martmull
@ -6,36 +6,20 @@ import {
|
||||
AuthExceptionCode,
|
||||
} from 'src/engine/core-modules/auth/auth.exception';
|
||||
import { GoogleAPIsOauthExchangeCodeForTokenStrategy } from 'src/engine/core-modules/auth/strategies/google-apis-oauth-exchange-code-for-token.auth.strategy';
|
||||
import { TransientTokenService } from 'src/engine/core-modules/auth/token/services/transient-token.service';
|
||||
import { setRequestExtraParams } from 'src/engine/core-modules/auth/utils/google-apis-set-request-extra-params.util';
|
||||
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
|
||||
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
|
||||
import { FeatureFlagService } from 'src/engine/core-modules/feature-flag/services/feature-flag.service';
|
||||
|
||||
@Injectable()
|
||||
export class GoogleAPIsOauthExchangeCodeForTokenGuard extends AuthGuard(
|
||||
'google-apis',
|
||||
) {
|
||||
constructor(
|
||||
private readonly environmentService: EnvironmentService,
|
||||
private readonly featureFlagService: FeatureFlagService,
|
||||
private readonly transientTokenService: TransientTokenService,
|
||||
) {
|
||||
constructor(private readonly environmentService: EnvironmentService) {
|
||||
super();
|
||||
}
|
||||
|
||||
async canActivate(context: ExecutionContext) {
|
||||
const request = context.switchToHttp().getRequest();
|
||||
const state = JSON.parse(request.query.state);
|
||||
const { workspaceId } =
|
||||
await this.transientTokenService.verifyTransientToken(
|
||||
state.transientToken,
|
||||
);
|
||||
const isGmailSendEmailScopeEnabled =
|
||||
await this.featureFlagService.isFeatureEnabled(
|
||||
FeatureFlagKey.IsGmailSendEmailScopeEnabled,
|
||||
workspaceId,
|
||||
);
|
||||
|
||||
if (
|
||||
!this.environmentService.get('MESSAGING_PROVIDER_GMAIL_ENABLED') &&
|
||||
@ -50,7 +34,6 @@ export class GoogleAPIsOauthExchangeCodeForTokenGuard extends AuthGuard(
|
||||
new GoogleAPIsOauthExchangeCodeForTokenStrategy(
|
||||
this.environmentService,
|
||||
{},
|
||||
isGmailSendEmailScopeEnabled,
|
||||
);
|
||||
|
||||
setRequestExtraParams(request, {
|
||||
|
||||
@ -9,7 +9,6 @@ import { GoogleAPIsOauthRequestCodeStrategy } from 'src/engine/core-modules/auth
|
||||
import { TransientTokenService } from 'src/engine/core-modules/auth/token/services/transient-token.service';
|
||||
import { setRequestExtraParams } from 'src/engine/core-modules/auth/utils/google-apis-set-request-extra-params.util';
|
||||
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
|
||||
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
|
||||
import { FeatureFlagService } from 'src/engine/core-modules/feature-flag/services/feature-flag.service';
|
||||
|
||||
@Injectable()
|
||||
@ -31,11 +30,6 @@ export class GoogleAPIsOauthRequestCodeGuard extends AuthGuard('google-apis') {
|
||||
await this.transientTokenService.verifyTransientToken(
|
||||
request.query.transientToken,
|
||||
);
|
||||
const isGmailSendEmailScopeEnabled =
|
||||
await this.featureFlagService.isFeatureEnabled(
|
||||
FeatureFlagKey.IsGmailSendEmailScopeEnabled,
|
||||
workspaceId,
|
||||
);
|
||||
|
||||
setRequestExtraParams(request, {
|
||||
transientToken: request.query.transientToken,
|
||||
@ -57,11 +51,7 @@ export class GoogleAPIsOauthRequestCodeGuard extends AuthGuard('google-apis') {
|
||||
);
|
||||
}
|
||||
|
||||
new GoogleAPIsOauthRequestCodeStrategy(
|
||||
this.environmentService,
|
||||
{},
|
||||
isGmailSendEmailScopeEnabled,
|
||||
);
|
||||
new GoogleAPIsOauthRequestCodeStrategy(this.environmentService, {});
|
||||
|
||||
const activate = (await super.canActivate(context)) as boolean;
|
||||
|
||||
|
||||
@ -5,8 +5,6 @@ import { v4 } from 'uuid';
|
||||
|
||||
import { getGoogleApisOauthScopes } from 'src/engine/core-modules/auth/utils/get-google-apis-oauth-scopes';
|
||||
import { EnvironmentService } from 'src/engine/core-modules/environment/environment.service';
|
||||
import { FeatureFlagKey } from 'src/engine/core-modules/feature-flag/enums/feature-flag-key.enum';
|
||||
import { FeatureFlagService } from 'src/engine/core-modules/feature-flag/services/feature-flag.service';
|
||||
import { InjectMessageQueue } from 'src/engine/core-modules/message-queue/decorators/message-queue.decorator';
|
||||
import { MessageQueue } from 'src/engine/core-modules/message-queue/message-queue.constants';
|
||||
import { MessageQueueService } from 'src/engine/core-modules/message-queue/services/message-queue.service';
|
||||
@ -47,7 +45,6 @@ export class GoogleAPIsService {
|
||||
private readonly calendarQueueService: MessageQueueService,
|
||||
private readonly environmentService: EnvironmentService,
|
||||
private readonly accountsToReconnectService: AccountsToReconnectService,
|
||||
private readonly featureFlagService: FeatureFlagService,
|
||||
) {}
|
||||
|
||||
async refreshGoogleRefreshToken(input: {
|
||||
@ -99,12 +96,7 @@ export class GoogleAPIsService {
|
||||
const workspaceDataSource =
|
||||
await this.twentyORMGlobalManager.getDataSourceForWorkspace(workspaceId);
|
||||
|
||||
const isGmailSendEmailScopeEnabled =
|
||||
await this.featureFlagService.isFeatureEnabled(
|
||||
FeatureFlagKey.IsGmailSendEmailScopeEnabled,
|
||||
workspaceId,
|
||||
);
|
||||
const scopes = getGoogleApisOauthScopes(isGmailSendEmailScopeEnabled);
|
||||
const scopes = getGoogleApisOauthScopes();
|
||||
|
||||
await workspaceDataSource.transaction(async (manager: EntityManager) => {
|
||||
if (!existingAccountId) {
|
||||
|
||||
@ -19,9 +19,8 @@ export class GoogleAPIsOauthCommonStrategy extends PassportStrategy(
|
||||
constructor(
|
||||
environmentService: EnvironmentService,
|
||||
scopeConfig: GoogleAPIScopeConfig,
|
||||
isGmailSendEmailScopeEnabled = false,
|
||||
) {
|
||||
const scopes = getGoogleApisOauthScopes(isGmailSendEmailScopeEnabled);
|
||||
const scopes = getGoogleApisOauthScopes();
|
||||
|
||||
super({
|
||||
clientID: environmentService.get('AUTH_GOOGLE_CLIENT_ID'),
|
||||
|
||||
@ -15,9 +15,8 @@ export class GoogleAPIsOauthExchangeCodeForTokenStrategy extends GoogleAPIsOauth
|
||||
constructor(
|
||||
environmentService: EnvironmentService,
|
||||
scopeConfig: GoogleAPIScopeConfig,
|
||||
isGmailSendEmailScopeEnabled = false,
|
||||
) {
|
||||
super(environmentService, scopeConfig, isGmailSendEmailScopeEnabled);
|
||||
super(environmentService, scopeConfig);
|
||||
}
|
||||
|
||||
async validate(
|
||||
|
||||
@ -13,9 +13,8 @@ export class GoogleAPIsOauthRequestCodeStrategy extends GoogleAPIsOauthCommonStr
|
||||
constructor(
|
||||
environmentService: EnvironmentService,
|
||||
scopeConfig: GoogleAPIScopeConfig,
|
||||
isGmailSendEmailScopeEnabled = false,
|
||||
) {
|
||||
super(environmentService, scopeConfig, isGmailSendEmailScopeEnabled);
|
||||
super(environmentService, scopeConfig);
|
||||
}
|
||||
|
||||
authenticate(req: any, options: any) {
|
||||
|
||||
@ -1,17 +1,10 @@
|
||||
export const getGoogleApisOauthScopes = (
|
||||
isGmailSendEmailScopeEnabled = false,
|
||||
) => {
|
||||
const scopes = [
|
||||
export const getGoogleApisOauthScopes = () => {
|
||||
return [
|
||||
'email',
|
||||
'profile',
|
||||
'https://www.googleapis.com/auth/gmail.readonly',
|
||||
'https://www.googleapis.com/auth/calendar.events',
|
||||
'https://www.googleapis.com/auth/profile.emails.read',
|
||||
'https://www.googleapis.com/auth/gmail.send',
|
||||
];
|
||||
|
||||
if (isGmailSendEmailScopeEnabled) {
|
||||
scopes.push('https://www.googleapis.com/auth/gmail.send');
|
||||
}
|
||||
|
||||
return scopes;
|
||||
};
|
||||
|
||||
Reference in New Issue
Block a user