feat(connections): add reusable authorization connections system#163
Open
RishadAlam wants to merge 60 commits into
Open
feat(connections): add reusable authorization connections system#163RishadAlam wants to merge 60 commits into
RishadAlam wants to merge 60 commits into
Conversation
- Added AuthorizationType class to define various authorization methods. - Implemented BasicAuthorization for basic authentication handling. - Created BearerTokenAuthorization for bearer token management. - Developed OAuth2Authorization to handle OAuth2 flows, including token refresh. - Introduced ConnectionModel for database interactions related to connections. - Added Hash utility for encrypting and decrypting sensitive data. - Created ConnectionController to manage connection CRUD operations. - Developed frontend API utilities for connection management. - Implemented ConnectionAccountList and ConnectionAccountSelect components for displaying and managing connections. - Created Connections page for listing, searching, and managing connections.
…r, connectionApi, MailChimp components, and ConnectionAccountSelect
…ionController and related classes
…authorization types
…d additional headers normalization
…ncryption, SSL verification, and nested data access
…er localization support
…ation - Replaced individual authorization logic in Voxel, WCAffiliate, WPCafe, WPCourseware, WPForo, WishlistMember, WooCommerce, and WP ERP components with a unified PlatformAuthorization component. - Removed unnecessary state management and input handling from the individual components. - Updated the styling of the app to improve layout consistency. - Ensured that each integration checks for the required plugins and provides appropriate notes for users.
- Introduced a new authorization type `WP_PLUGIN_CHECK` in AuthorizationType.php. - Updated ConnectionController to handle `WP_PLUGIN_CHECK` by returning appropriate error messages. - Modified frontend components to use `WP_PLUGIN_CHECK` as the default auth type for various integrations. - Refactored connectionAuth.js to include a function for checking the new auth type. - Adjusted PlatformAuthorization to manage the new auth type logic.
- Updated the API utility function `checkPlatform` to `verifyPluginActivation`. - Refactored all integration components to use `pluginCheck` instead of `platformCheck` for plugin verification. - Introduced a new `PluginCheck` class in the backend to handle plugin availability checks with improved logic and structure.
- Replaced instances of PlatformAuthorization with Authorization in MailMint, MailPoet, MailerPress, Mailster, MasterStudyLms, Memberpress, Newsletter, NotificationX, PaidMembershipPro, PeepSo, PropovoiceCRM, RestrictContent, SliceWp, SureMembers, SystemeIO, TeamsForWooCommerceMemberships, TheEventsCalendar, TutorLms, UltimateAffiliatePro, UserRegistrationMembership, Voxel, WCAffiliate, WPCafe, WPCourseware, WPForo, WeDocs, WishlistMember, WooCommerce, and WpErp components. - Deleted the old PlatformAuthorization component and created a new Authorization component that consolidates the functionality.
…nt and enhance Fabman integration with new account fetching logic
… authorization logic
…port extra fields and template resolution
… integrations to use a unified Authorization component and remove deprecated authorization methods
…ove authorization handling and channel fetching - Updated Slack integration to use toast notifications for error handling and channel fetching. - Refactored SmartSuite integration to streamline authentication and solution fetching processes. - Simplified Vbout integration by removing unnecessary state management and using a more modular approach for authorization. - Enhanced WhatsApp integration to utilize a centralized Authorization component for better code organization and maintainability. - Improved header template resolution in AddNewConnection component to dynamically handle additional headers based on provided data.
…ts to use a unified Authorization component; streamline authentication logic and improve code maintainability. Update API request handling to support dynamic payloads and headers. Enhance validation for required fields in API connections.
…rization component - Updated ActiveCampaign, Asana, Bento, CapsuleCRM, and MoxieCRM authorization components to utilize a new Authorization component for handling authentication. - Simplified state management and input handling by removing redundant code. - Introduced a consistent structure for authorization details, including API endpoints and authentication methods. - Improved user instructions for obtaining API keys and tokens across various integrations.
…ied authorization handling for Clickup, Demio, and SuiteDash integrations
…ConvertKit integrations; streamline API request logic and enhance code maintainability
…nent for Dropbox, Google Contacts, Google Sheets, and OneDrive; streamline authentication handling and improve code maintainability.
- Removed unused imports and code related to token handling in Constant Contact and LionDesk components. - Simplified the authorization process by integrating a common Authorization component for both Constant Contact and LionDesk. - Updated the handling of API requests to use a unified method for building authentication parameters. - Improved user instructions and error handling in the authorization steps for both integrations. - Cleaned up the codebase by removing deprecated functions and unnecessary state management.
…emove unused functions - Removed setGrantTokenResponse function from ZohoMarketingHub, ZohoRecruit, and ZohoSheet components. - Simplified authorization handling in ZohoMarketingHubAuthorization, ZohoRecruitAuthorization, and ZohoSheetAuthorization components by integrating a common Authorization component. - Updated refreshLists and refreshModules functions to utilize a buildAuthRequestParams helper for cleaner parameter handling. - Removed unnecessary state management and error handling related to client ID and secret in authorization components. - Enhanced user experience by ensuring proper loading states and error messages during authorization.
…simplifying authorization logic
…nd refactor related components
…refactor related components
… refactor related components
🔍 WordPress Plugin Check Report
📊 Report
❌ Errors (1)📁 backend/Actions/WpDataTables/RecordApiHelper.php (1 error)
|
| 📍 Line | 🔖 Check | 💬 Message |
|---|---|---|
0 |
mismatched_plugin_name | Plugin name "Bit integrations - Form Integration, Webhook, Spreadsheets, CRM, LMS & Email Automation" is different from the name declared in plugin header "Bit Integrations". |
🤖 Generated by WordPress Plugin Check Action • Learn more about Plugin Check
![gemini-code-assist[bot]](https://avatars.githubusercontent.com/in/956858?s=60&v=4){kind=small}
There was a problem hiding this comment.
Code Review
This pull request standardizes the authorization mechanism across numerous integration controllers by introducing a static $authConfig property and removing redundant authentication methods and routes. The refactor also includes unified token normalization and expiry logic for OAuth2-based services. Feedback identifies a potential PHP 8.0+ warning in GoogleSheetController due to unsafe property access on boolean values, recommends removing dead code in the Fabman integration, and highlights a performance bottleneck in MailChimpController caused by repeated network requests for metadata during the execution flow.
… and enhance delete error messaging
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
This PR introduces a reusable connection system for integration authorization across Bit Integrations. It centralizes credential management, adds secure credential storage with encryption, and refactors integrations to use shared authorization flows instead of per-integration auth logic.
Motivation & Context
Many integrations previously handled authorization independently, which caused duplicated logic, inconsistent behavior, and repeated credential entry across flows. This change creates a unified connection layer so users can save and reuse credentials per app, while improving security and maintainability.
Related Links: (if applicable)
N/A
Type of Change
Key Changes
Backend (Connection System & Security)
btcbi_connectionsstorage model/table and DB migration updates for reusable saved credentials.ConnectionControllerendpoints for authorize, oauth token exchange, plugin activation verify, list/get/save/update/reauthorize/delete.AbstractBaseAuthorizationAuthorizationFactoryAuthDataCodec+ encrypted key support andHashutility.CredentialInjectorto inject resolved connection credentials into flow execution runtime.PluginCheckutility to validate plugin availability using grouped AND/OR rules.Backend (Integrations Refactor)
authConfigmappings for standardized credential injection.KirimEmailAuthorizationhandler for its signature-based auth flow.Frontend (Connections UI & Shared Auth UX)
/connectionspage with connection listing, app filter, rename, delete, and bulk delete actions.AuthorizationConnectionAccountSelectAddNewConnectionApiConnectionOauth1ConnectionOauth2ConnectionChecklist
Changelog