LeadMagnet/leadchat
1
0
Fork 0
Code Issues Pull Requests Actions 3 Packages Projects Releases Wiki Activity

feat: Linear OAuth 2.0 (#10851)

Browse Source 
Fixes https://linear.app/chatwoot/issue/CW-3417/oauth-20-authentication
We are planning to publish the Chatwoot app in the Linear [integration
list](https://linear.app/docs/integration-directory). While we currently
use token-based authentication, Linear recommends OAuth2 authentication.
This PR implements OAuth2 support.

---------

Co-authored-by: Sivin Varghese <64252451+iamsivin@users.noreply.github.com>
Co-authored-by: Shivam Mishra <scm.mymail@gmail.com>
This commit is contained in:
Muhsin Keloth
2025-02-27 18:15:53 +05:30
committed by GitHub
parent 30996140a3
commit 12134f9391
18 changed files with 432 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
spec/controllers/api/v1/accounts/integrations/linear_controller_spec.rb
View File

@@ -12,6 +12,16 @@ RSpec.describe 'Linear Integration API', type: :request do
allow(Integrations::Linear::ProcessorService).to receive(:new).with(account: account).and_return(processor_service)
end
describe 'DELETE /api/v1/accounts/:account_id/integrations/linear' do
it 'deletes the linear integration' do
delete "/api/v1/accounts/#{account.id}/integrations/linear",
headers: agent.create_new_auth_token,
as: :json
expect(response).to have_http_status(:ok)
expect(account.hooks.count).to eq(0)
end
end
describe 'GET /api/v1/accounts/:account_id/integrations/linear/teams' do
context 'when it is an authenticated user' do
context 'when data is retrieved successfully' do

88
spec/controllers/linear/callbacks_controller_spec.rb Normal file
View File

@@ -0,0 +1,88 @@
require 'rails_helper'
RSpec.describe Linear::CallbacksController, type: :request do
let(:account) { create(:account) }
let(:code) { SecureRandom.hex(10) }
let(:state) { SecureRandom.hex(10) }
let(:linear_redirect_uri) { "#{ENV.fetch('FRONTEND_URL', '')}/app/accounts/#{account.id}/settings/integrations/linear" }
describe 'GET /linear/callback' do
let(:access_token) { SecureRandom.hex(10) }
let(:response_body) do
{
'access_token' => access_token,
'token_type' => 'Bearer',
'expires_in' => 7200,
'scope' => 'read,write'
}
end
before do
stub_const('ENV', ENV.to_hash.merge('FRONTEND_URL' => 'http://www.example.com'))
controller = described_class.new
allow(controller).to receive(:verify_linear_token).with(state).and_return(account.id)
allow(described_class).to receive(:new).and_return(controller)
end
context 'when successful' do
before do
stub_request(:post, 'https://api.linear.app/oauth/token')
.to_return(
status: 200,
body: response_body.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'creates a new integration hook' do
expect do
get linear_callback_path, params: { code: code, state: state }
end.to change(Integrations::Hook, :count).by(1)
hook = Integrations::Hook.last
expect(hook.access_token).to eq(access_token)
expect(hook.app_id).to eq('linear')
expect(hook.status).to eq('enabled')
expect(hook.settings).to eq(
'token_type' => 'Bearer',
'expires_in' => 7200,
'scope' => 'read,write'
)
expect(response).to redirect_to(linear_redirect_uri)
end
end
context 'when the code is missing' do
before do
stub_request(:post, 'https://api.linear.app/oauth/token')
.to_return(
status: 200,
body: response_body.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'redirects to the linear_redirect_uri' do
get linear_callback_path, params: { state: state }
expect(response).to redirect_to(linear_redirect_uri)
end
end
context 'when the token is invalid' do
before do
stub_request(:post, 'https://api.linear.app/oauth/token')
.to_return(
status: 400,
body: { error: 'invalid_grant' }.to_json,
headers: { 'Content-Type' => 'application/json' }
)
end
it 'redirects to the linear_redirect_uri' do
get linear_callback_path, params: { code: code, state: state }
expect(response).to redirect_to(linear_redirect_uri)
end
end
end
end