feat(auth): Add Google OAuth

[risv1]

User description

Description

Implemented Google OAuth to enable users to login using their Google accounts.

Fixes #4

Dependencies

• passport-google-oauth20

Mentions

• @HarshPatel5940
• @rajdip-b

Developer's checklist

• My PR follows the style guidelines of this project
• I have performed a self-check on my work

If changes are made in the code:

• I have followed the coding guidelines
• My changes in code generate no new warnings
• My changes are breaking another fix/feature of the project
• I have added test cases to show that my feature works
• I have added relevant screenshots in my PR
• There are no UI/UX issues

Documentation Update

• This PR requires an update to the documentation at docs.keyshade.xyz
• I have made the necessary updates to the documentation, or no documentation changes are required.

---

Type

enhancement, documentation

---

Description

• Integrated Google OAuth for user authentication.
• Added necessary configurations, strategies, and services for Google OAuth.
• Updated tests and added new ones for Google OAuth functionality.
• Added environment variables for Google OAuth in .env.example.
• Included passport-google-oauth20 in dependencies.

---

Changes walkthrough

	Relevant files
Enhancement	5 files auth.module.ts Integrate Google OAuth Strategy in Auth Module                      apps/api/src/auth/auth.module.ts Added GoogleOAuthStrategyFactory and GoogleStrategy to the Auth module. Configured Google OAuth strategy within the module. +10/-0    auth.controller.ts Add Google OAuth Endpoints in AuthController                          apps/api/src/auth/controller/auth.controller.ts Injected GoogleOAuthStrategyFactory into AuthController. Added endpoints for Google OAuth login and callback. +49/-1    auth.service.ts Implement Google OAuth Handling in AuthService                      apps/api/src/auth/service/auth.service.ts Implemented handleGoogleOAuth method to process Google OAuth logins. +18/-0    google-strategy.factory.ts Implement GoogleOAuthStrategyFactory                                          apps/api/src/config/factory/google/google-strategy.factory.ts Created GoogleOAuthStrategyFactory to manage Google OAuth strategy creation. Added logic to check if OAuth is enabled and to create the strategy accordingly. +36/-0    google.strategy.ts Implement GoogleStrategy for OAuth                                              apps/api/src/config/oauth-strategy/google/google.strategy.ts Implemented GoogleStrategy for Google OAuth. +23/-0
Tests	3 files auth.controller.spec.ts Update AuthController Tests for Google OAuth                          apps/api/src/auth/controller/auth.controller.spec.ts Included GoogleOAuthStrategyFactory in the AuthController tests setup. +2/-0      google-strategy.factory.spec.ts Test GoogleOAuthStrategyFactory Functionality                        apps/api/src/config/factory/google/google-strategy.factory.spec.ts Added tests for GoogleOAuthStrategyFactory, including OAuth enablement and strategy creation. +46/-0    google.strategy.spec.ts Test GoogleStrategy Implementation                                              apps/api/src/config/oauth-strategy/google/google.strategy.spec.ts Added basic tests for GoogleStrategy. +17/-0
Configuration changes	1 files .env.example Add Google OAuth Environment Variables                                      .env.example Added environment variables for Google OAuth. +4/-0
Dependencies	1 files package.json Add passport-google-oauth20 Dependency                                      apps/api/package.json Added passport-google-oauth20 dependency. +1/-0

---

✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[codiumai-pr-agent-free]

PR Description updated to latest commit (572d369)

[codiumai-pr-agent-free]

PR Review

(Review updated until commit 22acbfe)

⏱️ Estimated effort to review [1-5]	3, because the PR introduces a new authentication strategy with Google OAuth, affecting multiple files across the application. It requires understanding the existing authentication flow, reviewing the integration of the new strategy, and ensuring that it aligns with the application's architecture and security standards.
🧪 Relevant tests	Yes
🔍 Possible issues	The handleOAuthLogin method in auth.service.ts is now used for both GitHub and Google OAuth but does not differentiate between the two services. This could lead to issues if the data structure of the user profile differs between these services.
	The Google OAuth callback URL in .env.example might need to be more explicit about where it should point, potentially leading to misconfiguration.
🔒 Security concerns	No

Code feedback:

---

relevant file	apps/api/src/auth/controller/auth.controller.ts
suggestion	Consider adding error handling for the googleOAuthCallback method to manage cases where the user profile does not contain the expected fields (emails, displayName, photos). This will improve the robustness of the authentication flow. [important]
relevant line	const email = emails[0].value

---

relevant file	apps/api/src/config/factory/google/google-strategy.factory.ts
suggestion	It's recommended to log the environment variables missing when the Google OAuth is not enabled due to configuration issues. This will help in debugging and setting up the environment correctly. [medium]
relevant line	'Google Auth is not enabled in this environment. Refer to the https://docs.keyshade.xyz/contributing-to-keyshade/environment-variables if you would like to set it up.'

---

relevant file	apps/api/src/config/oauth-strategy/google/google.strategy.ts
suggestion	Implement a more detailed validation in the validate method to check the integrity and completeness of the profile data received from Google. This ensures that the application only processes valid and complete user data. [important]
relevant line	return profile

---

relevant file	apps/api/src/auth/auth.module.ts
suggestion	Ensure that the Google OAuth strategy and its factory are only included in the module providers if the Google OAuth is enabled. This can prevent unnecessary instantiation and potential errors when Google OAuth is not configured. [medium]
relevant line	GoogleOAuthStrategyFactory,

---

---

✨ Review tool usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.
When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

Utilizing extra instructions The review tool can be configured with extra instructions, which can be used to guide the model to a feedback tailored to the needs of your project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify the relevant sub-tool, and the relevant aspects of the PR that you want to emphasize. Examples for extra instructions: [pr_reviewer] # /review # extra_instructions=""" In the 'possible issues' section, emphasize the following: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

How to enable\disable automation When you first install PR-Agent app, the default mode for the review tool is: pr_commands = ["/review", ...] meaning the review tool will run automatically on every PR, with the default configuration. Edit this field to enable/disable the tool, or to change the used configurations

Auto-labels The review tool can auto-generate two specific types of labels for a PR: a possible security issue label, that detects possible security issues (enable_review_labels_security flag) a Review effort [1-5]: x label, where x is the estimated effort to review the PR (enable_review_labels_effort flag)

Extra sub-tools The review tool provides a collection of possible feedbacks about a PR. It is recommended to review the possible options, and choose the ones relevant for your use case. Some of the feature that are disabled by default are quite useful, and should be considered for enabling. For example: require_score_review, require_soc2_ticket, and more.

Auto-approve PRs By invoking: /review auto_approve The tool will automatically approve the PR, and add a comment with the approval. To ensure safety, the auto-approval feature is disabled by default. To enable auto-approval, you need to actively set in a pre-defined configuration file the following: [pr_reviewer] enable_auto_approval = true (this specific flag cannot be set with a command line argument, only in the configuration file, committed to the repository) You can also enable auto-approval only if the PR meets certain requirements, such as that the estimated_review_effort is equal or below a certain threshold, by adjusting the flag: [pr_reviewer] maximal_review_effort = 5

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the review usage page for a comprehensive guide on using this tool.

[codiumai-pr-agent-free]

PR Code Suggestions

Category	Suggestions
Enhancement	Abstract OAuth strategy creation and injection to reduce code duplication. Consider abstracting the OAuth strategy creation and injection into a reusable function or class method to avoid code duplication. This will make it easier to add or modify OAuth strategies in the future. apps/api/src/auth/auth.module.ts [34-40] -GoogleOAuthStrategyFactory, -{ - provide: GoogleStrategy, - useFactory: (googleOAuthStrategyFactory: GoogleOAuthStrategyFactory) => { - googleOAuthStrategyFactory.createOAuthStrategy() - }, - inject: [GoogleOAuthStrategyFactory] -} +createOAuthProvider(GoogleOAuthStrategyFactory, GoogleStrategy)
	Ensure configuration issues are caught early by throwing an exception. Instead of logging a warning when Google Auth is not enabled, consider throwing an exception or handling this scenario more explicitly in the application startup. This ensures that configuration issues are caught early. apps/api/src/config/factory/google/google-strategy.factory.ts [30-32] -Logger.warn( - 'Google Auth is not enabled in this environment. Refer to the https://docs.keyshade.xyz/contributing-to-keyshade/environment-variables if you would like to set it up.' +throw new Error( + 'Google Auth is not enabled in this environment. Please configure the necessary environment variables.' )
	Add error handling and data validation to the OAuth profile validation. Enhance the validate method to include error handling and validation of the profile data to ensure that the necessary information is present and valid. apps/api/src/config/oauth-strategy/google/google.strategy.ts [16-20] async validate( accessToken: string, refreshToken: string, profile: Profile ): Promise<Profile> { - return profile + if (!profile) { + throw new Error('Invalid profile data received from Google OAuth'); + } + // Further validation logic here + return profile; }
Best practice	Improve testability and decouple controller from service layer. Use dependency injection for AuthService in the googleOAuthCallback method instead of directly calling this.authService.handleGoogleOAuth. This enhances testability and decouples the controller from the service layer. apps/api/src/auth/controller/auth.controller.ts [181-184] -return await this.authService.handleGoogleOAuth( +return await this.googleOAuthService.handleOAuth( email, name, profilePictureUrl )
	Add error handling to gracefully manage failures in OAuth process. Consider adding error handling in the handleGoogleOAuth method to gracefully handle cases where user creation or token generation fails. apps/api/src/auth/service/auth.service.ts [136-148] -const user = await this.createUserIfNotExists( - email, - name, - profilePictureUrl -) -const token = await this.generateToken(user.id) +try { + const user = await this.createUserIfNotExists( + email, + name, + profilePictureUrl + ) + const token = await this.generateToken(user.id) + return { + ...user, + token + } +} catch (error) { + // Handle error appropriately +}

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.
When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

Enabling\disabling automation When you first install the app, the default mode for the improve tool is: pr_commands = ["/improve --pr_code_suggestions.summarize=true", ...] meaning the improve tool will run automatically on every PR, with summarization enabled. Delete this line to disable the tool from running automatically.

Utilizing extra instructions Extra instructions are very important for the improve tool, since they enable to guide the model to suggestions that are more relevant to the specific needs of the project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify relevant aspects that you want the model to focus on. Examples for extra instructions: [pr_code_suggestions] # /improve # extra_instructions=""" Emphasize the following aspects: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

A note on code suggestions quality While the current AI for code is getting better and better (GPT-4), it's not flawless. Not all the suggestions will be perfect, and a user should not accept all of them automatically. Suggestions are not meant to be simplistic. Instead, they aim to give deep feedback and raise questions, ideas and thoughts to the user, who can then use his judgment, experience, and understanding of the code base. Recommended to use the 'extra_instructions' field to guide the model to suggestions that are more relevant to the specific needs of the project, or use the custom suggestions 💎 tool With large PRs, best quality will be obtained by using 'improve --extended' mode.

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the improve usage page for a more comprehensive guide on using this tool.

[HarshPatel5940]

LGTM. btw what is istanbul ignore next?

[rajdip-b]

Folks I'll just review this in an hour or so

[HarshPatel5940]

@risv1 Do you want to update the doc's as well?

[risv1]

@risv1 Do you want to update the doc's as well?

Not really, you can go ahead with it :)

[rajdip-b]

Overall neat work!

[rajdip-b]

Completely missed this. Please update the import path from absolute to relative in this file:
apps/api/src/auth/auth.module.ts

[rajdip-b]

/review

[codiumai-pr-agent-free]

Persistent review updated to latest commit fecee8b

[risv1]

Completely missed this. Please update the import path from absolute to relative in this file: apps/api/src/auth/auth.module.ts

My bad, give me a second

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

[codecov]

Codecov Report

Attention: Patch coverage is 84.84848% with 5 lines in your changes are missing coverage. Please review.

Project coverage is 93.92%. Comparing base (7bb3d21) to head (22acbfe).
Report is 23 commits behind head on develop.

Files	Patch %	Lines
...rc/config/oauth-strategy/google/google.strategy.ts	50.00%	4 Missing ⚠️
...c/config/factory/google/google-strategy.factory.ts	93.75%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##           develop     #156       +/-   ##
============================================
+ Coverage    62.20%   93.92%   +31.71%     
============================================
  Files           76       85        +9     
  Lines         1503     1614      +111     
  Branches       260      255        -5     
============================================
+ Hits           935     1516      +581     
+ Misses         568       98      -470     

Flag	Coverage Δ
api-e2e-tests	93.92% <84.84%> (+31.71%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[rajdip-b]

Awesome bro! That looks done. I'll merge it whenever the configs are dealt with.

EDIT: In the meantime, if you want you can work on the code coevrage

[risv1]

Awesome bro! That looks done. I'll merge it whenever the configs are dealt with.

EDIT: In the meantime, if you want you can work on the code coevrage

Sorry quick clarification, modifying the strategy spec files to check for returning a user, and not just for existence of the function should be enough right?

[rajdip-b]

Awesome bro! That looks done. I'll merge it whenever the configs are dealt with.
EDIT: In the meantime, if you want you can work on the code coevrage

Sorry quick clarification, modifying the strategy spec files to check for returning a user, and not just for existence of the function should be enough right?

I don't think you can check the returning of a user since that's just oauth flow. I would recommend you to do unit tests on this, maybe mock the provider to return a user every time it's called. Additionally, you should check the codecov coverage report that was generated.

[HarshPatel5940]

LGTM. 🚀

[codiumai-pr-agent-free]

Persistent review updated to latest commit 22acbfe

[codiumai-pr-agent-free]

PR Code Suggestions

Category	Suggestions
Maintainability	Abstract OAuth strategy creation to reduce code duplication. Consider abstracting the OAuth strategy creation logic into a separate function or service to avoid code duplication and improve maintainability. apps/api/src/auth/auth.module.ts [34-40] -GoogleOAuthStrategyFactory, -{ - provide: GoogleStrategy, - useFactory: (googleOAuthStrategyFactory: GoogleOAuthStrategyFactory) => { - googleOAuthStrategyFactory.createOAuthStrategy() - }, - inject: [GoogleOAuthStrategyFactory] -} +OAuthStrategyProviderFactory.createProvider(GoogleOAuthStrategyFactory, GoogleStrategy)
	Refactor OAuth login handling to a more generic method. Use a more generic method for handling OAuth logins to reduce code duplication and improve maintainability. apps/api/src/auth/controller/auth.controller.ts [135-139] -return await this.authService.handleOAuthLogin( - email, - name, - profilePictureUrl -) +return await this.authService.handleOAuthLogin({ email, name, profilePictureUrl })
	Use a constant for the disabled Google Auth error message. Extract the error message for disabled Google Auth into a constant to avoid duplication and facilitate changes. apps/api/src/auth/controller/auth.controller.ts [152] -'Google Auth is not enabled in this environment. Refer to the https://docs.keyshade.xyz/contributing-to-keyshade/environment-variables if you would like to set it up.' +GOOGLE_AUTH_DISABLED_MESSAGE
Best practice	Validate essential environment variables at startup. Ensure environment variables are validated at the application startup to fail fast if the configuration is incorrect. apps/api/src/config/factory/google/google-strategy.factory.ts [13-15] -this.clientID = this.configService.get<string>('GOOGLE_CLIENT_ID') -this.clientSecret = this.configService.get<string>('GOOGLE_CLIENT_SECRET') -this.callbackURL = this.configService.get<string>('GOOGLE_CALLBACK_URL') +this.clientID = this.configService.get<string>('GOOGLE_CLIENT_ID', { throwIfNotFound: true }) +this.clientSecret = this.configService.get<string>('GOOGLE_CLIENT_SECRET', { throwIfNotFound: true }) +this.callbackURL = this.configService.get<string>('GOOGLE_CALLBACK_URL', { throwIfNotFound: true })
	Ensure type safety with correct TypeScript generics usage. Use TypeScript generics properly to ensure type safety in the createOAuthStrategy method. apps/api/src/config/factory/google/google-strategy.factory.ts [22] -public createOAuthStrategy<GoogleStrategy>(): GoogleStrategy | null { +public createOAuthStrategy(): GoogleStrategy | null {

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.
When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

Enabling\disabling automation When you first install the app, the default mode for the improve tool is: pr_commands = ["/improve --pr_code_suggestions.summarize=true", ...] meaning the improve tool will run automatically on every PR, with summarization enabled. Delete this line to disable the tool from running automatically.

Utilizing extra instructions Extra instructions are very important for the improve tool, since they enable to guide the model to suggestions that are more relevant to the specific needs of the project. Be specific, clear, and concise in the instructions. With extra instructions, you are the prompter. Specify relevant aspects that you want the model to focus on. Examples for extra instructions: [pr_code_suggestions] # /improve # extra_instructions=""" Emphasize the following aspects: - Does the code logic cover relevant edge cases? - Is the code logic clear and easy to understand? - Is the code logic efficient? ... """ Use triple quotes to write multi-line instructions. Use bullet points to make the instructions more readable.

A note on code suggestions quality While the current AI for code is getting better and better (GPT-4), it's not flawless. Not all the suggestions will be perfect, and a user should not accept all of them automatically. Suggestions are not meant to be simplistic. Instead, they aim to give deep feedback and raise questions, ideas and thoughts to the user, who can then use his judgment, experience, and understanding of the code base. Recommended to use the 'extra_instructions' field to guide the model to suggestions that are more relevant to the specific needs of the project, or use the custom suggestions 💎 tool With large PRs, best quality will be obtained by using 'improve --extended' mode.

More PR-Agent commands To invoke the PR-Agent, add a comment using one of the following commands: /review: Request a review of your Pull Request. /describe: Update the PR title and description based on the contents of the PR. /improve [--extended]: Suggest code improvements. Extended mode provides a higher quality feedback. /ask <QUESTION>: Ask a question about the PR. /update_changelog: Update the changelog based on the PR's contents. /add_docs 💎: Generate docstring for new components introduced in the PR. /generate_labels 💎: Generate labels for the PR based on the PR's contents. /analyze 💎: Automatically analyzes the PR, and presents changes walkthrough for each component. See the tools guide for more details. To list the possible configuration parameters, add a /config comment.

See the improve usage page for a more comprehensive guide on using this tool.

[rajdip-b]

🎉 This PR is included in version 1.3.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀