Merge pull request #8901 from ever-co/fix/zapier-plugin-integration

[Improvement] Set polling URL, dynamic dropdowns and improve OAuth authorization

Author: rahul-rocket

Diff for: .env.compose

@@ -149,6 +149,12 @@ GAUZY_ZAPIER_CLIENT_ID=XXXXXXXXX
 GAUZY_ZAPIER_CLIENT_SECRET=XXXXXXX
 GAUZY_ZAPIER_REDIRECT_URL=http://localhost:3000/api/integration/zapier/oauth/callback
 GAUZY_ZAPIER_POST_INSTALL_URL="http://localhost:4200/#/pages/integrations/zapier"
+# Comma-separated list of domains allowed for OAuth redirects (security feature)
+GAUZY_ZAPIER_ALLOWED_DOMAINS=gauzy.co,ever.co,staging.gauzy.co,demo.gauzy.co,zapier.com,github.com,upwork.com,hubstaff.com,fiverr.com,api,webapp
+# Maximum number of OAuth authorization codes to store in memory
+GAUZY_ZAPIER_MAX_AUTH_CODES=1000
+# Number of server instances (affects auth code cleanup behavior)
+GAUZY_ZAPIER_INSTANCE_COUNT=1
 
 # Github App Install Integration
 GAUZY_GITHUB_APP_NAME=

Diff for: .env.demo.compose

@@ -151,6 +151,12 @@ GAUZY_ZAPIER_CLIENT_ID=XXXXXXXXX
 GAUZY_ZAPIER_CLIENT_SECRET=XXXXXXX
 GAUZY_ZAPIER_REDIRECT_URL=http://localhost:3000/api/integration/zapier/oauth/callback
 GAUZY_ZAPIER_POST_INSTALL_URL="http://localhost:4200/#/pages/integrations/zapier"
+# Comma-separated list of domains allowed for OAuth redirects (security feature)
+GAUZY_ZAPIER_ALLOWED_DOMAINS=gauzy.co,ever.co,staging.gauzy.co,demo.gauzy.co,zapier.com,github.com,upwork.com,hubstaff.com,fiverr.com,api,webapp
+# Maximum number of OAuth authorization codes to store in memory
+GAUZY_ZAPIER_MAX_AUTH_CODES=1000
+# Number of server instances (affects auth code cleanup behavior)
+GAUZY_ZAPIER_INSTANCE_COUNT=1
 
 # Github App Install Integration
 GAUZY_GITHUB_APP_NAME=

Diff for: .env.docker

@@ -148,6 +148,12 @@ GAUZY_ZAPIER_CLIENT_ID=XXXXXXXXX
 GAUZY_ZAPIER_CLIENT_SECRET=XXXXXXX
 GAUZY_ZAPIER_REDIRECT_URL=http://localhost:3000/api/integration/zapier/oauth/callback
 GAUZY_ZAPIER_POST_INSTALL_URL="http://localhost:4200/#/pages/integrations/zapier"
+# Comma-separated list of domains allowed for OAuth redirects (security feature)
+GAUZY_ZAPIER_ALLOWED_DOMAINS=gauzy.co,ever.co,staging.gauzy.co,demo.gauzy.co,zapier.com,github.com,upwork.com,hubstaff.com,fiverr.com,api,webapp
+# Maximum number of OAuth authorization codes to store in memory
+GAUZY_ZAPIER_MAX_AUTH_CODES=1000
+# Number of server instances (affects auth code cleanup behavior)
+GAUZY_ZAPIER_INSTANCE_COUNT=1
 
 # Github App Install Integration
 GAUZY_GITHUB_APP_NAME=

Diff for: .env.local

@@ -165,6 +165,12 @@ GAUZY_ZAPIER_CLIENT_ID=
 GAUZY_ZAPIER_CLIENT_SECRET=
 GAUZY_ZAPIER_REDIRECT_URL=http://localhost:3000/api/integration/zapier/oauth/callback
 GAUZY_ZAPIER_POST_INSTALL_URL="http://localhost:4200/#/pages/integrations/zapier"
+# Comma-separated list of domains allowed for OAuth redirects (security feature)
+GAUZY_ZAPIER_ALLOWED_DOMAINS=gauzy.co,ever.co,staging.gauzy.co,demo.gauzy.co,zapier.com,github.com,upwork.com,hubstaff.com,fiverr.com,api,webapp
+# Maximum number of OAuth authorization codes to store in memory
+GAUZY_ZAPIER_MAX_AUTH_CODES=1000
+# Number of server instances (affects auth code cleanup behavior)
+GAUZY_ZAPIER_INSTANCE_COUNT=1
 
 # Third Party Integration Config
 INTEGRATED_USER_DEFAULT_PASS=

Diff for: .env.sample

@@ -153,6 +153,12 @@ GAUZY_ZAPIER_CLIENT_ID=XXXXXXXXX
 GAUZY_ZAPIER_CLIENT_SECRET=XXXXXXX
 GAUZY_ZAPIER_REDIRECT_URL=http://localhost:3000/api/integration/zapier/oauth/callback
 GAUZY_ZAPIER_POST_INSTALL_URL="http://localhost:4200/#/pages/integrations/zapier"
+# Comma-separated list of domains allowed for OAuth redirects (security feature)
+GAUZY_ZAPIER_ALLOWED_DOMAINS=gauzy.co,ever.co,staging.gauzy.co,demo.gauzy.co,zapier.com,github.com,upwork.com,hubstaff.com,fiverr.com,api,webapp
+# Maximum number of OAuth authorization codes to store in memory
+GAUZY_ZAPIER_MAX_AUTH_CODES=1000
+# Number of server instances (affects auth code cleanup behavior)
+GAUZY_ZAPIER_INSTANCE_COUNT=1
 
 FIVERR_CLIENT_ID=XXXXXXX
 FIVERR_CLIENT_SECRET=XXXXXXX

Diff for: .scripts/icon-utils/icon-factory.ts

@@ -1,11 +1,12 @@
 import * as dotenv from 'dotenv';
+dotenv.config();
+
 import { PlatformLogoGenerator } from './concrete-generators/platform-logo-generator';
 import { DesktopIconGenerator } from './concrete-generators/desktop-icon-generator';
 import { DesktopDefaultIconGenerator } from './concrete-generators/desktop-default-icon-generator';
 import { NoInternetLogoGenerator } from './concrete-generators/no-internet-logo-generator';
 import { DesktopEnvironmentManager } from '../electron-desktop-environment/desktop-environment-manager';
 
-dotenv.config();
 
 export class IconFactory {
 	public static async generateDefaultIcons(): Promise<void> {

Diff for: packages/common/src/lib/interfaces/IZapierConfig.ts

@@ -8,9 +8,18 @@ export interface IZapierConfig {
 	/** OAuth client secret provided by Zapier for secure authentication */
 	readonly clientSecret: string;
 
+	/** Allowed domains for Zapier OAuth redirects */
+	readonly allowedDomains: string[];
+
 	/** URI where Zapier will redirect after successful OAuth authorization */
 	readonly redirectUri: string;
 
 	/** Optional URL where users will be directed after installing the Zapier integration */
 	readonly postInstallUrl?: string;
+
+	/** Max authentication code number */
+	readonly maxAuthCodes?: number;
+
+	/** Instance count for periodic cleanup */
+	readonly instanceCount?: boolean | number;
 }

Diff for: packages/config/src/lib/config/index.ts

@@ -8,8 +8,9 @@ import microsoft from './microsoft';
 import setting from './setting';
 import twitter from './twitter';
 import jira from './jira';
+import zapier from './zapier';
 
 /**
  * This array contains individual configuration modules for different social login providers.
  */
-export default [app, facebook, github, google, keycloak, linkedin, microsoft, setting, twitter, jira];
+export default [app, facebook, github, google, keycloak, linkedin, microsoft, setting, twitter, jira, zapier];

Diff for: packages/config/src/lib/config/zapier.ts

@@ -4,20 +4,33 @@ import { IZapierConfig } from '@gauzy/common';
 /**
  * Register Zapier OAuth configuration using @nestjs/config
  */
+export default registerAs(
+	'zapier',
+	(): IZapierConfig => ({
+		// Zapier OAuth Client ID
+		clientId: process.env.GAUZY_ZAPIER_CLIENT_ID,
 
-export default registerAs (
-    'zapier',
-    (): IZapierConfig => ({
-        // Zapier OAuth Client ID
-        clientId: process.env.GAUZY_ZAPIER_CLIENT_ID || '',
+		// Zapier OAuth Client Secret
+		clientSecret: process.env.GAUZY_ZAPIER_CLIENT_SECRET,
 
-        // Zapier OAuth Client Secret
-        clientSecret: process.env.GAUZY_ZAPIER_CLIENT_SECRET || '',
+		// Zapier max auth codes
+		maxAuthCodes: Number.parseInt(process.env.GAUZY_ZAPIER_MAX_AUTH_CODES) || 1000,
 
-        // Zapier Redirected URI after successful authentication
-        redirectUri: process.env.GAUZY_ZAPIER_REDIRECT_URL || '',
+		// Zapier instance count
+		instanceCount: Number.parseInt(process.env.GAUZY_ZAPIER_INSTANCE_COUNT) || 1,
 
-        // Zapier post install URL
-        postInstallUrl: process.env.GAUZY_ZAPIER_POST_INSTALL_URL || ''
-    })
+		// Zapier allowed domains
+		allowedDomains: (process.env.GAUZY_ZAPIER_ALLOWED_DOMAINS ?? '')
+			.split(',')
+			.map((d) => d.trim())
+			.filter(Boolean),
+
+		// Zapier Redirected URI after successful authentication
+		redirectUri: process.env.GAUZY_ZAPIER_REDIRECT_URL || '',
+
+		// Zapier post install URL
+		postInstallUrl:
+			process.env.GAUZY_ZAPIER_POST_INSTALL_URL ??
+			`${process.env.CLIENT_BASE_URL ?? ''}/#/pages/integrations/zapier`
+	})
 );

Diff for: packages/config/src/lib/environments/environment.prod.ts

@@ -200,6 +200,12 @@ export const environment: IEnvironment = {
 	zapier: {
 		clientId: process.env.GAUZY_ZAPIER_CLIENT_ID,
 		clientSecret: process.env.GAUZY_ZAPIER_CLIENT_SECRET,
+		allowedDomains: (process.env.GAUZY_ZAPIER_ALLOWED_DOMAINS ?? process.env.GAUZY_ALLOWED_DOMAINS ?? '')
+			.split(',')
+			.map((d) => d.trim())
+			.filter(Boolean),
+		maxAuthCodes: Number.parseInt(process.env.GAUZY_ZAPIER_MAX_AUTH_CODES) || 1000,
+		instanceCount: process.env.GAUZY_ZAPIER_INSTANCE_COUNT === 'true',
 		redirectUri:
 			process.env.GAUZY_ZAPIER_REDIRECT_URL || `${process.env.API_BASE_URL}/api/integrations/zapier/callback`,
 		postInstallUrl:

Diff for: packages/config/src/lib/environments/environment.ts

@@ -200,6 +200,12 @@ export const environment: IEnvironment = {
 	zapier: {
 		clientId: process.env.GAUZY_ZAPIER_CLIENT_ID,
 		clientSecret: process.env.GAUZY_ZAPIER_CLIENT_SECRET,
+		allowedDomains: (process.env.GAUZY_ZAPIER_ALLOWED_DOMAINS ?? process.env.GAUZY_ALLOWED_DOMAINS ?? '')
+			.split(',')
+			.filter(Boolean)
+			.map((domain) => domain.trim()),
+		maxAuthCodes: Number.parseInt(process.env.GAUZY_ZAPIER_MAX_AUTH_CODES) || 1000,
+		instanceCount: process.env.GAUZY_ZAPIER_INSTANCE_COUNT === 'true',
 		redirectUri:
 			process.env.GAUZY_ZAPIER_REDIRECT_URL || `${process.env.API_BASE_URL}/api/integrations/zapier/callback`,
 		postInstallUrl:

Diff for: packages/config/src/lib/environments/ienvironment.ts

@@ -17,8 +17,8 @@ import {
 	IWasabiConfig,
 	IJiraIntegrationConfig,
 	IDigitalOceanConfig,
-	IZapierConfig,
-	IPosthogConfig
+	IPosthogConfig,
+	IZapierConfig
 } from '@gauzy/common';
 import { FileStorageProviderEnum } from '@gauzy/contracts';
 

Diff for: packages/contracts/src/index.ts

@@ -150,7 +150,6 @@ export * from './lib/user-organization.model';
 export * from './lib/user.model';
 export * from './lib/wakatime.model';
 export * from './lib/plugin.model';
-export * from './lib/zapier.model';
 
 export {
 	ActorTypeEnum,

Diff for: packages/contracts/src/lib/zapier.model.ts

@@ -148,7 +148,6 @@ export class AuthController {
 	async login(@Body() input: UserLoginDTO): Promise<IAuthResponse | null> {
 		return await this.commandBus.execute(new AuthLoginCommand(input));
 	}
-
 	/**
 	 * Sign in workspaces by email and password.
 	 *

Diff for: packages/core/src/lib/auth/auth.controller.ts

@@ -1,7 +1,7 @@
 import { ApiProperty } from '@nestjs/swagger';
 import { IsString, IsNotEmpty, IsIn } from 'class-validator';
-import { ICreateZapierIntegrationInput, ZapierGrantType } from '@gauzy/contracts';
 import { TenantOrganizationBaseDTO } from '@gauzy/core';
+import { ICreateZapierIntegrationInput, ZapierGrantType } from '../zapier.types';
 
 export class CreateZapierIntegrationDto extends TenantOrganizationBaseDTO implements ICreateZapierIntegrationInput {
 	@ApiProperty({ type: () => String })

Diff for: packages/plugins/integration-zapier/src/lib/dto/create-zapier-integration.dto.ts

@@ -0,0 +1,4 @@
+import { ZapierTimerStartedHandler } from './zapier-timer-started.handler';
+import { ZapierTimerStoppedHandler } from './zapier-timer-stopped.handler';
+
+export const EventHandlers = [ZapierTimerStartedHandler, ZapierTimerStoppedHandler];

Diff for: packages/plugins/integration-zapier/src/lib/handlers/index.ts

@@ -0,0 +1,30 @@
+import { EventsHandler, IEventHandler } from '@nestjs/cqrs';
+import { Injectable } from '@nestjs/common';
+import { TimerStartedEvent } from '@gauzy/core';
+import { ZapierWebhookService } from '../zapier-webhook.service';
+
+@Injectable()
+@EventsHandler(TimerStartedEvent)
+export class ZapierTimerStartedHandler implements IEventHandler<TimerStartedEvent> {
+    constructor(private readonly zapierWebhookService: ZapierWebhookService) { }
+
+    /**
+     * Handles the TimerStartedEvent by notifying Zapier webhooks
+     *
+     * @param event - The TimerStartedEvent that contains the time log details
+     * @returns A Promise that resolves once the webhooks are notified
+     */
+    async handle(event: TimerStartedEvent): Promise<void> {
+        const timeLog = event.timeLog;
+        if (!timeLog.tenantId || !timeLog.organizationId) {
+            console.warn('Cannot process timer started event: missing tenantId or organizationId')
+        }
+        await this.zapierWebhookService.notifyTimerStatusChanged({
+            event: 'timer.status.changed',
+            action: 'start',
+            data: timeLog,
+            tenantId: timeLog.tenantId,
+            organizationId: timeLog.organizationId
+        });
+    }
+}

Diff for: packages/plugins/integration-zapier/src/lib/handlers/zapier-timer-started.handler.ts

@@ -0,0 +1,31 @@
+import { EventsHandler, IEventHandler } from '@nestjs/cqrs';
+import { Injectable } from '@nestjs/common';
+import { TimerStoppedEvent } from '@gauzy/core';
+import { ZapierWebhookService } from '../zapier-webhook.service';
+
+@Injectable()
+@EventsHandler(TimerStoppedEvent)
+export class ZapierTimerStoppedHandler implements IEventHandler<TimerStoppedEvent> {
+    constructor(private readonly zapierWebhookService: ZapierWebhookService) {}
+
+    /**
+     * Handles the TimerStoppedEvent by notifying Zapier webhooks
+     *
+     * @param event - The TimerStoppedEvent that contains the time log details.
+     * @returns A Promise that resolves once the webhooks are notified
+     */
+    async handle(event: TimerStoppedEvent): Promise<void> {
+        const timeLog = event.timeLog;
+        if (!timeLog.tenantId || !timeLog.organizationId) {
+            console.warn('Cannot process timer stopped event: missing tenantId or organizationId')
+            return;
+        }
+        await this.zapierWebhookService.notifyTimerStatusChanged({
+            event: 'timer.status.changed',
+            action: 'stop',
+            data: timeLog,
+            tenantId: timeLog.tenantId,
+            organizationId: timeLog.organizationId
+        });
+    }
+}

Diff for: packages/plugins/integration-zapier/src/lib/handlers/zapier-timer-stopped.handler.ts

@@ -1,16 +1,10 @@
 import { Logger } from '@nestjs/common';
-import * as chalk from 'chalk';
-import { ApplicationPluginConfig, CustomEmbeddedFieldConfig, CustomEmbeddedFields } from '@gauzy/common';
+import { ConfigService } from '@nestjs/config';
+import { ApplicationPluginConfig, CustomEmbeddedFieldConfig } from '@gauzy/common';
 import { GauzyCorePlugin as Plugin, IOnPluginBootstrap, IOnPluginDestroy } from '@gauzy/plugin';
 import { ZapierModule } from './zapier.module';
 import { ZapierWebhookSubscription } from './zapier-webhook-subscription.entity';
 
-// Extend the CustomEmbeddedFields interface to include our custom entities
-interface ZapierCustomFields extends CustomEmbeddedFields {
-	IntegrationSetting?: CustomEmbeddedFieldConfig[];
-	ZapierWebhookSubscription?: CustomEmbeddedFieldConfig[];
-}
-
 @Plugin({
 	/**
 	 * An array of modules that will be imported and registered with the plugin.
@@ -78,25 +72,33 @@ interface ZapierCustomFields extends CustomEmbeddedFields {
 	}
 })
 export class IntegrationZapierPlugin implements IOnPluginBootstrap, IOnPluginDestroy {
-	// We enable by default additional logging for each event to avoid cluttering the logs
-	private logEnabled = true;
+	private readonly logger = new Logger(IntegrationZapierPlugin.name);
+
+	constructor(private readonly _config: ConfigService) {}
 
 	/**
-	 * Called when the plugin is being initialized.
+	 * Lifecycle hook invoked during the plugin's bootstrap phase.
+	 * Validates essential Zapier OAuth configurations and logs the API base URL.
 	 */
-	onPluginBootstrap(): void | Promise<void> {
-		if (this.logEnabled) {
-			console.log(chalk.green(`${IntegrationZapierPlugin.name} is being bootstrapped...`));
+	onPluginBootstrap(): void {
+		this.logger.log(`${IntegrationZapierPlugin.name} is being bootstrapped...`);
+
+		const clientId = this._config.get<string>('zapier.clientId');
+		const clientSecret = this._config.get<string>('zapier.clientSecret');
+
+		if (!clientId || !clientSecret) {
+			this.logger.warn(
+				'Zapier OAuth credentials are not fully configured. Please set GAUZY_ZAPIER_CLIENT_ID and GAUZY_ZAPIER_CLIENT_SECRET.'
+			);
+		} else {
+			this.logger.log('Zapier OAuth credentials are configured successfully.');
 		}
 	}
 
 	/**
 	 * Called when the plugin is being destroyed.
 	 */
 	onPluginDestroy(): void | Promise<void> {
-		if (this.logEnabled) {
-			const logger = new Logger(IntegrationZapierPlugin.name);
-			logger.log(`${IntegrationZapierPlugin.name} is being destroyed...`)
-		}
+		this.logger.log(`${IntegrationZapierPlugin.name} is being destroyed...`);
 	}
 }