Dynamic OauthDriver scope

[chiragchhatrala]

Summary by CodeRabbit

• New Features

  • Enhanced OAuth functionality to handle and store user permissions (scopes) for improved access management.
  • Added tooltips and disabling options in the FlatSelectInput component for better user experience.
  • Introduced a new column in the oauth_providers table to store scopes in a structured format.
  • Simplified button label in the connections settings for broader applicability.
  • Updated token columns in the oauth_providers table to accommodate larger token values.

• Bug Fixes

  • Improved logic to prevent selection of disabled options in the FlatSelectInput component.

[coderabbitai]

Walkthrough

The changes enhance the OAuth integration within the application by improving the handling of OAuth scopes. Updates were made to controllers, resources, and models to effectively capture and store scopes. A new migration modifies the database schema to accommodate these changes, while frontend components are adjusted to improve user interaction regarding OAuth provider selection, including disabling options based on permissions. Additionally, the migration updates the token columns to support larger values.

Changes

Files	Change Summary
api/app/Http/Controllers/Auth/OAuthController.php	Updated findOrCreateUser to handle and store scopes from $socialiteUser.
api/app/Http/Controllers/Settings/OAuthProviderController.php	Enhanced connect method to support Google OAuth scopes and updated response handling.
api/app/Http/Resources/OAuthProviderResource.php	Modified toArray method to include scopes in the output array.
api/app/Integrations/OAuth/Drivers/Contracts/OAuthDriver.php	Added setScopes(array $scopes): self and fullScopes(): self methods to the interface.
api/app/Integrations/OAuth/Drivers/OAuthGoogleDriver.php	Introduced $scopes property; updated getRedirectUrl and added setScopes method.
api/app/Models/OAuthProvider.php	Adjusted $hidden property for readability; added scopes casting in casts method.
api/database/migrations/2024_08_27_124933_add_scopes_to_oauth_providers.php	New migration to add scopes column of type JSON to oauth_providers table with driver-specific defaults.
api/database/migrations/2024_08_29_110048_update_oauth_providers_token_columns.php	Migration to change access_token and refresh_token columns to text type for larger storage.
client/components/forms/FlatSelectInput.vue	Added disabling options and tooltips for disabled selections.
client/pages/settings/connections.vue	Changed button label from "Connect new account" to "Connect account."

Sequence Diagram(s)

sequenceDiagram
    participant User
    participant OAuthProviderController
    participant OAuthDriver
    participant OAuthProviderResource

    User->>OAuthProviderController: Request to connect
    OAuthProviderController->>OAuthDriver: Set scopes
    OAuthDriver->>OAuthProviderController: Return redirect URL
    OAuthProviderController->>User: Redirect to OAuth provider
    User->>OAuthProviderController: Complete authentication
    OAuthProviderController->>OAuthProvider: Find or create user
    OAuthProvider->>OAuthProviderResource: Return user data with scopes
    OAuthProviderController->>User: Respond with user info

Loading

Poem

🐰 In the fields of code, I hop and play,
With scopes and tokens lighting the way.
OAuth's dance, a waltz so fine,
Permissions granted, all in a line.
A happy rabbit, I leap with glee,
For changes made, oh joy, oh me! 🌟

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

Share

• X
• Mastodon
• Reddit
• LinkedIn

Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai generate interesting stats about this repository and render them as a table.
  • @coderabbitai show all the console.log statements in this repository.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

Outside diff range, codebase verification and nitpick comments (4)

api/app/Integrations/OAuth/Drivers/Contracts/OAuthDriver.php (1)

11-11: Implement setScopes Method in Implementing Classes

The setScopes method is not implemented in the classes that implement the OAuthDriver interface, such as OAuthGoogleDriver. Ensure that all implementing classes fulfill the interface contract by adding the setScopes method.

• OAuthGoogleDriver needs to implement setScopes.

Analysis chain

LGTM! But verify the method implementation.

The method is correctly added to the interface. However, ensure that all implementing classes of this interface have this method implemented.

The code changes are approved.

Run the following script to verify the method implementation:

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify all implementing classes of `OAuthDriver` have the `setScopes` method implemented.

# Test: Search for the method implementation in the implementing classes. Expect: All occurrences of the method implementation.
rg --type php --pattern 'class $_ implements OAuthDriver' -A 20

Length of output: 477

---

Script:

#!/bin/bash
# Description: Verify all implementing classes of `OAuthDriver` have the `setScopes` method implemented.

# Corrected Test: Search for the method implementation in the implementing classes. Expect: All occurrences of the method implementation.
rg 'class \w+ implements OAuthDriver' -A 20

Length of output: 1861

---

Script:

#!/bin/bash
# Description: Check for the implementation of `setScopes` method in classes implementing `OAuthDriver`.

# Search for the `setScopes` method in the implementing classes.
rg 'class \w+ implements OAuthDriver' -A 20 | rg 'setScopes'

Length of output: 60

api/app/Http/Resources/OAuthProviderResource.php (1)

35-35: Missing scopes attribute in OAuthProvider model

The scopes attribute is not found in the OAuthProvider model. This could lead to issues when accessing it in the OAuthProviderResource. Please ensure that the scopes attribute is correctly defined in the model.

• Check api/app/Models/OAuthProvider.php for the scopes attribute.

Analysis chain

LGTM! But verify the scopes attribute.

The method is correctly modified to include the new key. However, ensure that the scopes attribute is correctly set in the OAuthProvider model.

The code changes are approved.

Run the following script to verify the scopes attribute in the OAuthProvider model:

Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Verify the `scopes` attribute in the `OAuthProvider` model.

# Test: Check the `scopes` attribute in the model. Expect: The attribute is correctly set.
rg --type php --pattern 'class OAuthProvider' -A 20

Length of output: 465

---

Script:

#!/bin/bash
# Description: Verify the `scopes` attribute in the `OAuthProvider` model.

# Corrected Test: Check the `scopes` attribute in the model. Expect: The attribute is correctly set.
rg 'class OAuthProvider' --type php -A 20

Length of output: 9030

client/components/forms/FlatSelectInput.vue (2)

27-32: Enhance readability by adding comments.

Consider adding comments to explain the purpose of the UTooltip wrapper and the disableOptionsTooltip and disableOptions properties.

This will improve the readability and maintainability of the code.

---

34-45: Ensure consistent spacing and indentation.

The spacing and indentation within the div element can be made more consistent for better readability.

Apply this diff to improve the spacing and indentation:

          <div
            :role="multiple ? 'checkbox' : 'radio'"
            :aria-checked="isSelected(option[optionKey])"
            :class="[
              theme.FlatSelectInput.spacing.vertical,
              theme.FlatSelectInput.fontSize,
              theme.FlatSelectInput.option,
              {
                '!cursor-not-allowed !bg-gray-200': disableOptions.includes(option[optionKey]),
              },
            ]"
            @click="onSelect(option[optionKey])"
          >

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 79d3dd7 and de31637.

Files selected for processing (10)

• api/app/Http/Controllers/Auth/OAuthController.php (2 hunks)
• api/app/Http/Controllers/Settings/OAuthProviderController.php (3 hunks)
• api/app/Http/Resources/OAuthProviderResource.php (1 hunks)
• api/app/Integrations/OAuth/Drivers/Contracts/OAuthDriver.php (1 hunks)
• api/app/Integrations/OAuth/Drivers/OAuthGoogleDriver.php (3 hunks)
• api/app/Models/OAuthProvider.php (1 hunks)
• api/database/migrations/2024_08_27_124933_add_scopes_to_oauth_providers.php (1 hunks)
• client/components/forms/FlatSelectInput.vue (3 hunks)
• client/components/open/integrations/GoogleSheetsIntegration.vue (5 hunks)
• client/stores/oauth_providers.js (2 hunks)

Additional comments not posted (16)

api/database/migrations/2024_08_27_124933_add_scopes_to_oauth_providers.php (2)

21-25: LGTM!

The migration step is correctly implemented.

The code changes are approved.

---

11-15: LGTM! But verify the impact on existing data.

The migration step is correctly implemented. However, ensure that the existing data in the table is not affected by this change.

The code changes are approved.

Run the following script to verify the impact on existing data:

api/app/Models/OAuthProvider.php (2)

42-42: LGTM!

The addition of 'scopes' => 'array' in the casts method ensures proper handling of the scopes attribute.

The code changes are approved.

---

33-34: LGTM!

Separating the entries for access_token and refresh_token onto individual lines enhances readability.

The code changes are approved.

api/app/Integrations/OAuth/Drivers/OAuthGoogleDriver.php (3)

13-13: LGTM!

The addition of the $scopes property allows for more flexible configuration of the scopes used during the OAuth process.

The code changes are approved.

---

25-25: LGTM!

The update to the getRedirectUrl method to utilize the new $scopes property improves the class's configurability and adaptability for different OAuth scenarios.

The code changes are approved.

---

55-59: LGTM!

The addition of the setScopes method enhances the class's flexibility in managing OAuth scopes.

The code changes are approved.

api/app/Http/Controllers/Settings/OAuthProviderController.php (2)

30-36: LGTM!

The changes to the connect method improve the integration with Google services by explicitly managing OAuth scopes.

The code changes are approved.

---

56-56: LGTM!

The update to the handleRedirect method ensures that the user's approved scopes are included in the response, enhancing the OAuth integration.

The code changes are approved.

client/components/open/integrations/GoogleSheetsIntegration.vue (2)

7-10: LGTM!

The added paragraph improves user experience by clarifying the action that will occur.

The code changes are approved.

---

16-17: LGTM!

The added property and tooltip enhance the logic of provider selection by preventing users from attempting to connect with providers that lack the required permissions.

The code changes are approved.

client/stores/oauth_providers.js (1)

10-11: LGTM!

The added constant enhances the functionality by providing a specific API permission that can be utilized in the application.

The code changes are approved.

Also applies to: 97-97

api/app/Http/Controllers/Auth/OAuthController.php (2)

96-96: LGTM!

The change improves the functionality by ensuring that the approved scopes are captured and stored.

The code changes are approved.

---

143-143: LGTM!

The change improves the functionality by ensuring that the approved scopes are captured and stored.

The code changes are approved.

client/components/forms/FlatSelectInput.vue (2)

110-112: LGTM!

The new properties disableOptions and disableOptionsTooltip are correctly implemented.

The code changes are approved.

---

125-127: LGTM!

The onSelect method is correctly updated to prevent selection of disabled options.

The code changes are approved.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between de31637 and 5b07d25.

Files selected for processing (1)

• api/database/migrations/2024_08_27_124933_add_scopes_to_oauth_providers.php (1 hunks)

Files skipped from review as they are similar to previous changes (1)

• api/database/migrations/2024_08_27_124933_add_scopes_to_oauth_providers.php

[JhumanJ]

It's great but small details:

• I've slightly refactored integrations drivers to simplify the controller, by setting the default scopes for each integration (232c3e0)
• The flat select input have a design issue
  

Please fix an apply in other projects, thanks

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 5b07d25 and 232c3e0.

Files selected for processing (3)

• api/app/Http/Controllers/Settings/OAuthProviderController.php (3 hunks)
• api/app/Integrations/OAuth/Drivers/Contracts/OAuthDriver.php (1 hunks)
• api/app/Integrations/OAuth/Drivers/OAuthGoogleDriver.php (3 hunks)

Files skipped from review as they are similar to previous changes (1)

• api/app/Http/Controllers/Settings/OAuthProviderController.php

Additional comments not posted (7)

api/app/Integrations/OAuth/Drivers/Contracts/OAuthDriver.php (3)

10-10: LGTM!

The change to enforce type safety by changing the parameter to string $url enhances the robustness of the code.

---

11-11: LGTM!

The addition of the setScopes method enhances the interface's functionality by allowing the specification of OAuth scopes.

---

15-19: LGTM!

The addition of the fullScopes method enhances the interface's functionality by configuring the necessary permissions for the current OAuth driver.

api/app/Integrations/OAuth/Drivers/OAuthGoogleDriver.php (4)

26-26: LGTM!

The update to utilize the new $scopes property allows for more flexible configuration of the scopes used during the OAuth process.

---

50-50: LGTM!

The change to enforce type safety by changing the parameter to string $url enhances the robustness of the code.

---

56-60: LGTM!

The addition of the setScopes method enhances the class's configurability and adaptability for different OAuth scenarios.

---

62-64: LGTM!

The addition of the fullScopes method provides a convenient way to configure the necessary permissions for the current OAuth driver.

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between 232c3e0 and c6a7dbb.

Files selected for processing (2)

• client/components/open/integrations/GoogleSheetsIntegration.vue (5 hunks)
• client/pages/settings/connections.vue (1 hunks)

Files skipped from review due to trivial changes (1)

• client/pages/settings/connections.vue

Files skipped from review as they are similar to previous changes (1)

• client/components/open/integrations/GoogleSheetsIntegration.vue

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between c6a7dbb and a33ecbf.

Files selected for processing (3)

• api/app/Http/Controllers/Settings/OAuthProviderController.php (2 hunks)
• client/components/forms/FlatSelectInput.vue (4 hunks)
• client/pages/settings/connections.vue (1 hunks)

Files skipped from review as they are similar to previous changes (3)

• api/app/Http/Controllers/Settings/OAuthProviderController.php
• client/components/forms/FlatSelectInput.vue
• client/pages/settings/connections.vue

[coderabbitai]

Actionable comments posted: 0

Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

Commits

Files that changed from the base of the PR and between a33ecbf and 090f644.

Files selected for processing (1)

• api/database/migrations/2024_08_29_110048_update_oauth_providers_token_columns.php (1 hunks)

Additional comments not posted (2)

api/database/migrations/2024_08_29_110048_update_oauth_providers_token_columns.php (2)

13-18: LGTM! Verify application logic for handling larger token values.

The changes to the access_token and refresh_token columns are appropriate for storing larger token values. Ensure that the application logic handles the increased column size without performance issues.

---

26-31: LGTM! Verify potential data truncation issues.

The changes to revert the access_token and refresh_token columns back to string are appropriate. Ensure that there are no data truncation issues when reverting from text to string.