feat: oauth for chrome extension (#4870)

Previously we had to create a separate API key to give access to chrome extension so we can make calls to the DB. This PR includes logic to initiate a oauth flow with PKCE method which redirects to the `Authorise` screen to give access to server tokens. Implemented in this PR- 1. make `redirectUrl` a non-nullable parameter 2. Add `NODE_ENV` to environment variable service 3. new env variable `CHROME_EXTENSION_REDIRECT_URL` on server side 4. strict checks for redirectUrl 5. try catch blocks on utils db query methods 6. refactor Apollo Client to handle `unauthorized` condition 7. input field to enter server url (for self-hosting) 8. state to show user if its already connected 9. show error if oauth flow is cancelled by user Follow up PR - Renew token logic --------- Co-authored-by: Félix Malfait <felix@twenty.com>
2024-04-24 10:45:16 +01:00
parent 0a7f82333b
commit c63ee519ea
33 changed files with 18564 additions and 15049 deletions
--- a/packages/twenty-chrome-extension/src/db/auth.db.ts
+++ b/packages/twenty-chrome-extension/src/db/auth.db.ts
@ -0,0 +1,26 @@
+import {
+  ExchangeAuthCodeInput,
+  ExchangeAuthCodeResponse,
+  Tokens,
+} from '~/db/types/auth.types';
+import { EXCHANGE_AUTHORIZATION_CODE } from '~/graphql/auth/mutations';
+import { isDefined } from '~/utils/isDefined';
+import { callMutation } from '~/utils/requestDb';
+
+export const exchangeAuthorizationCode = async (
+  exchangeAuthCodeInput: ExchangeAuthCodeInput,
+): Promise<Tokens | null> => {
+  const data = await callMutation<ExchangeAuthCodeResponse>(
+    EXCHANGE_AUTHORIZATION_CODE,
+    exchangeAuthCodeInput,
+  );
+  if (isDefined(data?.exchangeAuthorizationCode))
+    return data.exchangeAuthorizationCode;
+  else return null;
+};
+
+// export const RenewToken = async (appToken: string): Promise<Tokens | null> => {
+//   const data = await callQuery<Tokens>(RENEW_TOKEN, { appToken });
+//   if (isDefined(data)) return data;
+//   else return null;
+// };