8000 fix(api): fix google refresh token issue by Orta21 · Pull Request #114 · metriport/metriport · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

fix(api): fix google refresh token issue #114

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 3 commits into from
Feb 22, 2023
Merged

fix(api): fix google refresh token issue #114

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
0a37901
fix(api): fix google refresh token issue
Orta21 Feb 22, 2023
4dbf80b
fix(api): revoke google token
Orta21 Feb 22, 2023
9aa2713
fix(api): remove commented out code
Orta21 Feb 22, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
6 changes: 5 additions & 1 deletion api/app/src/providers/google.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,11 @@ export class Google extends Provider implements OAuth2 {
}

async revokeProviderAccess(connectedUser: ConnectedUser) {
return this.oauth.revokeProviderAccess(connectedUser);
try {
await this.oauth.revokeLocal(connectedUser);
} catch (error) {
throw new Error("Google Revoke failed");
}
}

Copy link
Member Author
@Orta21 Orta21 Feb 22, 2023
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given the logic for having multiple accounts using the same google account if one gets revoked they all do. The problem is it will only remove the token from the provider map for the account that revoked access but all other accounts will still contain the token. Then when they fetch data google will throw a 401.

So for now we can just remove it locally from the providermap like we do for other providers and i think it should be fine but im open to feedback.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That makes sense to me

// eslint-disable-next-line @typescript-eslint/no-explicit-any
Expand Down
6 changes: 2 additions & 4 deletions api/app/src/providers/oauth2.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -23,6 +23,7 @@ export interface UriParams {
redirect_uri: string;
state: string;
access_type?: string;
prompt?: string;
}

export interface AuthCodeUriParams {
Expand Down Expand Up @@ -75,10 +76,6 @@ export class OAuth2DefaultImpl implements OAuth2 {
params.scope = this.scopes;
}

if (this.providerName === "google") {
params.access_type = "offline";
}

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is only necessary when creating the uri

const accessToken = await client.getToken(params);

return JSON.stringify(accessToken);
Expand All @@ -98,6 +95,7 @@ export class OAuth2DefaultImpl implements OAuth2 {

if (this.providerName === "google") {
uriParams.access_type = "offline";
uriParams.prompt = "consent";
}
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

By adding this we will prompt the user to grant access to permissions every time they authenticate with google.

This means if a user authenticates with multiple accounts they will have to grant permssions to their google account every time. Because they grant permissions we will receive a refresh token every time.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🎉 🎉 🎉


const authorizationUri = client.authorizeURL(uriParams);
Expand Down
0