`
+	Amazon                  OAuthProviderConfiguration     `json:"amazon"`
 	Apple                   OAuthProviderConfiguration     `json:"apple"`
 	Azure                   OAuthProviderConfiguration     `json:"azure"`
 	Bitbucket               OAuthProviderConfiguration     `json:"bitbucket"`