Merge pull request #29 from codeccoop/feat/bearer-credentials

bearer credentials and pkce oauth flow

Author: orzocogorzo

forms-bridge/addons/gcalendar/hooks.php

@@ -50,7 +50,7 @@ function ( $defaults, $addon, $schema ) {
 						'ref'   => '#credential',
 						'name'  => 'schema',
 						'type'  => 'text',
-						'value' => 'Bearer',
+						'value' => 'OAuth',
 					),
 					array(
 						'ref'   => '#credential',
@@ -159,7 +159,7 @@ function ( $defaults, $addon, $schema ) {
 				),
 				'credential' => array(
 					'name'          => '',
-					'schema'        => 'Bearer',
+					'schema'        => 'OAuth',
 					'oauth_url'     => 'https://accounts.google.com/o/oauth2/v2',
 					'scope'         => 'https://www.googleapis.com/auth/calendar.readonly https://www.googleapis.com/auth/calendar.events',
 					'client_id'     => '',

forms-bridge/addons/gsheets/hooks.php

@@ -59,7 +59,7 @@ function ( $defaults, $addon, $schema ) {
 						'ref'   => '#credential',
 						'name'  => 'schema',
 						'type'  => 'text',
-						'value' => 'Bearer',
+						'value' => 'OAuth',
 					),
 					array(
 						'ref'   => '#credential',
@@ -144,7 +144,7 @@ function ( $defaults, $addon, $schema ) {
 				),
 				'credential' => array(
 					'name'          => '',
-					'schema'        => 'Bearer',
+					'schema'        => 'OAuth',
 					'oauth_url'     => 'https://accounts.google.com/o/oauth2/v2',
 					'scope'         => 'https://www.googleapis.com/auth/drive.readonly https://www.googleapis.com/auth/spreadsheets',
 					'client_id'     => '',

forms-bridge/addons/slack/hooks.php

@@ -30,7 +30,7 @@ function ( $defaults, $addon, $schema ) {
 						'ref'   => '#credential',
 						'name'  => 'schema',
 						'type'  => 'text',
-						'value' => 'Bearer',
+						'value' => 'OAuth',
 					),
 					array(
 						'ref'   => '#credential',
@@ -281,7 +281,7 @@ function ( $defaults, $addon, $schema ) {
 				),
 				'credential' => array(
 					'name'          => '',
-					'schema'        => 'Bearer',
+					'schema'        => 'OAuth',
 					'oauth_url'     => 'https://slack.com/oauth/v2',
 					'scope'         => 'chat:write,channels:read,users:read',
 					'client_id'     => '',

forms-bridge/addons/zoho/hooks.php

@@ -30,7 +30,7 @@ function ( $defaults, $addon, $schema ) {
 						'ref'   => '#credential',
 						'name'  => 'schema',
 						'type'  => 'text',
-						'value' => 'Bearer',
+						'value' => 'OAuth',
 					),
 					array(
 						'ref'   => '#credential',
@@ -172,7 +172,7 @@ function ( $defaults, $addon, $schema ) {
 				),
 				'credential' => array(
 					'name'          => '',
-					'schema'        => 'Bearer',
+					'schema'        => 'OAuth',
 					'oauth_url'     => 'https://accounts.{region}/oauth/v2',
 					'scope'         => 'ZohoCRM.modules.ALL,ZohoCRM.settings.modules.READ,ZohoCRM.settings.layouts.READ,ZohoCRM.users.READ',
 					'client_id'     => '',
@@ -182,13 +182,8 @@ function ( $defaults, $addon, $schema ) {
 					'refresh_token' => '',
 				),
 				'backend'    => array(
+					'name'     => 'Zoho API',
 					'base_url' => 'https://www.zohoapis.{region}',
-					'headers'  => array(
-						array(
-							'name'  => 'Accept',
-							'value' => 'application/json',
-						),
-					),
 				),
 			),
 			$defaults,

forms-bridge/deps/http

@@ -0,0 +1,30 @@
+<?php
+/**
+ * Database migration to version 4.0.7
+ *
+ * @package formsbridge
+ */
+
+// phpcs:disable WordPress.Files.FileName
+
+if ( ! defined( 'ABSPATH' ) ) {
+	exit();
+}
+
+/**
+ * Migration 4.3.1
+ */
+function forms_bridge_migration_431() {
+	$http = get_option( 'forms-bridge_http', array() ) ?: array(
+		'backends'    => array(),
+		'credentials' => array(),
+	);
+
+	foreach ( $http['credentials'] as &$credential ) {
+		if ( 'Bearer' === $credential['schema'] ) {
+			$credential['schema'] = 'OAuth';
+		}
+	}
+
+	update_option( 'forms-bridge_http', $http );
+}

forms-bridge/migrations/4.3.1.php

@@ -8,6 +8,7 @@ const OPTIONS = [
   { label: "Basic", value: "Basic" },
   { label: "Token", value: "Token" },
   { label: "Bearer", value: "Bearer" },
+  { label: "OAuth", value: "OAuth" },
 ];
 
 export default function BackendAuthentication({ data = {}, setData }) {
@@ -23,7 +24,7 @@ export default function BackendAuthentication({ data = {}, setData }) {
           __nextHasNoMarginBottom
         />
       </FieldWrapper>
-      {data.schema && data.schema !== "Bearer" && (
+      {data.schema && data.schema !== "OAuth" && (
         <FieldWrapper>
           <TextControl
             label={__("Client ID", "forms-bridge")}

src/components/Backend/Authentication.jsx

@@ -47,27 +47,20 @@ export default function AuthorizeButton({ addon, data }) {
       method: "POST",
       data: { credential: data },
     })
-      .then(({ success, redirect_url }) => {
+      .then(({ success, data }) => {
         if (!success) throw "error";
 
+        const { url, params } = data;
         const form = document.createElement("form");
-        form.action = redirect_url;
+        form.action = url;
         form.method = "GET";
         form.target = "_blank";
 
-        let innerHTML = `
-<input name="client_id" value="${data.client_id}" />
-<input name="response_type" value="code" />
-<input name="redirect_uri" value="${restUrl("http-bridge/v1/oauth/redirect")}" />
-<input name="access_type" value="offline" />
-<input name="state" value="${btoa(addon)}" />
-`;
-
-        if (data.scope) {
-          innerHTML += `<input name="scope" value="${data.scope}" />`;
-        }
-
-        form.innerHTML = innerHTML;
+        form.innerHTML = Object.keys(params).reduce((html, name) => {
+          const value = params[name];
+          if (!value) return html;
+          return html + `<input name="${name}" value="${value}" />`;
+        }, "");
 
         form.style.visibility = "hidden";
         document.body.appendChild(form);

src/components/Credential/AuthorizeButton.jsx

@@ -64,7 +64,7 @@ export default function useAuthorizedCredential({ data = {}, fields = [] }) {
     setError(false);
   }, [credential]);
 
-  const isOauth = data.schema === "Bearer";
+  const isOauth = data.schema === "OAuth";
 
   const authorized = useMemo(() => {
     if (!isOauth || !!data.refresh_token) return true;
@@ -107,27 +107,20 @@ export default function useAuthorizedCredential({ data = {}, fields = [] }) {
       method: "POST",
       data: { credential },
     })
-      .then(({ success, redirect_url }) => {
+      .then(({ success, data }) => {
         if (!success) throw "error";
 
+        const { url, params } = data;
         const form = document.createElement("form");
+        form.action = url;
         form.method = "GET";
-        form.action = redirect_url;
         form.target = "_blank";
 
-        let innerHTML = `
-        <input name="client_id" value="${credential.client_id}" />
-        <input name="response_type" value="code" />
-        <input name="redirect_uri" value="${restUrl("http-bridge/v1/oauth/redirect")}" />
-        <input name="access_type" value="offline" />
-        <input name="state" value="${btoa(addon)}" />
-        `;
-
-        if (credential.scope) {
-          innerHTML += `<input name="scope" value="${credential.scope}" />`;
-        }
-
-        form.innerHTML = innerHTML;
+        form.innerHTML = Object.keys(params).reduce((html, name) => {
+          const value = params[name];
+          if (!value) return html;
+          return html + `<input name="${name}" value="${value}" />`;
+        }, "");
 
         form.style.visibility = "hidden";
         document.body.appendChild(form);

src/components/Templates/Wizard/useAuthorizedCredential.js

@@ -39,14 +39,6 @@ export function validateBackend(data) {
     return false;
   }
 
-  if (data.authentication?.type) {
-    isValid = isValid && data.authentication.client_secret;
-
-    if (data.authentication.type !== "Bearer") {
-      isValid = isValid && data.authentication.client_id;
-    }
-  }
-
   return isValid;
 }