feat: add third-party auth support

[hf]

Adds support for the accessToken option on the Supabase client which can be used to provide a third-party authentication (e.g. Auth0, Clerk, Firebase Auth, ...) access token or ID token to be used instead of Supabase Auth.

When set, supabase.auth.xyz cannot be used and an error will be thrown.

[hf]

Merge after platform changes are released.

[coveralls]

Pull Request Test Coverage Report for Build 8509611266

Details

• 7 of 9 (77.78%) changed or added relevant lines in 1 file are covered.
• 1 unchanged line in 1 file lost coverage.
• Overall coverage increased (+1.0%) to 66.667%

---

Changes Missing Coverage	Covered Lines	Changed/Added Lines	%
src/SupabaseClient.ts	7	9	77.78%

Files with Coverage Reduction	New Missed Lines	%
src/SupabaseClient.ts	1	65.65%

Totals
Change from base Build 8465437755:	1.0%
Covered Lines:	95
Relevant Lines:	124

---

💛 - Coveralls

[j4w8n]

Correct me if I'm wrong, but couldn't this also be used to authenticate supabase clients, for RLS, during API requests? This assumes a Supabase JWT is being used as the API key.

So instead of adding the JWT to the global header, you'd use accessToken, because I believe supabase-js will use this for db fetch requests.

/* Some API endpoint that your user hits. */
const jwt = 'get-from-request-authorization-header'

const supabase = createClient(
  env.SUPABASE_URL, 
  env.SUPABASE_ANON_KEY, {
+ accessToken: async () => { return `${jwt}` }
- global: {
-   headers: {
-     Authorization: `Bearer ${jwt}`
-   }
- },
- auth: {
-   persistSession: false,
-   detectSessionInUrl: false,
-   autoRefreshToken: false
- }
})

const { data, error } = await supabase.from('table').select('column')