OpnForm icon indicating copy to clipboard operation
OpnForm copied to clipboard
verified publisher icon JhumanJ

Zapier - OAuth "server" powered integrations & migration to Laravel Passport

Open JhumanJ opened this issue 1 year ago • 0 comments

Add Zapier Integration and Migrate to Laravel Passport

Context

In the previous issue, we focused on adding Google Sheets integration using OAuth as a client. Now, we aim to support integrations where OpnForm acts as an OAuth server. This will enable users to create workflows with services like Zapier, which require OpnForm authentication to manage integrations.

Goal

Enable users to:

  1. Log in to their Zapier account.
  2. Select the OpnForm integration.
  3. Authenticate with OpnForm.
  4. Create Zapier workflows (Zaps) using OpnForm form submissions as triggers.

This will involve:

  • Creating a new OAuth server integration for OpnForm using Laravel Passport.
  • Migrating from laravel-jwt to laravel-passport for API authentication.

Deliverables

  1. Full Zapier Integration

    • Users can log in to Zapier and select OpnForm integration.
    • Redirect users to OpnForm's OAuth consent screen.
    • On consent, generate and store OAuth tokens with restricted scopes.
    • Create Zaps with OpnForm form submissions as triggers.
    • On form submission, invoke the Zapier-provided webhook URL.
    • Any required endpoints (such as test data endpoints etc) required by Zapier for us to publish the integration publicly.

  2. OpnForm OAuth as a Server

    • Implement OAuth server using Laravel Passport.
    • Create consent screen with scope selection.
    • Implement limited scopes to restrict token access to CRUD Zapier integrations.
    • Add a new controller to manage OAuth providers for integrations (CRUD operations).

  3. Migration to Laravel Passport for API Authentication

    • Migrate existing authentication from laravel-jwt to laravel-passport.
    • Ensure all existing functionalities remain intact during the migration.
    • Update relevant documentation and guides to reflect the change.
    • Implement changes on Nuxt sides if needed.

Requirements

  1. User Authentication with OpnForm on Zapier

    • Users should be able to connect multiple Zapier accounts.
    • Security best practices must be followed.

  2. OAuth Provider Management

    • OAuth providers should belong to users and be used by form integrations.
    • Like we did for "client" integrations, in the settings users should be able to see the services connected to OpnForm, and to revoke their access.
    • If the OAuth provider is currently used by an integration, then there should be a confirmation prompt before revoking access to OpnForm. If the user decides to revoke it, then form integrations created by/with this oauth provider should be removed.

  3. Controller and Front-End Updates

    • On the front-end, clicking on Zapier on the list of integrations should open the OpnForm Zapier page in a new tab.
    • Handle OAuth consent and token management in the back-end.

  4. Form Submission Trigger

    • On form submission, invoke the webhook URL provided by Zapier.

Implementation Suggestions

  1. Migration Plan: please provide guidance for a smooth transition from laravel-jwt to laravel-passport.

  2. Testing and Documentation

    • Comprehensive testing of the new OAuth server functionality.
    • Update all relevant documentation and user guides.

JhumanJ avatar Jun 11 '24 15:06 JhumanJ