feat: oauth for chrome extension (#4870)

Previously we had to create a separate API key to give access to chrome extension so we can make calls to the DB. This PR includes logic to initiate a oauth flow with PKCE method which redirects to the `Authorise` screen to give access to server tokens. Implemented in this PR- 1. make `redirectUrl` a non-nullable parameter 2. Add `NODE_ENV` to environment variable service 3. new env variable `CHROME_EXTENSION_REDIRECT_URL` on server side 4. strict checks for redirectUrl 5. try catch blocks on utils db query methods 6. refactor Apollo Client to handle `unauthorized` condition 7. input field to enter server url (for self-hosting) 8. state to show user if its already connected 9. show error if oauth flow is cancelled by user Follow up PR - Renew token logic --------- Co-authored-by: Félix Malfait <felix@twenty.com>
2024-04-24 10:45:16 +01:00
parent 0a7f82333b
commit c63ee519ea
33 changed files with 18564 additions and 15049 deletions
--- a/package.json
+++ b/package.json
@ -74,6 +74,7 @@
    "class-transformer": "^0.5.1",
    "clsx": "^1.2.1",
    "cross-env": "^7.0.3",
+    "crypto-js": "^4.2.0",
    "danger-plugin-todos": "^1.3.1",
    "dataloader": "^2.2.2",
    "date-fns": "^2.30.0",
@ -230,6 +231,7 @@
    "@types/bcrypt": "^5.0.0",
    "@types/better-sqlite3": "^7.6.8",
    "@types/bytes": "^3.1.1",
+    "@types/crypto-js": "^4.2.2",
    "@types/deep-equal": "^1.0.1",
    "@types/express": "^4.17.13",
    "@types/graphql-fields": "^1.3.6",