Source Typeform: support oauth

[cheyura]

trafficstars

Tell us about the problem you're trying to solve

With the release of Airbyte Cloud, we need to start supporting Oauth for this connector, since it's the recommended way of authenticating users into a SaaS application.

If this connector doesn't support oauth already (i.e: doesn't accept a client_id and client_secret) then we need to update its spec to accept those parameters. There are two ways to do this:

If the connector already supports some auth mechanism like api_key, I suggest that this be a oneof nested inside a top-level field called "authentication":

{ authentication: { type: object oneOf: [ // api key, // oauth ] } }

If the connector only supports webflow oauth, then no changes are needed to the properties format and we will only need to add annotations.

See the connector spec reference in the docs for reference on how a oneof can be implemented.

This should be done in a backwards compatible manner i.e: users currently supplying authentication info in the config's top-level should not be impacted by this change.

Acceptance criteria

The connector supports oauth webflow authentication with client_id/client_secret in a backwards compatible manner Oauth properties are annotated properly. See this PR for an example

[lazebnyi]

Solution for access token finished. But expiration time for an access token is only 7 days. Blocked on getting refresh token from API https://community.typeform.com/developers-corner-44/errtokeninvalid-during-access-token-exchange-request-3745

[YowanR]

It looks there has been some progress in the Typeform community regarding this issue. Can the assignee revisit this one and check if this is still blocked, please?

[davydov-d]

hey @YowanR I have just checked: no progress unfortunately. I've made a request to the /authorize endpoint, then to the /token according to the docs. The latter one responded with an error @lazebnyi had reported earlier: {"code":"bad_request","description":"Bad Request: bad request: {\"code\":\"FORBIDDEN\",\"description\":\"Forbidden: this kind of access tokens cannot have refresh tokens\"}\n","help":"https://developers.typeform.com/get-started/authentication/"}

[YowanR]

@davydov-d is there any other workarounds or are we blocked here? Cc @misteryeo

[davydov-d]

@davydov-d is there any other workarounds or are we blocked here? Cc @misteryeo

@YowanR I'm afraid we are blocked here. The default lifetime of an access token is 1 week, this means user would have to reauthenticate every week since we can not get a refresh token. I see no workarounds here

[YowanR]

Thanks @davydov-d ! To make sure I understand, is this similar to this github issue here?

[davydov-d]

@YowanR great finding, I was sure we do support persisting new refresh_tokens. Now, to be clear we are blocked by two things here:

• TypeForm API deffect
• #3990

[evantahler]

Linking https://github.com/airbytehq/airbyte/issues/3990

[artem1205]

Typeform still raises error during the oauth process:

[artem1205]

Update: To make it work as expected we need to change the token expiration period to one week. After that we may apply param scope=offline and obtain refresh token, as well as refresh it later.

[YowanR]

@artem1205 Why was this moved back to Backlog(Unscoped) ? As I see it, we have a path forward, correct? cc @lazebnyi

[artem1205]

@YowanR, yes, you are right, Typeform is unblocked now, oauth can be implemented.

[YowanR]

@artem1205 Thanks! Moved this back to in Progress. @lazebnyi Are we still able to land this during the sprint?

[midavadim]

@YowanR @lazebnyi Issue is blocked since the connector uses single-use refresh token, which requires proper processing from platform side

[YowanR]

For Typeform, OAuth is not required to have this connector on Cloud. We will be moving forward without OAuth until we get the UI changes in. @midavadim Can you confirm?