admin/twenty
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

feat: oauth for chrome extension (#4870)

Browse Source 
Previously we had to create a separate API key to give access to chrome
extension so we can make calls to the DB. This PR includes logic to
initiate a oauth flow with PKCE method which redirects to the
`Authorise` screen to give access to server tokens.

Implemented in this PR- 
1. make `redirectUrl` a non-nullable parameter 
2. Add `NODE_ENV` to environment variable service
3. new env variable `CHROME_EXTENSION_REDIRECT_URL` on server side
4. strict checks for redirectUrl
5. try catch blocks on utils db query methods
6. refactor Apollo Client to handle `unauthorized` condition
7. input field to enter server url (for self-hosting)
8. state to show user if its already connected
9. show error if oauth flow is cancelled by user

Follow up PR -
Renew token logic

---------

Co-authored-by: Félix Malfait <felix@twenty.com>
This commit is contained in:
Aditya Pimpalkar
2024-04-24 10:45:16 +01:00
committed by GitHub
parent 0a7f82333b
commit c63ee519ea
33 changed files with 18564 additions and 15049 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
packages/twenty-front/src/pages/auth/Authorize.tsx
View File

@ -52,7 +52,7 @@ const StyledButtonContainer = styled.div`
gap: 10px;
width: 100%;
`;
const Authorize = () => {
export const Authorize = () => {
const navigate = useNavigate();
const [searchParam] = useSearchParams();
//TODO: Replace with db call for registered third party apps
@ -66,6 +66,7 @@ const Authorize = () => {
const [app, setApp] = useState<App>();
const clientId = searchParam.get('clientId');
const codeChallenge = searchParam.get('codeChallenge');
const redirectUrl = searchParam.get('redirectUrl');
useEffect(() => {
const app = apps.find((app) => app.id === clientId);
@ -76,18 +77,20 @@ const Authorize = () => {
const [authorizeApp] = useAuthorizeAppMutation();
const handleAuthorize = async () => {
if (isDefined(clientId) && isDefined(codeChallenge)) {
if (
isDefined(clientId) &&
isDefined(codeChallenge) &&
isDefined(redirectUrl)
) {
await authorizeApp({
variables: {
clientId,
codeChallenge,
redirectUrl,
},
onCompleted: (data) => {
window.location.href = data.authorizeApp.redirectUrl;
},
onError: (error) => {
throw Error(error.message);
},
});
}
};
@ -124,5 +127,3 @@ const Authorize = () => {
</StyledContainer>
);
};
export default Authorize;