Github integration (#6414)

Co-authored-by: Tom Moor <tom.moor@gmail.com>
2024-03-23 19:39:28 +05:30
parent a648625700
commit 450d0d9355
47 changed files with 1710 additions and 93 deletions
--- a/plugins/github/server/api/github.ts
+++ b/plugins/github/server/api/github.ts
@@ -0,0 +1,114 @@
+import Router from "koa-router";
+import { IntegrationService, IntegrationType } from "@shared/types";
+import Logger from "@server/logging/Logger";
+import auth from "@server/middlewares/authentication";
+import { transaction } from "@server/middlewares/transaction";
+import validate from "@server/middlewares/validate";
+import { IntegrationAuthentication, Integration, Team } from "@server/models";
+import { APIContext } from "@server/types";
+import { GitHubUtils } from "../../shared/GitHubUtils";
+import { GitHubUser } from "../github";
+import * as T from "./schema";
+
+const router = new Router();
+
+router.get(
+  "github.callback",
+  auth({
+    optional: true,
+  }),
+  validate(T.GitHubCallbackSchema),
+  transaction(),
+  async (ctx: APIContext<T.GitHubCallbackReq>) => {
+    const {
+      code,
+      state: teamId,
+      error,
+      installation_id: installationId,
+      setup_action: setupAction,
+    } = ctx.input.query;
+    const { user } = ctx.state.auth;
+    const { transaction } = ctx.state;
+
+    if (error) {
+      ctx.redirect(GitHubUtils.errorUrl(error));
+      return;
+    }
+
+    if (setupAction === T.SetupAction.request) {
+      ctx.redirect(GitHubUtils.installRequestUrl());
+      return;
+    }
+
+    // this code block accounts for the root domain being unable to
+    // access authentication for subdomains. We must forward to the appropriate
+    // subdomain to complete the oauth flow
+    if (!user) {
+      if (teamId) {
+        try {
+          const team = await Team.findByPk(teamId, {
+            rejectOnEmpty: true,
+            transaction,
+          });
+          return ctx.redirectOnClient(
+            GitHubUtils.callbackUrl({
+              baseUrl: team.url,
+              params: ctx.request.querystring,
+            })
+          );
+        } catch (err) {
+          Logger.error(`Error fetching team for teamId: ${teamId}!`, err);
+          return ctx.redirect(GitHubUtils.errorUrl("unauthenticated"));
+        }
+      } else {
+        return ctx.redirect(GitHubUtils.errorUrl("unauthenticated"));
+      }
+    }
+
+    const githubUser = new GitHubUser({ code: code!, state: teamId });
+
+    let installation;
+    try {
+      installation = await githubUser.getInstallation(installationId!);
+    } catch (err) {
+      Logger.error("Failed to fetch GitHub App installation", err);
+      return ctx.redirect(GitHubUtils.errorUrl("unauthenticated"));
+    }
+
+    const authentication = await IntegrationAuthentication.create(
+      {
+        service: IntegrationService.GitHub,
+        userId: user.id,
+        teamId: user.teamId,
+      },
+      { transaction }
+    );
+    await Integration.create(
+      {
+        service: IntegrationService.GitHub,
+        type: IntegrationType.Embed,
+        userId: user.id,
+        teamId: user.teamId,
+        authenticationId: authentication.id,
+        settings: {
+          github: {
+            installation: {
+              id: installationId!,
+              account: {
+                id: installation.account?.id,
+                name:
+                  // @ts-expect-error Property 'login' does not exist on type
+                  installation.account?.login,
+                avatarUrl: installation.account?.avatar_url,
+              },
+            },
+          },
+        },
+      },
+      { transaction }
+    );
+    ctx.redirect(GitHubUtils.url);
+  }
+);
+
+export default router;
--- a/plugins/github/server/api/schema.ts
+++ b/plugins/github/server/api/schema.ts
@@ -0,0 +1,33 @@
+import isEmpty from "lodash/isEmpty";
+import isUndefined from "lodash/isUndefined";
+import { z } from "zod";
+import { BaseSchema } from "@server/routes/api/schema";
+
+export enum SetupAction {
+  install = "install",
+  request = "request",
+}
+
+export const GitHubCallbackSchema = BaseSchema.extend({
+  query: z
+    .object({
+      code: z.string().nullish(),
+      state: z.string().uuid().nullish(),
+      error: z.string().nullish(),
+      installation_id: z.coerce.number().optional(),
+      setup_action: z.nativeEnum(SetupAction),
+    })
+    .refine((req) => !(isEmpty(req.code) && isEmpty(req.error)), {
+      message: "one of code or error is required",
+    })
+    .refine(
+      (req) =>
+        !(
+          req.setup_action === SetupAction.install &&
+          isUndefined(req.installation_id)
+        ),
+      { message: "installation_id is required for installation" }
+    ),
+});
+
+export type GitHubCallbackReq = z.infer<typeof GitHubCallbackSchema>;