feat(api): Added GitLab OAuth

[rajdip-b]

User description

Fixes #155

---

Type

Enhancement

---

Description

• Integrated GitLab OAuth into the authentication system.
• Added necessary classes and factories for GitLab OAuth strategy.
• Updated tests and documentation to support GitLab OAuth.
• Added new endpoints for GitLab OAuth login and callback.
• Included new environment variables and updated package dependencies.

---

Changes walkthrough

	Relevant files
Enhancement	4 files auth.module.ts Integrate GitLab OAuth Strategy into Auth Module                  apps/api/src/auth/auth.module.ts Added GitlabOAuthStrategyFactory and GitlabStrategy to the authentication module. Configured dependency injection for GitLab OAuth strategy. +10/-0    auth.controller.ts Implement GitLab OAuth Endpoints in Auth Controller            apps/api/src/auth/controller/auth.controller.ts Added gitlabOAuthStrategyFactory to the constructor for dependency injection. Implemented new endpoints for GitLab OAuth login and callback. +50/-1    gitlab-strategy.factory.ts Implement GitLab OAuth Strategy Factory                                    apps/api/src/config/factory/gitlab/gitlab-strategy.factory.ts Implemented GitlabOAuthStrategyFactory with methods to check if OAuth is enabled and to create the strategy. +35/-0    gitlab.strategy.ts Implement GitLab Strategy for OAuth                                            apps/api/src/config/oauth-strategy/gitlab/gitlab.strategy.ts Created GitlabStrategy for handling GitLab OAuth. +23/-0
Tests	3 files auth.controller.spec.ts Update Auth Controller Tests for GitLab Integration            apps/api/src/auth/controller/auth.controller.spec.ts Included GitlabOAuthStrategyFactory in the testing setup for AuthController. +2/-0      gitlab-strategy.factory.spec.ts Add Tests for GitLab OAuth Strategy Factory                            apps/api/src/config/factory/gitlab/gitlab-strategy.factory.spec.ts Added tests for enabling/disabling GitLab OAuth and creating the strategy. +46/-0    gitlab.strategy.spec.ts Add Tests for GitLab Strategy                                                        apps/api/src/config/oauth-strategy/gitlab/gitlab.strategy.spec.ts Added basic tests for the GitlabStrategy. +17/-0
Configuration changes	1 files .env.example Add GitLab OAuth Environment Variables to Example                .env.example Added environment variables for GitLab OAuth. +4/-0
Dependencies	2 files package.json Add Passport-GitLab2 Dependency                                                    apps/api/package.json Added passport-gitlab2 dependency for GitLab OAuth. +1/-0      pnpm-lock.yaml Update Lock File for New Dependency                                            pnpm-lock.yaml Updated lock file with passport-gitlab2 package. +10/-0
Documentation	1 files environment-variables.md Document GitLab OAuth Environment Variables                            docs/contributing-to-keyshade/environment-variables.md Updated documentation to include GitLab OAuth environment variables. +18/-16

---

✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[sonarcloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
No data about Coverage
0.0% Duplication on New Code

See analysis details on SonarCloud

[codiumai-pr-agent-free]

PR Description updated to latest commit (488854d)

[codiumai-pr-agent-free]

PR Review

⏱️ Estimated effort to review [1-5]	3, because the PR involves integration of a new OAuth strategy (GitLab), which includes updates across multiple files including module configuration, controller updates, strategy implementation, and tests. The changes are moderate in size and complexity, requiring a thorough review to ensure security and functionality.
🧪 Relevant tests	Yes
🔍 Possible issues	Possible Bug: The GitLab OAuth endpoints in auth.controller.ts might throw an exception if the OAuth is not enabled, but it does not handle what happens if the user's GitLab account does not provide an email. This should be handled gracefully.
	Configuration Dependency: The system's behavior depends on environment variables (GITLAB_CLIENT_ID, GITLAB_CLIENT_SECRET, GITLAB_CALLBACK_URL). If these are not set correctly, the OAuth functionality will not work, and the error logging in gitlab-strategy.factory.ts might not be sufficient for troubleshooting.
🔒 Security concerns	No

---

✨ Review tool usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.

The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.

• When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

• With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

See the review usage page for a comprehensive guide on using this tool.

[codiumai-pr-agent-free]

PR Code Suggestions

Category	Suggestions
Enhancement	Add GitlabOAuthStrategyFactory to the module providers for dependency injection. Consider adding the GitlabOAuthStrategyFactory to the providers array directly in the @Module decorator to ensure it is available for dependency injection throughout the module. apps/api/src/auth/auth.module.ts [44] -GitlabOAuthStrategyFactory, +providers: [GitlabOAuthStrategyFactory, ...],
	Implement error handling in the gitlabOAuthCallback method. Add error handling for the gitlabOAuthCallback method to manage exceptions that may occur during the OAuth process, such as token expiration or network issues. apps/api/src/auth/controller/auth.controller.ts [190-194] -return await this.authService.handleOAuthLogin( - email, - name, - profilePictureUrl -) +try { + return await this.authService.handleOAuthLogin( + email, + name, + profilePictureUrl + ) +} catch (error) { + throw new HttpException('Failed to handle GitLab OAuth login', HttpStatus.INTERNAL_SERVER_ERROR); +}
Best practice	Standardize the import structure in the @Module decorator. Ensure consistent object structure in the module imports by using braces for single imports, similar to other imports in the array. apps/api/src/auth/auth.module.ts [44] -GitlabOAuthStrategyFactory, +{ provide: GitlabOAuthStrategyFactory, useClass: GitlabOAuthStrategyFactory },
	Use a specific exception for disabled features in the gitlabOAuthLogin method. Refactor the gitlabOAuthLogin method to use a more descriptive and specific exception when GitLab OAuth is not enabled, such as FeatureNotEnabledException. apps/api/src/auth/controller/auth.controller.ts [160-163] -throw new HttpException( - 'GitLab Auth is not enabled in this environment. Refer to the https://docs.keyshade.xyz/contributing-to-keyshade/environment-variables if you would like to set it up.', - HttpStatus.BAD_REQUEST +throw new FeatureNotEnabledException( + 'GitLab Auth is not enabled. Please enable it to use this feature.', + 'GITLAB_OAUTH' )
	Specify a return type for the gitlabOAuthCallback method. Add a return type to the gitlabOAuthCallback method to improve code readability and maintainability. apps/api/src/auth/controller/auth.controller.ts [187] -async gitlabOAuthCallback(@Req() req) { +async gitlabOAuthCallback(@Req() req): Promise<Profile> {

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

• When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

• With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

See the improve usage page for a comprehensive guide on using this tool.

[codecov]

Codecov Report

Attention: Patch coverage is 84.84848% with 5 lines in your changes are missing coverage. Please review.

Project coverage is 93.02%. Comparing base (7bb3d21) to head (488854d).
Report is 46 commits behind head on develop.

Files	Patch %	Lines
...rc/config/oauth-strategy/gitlab/gitlab.strategy.ts	50.00%	4 Missing ⚠️
...c/config/factory/gitlab/gitlab-strategy.factory.ts	93.75%	1 Missing ⚠️

Additional details and impacted files

@@             Coverage Diff              @@
##           develop     #188       +/-   ##
============================================
+ Coverage    62.20%   93.02%   +30.81%     
============================================
  Files           76       99       +23     
  Lines         1503     2180      +677     
  Branches       260      404      +144     
============================================
+ Hits           935     2028     +1093     
+ Misses         568      152      -416     

Flag	Coverage Δ
api-e2e-tests	93.02% <84.84%> (+30.81%)	⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[rajdip-b]

🎉 This PR is included in version 1.3.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀