Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

refactor(backend): Move credentials storage to prisma user #8283

Merged
merged 103 commits into from
Oct 22, 2024

Conversation

ntindle
Copy link
Member

@ntindle ntindle commented Oct 8, 2024

Background

We are currently storing the OAuth credentials on the supabase user raw metadata table, which gets inserted into the token that is sent with every request. That causes problems because for security, python rejects all requests with a header over 4096 length

Changes 🏗️

Testing 🔍

Note

Only for the new autogpt platform, currently in autogpt_platform/

  • Create from scratch and execute an agent with at least 3 blocks
  • Import an agent from file upload, and confirm it executes correctly
  • Upload agent to marketplace
  • Import an agent from marketplace and confirm it executes correctly
  • Edit an agent from monitor, and confirm it executes correctly

ntindle and others added 30 commits September 30, 2024 18:45
required to work on mac edge
… is best way to ensure the stringifyication will work
@majdyz
Copy link
Contributor

majdyz commented Oct 22, 2024

I've added changes of my reviews:
https://github.com/Significant-Gravitas/AutoGPT/pull/8283/files/b008a53e1ff0e422e10f7f00d36db2371343540b..5a8c0970868f26aa47c9e0ada21d426fb15c039a

I've tested the migration and it works just fine. But I didn't test all the credentials. Feel free to let me know, modify, or revert as needed.

majdyz
majdyz previously approved these changes Oct 22, 2024
@github-actions github-actions bot added size/l and removed size/xl labels Oct 22, 2024
@aarushik93
Copy link
Contributor

aarushik93 commented Oct 22, 2024

@majdyz I can see that the custom migrations have been removed - can you confirm you have tested this against the dev db & running migrations with prisma works? I have tried this earlier and it does not work for me without custom ones - but if you're saying it does, can you show me the steps and then we can move ahead with it as it is

@majdyz
Copy link
Contributor

majdyz commented Oct 22, 2024

@aarushik93 I have tested this on my local db. How do I test this on dev db ? Would you be able to assist me on this?

I have tried this earlier and it does not work for me without custom ones

What was the issue?

can you show me the steps

The normal step prisma migrate deploy, or prisma migrate reset if you want to make sure everything works from the start.

@aarushik93
Copy link
Contributor

Moved the conversation to discord: https://discord.com/channels/1126875755960336515/1298223231081254923

while this doesn't work for me locally, running everything in docker. @majdyz has tested against dev and the trigger is successfully created. So let's merge this PR on that front

aarushik93
aarushik93 previously approved these changes Oct 22, 2024
@github-actions github-actions bot added the conflicts Automatically applied to PRs with merge conflicts label Oct 22, 2024
Copy link
Contributor

This pull request has conflicts with the base branch, please resolve those so we can evaluate the pull request.

@aarushik93 aarushik93 dismissed their stale review October 22, 2024 10:55

The merge-base changed after approval.

Copy link
Contributor

Conflicts have been resolved! 🎉 A maintainer will review the pull request shortly.

@github-actions github-actions bot removed the conflicts Automatically applied to PRs with merge conflicts label Oct 22, 2024
majdyz
majdyz previously approved these changes Oct 22, 2024
@aarushik93 aarushik93 merged commit 1622a4a into dev Oct 22, 2024
7 checks passed
@aarushik93 aarushik93 deleted the move-oauth-to-prisma-user branch October 22, 2024 12:33
@@ -131,7 +132,7 @@ def delete(self, user_id: str, credentials_id: str) -> None:

def _acquire_lock(self, user_id: str, credentials_id: str, *args: str) -> RedisLock:
key = (
self.store.supabase.supabase_url,
self.store.db_manager,
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Unless self.store.db_manager magically stringifies to a string representing the DB connection, this doesn't work. Can be fixed by either of:

  • Replace self.store.db_manager with a variable uniquely identifying the DB that the credentials are stored in
  • Omit self.store.db_manager if we can absolutely assume that IntegrationCredentialsStore will never be used with multiple different DBs within the same system


def locked_user_metadata(self, user_id: str):
key = (self.supabase.supabase_url, f"user:{user_id}", "metadata")
key = (self.db_manager, f"user:{user_id}", "metadata")
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
Status: Done
Development

Successfully merging this pull request may close these issues.

4 participants