From ffdd2c6ca9132150707e63930df92ee5f11a31a0 Mon Sep 17 00:00:00 2001
From: Nick Hale <4175918+njhale@users.noreply.github.com>
Date: Mon, 16 Dec 2024 17:34:48 -0500
Subject: [PATCH] feat: add atlassian oauth app type and defaults

Signed-off-by: Nick Hale <4175918+njhale@users.noreply.github.com>
---
 apiclient/types/oauthapp.go                   |   1 +
 pkg/gateway/server/oauth_apps.go              |   8 ++
 pkg/gateway/types/oauth_apps.go               |   6 ++
 .../components/oauth-apps/DeleteOAuthApp.tsx  |  20 +++-
 .../components/oauth-apps/OAuthAppDetail.tsx  |  17 ++-
 .../components/oauth-apps/OAuthAppTile.tsx    |  15 ++-
 .../oauth-apps/OAuthAppTypeIcon.tsx           |   9 +-
 ui/admin/app/lib/model/oauthApps/index.ts     |   2 +
 .../app/lib/model/oauthApps/oauth-helpers.ts  |   2 +
 .../model/oauthApps/providers/atlassian.ts    | 102 ++++++++++++++++++
 .../lib/model/oauthApps/providers/google.ts   |   2 +-
 ui/admin/public/assets/atlassian_logo.svg     |  35 ++++++
 12 files changed, 210 insertions(+), 9 deletions(-)
 create mode 100644 ui/admin/app/lib/model/oauthApps/providers/atlassian.ts
 create mode 100644 ui/admin/public/assets/atlassian_logo.svg

diff --git a/apiclient/types/oauthapp.go b/apiclient/types/oauthapp.go
index 1e52404a..190757e5 100644
--- a/apiclient/types/oauthapp.go
+++ b/apiclient/types/oauthapp.go
@@ -1,6 +1,7 @@
 package types
 
 const (
+	OAuthAppTypeAtlassian    OAuthAppType = "atlassian"
 	OAuthAppTypeMicrosoft365 OAuthAppType = "microsoft365"
 	OAuthAppTypeSlack        OAuthAppType = "slack"
 	OAuthAppTypeNotion       OAuthAppType = "notion"
diff --git a/pkg/gateway/server/oauth_apps.go b/pkg/gateway/server/oauth_apps.go
index 41cfed1a..fe4f5f7f 100644
--- a/pkg/gateway/server/oauth_apps.go
+++ b/pkg/gateway/server/oauth_apps.go
@@ -246,6 +246,14 @@ func (s *Server) authorizeOAuthApp(apiContext api.Context) error {
 		q.Set("optional_scope", app.Spec.Manifest.OptionalScope)
 	}
 
+	// Atlassian requires the audience and prompt parameters to be set.
+	// See https://developer.atlassian.com/cloud/jira/platform/oauth-2-3lo-apps/#1--direct-the-user-to-the-authorization-url-to-get-an-authorization-code
+	// for details.
+	if app.Spec.Manifest.Type == types2.OAuthAppTypeAtlassian {
+		q.Set("audience", "api.atlassian.com")
+		q.Set("prompt", "consent")
+	}
+
 	// For Google: access_type=offline instructs Google to return a refresh token and an access token on the initial authorization.
 	// This can be used to refresh the access token when a user is not present at the browser
 	// prompt=consent instructs Google to show the consent screen every time the authorization flow happens so that we get a new refresh token.
diff --git a/pkg/gateway/types/oauth_apps.go b/pkg/gateway/types/oauth_apps.go
index b7bd2c60..7eaf6a53 100644
--- a/pkg/gateway/types/oauth_apps.go
+++ b/pkg/gateway/types/oauth_apps.go
@@ -11,6 +11,9 @@ import (
 )
 
 const (
+	AtlassianAuthorizeURL = "https://auth.atlassian.com/authorize"
+	AtlassianTokenURL     = "https://auth.atlassian.com/oauth/token"
+
 	SlackAuthorizeURL = "https://slack.com/oauth/v2/authorize"
 	SlackTokenURL     = "https://slack.com/api/oauth.v2.access"
 
@@ -44,6 +47,9 @@ func ValidateAndSetDefaultsOAuthAppManifest(r *types.OAuthAppManifest, create bo
 	}
 
 	switch r.Type {
+	case types.OAuthAppTypeAtlassian:
+		r.AuthURL = AtlassianAuthorizeURL
+		r.TokenURL = AtlassianTokenURL
 	case types.OAuthAppTypeMicrosoft365:
 		r.AuthURL = fmt.Sprintf("https://login.microsoftonline.com/%s/oauth2/v2.0/authorize", r.TenantID)
 		r.TokenURL = fmt.Sprintf("https://login.microsoftonline.com/%s/oauth2/v2.0/token", r.TenantID)
diff --git a/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx b/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx
index 0547703c..86a3c0fe 100644
--- a/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx
+++ b/ui/admin/app/components/oauth-apps/DeleteOAuthApp.tsx
@@ -33,16 +33,28 @@ export function DeleteOAuthApp({
         toast.success(`${spec.displayName} OAuth configuration deleted`);
     });
 
+    const title = spec.noGatewayIntegration
+        ? `Delete ${spec.displayName} OAuth`
+        : `Reset ${spec.displayName} OAuth to use Acorn Gateway`;
+
+    const description = spec.noGatewayIntegration
+        ? `By clicking \`Delete\`, you will delete your ${spec.displayName} OAuth configuration.`
+        : `By clicking \`Reset\`, you will delete your custom ${spec.displayName} OAuth configuration and reset to use Acorn Gateway.`;
+
+    const buttonText = spec.noGatewayIntegration
+        ? `Delete ${spec.displayName} OAuth`
+        : `Reset ${spec.displayName} OAuth to use Acorn Gateway`;
+
     return (
         <div className="flex gap-2">
             <Tooltip open={getIsOpen()}>
                 <ConfirmationDialog
-                    title={`Reset ${spec.displayName} OAuth to use Acorn Gateway`}
-                    description={`By clicking \`Reset\`, you will delete your custom ${spec.displayName} OAuth configuration and reset to use Acorn Gateway.`}
+                    title={title}
+                    description={description}
                     onConfirm={deleteOAuthApp.execute}
                     confirmProps={{
                         variant: "destructive",
-                        children: "Reset",
+                        children: buttonText,
                     }}
                 >
                     <TooltipTrigger asChild>
@@ -54,7 +66,7 @@ export function DeleteOAuthApp({
                             {deleteOAuthApp.isLoading ? (
                                 <LoadingSpinner className="w-4 h-4 mr-2" />
                             ) : null}
-                            Reset {spec.displayName} OAuth to use Acorn Gateway
+                            {buttonText}
                         </Button>
                     </TooltipTrigger>
                 </ConfirmationDialog>
diff --git a/ui/admin/app/components/oauth-apps/OAuthAppDetail.tsx b/ui/admin/app/components/oauth-apps/OAuthAppDetail.tsx
index f3f9e4bf..c29ba189 100644
--- a/ui/admin/app/components/oauth-apps/OAuthAppDetail.tsx
+++ b/ui/admin/app/components/oauth-apps/OAuthAppDetail.tsx
@@ -124,7 +124,22 @@ function EmptyContent({
     spec: OAuthAppSpec;
     onSuccess: () => void;
 }) {
-    return (
+    return spec.noGatewayIntegration ? (
+        <div className="flex flex-col gap-2">
+            <TypographyP>
+                {spec.displayName} OAuth is not configured. You must configure
+                it to enable tools that interact with protected{" "}
+                {spec.displayName} APIs.
+            </TypographyP>
+
+            <TypographyP className="mb-4">
+                You can also configure {spec.displayName} OAuth by clicking the
+                button below.
+            </TypographyP>
+
+            <ConfigureOAuthApp type={spec.type} onSuccess={onSuccess} />
+        </div>
+    ) : (
         <div className="flex flex-col gap-2">
             <TypographyP>
                 {spec.displayName} OAuth is currently enabled. No action is
diff --git a/ui/admin/app/components/oauth-apps/OAuthAppTile.tsx b/ui/admin/app/components/oauth-apps/OAuthAppTile.tsx
index c4f50be4..ef96cc2f 100644
--- a/ui/admin/app/components/oauth-apps/OAuthAppTile.tsx
+++ b/ui/admin/app/components/oauth-apps/OAuthAppTile.tsx
@@ -57,10 +57,22 @@ export function OAuthAppTile({
                                 organization.
                             </TooltipContent>
                         </Tooltip>
+                    ) : info.noGatewayIntegration ? (
+                        <Tooltip>
+                            <TooltipTrigger>
+                                <Badge variant="secondary">
+                                    Not Configured
+                                </Badge>
+                            </TooltipTrigger>
+
+                            <TooltipContent>
+                                OAuth for {displayName} is not configured
+                            </TooltipContent>
+                        </Tooltip>
                     ) : (
                         <Tooltip>
                             <TooltipTrigger>
-                                <Badge variant="secondary">Default</Badge>
+                                <Badge variant="secondary">Default Configured</Badge>
                             </TooltipTrigger>
 
                             <TooltipContent>
@@ -73,7 +85,6 @@ export function OAuthAppTile({
 
                 <OAuthAppDetail type={type} />
             </CardHeader>
-
             <CardContent className="flex-grow flex items-center justify-center">
                 <div className="h-[100px] flex justify-center items-center overflow-clip">
                     <img
diff --git a/ui/admin/app/components/oauth-apps/OAuthAppTypeIcon.tsx b/ui/admin/app/components/oauth-apps/OAuthAppTypeIcon.tsx
index c80da03e..330edd3d 100644
--- a/ui/admin/app/components/oauth-apps/OAuthAppTypeIcon.tsx
+++ b/ui/admin/app/components/oauth-apps/OAuthAppTypeIcon.tsx
@@ -1,11 +1,18 @@
 import { NotionLogoIcon } from "@radix-ui/react-icons";
 import { KeyIcon } from "lucide-react";
-import { FaGithub, FaGoogle, FaMicrosoft, FaSlack } from "react-icons/fa";
+import {
+    FaAtlassian,
+    FaGithub,
+    FaGoogle,
+    FaMicrosoft,
+    FaSlack,
+} from "react-icons/fa";
 
 import { OAuthProvider } from "~/lib/model/oauthApps/oauth-helpers";
 import { cn } from "~/lib/utils";
 
 const IconMap = {
+    [OAuthProvider.Atlassian]: FaAtlassian,
     [OAuthProvider.GitHub]: FaGithub,
     [OAuthProvider.Slack]: FaSlack,
     [OAuthProvider.Google]: FaGoogle,
diff --git a/ui/admin/app/lib/model/oauthApps/index.ts b/ui/admin/app/lib/model/oauthApps/index.ts
index bd4c8589..72573fb7 100644
--- a/ui/admin/app/lib/model/oauthApps/index.ts
+++ b/ui/admin/app/lib/model/oauthApps/index.ts
@@ -2,6 +2,7 @@ import {
     OAuthAppSpec,
     OAuthProvider,
 } from "~/lib/model/oauthApps/oauth-helpers";
+import { AtlassianOAuthApp } from "~/lib/model/oauthApps/providers/atlassian";
 import { GitHubOAuthApp } from "~/lib/model/oauthApps/providers/github";
 import { GoogleOAuthApp } from "~/lib/model/oauthApps/providers/google";
 import { Microsoft365OAuthApp } from "~/lib/model/oauthApps/providers/microsoft365";
@@ -10,6 +11,7 @@ import { SlackOAuthApp } from "~/lib/model/oauthApps/providers/slack";
 import { EntityMeta } from "~/lib/model/primitives";
 
 export const OAuthAppSpecMap = {
+    [OAuthProvider.Atlassian]: AtlassianOAuthApp,
     [OAuthProvider.GitHub]: GitHubOAuthApp,
     [OAuthProvider.Google]: GoogleOAuthApp,
     [OAuthProvider.Microsoft365]: Microsoft365OAuthApp,
diff --git a/ui/admin/app/lib/model/oauthApps/oauth-helpers.ts b/ui/admin/app/lib/model/oauthApps/oauth-helpers.ts
index 118f394a..2fb86f48 100644
--- a/ui/admin/app/lib/model/oauthApps/oauth-helpers.ts
+++ b/ui/admin/app/lib/model/oauthApps/oauth-helpers.ts
@@ -3,6 +3,7 @@ import { ZodObject, ZodType } from "zod";
 import { ApiUrl } from "~/lib/routers/baseRouter";
 
 export const OAuthProvider = {
+    Atlassian: "atlassian",
     GitHub: "github",
     Google: "google",
     Microsoft365: "microsoft365",
@@ -42,6 +43,7 @@ export type OAuthAppSpec = {
     disableConfiguration?: boolean;
     disabledReason?: string;
     invertDark?: boolean;
+    noGatewayIntegration?: boolean;
 };
 
 export function getOAuthLinks(type: OAuthProvider) {
diff --git a/ui/admin/app/lib/model/oauthApps/providers/atlassian.ts b/ui/admin/app/lib/model/oauthApps/providers/atlassian.ts
new file mode 100644
index 00000000..d281a032
--- /dev/null
+++ b/ui/admin/app/lib/model/oauthApps/providers/atlassian.ts
@@ -0,0 +1,102 @@
+import { z } from "zod";
+
+import {
+    OAuthAppSpec,
+    OAuthFormStep,
+    getOAuthLinks,
+} from "~/lib/model/oauthApps/oauth-helpers";
+import { assetUrl } from "~/lib/utils";
+
+const schema = z.object({
+    clientID: z.string().min(1, "Client ID is required"),
+    clientSecret: z.string().min(1, "Client Secret is required"),
+});
+
+const steps: OAuthFormStep<typeof schema.shape>[] = [
+    {
+        type: "markdown",
+        text:
+            "### Step 1: Create a new Atlassian OAuth 2.0 Integration\n" +
+            "- Navigate to [Create a new OAuth 2.0 (3LO) integration](https://developer.atlassian.com/console/myapps/create-3lo-app)\n" +
+            "- Enter `Acorn` as the integration name.\n" +
+            "- Click the checkbox to the terms and conditions.\n" +
+            "- Click the `Create` button.\n",
+    },
+    {
+        type: "markdown",
+        text:
+            "### Step 2: Configure OAuth Scopes\n" +
+            "Configure required OAuth Scopes by completing both sections below.\n",
+    },
+    {
+        type: "sectionGroup",
+        sections: [
+            {
+                title: "User identity API Scopes",
+                steps: [
+                    {
+                        type: "markdown",
+                        text:
+                            "- Navigate to the `Permissions` tab in the sidebar.\n" +
+                            "- Click on the `Add` button for `User identity API`\n" +
+                            "- Click on the `Configure` button for `User identity API`\n" +
+                            "- Click on the `Edit Scopes` button to open the `Edit User identity API` modal.\n" +
+                            "- Click the checkboxes to select the `read:me` and `read:account` scopes.\n" +
+                            "- Click on the `Save` button.\n",
+                    },
+                ],
+            },
+            {
+                title: "Jira API Scopes",
+                steps: [
+                    {
+                        type: "markdown",
+                        text:
+                            "- Navigate to the `Permissions` tab in the sidebar.\n" +
+                            "- Click on the `Add` button for `Jira API`\n" +
+                            "- Click on the `Configure` button for `Jira API`\n" +
+                            "- Click on the `Edit Scopes` button to open the `Edit Jira API` modal.\n" +
+                            "- Click the checkboxes to select the `read:jira-work`, `write:jira-work`, and `read:jira-user` scopes.\n" +
+                            "- Click on the `Save` button.\n",
+                    },
+                ],
+            },
+        ],
+    },
+    {
+        type: "markdown",
+        text:
+            "### Step 3: Configure your OAuth Consent Screen\n" +
+            "- Navigate to the `Authorization` tab in the sidebar.\n" +
+            "- Click on the `Add` button for `OAuth 2.0 (3LO)`.\n" +
+            "- Enter the URL below in the `Callback URL` box and click on the `Save changes` button:\n",
+    },
+    {
+        type: "copy",
+        text: getOAuthLinks("atlassian").redirectURL,
+    },
+    {
+        type: "markdown",
+        text:
+            "### Step 4: Register your OAuth App credentials with Acorn\n" +
+            "- Navigate to the `Settings` tab in the sidebar.\n" +
+            "- Enter the `Client ID` and `Client Secret` from the `Authentication details` section into the fields below\n",
+    },
+    { type: "input", input: "clientID", label: "Client ID" },
+    {
+        type: "input",
+        input: "clientSecret",
+        label: "Client Secret",
+        inputType: "password",
+    },
+];
+
+export const AtlassianOAuthApp = {
+    schema,
+    alias: "atlassian",
+    type: "atlassian",
+    displayName: "Atlassian",
+    logo: assetUrl("/assets/atlassian_logo.svg"),
+    steps: steps,
+    noGatewayIntegration: true,
+} satisfies OAuthAppSpec;
diff --git a/ui/admin/app/lib/model/oauthApps/providers/google.ts b/ui/admin/app/lib/model/oauthApps/providers/google.ts
index e6b250f8..766d61e2 100644
--- a/ui/admin/app/lib/model/oauthApps/providers/google.ts
+++ b/ui/admin/app/lib/model/oauthApps/providers/google.ts
@@ -31,7 +31,7 @@ const steps: OAuthFormStep<typeof schema.shape>[] = [
         type: "markdown",
         text:
             "### Step 1: Create a new Google Project\n" +
-            "- Navigate to the [Credentials](https://console.cloud.google.com/apis/credentials) section of the APIs & Serivces page in your [Google API Dashboard](https://console.cloud.google.com).\n" +
+            "- Navigate to the [Credentials](https://console.cloud.google.com/apis/credentials) section of the APIs & Services page in your [Google API Dashboard](https://console.cloud.google.com).\n" +
             "- If you already have a Google Project Setup, skip to Step 2.",
     },
     {
diff --git a/ui/admin/public/assets/atlassian_logo.svg b/ui/admin/public/assets/atlassian_logo.svg
new file mode 100644
index 00000000..0fa351ed
--- /dev/null
+++ b/ui/admin/public/assets/atlassian_logo.svg
@@ -0,0 +1,35 @@
+<svg width="195" height="32" viewBox="0 0 195 32" fill="none" xmlns="http://www.w3.org/2000/svg">
+<g id="horizontal-logo-gradient-blue-atlassian">
+<g id="Group">
+<g id="Group_2">
+<g id="Group_3">
+<path id="Vector" d="M7.04039 11.0258C6.68099 10.6294 6.14188 10.6655 5.89029 11.1339L0.0679016 22.8437C-0.147743 23.3121 0.175724 23.8526 0.678893 23.8526H8.80149C9.05307 23.8526 9.30466 23.7085 9.41248 23.4563C11.2095 19.8172 10.1313 14.3045 7.04039 11.0258Z" fill="url(#paint0_linear)"/>
+<path id="Vector_2" d="M11.3174 0.360786C8.04684 5.54916 8.26248 11.278 10.4189 15.6016C12.5754 19.9253 14.2286 23.204 14.3365 23.4562C14.4443 23.7085 14.6959 23.8526 14.9474 23.8526H23.07C23.5732 23.8526 23.9326 23.3121 23.681 22.8437C23.681 22.8437 12.7551 0.937272 12.4675 0.396816C12.2878 -0.107609 11.6409 -0.143639 11.3174 0.360786Z" fill="#2684FF"/>
+</g>
+</g>
+<g id="Group_4">
+<g id="Group_5">
+<g id="Group_6">
+<g id="Group_7">
+<path id="Vector_3" d="M121.727 18.0517C121.727 14.6288 119.894 13.0074 114.79 11.8905C111.951 11.278 111.268 10.6294 111.268 9.72868C111.268 8.61174 112.275 8.10732 114.144 8.10732C116.408 8.10732 118.636 8.79189 120.757 9.76471V5.26092C119.283 4.50428 116.983 3.9278 114.287 3.9278C109.22 3.9278 106.596 6.12565 106.596 9.76471C106.596 12.6471 107.926 14.9531 113.173 15.9619C116.3 16.6105 116.947 17.1149 116.947 18.1598C116.947 19.1686 116.3 19.8172 114.072 19.8172C111.52 19.8172 108.465 18.9525 106.488 17.7635V22.4834C108.07 23.2761 110.154 24.1408 114.036 24.1408C119.535 24.1408 121.727 21.6908 121.727 18.0517Z" fill="#0052CC"/>
+<path id="Vector_4" d="M177.004 4.21603V23.8526H181.173V8.89998L182.934 12.8633L188.828 23.8526H194.076V4.21603H189.907V16.8987L188.325 13.2236L183.581 4.21603H177.004Z" fill="#0052CC"/>
+<path id="Vector_5" d="M150.516 4.21603H145.951V23.8166H150.516V4.21603Z" fill="#0052CC"/>
+<path id="Vector_6" d="M140.668 18.0517C140.668 14.6288 138.835 13.0074 133.731 11.8905C130.892 11.278 130.209 10.6294 130.209 9.72868C130.209 8.61174 131.216 8.10732 133.084 8.10732C135.349 8.10732 137.577 8.79189 139.698 9.76471V5.26092C138.224 4.50428 135.924 3.9278 133.228 3.9278C128.161 3.9278 125.537 6.12565 125.537 9.76471C125.537 12.6471 126.867 14.9531 132.114 15.9619C135.241 16.6105 135.888 17.1149 135.888 18.1598C135.888 19.1686 135.241 19.8172 133.013 19.8172C130.461 19.8172 127.406 18.9525 125.429 17.7635V22.4834C127.01 23.2761 129.095 24.1408 132.977 24.1408C138.511 24.1408 140.668 21.6908 140.668 18.0517Z" fill="#0052CC"/>
+<path id="Vector_7" d="M71.2304 4.21603V23.8526H80.575L82.0485 19.601H75.7949V4.21603H71.2304Z" fill="#0052CC"/>
+<path id="Vector_8" d="M52.721 4.2168V8.46839H57.7886V23.8534H62.3531V8.46839H67.7801V4.2168H52.721Z" fill="#0052CC"/>
+</g>
+</g>
+<path id="Vector_9" d="M46.0721 4.2168H40.07L33.2412 23.8173H38.4526L39.423 20.5025C40.5731 20.8268 41.7951 21.043 43.089 21.043C44.3469 21.043 45.5689 20.8628 46.7549 20.5025L47.7253 23.8173H52.9367L46.0721 4.2168ZM43.0531 17.0076C42.1905 17.0076 41.3279 16.8635 40.5372 16.6473L43.0531 8.07205L45.5689 16.6473C44.7782 16.8635 43.9516 17.0076 43.0531 17.0076Z" fill="#0052CC"/>
+<path id="Vector_10" d="M96.7484 4.21603H90.7463L83.9176 23.8166H89.129L90.0994 20.5018C91.2495 20.826 92.4715 21.0422 93.7653 21.0422C95.0233 21.0422 96.2453 20.8621 97.4313 20.5018L98.4017 23.8166H103.613L96.7484 4.21603ZM93.7294 17.0068C92.8668 17.0068 92.0043 16.8627 91.2136 16.6465L93.7294 8.07128L96.2452 16.6465C95.4546 16.8627 94.592 17.0068 93.7294 17.0068Z" fill="#0052CC"/>
+<path id="Vector_11" d="M166.905 4.21603H160.902L154.074 23.8166H159.285L160.255 20.5018C161.406 20.826 162.628 21.0422 163.921 21.0422C165.179 21.0422 166.401 20.8621 167.587 20.5018L168.558 23.8166H173.769L166.905 4.21603ZM163.921 17.0068C163.059 17.0068 162.196 16.8627 161.406 16.6465L163.921 8.07128L166.437 16.6465C165.611 16.8627 164.784 17.0068 163.921 17.0068Z" fill="#0052CC"/>
+</g>
+</g>
+</g>
+</g>
+<defs>
+<linearGradient id="paint0_linear" x1="10.2524" y1="12.8168" x2="4.07222" y2="23.4945" gradientUnits="userSpaceOnUse">
+<stop stop-color="#0052CC"/>
+<stop offset="0.9228" stop-color="#2684FF"/>
+</linearGradient>
+</defs>
+</svg>