Mit 27 add attion crm #326
Conversation
…o mit-27-add-attion-crm
|
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎
|
|
|
WalkthroughThis update signifies a shift in authentication and domain management strategies, notably moving away from Stytch for authentication towards Attio, alongside renaming and aligning domain-related environment variables for clarity. It involves updating environment variables, refining Docker and GitHub workflow configurations, and integrating Attio services into the API for CRM functionalities. The changes streamline authentication, domain handling, and CRM integration, enhancing the system's adaptability and coherence. Changes
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (invoked as PR comments)
Additionally, you can add CodeRabbit Configration File (
|
|
🚨 Potential security issues detected. Learn more about Socket for GitHub ↗︎ To accept the risk, merge this PR and you will not be notified again.
Next stepsWhat is an install script?Install scripts are run when the package is installed. The majority of malware in npm is hidden in install scripts. Packages should not be running non-essential scripts during install and there are often solutions to problems people solve with install scripts that can be run at publish time instead. Take a deeper look at the dependencyTake a moment to review the security alert above. Review the linked package source code to understand the potential risk. Ensure the package is not malicious before proceeding. If you're unsure how to proceed, reach out to your security team or ask the Socket team for help at support [AT] socket [DOT] dev. Remove the packageIf you happen to install a dependency that Socket reports as Known Malware you should immediately remove it and select a different dependency. For other alert types, you may may wish to investigate alternative packages or consider if there are other ways to mitigate the specific risk posed by the dependency. Mark a package as acceptable riskTo ignore an alert, reply with a comment starting with
|
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Review Status
Actionable comments generated: 12
Configuration used: CodeRabbit UI
Files ignored due to path filters (6)
apps/client-ts/public/providers/crm/attio.pngis excluded by:!**/*.pngdocker-compose.dev.ymlis excluded by:!**/*.ymldocker-compose.source.ymlis excluded by:!**/*.ymldocker-compose.ymlis excluded by:!**/*.ymlpackages/api/swagger/swagger-spec.jsonis excluded by:!**/*.jsonpnpm-lock.yamlis excluded by:!**/*.yaml
Files selected for processing (35)
- .env.example (3 hunks)
- .github/workflows/docker.yml (1 hunks)
- .github/workflows/sh-build-push-docker.yml (2 hunks)
- apps/client-ts/.env.example (1 hunks)
- apps/client-ts/Dockerfile (2 hunks)
- apps/client-ts/src/components/Connection/ConnectionTable.tsx (1 hunks)
- apps/client-ts/src/components/Connection/CopyLinkInput.tsx (2 hunks)
- apps/client-ts/src/lib/config.ts (1 hunks)
- apps/client-ts/src/middleware.ts (1 hunks)
- apps/magic-link/.env.example (1 hunks)
- apps/magic-link/Dockerfile (1 hunks)
- apps/magic-link/Dockerfile.dev (1 hunks)
- apps/magic-link/src/helpers/config.ts (1 hunks)
- apps/magic-link/src/lib/ProviderModal.tsx (1 hunks)
- packages/api/src/@core/auth/auth.controller.ts (1 hunks)
- packages/api/src/@core/auth/auth.module.ts (2 hunks)
- packages/api/src/@core/auth/auth.service.ts (3 hunks)
- packages/api/src/@core/connections/crm/crm.connection.module.ts (2 hunks)
- packages/api/src/@core/connections/crm/services/attio/attio.service.ts (1 hunks)
- packages/api/src/@core/connections/crm/services/crm.connection.service.ts (1 hunks)
- packages/api/src/@core/connections/crm/types/index.ts (1 hunks)
- packages/api/src/@core/environment/environment.service.ts (2 hunks)
- packages/api/src/@core/utils/types/index.ts (4 hunks)
- packages/api/src/app.controller.ts (2 hunks)
- packages/api/src/crm/@utils/@types/index.ts (1 hunks)
- packages/api/src/crm/contact/contact.module.ts (2 hunks)
- packages/api/src/crm/contact/services/attio/index.ts (1 hunks)
- packages/api/src/crm/contact/services/attio/mappers.ts (1 hunks)
- packages/api/src/crm/contact/services/attio/types.ts (1 hunks)
- packages/api/src/crm/contact/types/mappingsTypes.ts (2 hunks)
- packages/api/src/main.ts (1 hunks)
- packages/shared/src/authUrl.ts (2 hunks)
- packages/shared/src/enum.ts (2 hunks)
- packages/shared/src/providers.ts (1 hunks)
- packages/shared/src/utils.ts (5 hunks)
Files skipped from review due to trivial changes (2)
- apps/magic-link/Dockerfile.dev
- packages/api/src/main.ts
Additional comments: 31
apps/client-ts/src/lib/config.ts (1)
- 3-3: Renaming
FRONT_DOMAINtoMAGIC_LINK_DOMAINaligns with the new domain naming conventions. Please verify that all references to the oldFRONT_DOMAINvariable have been updated accordingly.Verification successful
The renaming of
FRONT_DOMAINtoMAGIC_LINK_DOMAINappears to have been successfully applied across the codebase, with no remaining references to the old variable name found. This aligns with the transition to the new domain naming conventions and authentication flow.Scripts Executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash # Search for any remaining references to FRONT_DOMAIN in the codebase. rg "FRONT_DOMAIN"Length of output: 17
apps/client-ts/.env.example (1)
- 2-2: The addition of
NEXT_PUBLIC_MAGIC_LINK_DOMAINand the renaming ofNEXT_PUBLIC_FRONTEND_DOMAINtoNEXT_PUBLIC_MAGIC_LINK_DOMAINare noted. Please ensure that all references to the oldNEXT_PUBLIC_FRONTEND_DOMAINvariable have been updated accordingly.Verification successful
The search for any remaining references to
NEXT_PUBLIC_FRONTEND_DOMAINin the codebase did not produce any results, indicating that all references to this environment variable have been successfully updated or removed as intended.Scripts Executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash # Search for any remaining references to NEXT_PUBLIC_FRONTEND_DOMAIN in the codebase. rg "NEXT_PUBLIC_FRONTEND_DOMAIN"Length of output: 32
packages/shared/src/enum.ts (1)
- 18-18: Adding
ATTIOto theCrmProvidersenum aligns with the integration of Attio CRM into the system..github/workflows/docker.yml (1)
- 21-21: Replacing
NEXT_PUBLIC_FRONTEND_DOMAINwithNEXT_PUBLIC_MAGIC_LINK_DOMAINin the GitHub workflow file aligns with the new domain naming conventions. Please ensure the workflow functions correctly with the new environment variable.packages/shared/src/providers.ts (1)
- 10-10: The addition of 'attio' to the
CRM_PROVIDERSlist is correctly implemented.packages/api/src/crm/contact/contact.module.ts (1)
- 37-37: The addition of
AttioServiceto the providers list inContactModuleis correctly implemented.packages/api/src/@core/connections/crm/crm.connection.module.ts (1)
- 30-30: The addition of
AttioConnectionServiceto the providers list inCrmConnectionModuleis correctly implemented.apps/magic-link/Dockerfile (1)
- 27-36: > 📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [1-1]
The removal of
VITE_ML_FRONTEND_URLfrom the Dockerfile aligns with the PR objectives. Ensure to verify the impact on the deployment process.Verification successful
The removal of
VITE_ML_FRONTEND_URLfrom the Dockerfile does not appear to impact any deployment scripts or documentation, as no references to this environment variable were found in the codebase. This supports the initial assessment that the removal aligns with the PR objectives.Scripts Executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash # Verify if the removal of VITE_ML_FRONTEND_URL affects deployment scripts or documentation. rg "VITE_ML_FRONTEND_URL" --files-with-matchesLength of output: 46
packages/api/src/crm/contact/types/mappingsTypes.ts (1)
- 36-39: The integration of
AttioContactMapperintocontactUnificationMappingis correctly implemented and follows the established pattern.packages/shared/src/authUrl.ts (1)
- 19-19: Ensure that the return value of
findProviderVertical(providerName)is handled correctly. Ifnullis a valid return and signifies a specific condition, this should be clearly documented to avoid confusion.packages/api/src/@core/environment/environment.service.ts (1)
- 50-55: The addition of
getAttioAuth()method aligns with the PR's objective to integrate Attio CRM. Ensure that the environment variablesATTIO_CLIENT_IDandATTIO_CLIENT_SECRETare securely managed and properly documented..github/workflows/sh-build-push-docker.yml (1)
- 51-51: The update to use
NEXT_PUBLIC_MAGIC_LINK_DOMAINinstead ofNEXT_PUBLIC_FRONTEND_DOMAINis consistent with the PR's goal of updating domain references for the new authentication flow. Ensure that all references to the old domain are updated across the entire codebase to maintain consistency.packages/api/src/crm/contact/services/attio/types.ts (1)
- 1-121: The introduction of types for Attio CRM integration, such as
AttioContact,NumberValueItem,TextValueItem, etc., is a good practice for type safety and clarity. Ensure that these types are used consistently across the Attio service implementation and that they align with the data structures expected by the Attio API.apps/client-ts/Dockerfile (1)
- 39-39: Renaming
NEXT_PUBLIC_FRONTEND_DOMAINtoNEXT_PUBLIC_MAGIC_LINK_DOMAINin the Dockerfile aligns with the PR's objective to update domain references for the new authentication flow. Ensure that this change is reflected in all relevant configuration files and documentation.packages/api/src/crm/contact/services/attio/index.ts (1)
- 30-71: The implementation of
addContactmethod inAttioServicecorrectly handles the process of adding a contact to Attio CRM. Ensure that error handling is robust and that sensitive information, such as access tokens, is securely managed throughout the process.apps/client-ts/src/components/Connection/CopyLinkInput.tsx (2)
- 18-18: Updating the reference to
config.MAGIC_LINK_DOMAINin thehandleCopyfunction aligns with the PR's objective to update domain references for the new authentication flow. Ensure that all references to the old domain are updated across the entire frontend codebase to maintain consistency.- 31-31: The update to use
config.MAGIC_LINK_DOMAINin thedefaultValueof theInputcomponent is consistent with the PR's goal. This change ensures that the magic link domain is correctly displayed to the user.packages/api/src/@core/utils/types/index.ts (4)
- 34-34: The addition of
attioto thedomainsobject looks good and follows the established pattern for CRM provider URLs.- 47-47: The addition of
attioto thecustomPropertiesUrlsobject is consistent with the pattern used for other CRM providers. Ensure the URL is accurate and points to the intended documentation or API endpoint.- 72-72: The addition of
attioto theCrmProvidersenum is appropriate for integrating a new CRM provider.- 91-91: Including
attioin theCRM_PROVIDERSarray is consistent with the addition of a new CRM provider and follows the established pattern.packages/api/src/crm/contact/services/attio/mappers.ts (3)
- 20-79: The
desunifymethod implementation for transforming unified contact input to Attio-specific format appears correct. Ensure that error handling for edge cases, such as empty email or phone arrays, is managed appropriately upstream.- 82-98: The
unifymethod's implementation for transforming Attio-specific contact output to a unified format is well-structured, correctly handling both single and multiple instances. It demonstrates good code reuse by utilizingmapSingleContactToUnifiedfor individual mappings.- 101-134: The
mapSingleContactToUnifiedmethod accurately maps a single Attio contact output to the unified format, including handling custom field mappings. It operates under the assumption of certain field presences and formats, which is reasonable given the controlled nature of the input.apps/client-ts/src/components/Connection/ConnectionTable.tsx (1)
- 115-115: The change to use
MAGIC_LINK_DOMAINinstead ofFRONT_DOMAINin theonClickfunction aligns with the PR's objectives and the new authentication flow. Ensure this change is consistently applied across the application where relevant.packages/api/src/@core/auth/auth.service.ts (1)
- 54-54: The changes related to the removal of Stytch for authentication and the direct use of
createUserfor user registration align with the PR's objectives. Ensure that all references to Stytch are removed throughout the codebase to maintain consistency.packages/api/src/crm/@utils/@types/index.ts (1)
- 112-112: The addition of the export statement for Attio service types is appropriate and facilitates the use of Attio-specific types across the CRM module.
packages/shared/src/utils.ts (2)
- 131-134: The update to the
getDescriptionfunction is correctly implemented and continues to work generically for any provider, including the newly added 'attio'. The function correctly handles cases where a provider or vertical is not found.- 145-151: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [147-157]
The enhancements to the
providersArrayfunction are correctly implemented and continue to work generically for any provider, including the newly added 'attio'. The function correctly handles cases where a vertical is not found by returning an empty array.apps/client-ts/src/middleware.ts (2)
- 189-189: The change to return
NextResponse.next()instead of{ props: {} }upon successful JWT authentication is appropriate and aligns with Next.js middleware conventions. This enhances the clarity and correctness of the middleware's behavior.- 186-192: > 📝 NOTE
This review was outside the diff hunks and was mapped to the diff hunk with the greatest overlap. Original lines [1-191]
The file contains several references to Stytch, including imports and usage within the
middlewarefunction. Given the PR's objective to integrate Attio CRM and replace Stytch functionalities, could you clarify if these references are expected to remain as part of a transitional phase, or if their presence is an oversight that needs addressing?
| 'attio': { | ||
| clientId: '86cbbd35-e067-4353-940b-5abcdcb539dd', | ||
| scopes: 'record_permission:read', | ||
| authBaseUrl: 'https://app.attio.com/authorize', | ||
| logoPath: "https://asset.brandfetch.io/idZA7HYRWK/idYZS6Vp_r.png", | ||
| description: "Sync & Create contacts, deals, companies, notes, engagements, stages, tasks and users" | ||
| }, |
There was a problem hiding this comment.
The addition of the 'attio' provider to providersConfig is correctly implemented and aligns with the structure of other providers. However, ensure that sensitive information such as clientId is not hardcoded in the source code but instead securely managed, for example, through environment variables.
| console.log("State : ", JSON.stringify({ projectId, linkedUserId, providerName, returnUrl })) | ||
| console.log("encodedRedirect URL : ", encodedRedirectUrl) |
There was a problem hiding this comment.
Adding logging statements like these can be helpful for debugging but consider the security implications of logging sensitive information such as projectId, linkedUserId, and returnUrl. Ensure that this does not lead to unintentional exposure of PII or other sensitive data.
| if (providerName == 'zoho') { | ||
| finalAuth = `${baseUrl}?response_type=code&client_id=${encodeURIComponent(clientId)}&scope=${encodeURIComponent(scopes)}&redirect_uri=${encodedRedirectUrl}&access_type=offline&state=${state}` | ||
| console.log(finalAuth); | ||
| } else if(providerName == "zendesk"){ | ||
| } else if (providerName == "zendesk") { | ||
| finalAuth = `${baseUrl}?client_id=${encodeURIComponent(clientId)}&response_type=code&redirect_uri=${encodedRedirectUrl}&state=${state}` | ||
| } else if(providerName == "zendesk_tcg" || providerName=="front") { | ||
| } else if (providerName == "attio") { | ||
| finalAuth = `${baseUrl}?client_id=${encodeURIComponent(clientId)}&response_type=code&redirect_uri=${encodedRedirectUrl}&state=${state}` | ||
| } else if (providerName == "zendesk_tcg" || providerName == "front") { | ||
| finalAuth = `${baseUrl}?client_id=${encodeURIComponent(clientId)}&response_type=code&redirect_uri=${encodedRedirectUrl}&scope=${encodeURIComponent(scopes)}&state=${state}` | ||
| }else{ | ||
| finalAuth = addScope ? | ||
| `${baseUrl}?client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodedRedirectUrl}&scope=${encodeURIComponent(scopes)}&state=${state}` | ||
| : `${baseUrl}?client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodedRedirectUrl}&state=${state}`; | ||
| } else { | ||
| finalAuth = addScope ? | ||
| `${baseUrl}?client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodedRedirectUrl}&scope=${encodeURIComponent(scopes)}&state=${state}` | ||
| : `${baseUrl}?client_id=${encodeURIComponent(clientId)}&redirect_uri=${encodedRedirectUrl}&state=${state}`; |
There was a problem hiding this comment.
The handling of different providers is done through a series of conditionals. Consider refactoring this to a more scalable solution, such as a strategy pattern, to improve maintainability and ease of adding new providers in the future.
| } | ||
|
|
||
| console.log("Final Authentication : ", finalAuth) |
There was a problem hiding this comment.
Logging the final authentication URL can be useful for debugging but be cautious about logging URLs with sensitive information. Ensure that this does not lead to unintentional exposure of secrets or tokens.
| @@ -21,6 +21,11 @@ export interface HubspotOAuthResponse { | |||
| access_token: string; | |||
| expires_in: number; | |||
| } | |||
|
|
|||
| export interface AttioOAuthResponse { | |||
| access_token: string, | |||
There was a problem hiding this comment.
Replace the comma with a semicolon for consistency with the rest of the file.
- access_token: string,
+ access_token: string;Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
| access_token: string, | |
| access_token: string; |
| @@ -46,6 +46,7 @@ | |||
| } | |||
|
|
|||
| const serviceName = providerName.toLowerCase(); | |||
|
|
|||
There was a problem hiding this comment.
The addition of whitespace does not impact the functionality but ensures better readability. However, there's an unused variable data in the handleCRMTokensRefresh method that should be addressed to clean up the code.
- const data = await service.handleTokenRefresh(refreshOpts);
+ await service.handleTokenRefresh(refreshOpts);Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
| DISTRIBUTION=selfhosted | ||
| OAUTH_REDIRECT_BASE=http://localhost:3000 | ||
| SENTRY_DSN= | ||
| STYTCH_PROJECT_ID="Temp_STYTCH_PROJECT_ID" | ||
| STYTCH_SECRET="Temp_STYTCH_PROJECT_SECRET" | ||
| FRONT_END_URL=http://localhost | ||
|
|
||
|
|
||
| # ================================================ | ||
| # Database | ||
| # ================================================ |
There was a problem hiding this comment.
Tip
Codebase Verification
The verification process has revealed that the changes to environment variables, specifically the removal of Stytch-related variables and the addition of Attio-specific ones, could significantly impact the application's configuration, deployment, and authentication mechanisms. The presence of these variables in Docker configurations and application code suggests that careful consideration and potential updates are required to ensure the application functions correctly with the new authentication provider. It is recommended to review and update the application's configuration, deployment scripts, and authentication logic to accommodate the transition from Stytch to Attio.
Analysis chain
📝 NOTE
This review was outside the diff hunks, and no overlapping diff hunk was found. Original lines [1-1]
The changes to environment variables in .env.example are correctly implemented and align with the PR objectives. Ensure to verify the impact on the application configuration.
Scripts Executed
The following scripts were executed for the analysis:
Script:
#!/bin/bash
# Verify if the changes to environment variables affect application configuration or documentation.
rg "NEXT_PUBLIC_FRONTEND_DOMAIN|STYTCH_PROJECT_ID" --files-with-matches
Length of output: 211
Script:
#!/bin/bash
# Inspect the usage of NEXT_PUBLIC_FRONTEND_DOMAIN and STYTCH_PROJECT_ID in the mentioned files
cat docker-compose.yml docker-compose.source.yml docker-compose.dev.yml apps/client-ts/Dockerfile apps/client-ts/src/lib/stytch/loadStytch.ts
Length of output: 20393
| async handleCallback(opts: CallbackParams) { | ||
| try { | ||
| console.log("Linked User iD : <MMMMKIIT") | ||
| const { linkedUserId, projectId, code } = opts; | ||
| this.logger.log( | ||
| 'linkeduserid is ' + linkedUserId + ' inside callback attio', | ||
| ); | ||
| const isNotUnique = await this.prisma.connections.findFirst({ | ||
| where: { | ||
| id_linked_user: linkedUserId, | ||
| provider_slug: 'attio', | ||
| }, | ||
| }); | ||
| if (isNotUnique) return; | ||
| //reconstruct the redirect URI that was passed in the frontend it must be the same | ||
| const REDIRECT_URI = `${this.env.getOAuthRredirectBaseUrl()}/connections/oauth/callback`; | ||
| const formData = new URLSearchParams({ | ||
| grant_type: 'authorization_code', | ||
| client_id: this.env.getAttioAuth().CLIENT_ID, | ||
| client_secret: this.env.getAttioAuth().CLIENT_SECRET, | ||
| redirect_uri: REDIRECT_URI, | ||
| code: code, | ||
| }); | ||
|
|
||
| const res = await axios.post( | ||
| 'https://app.attio.com/oauth/token', | ||
| formData.toString(), | ||
| { | ||
| headers: { | ||
| 'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8', | ||
| }, | ||
| }, | ||
| ); | ||
|
|
||
| const data: AttioOAuthResponse = res.data; | ||
|
|
||
| // Saving the token of customer inside db | ||
| let db_res; | ||
| const connection_token = uuidv4(); | ||
|
|
||
| if (isNotUnique) { | ||
| // Update existing connection | ||
| db_res = await this.prisma.connections.update({ | ||
| where: { | ||
| id_connection: isNotUnique.id_connection, | ||
| }, | ||
| data: { | ||
| access_token: this.cryptoService.encrypt(data.access_token), | ||
| status: 'valid', | ||
| created_at: new Date(), | ||
| }, | ||
| }); | ||
| } else { | ||
| // Create new connection | ||
| db_res = await this.prisma.connections.create({ | ||
| data: { | ||
| id_connection: uuidv4(), | ||
| connection_token: connection_token, | ||
| provider_slug: 'attio', | ||
| token_type: 'oauth', | ||
| access_token: this.cryptoService.encrypt(data.access_token), | ||
| status: 'valid', | ||
| created_at: new Date(), | ||
| projects: { | ||
| connect: { id_project: projectId }, | ||
| }, | ||
| linked_users: { | ||
| connect: { id_linked_user: linkedUserId }, | ||
| }, | ||
| }, | ||
| }); | ||
| } | ||
| this.logger.log('Successfully added tokens inside DB ' + db_res); | ||
| return db_res; | ||
|
|
||
|
|
||
| } catch (error) { | ||
| handleServiceError(error, this.logger, 'attio', Action.oauthCallback); | ||
|
|
||
| } |
There was a problem hiding this comment.
The handleCallback method correctly implements the OAuth callback process for Attio, including token exchange and database operations. Consider replacing console.log with the LoggerService for consistent and configurable logging.
- console.log("Linked User iD : <MMMMKIIT")
+ this.logger.log("Linked User iD : <MMMMKIIT")Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
| async handleCallback(opts: CallbackParams) { | |
| try { | |
| console.log("Linked User iD : <MMMMKIIT") | |
| const { linkedUserId, projectId, code } = opts; | |
| this.logger.log( | |
| 'linkeduserid is ' + linkedUserId + ' inside callback attio', | |
| ); | |
| const isNotUnique = await this.prisma.connections.findFirst({ | |
| where: { | |
| id_linked_user: linkedUserId, | |
| provider_slug: 'attio', | |
| }, | |
| }); | |
| if (isNotUnique) return; | |
| //reconstruct the redirect URI that was passed in the frontend it must be the same | |
| const REDIRECT_URI = `${this.env.getOAuthRredirectBaseUrl()}/connections/oauth/callback`; | |
| const formData = new URLSearchParams({ | |
| grant_type: 'authorization_code', | |
| client_id: this.env.getAttioAuth().CLIENT_ID, | |
| client_secret: this.env.getAttioAuth().CLIENT_SECRET, | |
| redirect_uri: REDIRECT_URI, | |
| code: code, | |
| }); | |
| const res = await axios.post( | |
| 'https://app.attio.com/oauth/token', | |
| formData.toString(), | |
| { | |
| headers: { | |
| 'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8', | |
| }, | |
| }, | |
| ); | |
| const data: AttioOAuthResponse = res.data; | |
| // Saving the token of customer inside db | |
| let db_res; | |
| const connection_token = uuidv4(); | |
| if (isNotUnique) { | |
| // Update existing connection | |
| db_res = await this.prisma.connections.update({ | |
| where: { | |
| id_connection: isNotUnique.id_connection, | |
| }, | |
| data: { | |
| access_token: this.cryptoService.encrypt(data.access_token), | |
| status: 'valid', | |
| created_at: new Date(), | |
| }, | |
| }); | |
| } else { | |
| // Create new connection | |
| db_res = await this.prisma.connections.create({ | |
| data: { | |
| id_connection: uuidv4(), | |
| connection_token: connection_token, | |
| provider_slug: 'attio', | |
| token_type: 'oauth', | |
| access_token: this.cryptoService.encrypt(data.access_token), | |
| status: 'valid', | |
| created_at: new Date(), | |
| projects: { | |
| connect: { id_project: projectId }, | |
| }, | |
| linked_users: { | |
| connect: { id_linked_user: linkedUserId }, | |
| }, | |
| }, | |
| }); | |
| } | |
| this.logger.log('Successfully added tokens inside DB ' + db_res); | |
| return db_res; | |
| } catch (error) { | |
| handleServiceError(error, this.logger, 'attio', Action.oauthCallback); | |
| } | |
| async handleCallback(opts: CallbackParams) { | |
| try { | |
| this.logger.log("Linked User iD : <MMMMKIIT") | |
| const { linkedUserId, projectId, code } = opts; | |
| this.logger.log( | |
| 'linkeduserid is ' + linkedUserId + ' inside callback attio', | |
| ); | |
| const isNotUnique = await this.prisma.connections.findFirst({ | |
| where: { | |
| id_linked_user: linkedUserId, | |
| provider_slug: 'attio', | |
| }, | |
| }); | |
| if (isNotUnique) return; | |
| //reconstruct the redirect URI that was passed in the frontend it must be the same | |
| const REDIRECT_URI = `${this.env.getOAuthRredirectBaseUrl()}/connections/oauth/callback`; | |
| const formData = new URLSearchParams({ | |
| grant_type: 'authorization_code', | |
| client_id: this.env.getAttioAuth().CLIENT_ID, | |
| client_secret: this.env.getAttioAuth().CLIENT_SECRET, | |
| redirect_uri: REDIRECT_URI, | |
| code: code, | |
| }); | |
| const res = await axios.post( | |
| 'https://app.attio.com/oauth/token', | |
| formData.toString(), | |
| { | |
| headers: { | |
| 'Content-Type': 'application/x-www-form-urlencoded;charset=utf-8', | |
| }, | |
| }, | |
| ); | |
| const data: AttioOAuthResponse = res.data; | |
| // Saving the token of customer inside db | |
| let db_res; | |
| const connection_token = uuidv4(); | |
| if (isNotUnique) { | |
| // Update existing connection | |
| db_res = await this.prisma.connections.update({ | |
| where: { | |
| id_connection: isNotUnique.id_connection, | |
| }, | |
| data: { | |
| access_token: this.cryptoService.encrypt(data.access_token), | |
| status: 'valid', | |
| created_at: new Date(), | |
| }, | |
| }); | |
| } else { | |
| // Create new connection | |
| db_res = await this.prisma.connections.create({ | |
| data: { | |
| id_connection: uuidv4(), | |
| connection_token: connection_token, | |
| provider_slug: 'attio', | |
| token_type: 'oauth', | |
| access_token: this.cryptoService.encrypt(data.access_token), | |
| status: 'valid', | |
| created_at: new Date(), | |
| projects: { | |
| connect: { id_project: projectId }, | |
| }, | |
| linked_users: { | |
| connect: { id_linked_user: linkedUserId }, | |
| }, | |
| }, | |
| }); | |
| } | |
| this.logger.log('Successfully added tokens inside DB ' + db_res); | |
| return db_res; | |
| } catch (error) { | |
| handleServiceError(error, this.logger, 'attio', Action.oauthCallback); | |
| } |
| async handleTokenRefresh(opts: RefreshParams) { | ||
| return; | ||
| } |
There was a problem hiding this comment.
The handleTokenRefresh method is correctly implemented as a no-op, aligning with Attio's lack of a refresh token mechanism. Consider removing the unused parameter opts to clean up the method signature.
- async handleTokenRefresh(opts: RefreshParams) {
+ async handleTokenRefresh() {Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation.
| async handleTokenRefresh(opts: RefreshParams) { | |
| return; | |
| } | |
| async handleTokenRefresh() { | |
| return; | |
| } |
| @@ -47,7 +47,7 @@ const ProviderModal = () => { | |||
|
|
|||
| const { open, isReady } = useOAuth({ | |||
| providerName: selectedProvider, | |||
| returnUrl: config.ML_FRONTEND_URL!, | |||
| returnUrl: "https://google.com", //TODO: handle the redirection URL (let customer put their confetti or success page redirect url ? ) | |||
There was a problem hiding this comment.
The change to a hardcoded returnUrl ("https://google.com") in the useOAuth hook is noted. While this may be a temporary measure, consider implementing a more flexible solution for handling redirection URLs to avoid potential issues with hardcoded values. Ensure the TODO comment is addressed in future updates.
Summary by CodeRabbit