Add an OAuth provider for Twitch (#728)

<!-- ELLIPSIS_HIDDEN -->



> [!IMPORTANT]
> Add Twitch as a new OAuth provider, updating backend logic and UI
components to support Twitch authentication.
> 
>   - **Behavior**:
> - Add `TwitchProvider` class in `providers/twitch.tsx` to handle OAuth
with Twitch, including user info post-processing.
>     - Update `_providers` in `index.tsx` to include `TwitchProvider`.
> - Add `TWITCH` to `StandardOAuthProviderType` enum in `schema.prisma`.
>   - **UI Components**:
> - Add Twitch icon and color in `brand-icons.tsx` and `BRAND_COLORS`.
> - Update `ProviderIcon`, `ProviderSettingDialog`, and `OAuthButton` to
support Twitch in `providers.tsx` and `oauth-button.tsx`.
>   - **Misc**:
>     - Add `twitch` to `standardProviders` in `oauth.tsx`.
> 
> <sup>This description was created by </sup>[<img alt="Ellipsis"
src="https://img.shields.io/badge/Ellipsis-blue?color=175173">](https://www.ellipsis.dev?ref=stack-auth%2Fstack-auth&utm_source=github&utm_medium=referral)<sup>
for 08c0de5. You can
[customize](https://app.ellipsis.dev/stack-auth/settings/summaries) this
summary. It will automatically update as commits are pushed.</sup>

<!-- ELLIPSIS_HIDDEN -->

---------

Co-authored-by: Zai Shi <zaishi00@outlook.com>

Author: Nachwahl

apps/backend/prisma/migrations/20250723001607_twitch/migration.sql

@@ -0,0 +1,2 @@
+-- AlterEnum
+ALTER TYPE "StandardOAuthProviderType" ADD VALUE 'TWITCH';

apps/backend/prisma/schema.prisma

@@ -363,6 +363,7 @@ enum StandardOAuthProviderType {
   LINKEDIN
   APPLE
   X
+  TWITCH
 }
 
 model OAuthToken {

apps/backend/src/oauth/index.tsx

@@ -17,6 +17,7 @@ import { MicrosoftProvider } from "./providers/microsoft";
 import { MockProvider } from "./providers/mock";
 import { SpotifyProvider } from "./providers/spotify";
 import { XProvider } from "./providers/x";
+import { TwitchProvider } from "./providers/twitch";
 
 const _providers = {
   github: GithubProvider,
@@ -30,6 +31,7 @@ const _providers = {
   bitbucket: BitbucketProvider,
   linkedin: LinkedInProvider,
   x: XProvider,
+  twitch: TwitchProvider,
 } as const;
 
 const mockProvider = MockProvider;

apps/backend/src/oauth/providers/twitch.tsx

@@ -0,0 +1,56 @@
+import { getEnvVariable } from "@stackframe/stack-shared/dist/utils/env";
+import { OAuthUserInfo, validateUserInfo } from "../utils";
+import { OAuthBaseProvider, TokenSet } from "./base";
+
+export class TwitchProvider extends OAuthBaseProvider {
+  private constructor(
+    ...args: ConstructorParameters<typeof OAuthBaseProvider>
+  ) {
+    super(...args);
+  }
+
+  static async create(options: {
+    clientId: string,
+    clientSecret: string,
+  }) {
+    return new TwitchProvider(...await OAuthBaseProvider.createConstructorArgs({
+      issuer: "https://id.twitch.tv",
+      authorizationEndpoint: "https://id.twitch.tv/oauth2/authorize",
+      tokenEndpoint: "https://id.twitch.tv/oauth2/token",
+      tokenEndpointAuthMethod: "client_secret_post",
+      redirectUri: getEnvVariable("NEXT_PUBLIC_STACK_API_URL") + "/api/v1/auth/oauth/callback/twitch",
+      baseScope: "user:read:email",
+      ...options,
+    }));
+  }
+
+  async postProcessUserInfo(tokenSet: TokenSet): Promise<OAuthUserInfo> {
+    const info = await fetch("https://api.twitch.tv/helix/users", {
+      headers: {
+        Authorization: `Bearer ${tokenSet.accessToken}`,
+        "Client-Id": this.oauthClient.client_id as string,
+      },
+    }).then((res) => res.json());
+
+
+    const userInfo = info.data?.[0];
+
+    return validateUserInfo({
+      accountId: userInfo.id,
+      displayName: userInfo.display_name,
+      email: userInfo.email,
+      profileImageUrl: userInfo.profile_image_url,
+      emailVerified: true,
+    });
+  }
+
+  async checkAccessTokenValidity(accessToken: string): Promise<boolean> {
+    const info = await fetch("https://api.twitch.tv/helix/users", {
+      headers: {
+        Authorization: `Bearer ${accessToken}`,
+        "Client-Id": this.oauthClient.client_id as string,
+      },
+    }).then((res) => res.json());
+    return info.data?.[0] !== undefined;
+  }
+}

apps/dashboard/src/app/(main)/(protected)/projects/[projectId]/auth-methods/providers.tsx

@@ -13,7 +13,7 @@ import * as yup from "yup";
 export function ProviderIcon(props: { id: string }) {
   return (
     <div
-      className="flex items-center justify-center w-12 h-12 rounded-md border border-gray-800"
+      className="flex items-center justify-center w-12 h-12 rounded-md border"
       style={{ backgroundColor: props.id in BrandIcons.BRAND_COLORS ? BrandIcons.BRAND_COLORS[props.id] : undefined }}
     >
       <BrandIcons.Mapping iconSize={24} provider={props.id} />
@@ -40,6 +40,7 @@ function toTitle(id: string) {
     apple: "Apple",
     bitbucket: "Bitbucket",
     linkedin: "LinkedIn",
+    twitch: "Twitch",
     x: "X",
   }[id];
 }
@@ -216,7 +217,7 @@ export function ProviderSettingSwitch(props: Props) {
   return (
     <>
       <div
-        className={clsx("flex flex-col items-center justify-center gap-2 py-2 border border-1 rounded-lg p-2 w-[120px] h-[120px] cursor-pointer transition-all", enabled ? "border-white" : "border-gray-800 hover:border-gray-400")}
+        className={clsx("flex flex-col items-center justify-center gap-2 py-2 border border-1 rounded-lg p-2 w-[120px] h-[120px] transition-all hover:border-gray-500 cursor-pointer")}
         onClick={() => {
           if (enabled) {
             setTurnOffProviderDialogOpen(true);

docs/src/components/layouts/docs-header-wrapper.tsx

@@ -159,7 +159,7 @@ function MobileClickableCollapsibleSection({
               e.stopPropagation();
               setIsOpen(!isOpen);
             }}
-            className="opacity-0 group-hover:opacity-100 transition-opacity p-0.5 rounded hover:bg-fd-muted/30"
+            className="transition-opacity p-0.5 rounded hover:bg-fd-muted/30"
           >
             {isOpen ? (
               <ChevronDown className="h-3 w-3" />

docs/src/components/layouts/docs.tsx

@@ -37,13 +37,13 @@ import Link from 'fumadocs-core/link';
 import type { PageTree } from 'fumadocs-core/server';
 import {
   NavProvider,
-  type PageStyles,
   StylesProvider,
+  type PageStyles,
 } from 'fumadocs-ui/contexts/layout';
 import { TreeContextProvider } from 'fumadocs-ui/contexts/tree';
 import { ArrowLeft, ChevronDown, ChevronRight, Languages, Sidebar as SidebarIcon } from 'lucide-react';
 import { usePathname, useRouter } from 'next/navigation';
-import { createContext, type HTMLAttributes, type ReactNode, useContext, useEffect, useMemo, useRef, useState } from 'react';
+import { createContext, useContext, useEffect, useMemo, useRef, useState, type HTMLAttributes, type ReactNode } from 'react';
 import { createPortal } from 'react-dom';
 import { usePlatformPreference } from '../../hooks/use-platform-preference';
 import { cn } from '../../lib/cn';
@@ -79,7 +79,7 @@ import {
   type IconItemType,
   type LinkItemType,
 } from './links';
-import { type BaseLayoutProps, getLinks, omit, slot, slots } from './shared';
+import { getLinks, omit, slot, slots, type BaseLayoutProps } from './shared';
 import { isInApiSection } from './shared-header';
 import { useSidebar as useCustomSidebar } from './sidebar-context';
 
@@ -245,7 +245,7 @@ function ClickableCollapsibleSection({
               e.stopPropagation();
               setIsOpen(!isOpen);
             }}
-            className="opacity-0 group-hover:opacity-100 transition-opacity p-0.5 rounded hover:bg-fd-muted/30"
+            className="transition-opacity p-0.5 rounded hover:bg-fd-muted/30"
           >
             {isOpen ? (
               <ChevronDown className="h-3 w-3" />

docs/templates/concepts/auth-providers/apple.mdx

@@ -1,5 +1,5 @@
 ---
-title: "Apple Authentication"
+title: "Apple"
 ---
 
 This guide explains how to set up Apple as an authentication provider with Stack Auth. Sign in with Apple allows users to sign in to your application using their Apple ID.

docs/templates/concepts/auth-providers/bitbucket.mdx

@@ -1,5 +1,5 @@
 ---
-title: "Bitbucket Authentication"
+title: "Bitbucket"
 ---
 
 This guide explains how to set up Bitbucket as an authentication provider with Stack Auth. Bitbucket OAuth allows users to sign in to your application using their Bitbucket account.

docs/templates/concepts/auth-providers/discord.mdx

@@ -1,5 +1,5 @@
 ---
-title: "Discord Authentication"
+title: "Discord"
 ---
 
 This guide explains how to set up Discord as an authentication provider with Stack Auth. Discord OAuth2 allows users to sign in to your application using their Discord account.