add webhooks for calendly events

prisma/migrations/20241124062556_oauth_external_user_id/migration.sql

@@ -0,0 +1,8 @@
+/*
+  Warnings:
+
+  - Added the required column `externalUserId` to the `UserOauth` table without a default value. This is not possible if the table is not empty.
+
+*/
+-- AlterTable
+ALTER TABLE "UserOauth" ADD COLUMN     "externalUserId" TEXT;

prisma/schema.prisma

@@ -30,15 +30,16 @@ enum OauthProvider {
 }
 
 model UserOauth {
-  id           String        @id @default(uuid())
-  userAuthId   String
-  UserAuth     UserAuth      @relation(fields: [userAuthId], references: [id])
-  provider     OauthProvider
-  accessToken  String
-  expiresAt    DateTime
-  refreshToken String
-  createdAt    DateTime      @default(now())
-  updatedAt    DateTime      @updatedAt
+  id             String        @id @default(uuid())
+  userAuthId     String
+  UserAuth       UserAuth      @relation(fields: [userAuthId], references: [id])
+  provider       OauthProvider
+  accessToken    String
+  expiresAt      DateTime
+  refreshToken   String
+  createdAt      DateTime      @default(now())
+  updatedAt      DateTime      @updatedAt
+  externalUserId String
 
   @@unique([userAuthId, provider])
 }

src/lib/oauth.ts

@@ -57,6 +57,7 @@ export class GCloud {
       accessToken: json["access_token"] as string,
       refreshToken: refreshToken || (json["refresh_token"] as string),
       expiresAt: new Date(Date.now() + expiresInSeconds * 1000),
+      externalUserId: "test",
     };
   }
 
@@ -146,11 +147,13 @@ export class Calendly {
       throw new Error("Calendly API error");
     }
     const expiresInSeconds = Number(json["expires_in"]);
+    const externalUserId = json["owner"].split("/").pop();
     return {
       provider: OauthProvider.CALENDLY,
       accessToken: json["access_token"] as string,
       refreshToken: json["refresh_token"] as string,
       expiresAt: new Date(Date.now() + expiresInSeconds * 1000),
+      externalUserId: externalUserId,
     };
   }
 
@@ -268,6 +271,18 @@ async function findUserOauth(
   });
 }
 
+async function findUserOauthByExternalId(
+  oauthExternalUserId: string,
+  provider: OauthProvider,
+): Promise<UserOauth | null> {
+  return prisma.userOauth.findUnique({
+    where: {
+      externalUserId: oauthExternalUserId,
+      provider: provider,
+    },
+  });
+}
+
 export async function getAccessToken(
   userAuthId: string,
   provider: OauthProvider,
@@ -326,3 +341,47 @@ export async function disconnectOauth({
   });
   return res;
 }
+
+export async function oauthProcessCallback({
+                                             uri,
+                                             callback_url,
+                                             created_at,
+                                             updated_at,
+                                             retry_started_at,
+                                             state,
+                                             events,
+                                             scope,
+                                             organization,
+                                             user,
+                                             group,
+                                             creator,
+                                      }: {
+  uri: string,
+  callback_url: string,
+  created_at: string,
+  updated_at: string,
+  retry_started_at: string,
+  state: string,
+  events: string,
+  scope: string,
+  organization: string,
+  user: string,
+  group: string,
+  creator: string,
+}): Promise<boolean> {
+  const oauthInfo = await findUserOauth(userAuthId, provider);
+  if (!oauthInfo) {
+    return false;
+  }
+  const intf = providerIntf(provider);
+  const res = await intf.revoke(oauthInfo);
+  await prisma.userOauth.delete({
+    where: {
+      userAuthId_provider: {
+        userAuthId,
+        provider,
+      },
+    },
+  });
+  return res;
+}

src/pages/api/oauth/callback.ts

@@ -0,0 +1,35 @@
+import { NextApiRequest, NextApiResponse } from "next";
+import { Value } from "@sinclair/typebox/value";
+import { CalendlyWebhookSubscriptionRequestSchema, DisconnectOauthProviderRequestSchema } from "@/types/oauth.schema";
+import { BadRequestError } from "@/types/errors";
+import { disconnectOauth } from "@/lib/oauth";
+import { provider } from "std-env";
+
+async function OauthProviderCallbackHandler(
+  req: NextApiRequest,
+  res: NextApiResponse<{ success: boolean } | BadRequestError>,
+): Promise<void> {
+  const { body } = req;
+  if (!Value.Check(CalendlyWebhookSubscriptionRequestSchema, body)) {
+    return res.status(400).json({ message: "Invalid inputs" });
+  }
+  const { uri, callback_url, created_at, updated_at, retry_started_at, state, events, scope, organization, user, group, creator} = body;
+
+  const status = await disconnectOauth({
+    userAuthId,
+    provider,
+  });
+
+  return res.status(200).json({ success: status });
+}
+
+export default async function handle(
+  req: NextApiRequest,
+  res: NextApiResponse<{ success: boolean } | BadRequestError>,
+): Promise<void> {
+  if (req.method === "POST") {
+    await disconnectOauthProviderHandler(req, res);
+  } else {
+    return res.status(405).json({ message: "Method Not allowed" });
+  }
+}

src/types/oauth.schema.ts

@@ -10,3 +10,22 @@ export const DisconnectOauthProviderRequestSchema = Type.Object({
   // Password of user
   provider: Type.Enum(OauthProvider),
 });
+
+export type CalendlyWebhookSubscriptionRequestSchema = Static<
+  typeof CalendlyWebhookSubscriptionRequestSchema
+>;
+
+export const CalendlyWebhookSubscriptionRequestSchema = Type.Object({
+  uri: Type.String(),
+  callback_url: Type.String(),
+  created_at: Type.String(),
+  updated_at: Type.String(),
+  retry_started_at: Type.String(),
+  state: Type.String(),
+  events: Type.Array(Type.String()),
+  scope: Type.String(),
+  organization: Type.String(),
+  user: Type.String(),
+  group: Type.String(),
+  creator: Type.String(),
+});