Claude.ai's start-auth flow POSTs to the registration_endpoint advertised
in the discovery document, but no public handler existed at /oauth/register
(only /api/oauth/register with browser cookie auth). This caused a
start_error redirect immediately on every connect attempt.
- Add POST /oauth/register to oauthPublicRouter following RFC 7591
- Make oauth_clients.user_id nullable via a raw (no-transaction) migration
so anonymous DCR clients can be created without a user context
- Update migration runner to support { raw: () => void } migrations for
DDL that requires PRAGMA foreign_keys = OFF outside a transaction
- Update createOAuthClient to accept userId: number | null with a global
cap (500) for anonymous DCR clients in place of the per-user limit
|
||
|---|---|---|
| .. | ||
| public | ||
| scripts | ||
| src | ||
| tests | ||
| .env.example | ||
| package-lock.json | ||
| package.json | ||
| reset-admin.js | ||
| tsconfig.json | ||
| vitest.config.ts | ||