(feat) Removing appSlug and oauthClientId from token create call

[dylburger]

Summary by CodeRabbit

• New Features

  • Streamlined connection token creation by removing unnecessary parameters, now only requiring external_id.
  • Introduced optional parameters for redirecting upon success or error during connection.

• Documentation

  • Updated API documentation and usage examples across multiple programming languages to reflect the new method signatures and parameters.

These changes enhance the user experience by simplifying the connection process and providing clearer guidance in the documentation.

[vercel]

The latest updates on your projects. Learn more about Vercel for Git ↗︎

3 Skipped Deployments

Name	Status	Preview	Comments	Updated (UTC)
docs-v2	⬜️ Ignored (Inspect)	Visit Preview		Sep 27, 2024 4:00am
pipedream-docs	⬜️ Ignored (Inspect)			Sep 27, 2024 4:00am
pipedream-docs-redirect-do-not-edit	⬜️ Ignored (Inspect)			Sep 27, 2024 4:00am

[coderabbitai]

Warning

Rate limit exceeded

@dylburger has exceeded the limit for the number of commits or files that can be reviewed per hour. Please wait 11 minutes and 11 seconds before requesting another review.

⌛ How to resolve this issue?

After the wait time has elapsed, a review can be triggered using the @coderabbitai review command as a PR comment. Alternatively, push new commits to this PR.

We recommend that you space out your commits to avoid hitting the rate limit.

🚦 How do rate limits work?

CodeRabbit enforces hourly rate limits for each developer per organization.

Our paid plans have higher rate limits than the trial, open-source and free plans. In all cases, we re-allow further reviews after a brief timeout.

Please see our FAQ for further information.

📥 Commits

Files that changed from the base of the PR and between ce79243 and 7dc70a6.

Walkthrough

The pull request introduces significant changes to the connectTokenCreate function across multiple programming languages. The parameters app_slug and oauth_app_id have been removed from the function signature and request body, leaving only external_id as a required parameter. Additionally, two optional parameters, success_redirect_uri and error_redirect_uri, have been added for handling redirections. These modifications streamline the token creation process and update the relevant documentation and client implementations accordingly.

Changes

File	Change Summary
docs-v2/pages/connect/api.mdx	Removed app_slug and oauth_app_id from serverConnectTokenCreate. Added success_redirect_uri and error_redirect_uri. Updated examples across Java, C#, PHP, Ruby.
docs-v2/pages/connect/quickstart.mdx	Simplified connectTokenCreate method by removing app_slug and oauth_app_id, retaining only external_id. Updated examples for multiple languages.
packages/sdk/src/server/tests/server.test.ts	Updated connectTokenCreate test to remove app_slug and adjust expected request body to include only external_user_id and external_id.

Possibly related PRs

• Je/connect sdk decouple app from token #13870: The changes in this PR involve the addition of the oauthAppId parameter in the connectAccount function, which is related to the overall handling of OAuth application identifiers, similar to the removal of oauth_app_id in the main PR's connectTokenCreate function.

Poem

🐇 In the meadow where tokens play,
Parameters trimmed, a clearer way.
Just external_id to lead the dance,
Redirects added, a new romance!
Simplified paths for all to see,
Hooray for change, hop along with glee! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 0

🧹 Outside diff range and nitpick comments (9)

docs-v2/pages/connect/quickstart.mdx (6)

188-218: LGTM! Consider adding type hints for better code clarity.

The simplification of the connect_token_create method aligns well with the PR objectives. The removal of app_slug and oauth_app_id parameters streamlines the API.

Consider adding type hints to improve code clarity:

-  def connect_token_create(self, opts):
+  def connect_token_create(self, opts: dict) -> dict:

---

Line range hint 252-275: LGTM! Consider enhancing exception handling.

The simplification of the connectTokenCreate method aligns well with the PR objectives. The removal of appSlug and oauthClientId parameters streamlines the API.

Consider enhancing the exception handling to provide more specific error information:

-    public String connectTokenCreate(String externalId) throws Exception {
+    public String connectTokenCreate(String externalId) throws IOException {
         // ... (existing code)
+        if (conn.getResponseCode() != HttpURLConnection.HTTP_OK) {
+            throw new IOException("HTTP error code: " + conn.getResponseCode());
+        }
         return new String(conn.getInputStream().readAllBytes(), StandardCharsets.UTF_8);
     }

---

Line range hint 306-323: LGTM! Consider adding error handling for non-success status codes.

The simplification of the ConnectTokenCreate method aligns well with the PR objectives. The removal of appSlug and oauthClientId parameters streamlines the API.

Consider adding error handling for non-success status codes:

     public async Task<string> ConnectTokenCreate(string externalId) {
         // ... (existing code)
         var response = await client.PostAsync($"{baseURL}/v1/connect/tokens", content);
+        response.EnsureSuccessStatusCode();
         return await response.Content.ReadAsStringAsync();
     }

---

Line range hint 363-402: LGTM! Consider enhancing error handling.

The simplification of the ConnectTokenCreate method aligns well with the PR objectives. The removal of appSlug and oauthClientId parameters streamlines the API.

Consider enhancing the error handling to provide more specific error information:

     if err != nil {
         return nil, err
     }
+    if resp.StatusCode != http.StatusOK {
+        return nil, fmt.Errorf("unexpected status code: %d", resp.StatusCode)
+    }
     defer resp.Body.Close()

     body, _ := ioutil.ReadAll(resp.Body)

---

Line range hint 433-467: LGTM! Consider adding error handling for HTTP errors.

The simplification of the connectTokenCreate method aligns well with the PR objectives. The removal of appSlug and oauthClientId parameters streamlines the API.

Consider adding error handling for HTTP errors:

     $context = stream_context_create($options);
-    $result = file_get_contents($url, false, $context);
+    $result = @file_get_contents($url, false, $context);
+    if ($result === FALSE) {
+        $error = error_get_last();
+        throw new Exception("HTTP request failed. Error: " . $error['message']);
+    }

     return json_decode($result, true);

---

Line range hint 497-514: LGTM! Consider adding error handling for non-success HTTP status codes.

The simplification of the connect_token_create method aligns well with the PR objectives. The removal of app_slug and oauth_app_id parameters streamlines the API.

Consider adding error handling for non-success HTTP status codes:

     res = Net::HTTP.start(uri.hostname, uri.port, use_ssl: true) do |http|
       http.request(req)
     end
+    res.value  # Raises an exception for non-2xx status codes

     JSON.parse(res.body)

docs-v2/pages/connect/api.mdx (3)

Line range hint 21-41: LGTM with a minor suggestion: Clear SDK installation instructions

The installation instructions for both npm and <script> tag methods are well-presented and easy to follow.

Consider specifying a version number in the "latest version" example for the <script> tag method, or add a comment explaining that it will always fetch the latest version. This could help users understand the behavior more clearly. For example:

<!-- This will always fetch the latest version -->
<script src="https://unpkg.com/@pipedream/sdk/dist/browser/index.js"></script>

---

Line range hint 43-108: LGTM with a suggestion: Comprehensive authentication instructions

The authentication section provides clear instructions and code examples for both the TypeScript SDK (Server and Browser) and the REST API.

In the TypeScript SDK (Server) example, consider adding a note or example about securely handling API keys. For instance:

// Load API keys from environment variables
const pd = createClient({
  publicKey: process.env.PIPEDREAM_PUBLIC_KEY,
  secretKey: process.env.PIPEDREAM_SECRET_KEY,
});

This emphasizes the importance of not hardcoding sensitive information and using environment variables instead.

---

Line range hint 131-570: LGTM with a suggestion: Comprehensive API Reference for token creation

The API Reference section, particularly the "Tokens" subsection, provides detailed information about creating new tokens. The multi-language examples are a great addition, making it easy for developers using different programming languages to implement token creation.

In the TypeScript (Next.js) example, consider adding error handling to make the code more robust. For instance:

export async function serverConnectTokenCreate(opts: ConnectTokenCreateOpts): Promise<ConnectAPIResponse<ConnectTokenResponse>> {
  try {
    return await pd.connectTokenCreate(opts);
  } catch (error) {
    console.error("Error creating connect token:", error);
    throw error; // or handle the error as appropriate for your application
  }
}

This addition would help developers handle potential errors more gracefully in their applications.

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between 4e561f0 and a6c9b3f.

📒 Files selected for processing (3)

• docs-v2/pages/connect/api.mdx (12 hunks)
• docs-v2/pages/connect/quickstart.mdx (12 hunks)
• packages/sdk/src/server/index.ts (1 hunks)

🔇 Additional comments (9)

packages/sdk/src/server/index.ts (3)

Line range hint 52-67: LGTM: ConnectTokenCreateOpts type updated correctly

The ConnectTokenCreateOpts type has been successfully updated to remove the app_slug and oauth_app_id properties, aligning with the PR objectives. The addition of optional success_redirect_uri and error_redirect_uri properties enhances flexibility in handling connection outcomes.

---

Line range hint 555-563: LGTM: connectTokenCreate method simplified and aligned with type changes

The connectTokenCreate method has been successfully updated to reflect the changes in the ConnectTokenCreateOpts type. The implementation now correctly spreads the opts object into the request body, maintaining backwards compatibility by mapping external_user_id to external_id. This change simplifies the token creation process as intended.

---

Line range hint 52-67: Summary: Successful simplification of token creation process

The changes in this file successfully implement the PR objectives by simplifying the token creation process. The ConnectTokenCreateOpts type and connectTokenCreate method have been updated to remove app_slug and oauth_app_id, while adding optional redirect URIs. These changes streamline the API usage and provide more flexibility for handling connection outcomes.

The implementation maintains backwards compatibility by mapping external_user_id to external_id in the request body. Overall, these modifications enhance the usability of the SDK without introducing breaking changes.

Also applies to: 555-563

docs-v2/pages/connect/quickstart.mdx (2)

Line range hint 1-1: LGTM! The usage example is consistent with the API changes.

The TypeScript code snippet correctly demonstrates the simplified serverConnectTokenCreate method call, using only the external_id parameter. This is consistent with the changes made across other language implementations.

---

Line range hint 1-1: Overall, the changes successfully simplify the Connect API across multiple languages.

The modifications to the connectTokenCreate method (and its equivalents in different languages) consistently remove the appSlug and oauthClientId parameters, leaving only the external_id as the required parameter. This simplification aligns well with the PR objectives and improves the API's usability.

The documentation has been updated accurately to reflect these changes across all provided language examples. This consistency will help developers understand and implement the simplified API correctly, regardless of their preferred programming language.

While the core changes are solid, consider implementing the suggested minor improvements in error handling and type hinting to further enhance the code quality and developer experience.

docs-v2/pages/connect/api.mdx (4)

Line range hint 1-13: LGTM: Well-structured introduction

The introductory section provides a clear overview of the Connect API & SDK Reference, including necessary imports and a helpful warning about the Base URL and authentication method.

---

Line range hint 15-19: LGTM: Clear presentation of REST API Base URL

The REST API Base URL is clearly presented in a code block, making it easy for developers to identify and use.

---

Line range hint 110-118: LGTM: Clear explanation of external users

The "External users" section provides a concise explanation of the external_id parameter and its usage. The mention of the 250-character limit is a helpful detail for developers.

---

Line range hint 120-129: LGTM: Well-presented rate limit information

The "Rate limits" section clearly presents the rate limits for different API endpoints in a table format. The note about contacting support for higher rate limits is a helpful addition for users with more demanding requirements.

[coderabbitai]

Actionable comments posted: 1

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Files that changed from the base of the PR and between b7c1881 and ce79243.

📒 Files selected for processing (1)

• packages/sdk/src/server/tests/server.test.ts (1 hunks)

🔇 Additional comments (1)

packages/sdk/src/server/__tests__/server.test.ts (1)

258-260: LGTM! Changes align with PR objectives.

The modifications to the connectTokenCreate test accurately reflect the removal of app_slug and oauth_app_id parameters, which is consistent with the PR's goal of streamlining the token creation process.

[coderabbitai]

🛠️ Refactor suggestion

Consider adding test cases for new optional parameters.

While the current changes look good, it would be beneficial to add test cases for the new optional parameters success_redirect_uri and error_redirect_uri. This will ensure comprehensive coverage of the updated connectTokenCreate method functionality.

Here's a suggested additional test case:

it("should create a connect token with optional redirect URIs", async () => {
  fetchMock.mockResponseOnce(
    JSON.stringify({
      token: "connect-token-with-redirects",
      expires_at: "2024-01-01T00:00:00Z",
    }),
    {
      headers: {
        "Content-Type": "application/json",
      },
    },
  );

  client = new ServerClient({
    publicKey: "test-public-key",
    secretKey: "test-secret-key",
  });

  const result = await client.connectTokenCreate({
    external_user_id: "user-id",
    success_redirect_uri: "https://example.com/success",
    error_redirect_uri: "https://example.com/error",
  });

  expect(result).toEqual({
    token: "connect-token-with-redirects",
    expires_at: "2024-01-01T00:00:00Z",
  });
  expect(fetchMock).toHaveBeenCalledWith(
    "https://api.pipedream.com/v1/connect/tokens",
    expect.objectContaining({
      method: "POST",
      body: JSON.stringify({
        external_user_id: "user-id",
        external_id: "user-id",
        success_redirect_uri: "https://example.com/success",
        error_redirect_uri: "https://example.com/error",
      }),
      headers: expect.objectContaining({
        "Authorization": expect.any(String),
        "Content-Type": "application/json",
      }),
    }),
  );
});