Sc 68589/new integration bearer authentication and #13
Conversation
|
This pull request has been linked to Shortcut Story #68589: New Integration: Bearer authentication and authorization method. |
| @@ -1,7 +1,6 @@ | |||
| <!DOCTYPE html> | |||
| <head> | |||
| <title>Leadconduit Integration</title> | |||
| <link href="/lc-client.css" rel="stylesheet"> | |||
There was a problem hiding this comment.
(Not a big deal but this should never have been checked in this way.)
| @@ -1,267 +1,284 @@ | |||
| // Generated by CoffeeScript 1.10.0 | |||
There was a problem hiding this comment.
The only real change here was to add PATCH as a valid verb (L233) to fix a test failure from upstream changes; everything else is just reformatting from an old CoffeeScript conversion that never got cleaned up.
There was a problem hiding this comment.
I very much appreciate this comment, I would have been so lost 🙏🏻
| @@ -1,5 +1,6 @@ | |||
| module.exports = { | |||
| outbound: { | |||
| token_authenticated: require('./lib/authjson'), | |||
There was a problem hiding this comment.
I'll be honest, I don't know the point of the /docs directory, but should we add an entry there too?
There was a problem hiding this comment.
These markdown files are the source of the descriptions in-app and on the "catalog" pages. Absolutely need one here, thanks!
| @@ -1,267 +1,284 @@ | |||
| // Generated by CoffeeScript 1.10.0 | |||
There was a problem hiding this comment.
I very much appreciate this comment, I would have been so lost 🙏🏻
lib/ui/public/app/auth/Auth.vue
Outdated
| <button v-on:click="$store.dispatch('cancel')">Cancel</button> | ||
| <button v-on:click="next" class="primary">{{ (credential.username && credential.password) ? 'Continue' : 'Skip' }}</button> | ||
| </footer> | ||
| <Navigation :onNext="next" :disableNext="(credential.type === 'token' && !credential.token) || (credential.type === 'user' && (!credential.username || !credential.password))" /> |
There was a problem hiding this comment.
a computed property for the :disableNext prop might be a little easier to read, but certainly not a blocker
There was a problem hiding this comment.
Good call. And I went ahead & made that property function a little more verbose; feedback welcome on that.
There was a problem hiding this comment.
I like it! The more verbose version is a bit easier to reason about I think 👍🏻
lib/authHelpers.js
Outdated
| const substituteHeaderTokens = (headers, credential) => { | ||
| const tokenAttributes = getTokenAttributes(credential); | ||
|
|
||
| if (headers && tokenAttributes) { |
There was a problem hiding this comment.
nit, but tokenAttributes will always be truthy so it isn't doing anything in this conditional. You could use tokenAttributes.length, but ultimately it won't matter much so I'll leave it to you?
There was a problem hiding this comment.
Good call; though the result is the same without, I added .length because I felt checking both here is a tiny bit more descriptive.
lib/authHelpers.js
Outdated
| const normalizePart = (part) => capitalize(part); | ||
| const normalField = key.split('-').map(normalizePart).join('-'); |
There was a problem hiding this comment.
nit, but normalizePart is identical to capitalize, you could just map(capitalize) and have the same behavior I believe
test/authHelpers-spec.js
Outdated
| const pending = nock.pendingMocks(); | ||
| assert.equal(pending.length, 1); | ||
| assert.isTrue(pending.includes(`POST ${baseAuthUrl}:443/login`)); |
There was a problem hiding this comment.
TIL about pendingMocks(), that's pretty handy!
| // update vars.credential with the new token, using the user-configured (or default) attribute | ||
| const tokenPath = vars.authentication_token_path || 'accessToken'; | ||
| const tokenName = tokenPath.split('.').at(-1); // use the name after the final '.', if there are any | ||
| vars.credential[tokenName] = get(tokenResponse, tokenPath); |
There was a problem hiding this comment.
I know this is a stupid question but I've been meaning to ask and I keep forgetting.
Are credentials saved back to the DB after integrations run? I've been wondering how the token gets persisted between integration invocations
There was a problem hiding this comment.
Not a stupid question at all; saving updated credentials is one of the many things send does. See https://github.com/activeprospect/leadconduit-api/blob/59c0a7a3dd966e99bf8dd9c1d20a08283c42bf6e/lib/handler/util/send.js#L291-L316 (& ff.)
|
(fyi - still some QA feedback to address before re-review) |
Description of the change
Adds new token-authenticated JSON integration. See my comments on sc-68589 from 5/7 & 5/15 for details on the approach taken here.
Type of change
Related tickets
https://app.shortcut.com/active-prospect/story/68589/new-integration-bearer-authentication-and-authorization-method
Checklists
Development and Testing
Code Review
Tracking
QA