feat: oauth for chrome extension (#4870)

Previously we had to create a separate API key to give access to chrome extension so we can make calls to the DB. This PR includes logic to initiate a oauth flow with PKCE method which redirects to the `Authorise` screen to give access to server tokens. Implemented in this PR- 1. make `redirectUrl` a non-nullable parameter 2. Add `NODE_ENV` to environment variable service 3. new env variable `CHROME_EXTENSION_REDIRECT_URL` on server side 4. strict checks for redirectUrl 5. try catch blocks on utils db query methods 6. refactor Apollo Client to handle `unauthorized` condition 7. input field to enter server url (for self-hosting) 8. state to show user if its already connected 9. show error if oauth flow is cancelled by user Follow up PR - Renew token logic --------- Co-authored-by: Félix Malfait <felix@twenty.com>
2024-04-24 10:45:16 +01:00
parent 0a7f82333b
commit c63ee519ea
33 changed files with 18564 additions and 15049 deletions
--- a/yarn.lock
+++ b/yarn.lock
@ -16103,6 +16103,13 @@ __metadata:
  languageName: node
  linkType: hard

+"@types/crypto-js@npm:^4.2.2":
+  version: 4.2.2
+  resolution: "@types/crypto-js@npm:4.2.2"
+  checksum: 760a2078f36f2a3a1089ef367b0d13229876adcf4bcd6e8824d00d9e9bfad8118dc7e6a3cc66322b083535e12be3a29044ccdc9603bfb12519ff61551a3322c6
+  languageName: node
+  linkType: hard
+
 "@types/d3-color@npm:^2.0.0":
  version: 2.0.6
  resolution: "@types/d3-color@npm:2.0.6"
@ -23533,6 +23540,13 @@ __metadata:
  languageName: node
  linkType: hard

+"crypto-js@npm:^4.2.0":
+  version: 4.2.0
+  resolution: "crypto-js@npm:4.2.0"
+  checksum: 8fbdf9d56f47aea0794ab87b0eb9833baf80b01a7c5c1b0edc7faf25f662fb69ab18dc2199e2afcac54670ff0cd9607a9045a3f7a80336cccd18d77a55b9fdf0
+  languageName: node
+  linkType: hard
+
 "crypto-random-string@npm:^2.0.0":
  version: 2.0.0
  resolution: "crypto-random-string@npm:2.0.0"
@ -46478,6 +46492,7 @@ __metadata:
    "@types/bcrypt": "npm:^5.0.0"
    "@types/better-sqlite3": "npm:^7.6.8"
    "@types/bytes": "npm:^3.1.1"
+    "@types/crypto-js": "npm:^4.2.2"
    "@types/deep-equal": "npm:^1.0.1"
    "@types/dompurify": "npm:^3.0.5"
    "@types/express": "npm:^4.17.13"
@ -46534,6 +46549,7 @@ __metadata:
    concurrently: "npm:^8.2.2"
    cross-env: "npm:^7.0.3"
    cross-var: "npm:^1.1.0"
+    crypto-js: "npm:^4.2.0"
    danger: "npm:^11.3.0"
    danger-plugin-todos: "npm:^1.3.1"
    dataloader: "npm:^2.2.2"