From 75acda0d7de7787ea92cfb46d102b31b1fdd79b3 Mon Sep 17 00:00:00 2001 From: Tuan Dang Date: Sat, 17 Jun 2023 10:35:42 +0700 Subject: [PATCH] Add option to attach accessId onto integration auth middleware --- .../controllers/v1/integrationAuthController.ts | 1 + backend/src/integrations/apps.ts | 2 ++ .../requireIntegrationAuthorizationAuth.ts | 6 +++++- backend/src/types/express/index.d.ts | 1 + backend/src/validation/integrationAuth.ts | 15 +++++++++------ 5 files changed, 18 insertions(+), 7 deletions(-) diff --git a/backend/src/controllers/v1/integrationAuthController.ts b/backend/src/controllers/v1/integrationAuthController.ts index fc79e22cf9..394c674464 100644 --- a/backend/src/controllers/v1/integrationAuthController.ts +++ b/backend/src/controllers/v1/integrationAuthController.ts @@ -151,6 +151,7 @@ export const getIntegrationAuthApps = async (req: Request, res: Response) => { const apps = await getApps({ integrationAuth: req.integrationAuth, accessToken: req.accessToken, + accessId: req.accessId, ...teamId && { teamId } }); diff --git a/backend/src/integrations/apps.ts b/backend/src/integrations/apps.ts index f8ed772775..6e1a8b5012 100644 --- a/backend/src/integrations/apps.ts +++ b/backend/src/integrations/apps.ts @@ -48,10 +48,12 @@ interface App { const getApps = async ({ integrationAuth, accessToken, + accessId, teamId, }: { integrationAuth: IIntegrationAuth; accessToken: string; + accessId?: string; teamId?: string; }) => { let apps: App[] = []; diff --git a/backend/src/middleware/requireIntegrationAuthorizationAuth.ts b/backend/src/middleware/requireIntegrationAuthorizationAuth.ts index 2ffa7e2302..2ddd540934 100644 --- a/backend/src/middleware/requireIntegrationAuthorizationAuth.ts +++ b/backend/src/middleware/requireIntegrationAuthorizationAuth.ts @@ -23,7 +23,7 @@ const requireIntegrationAuthorizationAuth = ({ return async (req: Request, res: Response, next: NextFunction) => { const { integrationAuthId } = req[location]; - const { integrationAuth, accessToken } = await validateClientForIntegrationAuth({ + const { integrationAuth, accessToken, accessId } = await validateClientForIntegrationAuth({ authData: req.authData, integrationAuthId: new Types.ObjectId(integrationAuthId), acceptedRoles, @@ -38,6 +38,10 @@ const requireIntegrationAuthorizationAuth = ({ req.accessToken = accessToken; } + if (accessId) { + req.accessId = accessId; + } + return next(); }; }; diff --git a/backend/src/types/express/index.d.ts b/backend/src/types/express/index.d.ts index b5ca0ab28e..471506d452 100644 --- a/backend/src/types/express/index.d.ts +++ b/backend/src/types/express/index.d.ts @@ -37,6 +37,7 @@ declare global { serviceToken: any; serviceAccount: any; accessToken: any; + accessId: any; serviceTokenData: any; apiKeyData: any; query?: any; diff --git a/backend/src/validation/integrationAuth.ts b/backend/src/validation/integrationAuth.ts index b43dd4cbd7..e93af154d2 100644 --- a/backend/src/validation/integrationAuth.ts +++ b/backend/src/validation/integrationAuth.ts @@ -56,11 +56,14 @@ import { validateServiceAccountClientForWorkspace } from './serviceAccount'; if (!integrationAuth) throw IntegrationAuthNotFoundError(); - let accessToken; + let accessToken, accessId; if (attachAccessToken) { - accessToken = (await IntegrationService.getIntegrationAuthAccess({ + const access = (await IntegrationService.getIntegrationAuthAccess({ integrationAuthId: integrationAuth._id - })).accessToken; + })); + + accessToken = access.accessToken; + accessId = access.accessId; } if (authData.authMode === AUTH_MODE_JWT && authData.authPayload instanceof User) { @@ -70,7 +73,7 @@ import { validateServiceAccountClientForWorkspace } from './serviceAccount'; acceptedRoles }); - return ({ integrationAuth, accessToken }); + return ({ integrationAuth, accessToken, accessId }); } if (authData.authMode === AUTH_MODE_SERVICE_ACCOUNT && authData.authPayload instanceof ServiceAccount) { @@ -79,7 +82,7 @@ import { validateServiceAccountClientForWorkspace } from './serviceAccount'; workspaceId: integrationAuth.workspace._id }); - return ({ integrationAuth, accessToken }); + return ({ integrationAuth, accessToken, accessId }); } if (authData.authMode === AUTH_MODE_SERVICE_TOKEN && authData.authPayload instanceof ServiceTokenData) { @@ -95,7 +98,7 @@ import { validateServiceAccountClientForWorkspace } from './serviceAccount'; acceptedRoles }); - return ({ integrationAuth, accessToken }); + return ({ integrationAuth, accessToken, accessId }); } throw UnauthorizedRequestError({