Salesforce oAuth backend. (#7212)

Author: Dmytro

airbyte-oauth/src/main/java/io/airbyte/oauth/OAuthImplementationFactory.java

@@ -7,6 +7,7 @@
 import com.google.common.collect.ImmutableMap;
 import io.airbyte.config.persistence.ConfigRepository;
 import io.airbyte.oauth.flows.AsanaOAuthFlow;
+import io.airbyte.oauth.flows.SalesforceOAuthFlow;
 import io.airbyte.oauth.flows.FacebookMarketingOAuthFlow;
 import io.airbyte.oauth.flows.TrelloOAuthFlow;
 import io.airbyte.oauth.flows.google.GoogleAdsOAuthFlow;
@@ -25,6 +26,7 @@ public OAuthImplementationFactory(final ConfigRepository configRepository) {
         .put("airbyte/source-google-ads", new GoogleAdsOAuthFlow(configRepository))
         .put("airbyte/source-google-analytics-v4", new GoogleAnalyticsOAuthFlow(configRepository))
         .put("airbyte/source-google-search-console", new GoogleSearchConsoleOAuthFlow(configRepository))
+        .put("airbyte/source-salesforce", new SalesforceOAuthFlow(configRepository))
         .put("airbyte/source-trello", new TrelloOAuthFlow(configRepository))
         .build();
   }

airbyte-oauth/src/main/java/io/airbyte/oauth/flows/SalesforceOAuthFlow.java

@@ -0,0 +1,76 @@
+/*
+ * Copyright (c) 2021 Airbyte, Inc., all rights reserved.
+ */
+
+package io.airbyte.oauth.flows;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.annotations.VisibleForTesting;
+import com.google.common.collect.ImmutableMap;
+import io.airbyte.commons.json.Jsons;
+import io.airbyte.config.persistence.ConfigRepository;
+import io.airbyte.oauth.BaseOAuthFlow;
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.net.http.HttpClient;
+import java.util.Map;
+import java.util.UUID;
+import java.util.function.Supplier;
+import org.apache.http.client.utils.URIBuilder;
+
+/**
+ * Following docs from https://help.salesforce.com/s/articleView?language=en_US&id=sf.remoteaccess_oauth_web_server_flow.htm
+ */
+public class SalesforceOAuthFlow extends BaseOAuthFlow {
+
+  private static final String AUTHORIZE_URL = "https://login.salesforce.com/services/oauth2/authorize";
+  private static final String ACCESS_TOKEN_URL = "https://login.salesforce.com/services/oauth2/token";
+
+  public SalesforceOAuthFlow(ConfigRepository configRepository) {
+    super(configRepository);
+  }
+
+  @VisibleForTesting
+  SalesforceOAuthFlow(ConfigRepository configRepository, HttpClient httpClient, Supplier<String> stateSupplier) {
+    super(configRepository, httpClient, stateSupplier);
+  }
+
+  @Override
+  protected String formatConsentUrl(UUID definitionId, String clientId, String redirectUrl) throws IOException {
+    try {
+      return new URIBuilder(AUTHORIZE_URL)
+          .addParameter("client_id", clientId)
+          .addParameter("redirect_uri", redirectUrl)
+          .addParameter("response_type", "code")
+          .addParameter("state", getState())
+          .build().toString();
+    } catch (URISyntaxException e) {
+      throw new IOException("Failed to format Consent URL for OAuth flow", e);
+    }
+  }
+
+  @Override
+  protected String getAccessTokenUrl() {
+    return ACCESS_TOKEN_URL;
+  }
+
+  @Override
+  protected Map<String, String> getAccessTokenQueryParameters(String clientId, String clientSecret, String authCode, String redirectUrl) {
+    return ImmutableMap.<String, String>builder()
+        .putAll(super.getAccessTokenQueryParameters(clientId, clientSecret, authCode, redirectUrl))
+        .put("grant_type", "authorization_code")
+        .build();
+  }
+
+  @Override
+  protected Map<String, Object> extractRefreshToken(JsonNode data) throws IOException {
+    System.out.println(Jsons.serialize(data));
+    if (data.has("refresh_token")) {
+      final String refreshToken = data.get("refresh_token").asText();
+      return Map.of("refresh_token", refreshToken);
+    } else {
+      throw new IOException(String.format("Missing 'refresh_token' in query params from %s", ACCESS_TOKEN_URL));
+    }
+  }
+
+}

airbyte-oauth/src/test-integration/java/io.airbyte.oauth.flows/SalesforceOAuthFlowIntegrationTest.java

@@ -0,0 +1,171 @@
+/*
+ * Copyright (c) 2021 Airbyte, Inc., all rights reserved.
+ */
+
+package io.airbyte.oauth.flows;
+
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.collect.ImmutableMap;
+import com.sun.net.httpserver.HttpExchange;
+import com.sun.net.httpserver.HttpHandler;
+import com.sun.net.httpserver.HttpServer;
+import io.airbyte.commons.json.Jsons;
+import io.airbyte.config.SourceOAuthParameter;
+import io.airbyte.config.persistence.ConfigNotFoundException;
+import io.airbyte.config.persistence.ConfigRepository;
+import io.airbyte.validation.json.JsonValidationException;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.net.InetSocketAddress;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class SalesforceOAuthFlowIntegrationTest {
+
+  private static final Logger LOGGER = LoggerFactory.getLogger(SalesforceOAuthFlowIntegrationTest.class);
+  private static final String REDIRECT_URL = "http://localhost:8000/code";
+  private static final Path CREDENTIALS_PATH = Path.of("secrets/salesforce.json");
+
+  private ConfigRepository configRepository;
+  private SalesforceOAuthFlow salesforceOAuthFlow;
+  private HttpServer server;
+  private ServerHandler serverHandler;
+
+  @BeforeEach
+  public void setup() throws IOException {
+    if (!Files.exists(CREDENTIALS_PATH)) {
+      throw new IllegalStateException(
+          "Must provide path to a oauth credentials file.");
+    }
+    configRepository = mock(ConfigRepository.class);
+    salesforceOAuthFlow = new SalesforceOAuthFlow(configRepository);
+
+    server = HttpServer.create(new InetSocketAddress(8000), 0);
+    server.setExecutor(null); // creates a default executor
+    server.start();
+    serverHandler = new ServerHandler("code");
+    server.createContext("/code", serverHandler);
+  }
+
+  @AfterEach
+  void tearDown() {
+    server.stop(1);
+  }
+
+  @Test
+  public void testFullSalesforceOAuthFlow() throws InterruptedException, ConfigNotFoundException, IOException, JsonValidationException {
+    int limit = 20;
+    final UUID workspaceId = UUID.randomUUID();
+    final UUID definitionId = UUID.randomUUID();
+    final String fullConfigAsString = new String(Files.readAllBytes(CREDENTIALS_PATH));
+    final JsonNode credentialsJson = Jsons.deserialize(fullConfigAsString);
+    final String clientId = credentialsJson.get("client_id").asText();
+    when(configRepository.listSourceOAuthParam()).thenReturn(List.of(new SourceOAuthParameter()
+        .withOauthParameterId(UUID.randomUUID())
+        .withSourceDefinitionId(definitionId)
+        .withWorkspaceId(workspaceId)
+        .withConfiguration(Jsons.jsonNode(ImmutableMap.builder()
+            .put("client_id", clientId)
+            .put("client_secret", credentialsJson.get("client_secret").asText())
+            .build()))));
+    final String url = salesforceOAuthFlow.getSourceConsentUrl(workspaceId, definitionId, REDIRECT_URL);
+    LOGGER.info("Waiting for user consent at: {}", url);
+    // TODO: To automate, start a selenium job to navigate to the Consent URL and click on allowing
+    // access...
+    while (!serverHandler.isSucceeded() && limit > 0) {
+      Thread.sleep(1000);
+      limit -= 1;
+    }
+    assertTrue(serverHandler.isSucceeded(), "Failed to get User consent on time");
+    final Map<String, Object> params = salesforceOAuthFlow.completeSourceOAuth(workspaceId, definitionId,
+        Map.of("code", serverHandler.getParamValue()), REDIRECT_URL);
+    LOGGER.info("Response from completing OAuth Flow is: {}", params.toString());
+    assertTrue(params.containsKey("refresh_token"));
+    assertTrue(params.get("refresh_token").toString().length() > 0);
+  }
+
+  static class ServerHandler implements HttpHandler {
+
+    final private String expectedParam;
+    private Map responseQuery;
+    private String paramValue;
+    private boolean succeeded;
+
+    public ServerHandler(String expectedParam) {
+      this.expectedParam = expectedParam;
+      this.paramValue = "";
+      this.succeeded = false;
+    }
+
+    public boolean isSucceeded() {
+      return succeeded;
+    }
+
+    public String getParamValue() {
+      return paramValue;
+    }
+
+    public Map getResponseQuery() {
+      return responseQuery;
+    }
+
+    @Override
+    public void handle(HttpExchange t) {
+      final String query = t.getRequestURI().getQuery();
+      LOGGER.info("Received query: '{}'", query);
+      final Map<String, String> data;
+      try {
+        data = deserialize(query);
+        final String response;
+        if (data != null && data.containsKey(expectedParam)) {
+          paramValue = data.get(expectedParam);
+          response = String.format("Successfully extracted %s:\n'%s'\nTest should be continuing the OAuth Flow to retrieve the refresh_token...",
+              expectedParam, paramValue);
+          responseQuery = data;
+          LOGGER.info(response);
+          t.sendResponseHeaders(200, response.length());
+          succeeded = true;
+        } else {
+          response = String.format("Unable to parse query params from redirected url: %s", query);
+          t.sendResponseHeaders(500, response.length());
+        }
+        final OutputStream os = t.getResponseBody();
+        os.write(response.getBytes());
+        os.close();
+      } catch (RuntimeException | IOException e) {
+        LOGGER.error("Failed to parse from body {}", query, e);
+      }
+    }
+
+    private static Map<String, String> deserialize(String query) {
+      if (query == null) {
+        return null;
+      }
+      final Map<String, String> result = new HashMap<>();
+      for (String param : query.split("&")) {
+        String[] entry = param.split("=", 2);
+        if (entry.length > 1) {
+          result.put(entry[0], entry[1]);
+        } else {
+          result.put(entry[0], "");
+        }
+      }
+      return result;
+    }
+
+  }
+
+}

airbyte-oauth/src/test/java/io/airbyte/oauth/flows/SalesforceOAuthFlowTest.java

@@ -0,0 +1,80 @@
+/*
+ * Copyright (c) 2021 Airbyte, Inc., all rights reserved.
+ */
+
+package io.airbyte.oauth.flows;
+
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+import com.google.common.collect.ImmutableMap;
+import io.airbyte.commons.json.Jsons;
+import io.airbyte.config.SourceOAuthParameter;
+import io.airbyte.config.persistence.ConfigNotFoundException;
+import io.airbyte.config.persistence.ConfigRepository;
+import io.airbyte.validation.json.JsonValidationException;
+import java.io.IOException;
+import java.net.http.HttpClient;
+import java.net.http.HttpResponse;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+public class SalesforceOAuthFlowTest {
+
+  private UUID workspaceId;
+  private UUID definitionId;
+  private ConfigRepository configRepository;
+  private SalesforceOAuthFlow salesforceoAuthFlow;
+  private HttpClient httpClient;
+
+  private static final String REDIRECT_URL = "https://airbyte.io";
+
+  private static String getConstantState() {
+    return "state";
+  }
+
+  @BeforeEach
+  public void setup() throws IOException, JsonValidationException {
+    workspaceId = UUID.randomUUID();
+    definitionId = UUID.randomUUID();
+    configRepository = mock(ConfigRepository.class);
+    httpClient = mock(HttpClient.class);
+    when(configRepository.listSourceOAuthParam()).thenReturn(List.of(new SourceOAuthParameter()
+        .withOauthParameterId(UUID.randomUUID())
+        .withSourceDefinitionId(definitionId)
+        .withWorkspaceId(workspaceId)
+        .withConfiguration(Jsons.jsonNode(ImmutableMap.builder()
+            .put("client_id", "test_client_id")
+            .put("client_secret", "test_client_secret")
+            .build()))));
+    salesforceoAuthFlow = new SalesforceOAuthFlow(configRepository, httpClient, SalesforceOAuthFlowTest::getConstantState);
+
+  }
+
+  @Test
+  public void testGetSourceConcentUrl() throws IOException, InterruptedException, ConfigNotFoundException {
+    final String concentUrl =
+        salesforceoAuthFlow.getSourceConsentUrl(workspaceId, definitionId, REDIRECT_URL);
+    assertEquals(concentUrl,
+        "https://login.salesforce.com/services/oauth2/authorize?client_id=test_client_id&redirect_uri=https%3A%2F%2Fairbyte.io&response_type=code&state=state");
+  }
+
+  @Test
+  public void testCompleteSourceOAuth() throws IOException, JsonValidationException, InterruptedException, ConfigNotFoundException {
+
+    Map<String, String> returnedCredentials = Map.of("refresh_token", "refresh_token_response");
+    final HttpResponse response = mock(HttpResponse.class);
+    when(response.body()).thenReturn(Jsons.serialize(returnedCredentials));
+    when(httpClient.send(any(), any())).thenReturn(response);
+    final Map<String, Object> queryParams = Map.of("code", "test_code");
+    final Map<String, Object> actualQueryParams =
+        salesforceoAuthFlow.completeSourceOAuth(workspaceId, definitionId, queryParams, REDIRECT_URL);
+    assertEquals(Jsons.serialize(returnedCredentials), Jsons.serialize(actualQueryParams));
+  }
+
+}