feat: add google auth integration to backend #8310
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Introduced new GraphQL types and mutations for Google Sheets integration, including `GoogleSheetsSync`, `googleSheetsSyncCreate`, and `googleSheetsSyncDelete`. - Added input types for creating and filtering Google Sheets syncs. - Implemented resolver logic for handling Google Sheets sync operations. - Updated existing schemas to accommodate new integration types and fields. - Enhanced journey visitor export functionality to support Google Sheets integration. This update enables users to create and manage Google Sheets syncs directly from the application, enhancing data management capabilities.
- Added new utility functions for validating blocks and managing event contexts, including `validateBlockEvent`, `getByUserIdAndJourneyId`, and `getOrCreateVisitor`. - Improved `appendEventToGoogleSheets` to handle dynamic keys and update existing rows based on visitor presence. - Updated tests to cover new functionalities and ensure robust integration with Google Sheets. - Refactored existing code for better clarity and maintainability, including adjustments to header management in Google Sheets. - Enhanced email job handling in `sendEventsEmail` and `resetEventsEmailDelay` functions to improve queue management. This update significantly improves the event handling capabilities and integration with Google Sheets, providing a more seamless user experience.
- Removed unnecessary fields `accessId` and `accessSecretPart` from `IntegrationGoogle` and `IntegrationGrowthSpaces` types across multiple schemas. - Updated input types and resolvers to ensure consistency in handling IDs and required fields for Google Sheets sync operations. - Enhanced error handling and validation for Google Sheets export functionality, ensuring required fields are checked based on the export mode. - Improved type definitions for better clarity and maintainability in the integration logic. This refactor streamlines the integration process and enhances the overall robustness of the Google Sheets functionality.
…dd-google-auth-integration-to-backend-no-qa
…oogle integration - Added `@t3-oss/env-core` dependency to `package.json` and updated `pnpm-lock.yaml`. - Modified GraphQL schema to change the `integrationGooglePickerToken` query and `integrationGoogleCreate` mutation to ensure proper authentication and integration ownership checks. - Enhanced error handling and validation in Google Sheets sync operations, ensuring required fields are checked based on the integration context. - Updated TypeScript configurations for better module resolution and strict type checking. These changes improve the integration process and enhance the overall robustness of the Google Sheets functionality.
- Updated GraphQL types to use consistent ID types for integration and journey identifiers. - Introduced new input types for generating subtitles and improved handling of video block properties. - Enhanced integration query logic to ensure proper type checks and validation for GrowthSpaces integrations. - Added support for showing generated subtitles in video blocks across various components. These changes improve the robustness and clarity of the integration process, particularly for GrowthSpaces and video handling.
…dd-google-auth-integration-to-backend-no-qa
…paces - Updated type imports to enhance clarity and consistency in the integration logic. - Introduced a type guard function to filter GrowthSpaces integrations more effectively. - Refactored the options generation to ensure proper handling of integration data, improving robustness and maintainability. These changes streamline the integration process and enhance type safety within the application.
- Modified the integration resolver test to include the team data in the query, ensuring that the integration logic correctly fetches associated team information. - Updated Jest configuration to include a new module mapping for environment variables, enhancing test setup. - Adjusted TypeScript configurations across multiple files to ensure consistent module resolution and JSX handling. These changes improve the accuracy of integration tests and enhance the overall testing environment.
- Updated tests for Google authentication and integration to include additional checks for access tokens and error scenarios. - Improved assertions in the tests to ensure proper handling of integration ownership and authorization. - Refactored test cases to streamline the setup and enhance clarity, particularly in the context of Google Sheets sync operations. These changes strengthen the reliability of the Google integration tests and improve error handling across the application.
…es integration - Introduced a type guard function to check for TextResponse blocks, enhancing type safety and clarity in the integration logic. - Updated the handling of integration and route IDs to use the new type guard, ensuring proper values are used during state updates. - Refactored the rendering logic to conditionally display options based on the block type, improving the user experience and reducing potential errors. These changes enhance the robustness of the GrowthSpaces integration and streamline the handling of TextResponse blocks.
…onent - Improved readability by restructuring conditional checks for TextResponse blocks and integration IDs. - Enhanced the formatting of JSX elements for better clarity and maintainability. - Ensured consistent handling of route IDs within the rendering logic, contributing to a smoother user experience. These changes streamline the Route component's code and enhance overall clarity.
- Removed skipped tests for GOOGLE_CLIENT_ID and GOOGLE_CLIENT_SECRET configuration checks in Google integration tests to streamline the test suite. - Cleaned up the environment mock file by removing unnecessary blank lines. - Updated ESLint configuration to simplify ignored file paths, enhancing maintainability. These changes improve the clarity and efficiency of the testing framework for Google integrations.
- Adjusted ESLint ignore paths to be more specific, improving maintainability. - Added 'postcss.config.mjs' to the TypeScript include paths for better integration with ESLint. - Updated rules to reflect the new directory structure, enhancing clarity in linting processes. These changes streamline the configuration setup for the journeys-admin application, ensuring better alignment with project structure.
…on logic - Updated the Google integration mutation to require a refresh token, ensuring proper error handling when it is not provided. - Improved error logging and messaging for better user guidance during the authorization process. - Refactored the integration delete mutation to include query context in the deletion process, enhancing its functionality. These changes strengthen the reliability of the Google integration and improve the overall error handling in the application.
…k handling - Introduced a new MuxVideoUploadProvider to manage video upload tasks and their states. - Added utilities for handling upload tasks, including cancellation and polling for upload status. - Updated video block components to integrate with the new upload provider, ensuring seamless video management. - Enhanced GraphQL types and queries to support video block operations, including fetching and updating video details. These changes significantly improve the video upload experience and provide better integration with Mux services.
- Updated the GraphQL schema to improve the handling of Google Sheets integration, including optional folder ID for spreadsheet creation. - Introduced new types and mutations for Google Sheets synchronization, allowing for better management of spreadsheet exports. - Enhanced error handling in the journey visitor export functionality to accommodate missing folder IDs. - Refactored related tests to ensure accurate behavior when folder IDs are omitted during spreadsheet creation. These changes significantly improve the flexibility and usability of the Google Sheets integration within the application.
- Refactored event utility functions to simplify the handling of block validation and email queue management. - Removed Google Sheets integration from event creation mutations, enhancing performance and reducing complexity. - Updated tests to reflect changes in the event handling logic and ensure accurate functionality. - Improved error handling and environment management within the event utilities. These changes enhance the clarity and maintainability of the event handling processes in the application.
…lated functionality - Eliminated Google Sheets synchronization types, inputs, and mutations from the GraphQL schema, simplifying the overall structure. - Removed associated utility functions and tests related to Google Sheets, enhancing maintainability and reducing complexity. - Updated event handling logic to remove dependencies on Google Sheets integration, streamlining the event processing flow. These changes significantly declutter the codebase and improve the clarity of the event handling processes.
Contributor
WalkthroughAdds a Google integration end-to-end: GraphQL types/inputs/mutations/queries and resolvers; Google OAuth helpers and tests; symmetric encryption of refresh tokens; DB migration adding google enum, userId/accountEmail, and GoogleSheetsSync table; extracts auth scopes/Context; adds env validation and related test mocks; updates TypeScript/Jest/CI settings. Changes
Sequence Diagram(s)sequenceDiagram
participant User as Frontend
participant API as GraphQL Mutation
participant Google as Google OAuth
participant DB as Database
participant Crypto as Encryption
User->>API: integrationGoogleCreate(input: code, redirectUri, teamId)
API->>Google: POST /token (code, client_id, client_secret)
Google-->>API: { access_token, refresh_token }
API->>Google: GET /userinfo (access_token)
Google-->>API: { email }
API->>Crypto: encryptSymmetric(refresh_token)
Crypto-->>API: { ciphertext, iv, tag }
API->>DB: create Integration (type: 'google', accountEmail, encrypted data)
DB-->>API: Integration
API-->>User: IntegrationGoogle
sequenceDiagram
participant Client as GraphQL Query
participant API as Resolver
participant DB as Database
participant AuthLib as googleAuth.getIntegrationGoogleAccessToken
participant Google as Google OAuth
Client->>API: integrationGooglePickerToken(integrationId)
API->>DB: find Integration by id
DB-->>API: Integration (with encrypted secret)
API->>AuthLib: getIntegrationGoogleAccessToken(integrationId)
AuthLib->>DB: fetch Integration and encrypted secret
AuthLib->>AuthLib: decryptSymmetric(encrypted data)
AuthLib->>Google: POST /token (refresh_token, client_id, client_secret, grant_type)
alt Token refresh succeeds
Google-->>AuthLib: { access_token }
else Token refresh fails
AuthLib-->>AuthLib: Log error with context/stack/response
AuthLib-->>AuthLib: Throw "re-authorization required"
end
AuthLib-->>API: GoogleAuthResult { accessToken, accountEmail }
API-->>Client: accessToken
Estimated code review effort🎯 4 (Complex) | ⏱️ ~60–90 minutes
Possibly related PRs
Suggested reviewers
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (2 passed)
✨ Finishing touches🧪 Generate unit tests (beta)
📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro Disabled knowledge base sources:
📒 Files selected for processing (1)
🧰 Additional context used🧠 Learnings (4)📓 Common learnings📚 Learning: 2025-11-11T23:22:02.196ZApplied to files:
📚 Learning: 2025-07-22T18:37:46.814ZApplied to files:
📚 Learning: 2025-11-13T20:28:24.029ZApplied to files:
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
🔇 Additional comments (1)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
Contributor
|
View your CI Pipeline Execution ↗ for commit f19a19b
☁️ Nx Cloud last updated this comment at |
|
View your CI Pipeline Execution ↗ for commit b219ef6
☁️ Nx Cloud last updated this comment at |
github-actions
bot
requested a deployment
to
Preview - journeys-admin
…ion-to-backend-no-qa
github-actions
bot
temporarily deployed
to
Preview - journeys-admin
|
Ran Plan for dir: Show OutputNote: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:
# module.prod.module.postgresql.aws_rds_cluster.default has changed
~ resource "aws_rds_cluster" "default" {
~ engine_version = "13.18" -> "13.20"
~ engine_version_actual = "13.18" -> "13.20"
id = "jfp-core-prod"
tags = {}
# (58 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.stage.module.postgresql.aws_rds_cluster.default has changed
~ resource "aws_rds_cluster" "default" {
~ engine_version = "13.18" -> "13.20"
~ engine_version_actual = "13.18" -> "13.20"
id = "jfp-core-stage"
tags = {}
# (58 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.prod.module.postgresql.aws_rds_cluster.default will be updated in-place
~ resource "aws_rds_cluster" "default" {
+ enable_local_write_forwarding = false
~ engine_version = "13.20" -> "13.18"
id = "jfp-core-prod"
tags = {}
# (59 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.prod.module.postgresql.aws_rds_cluster_instance.default will be updated in-place
~ resource "aws_rds_cluster_instance" "default" {
~ engine_version = "13.20" -> "13.18"
+ force_destroy = false
id = "tf-20240604195536182300000003"
tags = {}
# (32 unchanged attributes hidden)
}
# module.stage.module.postgresql.aws_rds_cluster.default will be updated in-place
~ resource "aws_rds_cluster" "default" {
+ enable_local_write_forwarding = false
~ engine_version = "13.20" -> "13.18"
id = "jfp-core-stage"
tags = {}
# (59 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.stage.module.postgresql.aws_rds_cluster_instance.default will be updated in-place
~ resource "aws_rds_cluster_instance" "default" {
~ engine_version = "13.20" -> "13.18"
+ force_destroy = false
id = "tf-20240618004835876400000003"
tags = {}
# (32 unchanged attributes hidden)
}
# module.prod.module.arclight.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place
~ resource "aws_ecs_service" "ecs_service" {
~ desired_count = 4 -> 1
id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/arclight-prod-service"
name = "arclight-prod-service"
tags = {}
# (18 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
Plan: 0 to add, 5 to change, 0 to destroy.
╷
│ Warning: Deprecated Resource
│
│ with module.datadog.datadog_integration_aws.sandbox,
│ on modules/aws/datadog/main.tf line 118, in resource "datadog_integration_aws" "sandbox":
│ 118: resource "datadog_integration_aws" "sandbox" {
│
│ **This resource is deprecated - use the `datadog_integration_aws_account`
│ resource instead**:
│ https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/integration_aws_account
╵
╷
│ Warning: Deprecated attribute
│
│ on .terraform/modules/datadog.datadog_log_forwarder/modules/log_forwarder/main.tf line 2, in locals:
│ 2: bucket_name = var.bucket_name != "" ? var.bucket_name : "datadog-forwarder-${data.aws_caller_identity.current.account_id}-${data.aws_region.current.name}"
│
│ The attribute "name" is deprecated. Refer to the provider documentation for
│ details.
│
│ (and 2 more similar warnings elsewhere)
╵
Note: Objects have changed outside of Terraform
|
…ion-to-backend-no-qa
github-actions
bot
temporarily deployed
to
Preview - journeys-admin
tanflem
approved these changes
Nov 17, 2025
|
Ran Plan for dir: Show OutputNote: Objects have changed outside of Terraform
Terraform detected the following changes made outside of Terraform since the
last "terraform apply" which may have affected this plan:
# module.prod.module.postgresql.aws_rds_cluster.default has changed
~ resource "aws_rds_cluster" "default" {
~ engine_version = "13.18" -> "13.20"
~ engine_version_actual = "13.18" -> "13.20"
id = "jfp-core-prod"
tags = {}
# (58 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.stage.module.postgresql.aws_rds_cluster.default has changed
~ resource "aws_rds_cluster" "default" {
~ engine_version = "13.18" -> "13.20"
~ engine_version_actual = "13.18" -> "13.20"
id = "jfp-core-stage"
tags = {}
# (58 unchanged attributes hidden)
# (1 unchanged block hidden)
}
Unless you have made equivalent changes to your configuration, or ignored the
relevant attributes using ignore_changes, the following plan may include
actions to undo or respond to these changes.
─────────────────────────────────────────────────────────────────────────────
Terraform used the selected providers to generate the following execution
plan. Resource actions are indicated with the following symbols:
~ update in-place
Terraform will perform the following actions:
# module.prod.module.postgresql.aws_rds_cluster.default will be updated in-place
~ resource "aws_rds_cluster" "default" {
+ enable_local_write_forwarding = false
~ engine_version = "13.20" -> "13.18"
id = "jfp-core-prod"
tags = {}
# (59 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.prod.module.postgresql.aws_rds_cluster_instance.default will be updated in-place
~ resource "aws_rds_cluster_instance" "default" {
~ engine_version = "13.20" -> "13.18"
+ force_destroy = false
id = "tf-20240604195536182300000003"
tags = {}
# (32 unchanged attributes hidden)
}
# module.stage.module.postgresql.aws_rds_cluster.default will be updated in-place
~ resource "aws_rds_cluster" "default" {
+ enable_local_write_forwarding = false
~ engine_version = "13.20" -> "13.18"
id = "jfp-core-stage"
tags = {}
# (59 unchanged attributes hidden)
# (1 unchanged block hidden)
}
# module.stage.module.postgresql.aws_rds_cluster_instance.default will be updated in-place
~ resource "aws_rds_cluster_instance" "default" {
~ engine_version = "13.20" -> "13.18"
+ force_destroy = false
id = "tf-20240618004835876400000003"
tags = {}
# (32 unchanged attributes hidden)
}
# module.prod.module.arclight.module.ecs-task.aws_ecs_service.ecs_service will be updated in-place
~ resource "aws_ecs_service" "ecs_service" {
~ desired_count = 4 -> 1
id = "arn:aws:ecs:us-east-2:410965620680:service/jfp-ecs-cluster-prod/arclight-prod-service"
name = "arclight-prod-service"
tags = {}
# (18 unchanged attributes hidden)
# (4 unchanged blocks hidden)
}
Plan: 0 to add, 5 to change, 0 to destroy.
╷
│ Warning: Deprecated Resource
│
│ with module.datadog.datadog_integration_aws.sandbox,
│ on modules/aws/datadog/main.tf line 118, in resource "datadog_integration_aws" "sandbox":
│ 118: resource "datadog_integration_aws" "sandbox" {
│
│ **This resource is deprecated - use the `datadog_integration_aws_account`
│ resource instead**:
│ https://registry.terraform.io/providers/DataDog/datadog/latest/docs/resources/integration_aws_account
╵
╷
│ Warning: Deprecated attribute
│
│ on .terraform/modules/datadog.datadog_log_forwarder/modules/log_forwarder/main.tf line 2, in locals:
│ 2: bucket_name = var.bucket_name != "" ? var.bucket_name : "datadog-forwarder-${data.aws_caller_identity.current.account_id}-${data.aws_region.current.name}"
│
│ The attribute "name" is deprecated. Refer to the provider documentation for
│ details.
│
│ (and 2 more similar warnings elsewhere)
╵
Note: Objects have changed outside of Terraform
|
mikeallisonJS
deleted the
mikeallison/nes-920-add-google-auth-integration-to-backend-no-qa
branch
|
Locks and plans deleted for the projects and workspaces modified in this pull request:
|
This was referenced Nov 17, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary by CodeRabbit
New Features
Configuration
Database
Tests