feat(server, builder): OAuth support + API key management + GitHub blocks #8044
Conversation
…github-oauth-support-on-blocks
…own through to the node execution
|
This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request. |
github-actions
bot
added
conflicts
✅ Deploy Preview for auto-gpt-docs canceled.
|
…github-oauth-support-on-blocks
github-actions
bot
added
the
conflicts
|
This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request. |
…github-oauth-support-on-blocks
|
Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly. |
github-actions
bot
removed
the
conflicts
There was a problem hiding this comment.
ugh, how about making a blocks/github directory and splitting this up a bit?
There was a problem hiding this comment.
Can do later. For now it's easier to mass-edit them if they're all in one file.
github-actions
bot
added
the
conflicts
|
This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request. |
…github-oauth-support-on-blocks
github-actions
bot
removed
the
conflicts
|
Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly. |
…github-oauth-support-on-blocks
|
Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly. |
github-actions
bot
removed
the
conflicts
…github-oauth-support-on-blocks
## Front end ### UI components - `CredentialsInput` for use on `CustomNode`: allows user to add/select credentials for a service. - `APIKeyCredentialsModal`: a dialog for creating API keys - `OAuth2FlowWaitingModal`: a dialog to indicate that the application is waiting for the user to log in to the 3rd party service in the provided pop-up window - `NodeCredentialsInput`: wrapper for `CredentialsInput` with the "usual" interface of node input components ### Data model - `CredentialsProvider`: introduces the app-level `CredentialsProvidersContext`, which acts as an application-wide store and cache for credentials metadata. - `useCredentials` for use on `CustomNode`: uses `CredentialsProvidersContext` and provides node-specific credential data and provider-specific data/functions - `/auth/integrations/oauth_callback` route to close the loop to the `CredentialsInput` after a user completes sign-in to the external service ### API client - Add `oAuthLogin`, `oAuthCallback` methods - Add types `BlockIOCredentialsSubSchema`, `CredentialsMetaInput` - Add `isAuthenticated` method ## REST API - Tweak output of OAuth `/login` endpoint: add `state_token` separately in response ## Back end - Add `required_scopes` param to `CredentialsField` (`credentials_scopes` in schema) - Add scope requirement (`repo` in all cases) to all GitHub blocks - Add `FRONTEND_BASE_URL` config option, mainly for local development use. --------- Co-authored-by: Reinier van der Leer <[email protected]>
Pwuts
requested review from
Bentlybro and
aarushik93
and removed request for
a team
|
If you read this, this PR works :) |
Pwuts
changed the title
|
@Pwuts how do I run this PR? Are there config settings for supabase needed? |
|
@aarushik93 I have updated the description with additional config instructions:
|
|
Thanks could you please add the new envrionment variables (SUPABASE_KEY) to the appropriate places in the .env.example and docker compose please? |
| @@ -84,7 +84,7 @@ Follow these steps to create and test a new block: | |||
| 5. **Implement the `run` method with error handling:**, this should contain the main logic of the block: | |||
|
|
|||
There was a problem hiding this comment.
For the GitHub integration to work, the back end now needs GITHUB_CLIENT_ID and GITHUB_CLIENT_SECRET
In the docs and readme, can we add a section for "integration blocks" or wtv we are calling them and start adding this kind of information about configuring them?
There was a problem hiding this comment.
I didn't update the README because:
- I want to avoid duplicating documentation
- The extra stuff for credentials technically fits within the summary instructions for adding blocks that's currently in the README
There was a problem hiding this comment.
thanks - what about also adding somewhere - where I go to find client id and secret and API key?
I was thinking we'd just have a subsection somewhere in docs for each integration that just tells you where to go
There was a problem hiding this comment.
cause rn I can't find exactly where to go for the gh client id and secret....
There was a problem hiding this comment.
Added to .env.example: 57afc85
| @@ -36,6 +38,7 @@ class BlockCategory(Enum): | |||
| INPUT = "Block that interacts with input of the graph." | |||
| OUTPUT = "Block that interacts with output of the graph." | |||
| LOGIC = "Programming logic to control the flow of your agent" | |||
| DEVELOPER_TOOLS = "Developer tools like Github." # added this so all the github blocks are in the same category for now, this is to be changed | |||
There was a problem hiding this comment.
what needs to be changed? The desc or the name? I quite like the category name tbh
There was a problem hiding this comment.
It was a suggestion to maybe change the name or description if needed but if its fine and does not need changing then the comment can be removed and it can be kept as is 😄
Pwuts
force-pushed
the
reinier/open-1806-implement-front-to-back-github-oauth-support-on-blocks
branch
2 times, most recently
from
04143db
to
47786f6
Compare
Pwuts
force-pushed
the
reinier/open-1806-implement-front-to-back-github-oauth-support-on-blocks
branch
from
47786f6
to
74138d7
Compare
Pwuts
force-pushed
the
reinier/open-1806-implement-front-to-back-github-oauth-support-on-blocks
branch
from
5c83d97
to
6aea79b
Compare
Changes 🏗️
Config
SUPABASE_URL,SUPABASE_SERVICE_KEY, andSUPABASE_JWT_SECRETSUPABASE_SERVICE_KEYmust be a service role key as the anon key doesn't have sufficient privileges for the operations it's used forGITHUB_CLIENT_IDandGITHUB_CLIENT_SECRETFront end
UI components
CredentialsInputfor use onCustomNode: allows user to add/select credentials for a service.APIKeyCredentialsModal: a dialog for creating API keysOAuth2FlowWaitingModal: a dialog to indicate that the application is waiting for the user to log in to the 3rd party service in the provided pop-up windowNodeCredentialsInput: wrapper forCredentialsInputwith the "usual" interface of node input componentsIconKey,IconKeyPlus,IconUser,IconUserPlusData model
CredentialsProvider: introduces the app-levelCredentialsProvidersContext, which acts as an application-wide store and cache for credentials metadata.useCredentialsfor use onCustomNode: usesCredentialsProvidersContextand provides node-specific credential data and provider-specific data/functions/auth/integrations/oauth_callbackroute to close the loop to theCredentialsInputafter a user completes sign-in to the external serviceBlockIOCredentialsSubSchemaAPI client
isAuthenticatedmethodoAuthLogin,oAuthCallbackcreateAPIKeyCredentials,listCredentials,getCredentials,deleteCredentialsCredentialsMetaResponse,CredentialsMetaInput,OAuth2Credentials,APIKeyCredentialsREST API
/loginendpoint: addstate_tokenseparately in responsePOST /integrations/{provider}/credentials(for API keys)DELETE /integrations/{provider}/credentials/{cred_id}Back end
AppServiceFRONTEND_BASE_URLconfig option, mainly for local development useautogpt_libs.supabase_integration_credentials_storeCredentialsTypealias.bearer()helper methods toAPIKeyCredentialsandOAuth2CredentialsBlocks
CredentialsField(..) -> CredentialsMetaInput**kwargstoBlock.run(..)signature to support additional kwargsExecutor
credentialsfields on blocksPR Quality Scorecard ✨
+2 pts+5 pts+5 pts+5 pts-4 pts+4 pts+5 pts-5 ptsagbenchmarkto verify that these changes do not regress performance?+10 pts