feat: Sync app credentials between Cal.com & self-hosted platforms#11059
Merged
joeauyeung merged 25 commits intomainfrom Sep 19, 2023
Merged
feat: Sync app credentials between Cal.com & self-hosted platforms#11059joeauyeung merged 25 commits intomainfrom
joeauyeung merged 25 commits intomainfrom
Conversation
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
2 Ignored Deployments
|
Contributor
|
Thank you for following the naming conventions! 🙏 |
Contributor
📦 Next.js Bundle Analysis for @calcom/webThis analysis was generated by the Next.js Bundle Analysis action. 🤖 This PR introduced no changes to the JavaScript bundle! 🙌 |
Current Playwright Test Results Summary✅ 121 Passing - Run may still be in progress, this comment will be updated as current testing workflow or job completes... (Last updated on 09/19/2023 08:46:01pm UTC) Run DetailsRunning Workflow PR Update on Github Actions Commit: 9fde0e9 Started: 09/19/2023 08:44:40pm UTC
|
| Test Case | Last 7 days Failures | Last 7 days Flakes |
|---|---|---|
|
Event Types tests user can add multiple organizer address
Retry 1 • Initial Attempt |
1.79% (5)5 / 279 runsfailed over last 7 days |
16.85% (47)47 / 279 runsflaked over last 7 days |
📄 packages/embeds/embed-core/playwright/tests/action-based.e2e.ts • 1 Flake
Test Case Results
| Test Case | Last 7 days Failures | Last 7 days Flakes |
|---|---|---|
|
Popup Tests should be able to reschedule
Retry 1 • Initial Attempt |
1.78% (5)5 / 281 runsfailed over last 7 days |
96.09% (270)270 / 281 runsflaked over last 7 days |
joeauyeung
commented
Aug 31, 2023
Contributor
Author
joeauyeung
left a comment
joeauyeung
left a comment
There was a problem hiding this comment.
Initial review
Comment on lines
+23
to
+25
| if (req.headers["calcom-webhook-secret"] !== process.env.CALCOM_WEBHOOK_SECRET) { | ||
| return res.status(403).json({ message: "Invalid webhook secret" }); | ||
| } |
Contributor
Author
There was a problem hiding this comment.
Would this secret also be used in future webhooks as well? If we add this to the SaSS product then would need UI to generate a secret based on userId.
| userId: z.number().int(), | ||
| // The dirname of the app under packages/app-store | ||
| appDirName: z.string(), | ||
| keys: z.record(z.any()), |
Contributor
Author
There was a problem hiding this comment.
Thinking each app should have their own keys schema
zomars
reviewed
Sep 18, 2023
zomars
reviewed
Sep 18, 2023
| if (!clientId) return res.status(400).json({ message: "Zoho Bigin client_id missing." }); | ||
|
|
||
| const redirectUri = WEBAPP_URL + `/api/integrations/${appConfig.slug}/callback`; | ||
| const redirectUri = WEBAPP_URL + `/api/integrations/zoho-bigin/callback`; |
zomars
previously approved these changes
Sep 18, 2023
Contributor
zomars
left a comment
zomars
left a comment
There was a problem hiding this comment.
No major code objections. LGTM. Although we're going to need some help testing all the apps since this touch every calendar app.
Contributor
Author
I tested every app this PR touches but I think it's good to get a second pair of eyes on it. |
joeauyeung
commented
Sep 19, 2023
Comment on lines
-265
to
-272
| if (!tokenResponse.success) { | ||
| console.error( | ||
| "Outlook error grabbing new tokens ~ zodError:", | ||
| tokenResponse.error, | ||
| "MS response:", | ||
| responseJson | ||
| ); | ||
| } |
Contributor
Author
There was a problem hiding this comment.
Error handled in parseRefreshTokenResponse
emrysal
approved these changes
Sep 19, 2023
6 tasks
Contributor
|
This had to be reverted. It was preventing bookings with gCal (other cals could be affected) |
mfeuerstein
reviewed
Apr 10, 2026
mfeuerstein
left a comment
mfeuerstein
left a comment
There was a problem hiding this comment.
PR Review — approved
Reviewed 30 files. 0 high-severity issues found. Verdict: approved.
packages/app-store/_utils/oauth/encodeOAuthState.ts (low)
- Reviewed packages/app-store/_utils/oauth/encodeOAuthState.ts — looks good
packages/app-store/_utils/oauth/createOAuthAppCredential.ts (low)
- Reviewed packages/app-store/_utils/oauth/createOAuthAppCredential.ts — looks good
packages/app-store/_utils/oauth/parseRefreshTokenResponse.ts (low)
- Reviewed packages/app-store/_utils/oauth/parseRefreshTokenResponse.ts — looks good
packages/app-store/_utils/oauth/refreshOAuthTokens.ts (low)
- Reviewed packages/app-store/_utils/oauth/refreshOAuthTokens.ts — looks good
packages/app-store/googlecalendar/api/add.ts (low)
- Reviewed packages/app-store/googlecalendar/api/add.ts — looks good
packages/app-store/googlecalendar/lib/CalendarService.ts (low)
- Reviewed packages/app-store/googlecalendar/lib/CalendarService.ts — looks good
packages/app-store/_utils/oauth/decodeOAuthState.ts (low)
- Reviewed packages/app-store/_utils/oauth/decodeOAuthState.ts — looks good
packages/app-store/googlecalendar/api/callback.ts (low)
- Reviewed packages/app-store/googlecalendar/api/callback.ts — looks good
packages/app-store/hubspot/api/add.ts (low)
- Reviewed packages/app-store/hubspot/api/add.ts — looks good
packages/app-store/hubspot/api/callback.ts (low)
- Reviewed packages/app-store/hubspot/api/callback.ts — looks good
packages/app-store/hubspot/lib/CalendarService.ts (low)
- Reviewed packages/app-store/hubspot/lib/CalendarService.ts — looks good
packages/app-store/larkcalendar/api/callback.ts (low)
- Reviewed packages/app-store/larkcalendar/api/callback.ts — looks good
apps/web/pages/api/webhook/app-credential.ts (low)
- Reviewed apps/web/pages/api/webhook/app-credential.ts — looks good
.env.example (low)
- Reviewed .env.example — looks good
packages/app-store/office365calendar/api/add.ts (low)
- Reviewed packages/app-store/office365calendar/api/add.ts — looks good
packages/app-store/office365calendar/api/callback.ts (low)
- Reviewed packages/app-store/office365calendar/api/callback.ts — looks good
packages/app-store/larkcalendar/lib/CalendarService.ts (low)
- Reviewed packages/app-store/larkcalendar/lib/CalendarService.ts — looks good
packages/app-store/office365video/api/callback.ts (low)
- Reviewed packages/app-store/office365video/api/callback.ts — looks good
packages/app-store/salesforce/api/add.ts (low)
- Reviewed packages/app-store/salesforce/api/add.ts — looks good
packages/app-store/office365video/api/add.ts (low)
- Reviewed packages/app-store/office365video/api/add.ts — looks good
packages/app-store/office365video/lib/VideoApiAdapter.ts (low)
- Reviewed packages/app-store/office365video/lib/VideoApiAdapter.ts — looks good
packages/app-store/office365calendar/lib/CalendarService.ts (low)
- Reviewed packages/app-store/office365calendar/lib/CalendarService.ts — looks good
packages/app-store/salesforce/api/callback.ts (low)
- Reviewed packages/app-store/salesforce/api/callback.ts — looks good
packages/app-store/salesforce/lib/CalendarService.ts (low)
- Reviewed packages/app-store/salesforce/lib/CalendarService.ts — looks good
packages/app-store/larkcalendar/api/add.ts (low)
- Reviewed packages/app-store/larkcalendar/api/add.ts — looks good
packages/app-store/webex/lib/VideoApiAdapter.ts (low)
- Reviewed packages/app-store/webex/lib/VideoApiAdapter.ts — looks good
packages/app-store/tandemvideo/api/callback.ts (low)
- Reviewed packages/app-store/tandemvideo/api/callback.ts — looks good
packages/app-store/stripepayment/api/callback.ts (low)
- Reviewed packages/app-store/stripepayment/api/callback.ts — looks good
packages/app-store/zoho-bigin/api/add.ts (low)
- Reviewed packages/app-store/zoho-bigin/api/add.ts — looks good
packages/app-store/webex/api/callback.ts (low)
- Reviewed packages/app-store/webex/api/callback.ts — looks good
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
What does this PR do?
This PR allows self-hosters that have their own app store, to sync their user's 3rd party credentials with their instance of Cal.com. This allows their app store to be the source of truth for apps.
Fixes # (issue)
Requirement/Documentation
Type of change
How should this be tested?
api/webhook/app-credentialendpoint with the correct webhook secret and encrypted payloadMandatory Tasks
Checklist