🪟 🐛 New OAuth connectors should never say "re-authenticate"

[teallarson]

What

closes #16599

Previously, some OAuth connectors would render a button that said "Re-Authenticate" when a user was creating a new connection. Some of this was resolved with #17965 when the new useAuthentication hook was introduced. This PR resolves the rest of it.

How

Previously, we were looking to see if there was an empty credentials object to determine whether a user had OAuthed yet or not. However, in some cases the keys are present already, but all values are undefined. This PR changes that to check for either no credentials object, or an object with no defined values.

Recommended reading order

The one file

Testing

Previously, you could see this bug by OAuthing a Google connector (we have Google Sheets on frontend-dev) and then trying to create a Google Ads source. This was the only connector I was able to find with the bug remaining after #17965.

Now, if you create a Google Sheets OAuth source, then go to create a Google Ads source, you should see Sign in with Google and not Re-authenticate on the OAuth button.

Choosing an existing connector and going to settings should display "Re-authenticate"

[timroes]

Not introduced by this PR, but I feel I asked this already on the original PR that introduced this: credentials is just one arbitrary path inside values that could hold the information, but they could as well also just sit on the root level? Or any other path defined in the spec. How does the current code handle that? E.g. can we verify this works e.g. with the Instagram or Salesforce connector which have the button on the root of the form?

[teallarson]

E.g. can we verify this works e.g. with the Instagram or Salesforce connector which have the button on the root of the form?

Salesforce never says "re-authenticate" as it stands, due to what you mentioned.

I do wonder if I could pull the auth fields to hide from the new service and use that instead. I'll try it out.

[timroes]

I think that would be exactly the right solution, @tealjulia. Maybe let's in general move this as a flag into the useAuhentication hook as something like hasAuthFieldValues or such

[teallarson]

@timroes I pinged you for review since you had shared some opinions about wanting a more generalizable solution here! This should work for any connector configuration now (and does per my testing it out with salesforce, google ads, google sheets, github, and instagram).

I do wonder if there are branding requirements for the "Re-authneticate" button for Google? Are we required to include the words "google account" there?

[lmossman]

The solution looks good to me!

I tested this out on frontend-dev and was able to reproduce the re-authenticate issue you described in the PR description, and then I spun up this branch on npm and that solved the problem. I still got a 404 when clicking the oauth button on Google Ads, but I think that is expected based on that source not being listed here

Not super sure about your Google branding question. @timroes maybe that is something we can check with the Google team? Not sure what that process looks like

[timroes]

Regarding the Sign-In branding question. Their branding guidelines are documented here: https://developers.google.com/identity/branding-guidelines

There is no specific rules around the "reauthentication" purpose, so I think we'l be fine with this. We can always change it, if they'd would reach out and see this as a problem (which they tend to do).

[timroes]

Code LGTM, have not tested locally since the suggested refactoring