feat(frontend,backend): fix google auth and add gmail, sheets (#8236)

Co-authored-by: Reinier van der Leer <[email protected]>

autogpt_platform/autogpt_libs/autogpt_libs/supabase_integration_credentials_store/store.py

@@ -81,12 +81,17 @@ def delete_creds_by_id(self, user_id: str, credentials_id: str) -> None:
         ]
         self._set_user_integration_creds(user_id, filtered_credentials)
 
-    async def store_state_token(self, user_id: str, provider: str) -> str:
+    async def store_state_token(
+        self, user_id: str, provider: str, scopes: list[str]
+    ) -> str:
         token = secrets.token_urlsafe(32)
         expires_at = datetime.now(timezone.utc) + timedelta(minutes=10)
 
         state = OAuthState(
-            token=token, provider=provider, expires_at=int(expires_at.timestamp())
+            token=token,
+            provider=provider,
+            expires_at=int(expires_at.timestamp()),
+            scopes=scopes,
         )
 
         user_metadata = self._get_user_metadata(user_id)
@@ -100,6 +105,36 @@ async def store_state_token(self, user_id: str, provider: str) -> str:
 
         return token
 
+    async def get_any_valid_scopes_from_state_token(
+        self, user_id: str, token: str, provider: str
+    ) -> list[str]:
+        """
+        Get the valid scopes from the OAuth state token. This will return any valid scopes
+        from any OAuth state token for the given provider. If no valid scopes are found,
+        an empty list is returned. DO NOT RELY ON THIS TOKEN TO AUTHENTICATE A USER, AS IT
+        IS TO CHECK IF THE USER HAS GIVEN PERMISSIONS TO THE APPLICATION BEFORE EXCHANGING
+        THE CODE FOR TOKENS.
+        """
+        user_metadata = self._get_user_metadata(user_id)
+        oauth_states = user_metadata.get("integration_oauth_states", [])
+
+        now = datetime.now(timezone.utc)
+        valid_state = next(
+            (
+                state
+                for state in oauth_states
+                if state["token"] == token
+                and state["provider"] == provider
+                and state["expires_at"] > now.timestamp()
+            ),
+            None,
+        )
+
+        if valid_state:
+            return valid_state.get("scopes", [])
+
+        return []
+
     async def verify_state_token(self, user_id: str, token: str, provider: str) -> bool:
         user_metadata = self._get_user_metadata(user_id)
         oauth_states = user_metadata.get("integration_oauth_states", [])

autogpt_platform/backend/.env.example

@@ -36,6 +36,15 @@ SUPABASE_JWT_SECRET=your-super-secret-jwt-token-with-at-least-32-characters-long
 GITHUB_CLIENT_ID=
 GITHUB_CLIENT_SECRET=
 
+# Google OAuth App server credentials - https://console.cloud.google.com/apis/credentials, and enable gmail api and set scopes
+# https://console.cloud.google.com/apis/credentials/consent ?project=<your_project_id>
+
+# You'll need to add/enable the following scopes (minimum):
+# https://console.developers.google.com/apis/api/gmail.googleapis.com/overview ?project=<your_project_id>
+# https://console.cloud.google.com/apis/library/sheets.googleapis.com/ ?project=<your_project_id>
+GOOGLE_CLIENT_ID=
+GOOGLE_CLIENT_SECRET=
+
 ## ===== OPTIONAL API KEYS ===== ##
 
 # LLM

autogpt_platform/backend/backend/blocks/csv.py

@@ -24,7 +24,7 @@ def __init__(self):
             output_schema=ReadCsvBlock.Output,
             description="Reads a CSV file and outputs the data as a list of dictionaries and individual rows via rows.",
             contributors=[ContributorDetails(name="Nicholas Tindle")],
-            categories={BlockCategory.TEXT},
+            categories={BlockCategory.TEXT, BlockCategory.DATA},
             test_input={
                 "contents": "a, b, c\n1,2,3\n4,5,6",
             },

autogpt_platform/backend/backend/blocks/google/_auth.py

@@ -0,0 +1,53 @@
+from typing import Literal
+
+from autogpt_libs.supabase_integration_credentials_store.types import OAuth2Credentials
+from pydantic import SecretStr
+
+from backend.data.model import CredentialsField, CredentialsMetaInput
+from backend.util.settings import Secrets
+
+secrets = Secrets()
+GOOGLE_OAUTH_IS_CONFIGURED = bool(
+    secrets.google_client_id and secrets.google_client_secret
+)
+
+GoogleCredentials = OAuth2Credentials
+GoogleCredentialsInput = CredentialsMetaInput[Literal["google"], Literal["oauth2"]]
+
+
+def GoogleCredentialsField(scopes: list[str]) -> GoogleCredentialsInput:
+    """
+    Creates a Google credentials input on a block.
+
+    Params:
+        scopes: The authorization scopes needed for the block to work.
+    """
+    return CredentialsField(
+        provider="google",
+        supported_credential_types={"oauth2"},
+        required_scopes=set(scopes),
+        description="The Google integration requires OAuth2 authentication.",
+    )
+
+
+TEST_CREDENTIALS = OAuth2Credentials(
+    id="01234567-89ab-cdef-0123-456789abcdef",
+    provider="google",
+    access_token=SecretStr("mock-google-access-token"),
+    refresh_token=SecretStr("mock-google-refresh-token"),
+    access_token_expires_at=1234567890,
+    scopes=[
+        "https://www.googleapis.com/auth/gmail.readonly",
+        "https://www.googleapis.com/auth/gmail.send",
+    ],
+    title="Mock Google OAuth2 Credentials",
+    username="mock-google-username",
+    refresh_token_expires_at=1234567890,
+)
+
+TEST_CREDENTIALS_INPUT = {
+    "provider": TEST_CREDENTIALS.provider,
+    "id": TEST_CREDENTIALS.id,
+    "type": TEST_CREDENTIALS.type,
+    "title": TEST_CREDENTIALS.title,
+}