⚡ (sheets) Use Google Drive picker and remove sensitive OAuth scope

BREAKING CHANGE: The Google Picker API needs to be enabled in the Google Cloud console. You also need to enable it in your NEXT_PUBLIC_GOOGLE_API_KEY. You also need to add the drive.file OAuth scope.
2023-12-18 15:43:58 +01:00
parent 2dec0b88c2
commit deab1a12e9
23 changed files with 428 additions and 156 deletions
--- a/packages/bot-engine/blocks/integrations/googleSheets/helpers/getAuthenticatedGoogleDoc.ts
+++ b/packages/bot-engine/blocks/integrations/googleSheets/helpers/getAuthenticatedGoogleDoc.ts
@@ -1,13 +1,6 @@
 import { TRPCError } from '@trpc/server'
-import { env } from '@typebot.io/env'
-import { encrypt } from '@typebot.io/lib/api/encryption/encrypt'
-import { decrypt } from '@typebot.io/lib/api/encryption/decrypt'
-import { isDefined } from '@typebot.io/lib/utils'
-import { Credentials as CredentialsFromDb } from '@typebot.io/prisma'
 import { GoogleSpreadsheet } from 'google-spreadsheet'
-import { OAuth2Client, Credentials } from 'google-auth-library'
-import prisma from '@typebot.io/lib/prisma'
-import { GoogleSheetsCredentials } from '@typebot.io/schemas'
+import { getAuthenticatedGoogleClient } from '@typebot.io/lib/google'

 export const getAuthenticatedGoogleDoc = async ({
  credentialsId,
@@ -29,48 +22,3 @@ export const getAuthenticatedGoogleDoc = async ({
    })
  return new GoogleSpreadsheet(spreadsheetId, auth)
 }
-
-const getAuthenticatedGoogleClient = async (
-  credentialsId: string
-): Promise<OAuth2Client | undefined> => {
-  const credentials = (await prisma.credentials.findFirst({
-    where: { id: credentialsId },
-  })) as CredentialsFromDb | undefined
-  if (!credentials) return
-  const data = (await decrypt(
-    credentials.data,
-    credentials.iv
-  )) as GoogleSheetsCredentials['data']
-
-  const oauth2Client = new OAuth2Client(
-    env.GOOGLE_CLIENT_ID,
-    env.GOOGLE_CLIENT_SECRET,
-    `${env.NEXTAUTH_URL}/api/credentials/google-sheets/callback`
-  )
-  oauth2Client.setCredentials(data)
-  oauth2Client.on('tokens', updateTokens(credentialsId, data))
-  return oauth2Client
-}
-
-const updateTokens =
-  (
-    credentialsId: string,
-    existingCredentials: GoogleSheetsCredentials['data']
-  ) =>
-  async (credentials: Credentials) => {
-    if (
-      isDefined(existingCredentials.id_token) &&
-      credentials.id_token !== existingCredentials.id_token
-    )
-      return
-    const newCredentials: GoogleSheetsCredentials['data'] = {
-      ...existingCredentials,
-      expiry_date: credentials.expiry_date,
-      access_token: credentials.access_token,
-    }
-    const { encryptedData, iv } = await encrypt(newCredentials)
-    await prisma.credentials.updateMany({
-      where: { id: credentialsId },
-      data: { data: encryptedData, iv },
-    })
-  }