Refactor gmail into gmail-auth and gmail-importer #1971
Conversation
gmail-importer expects to be linked to a gmail-auth. This allows authenticating a single time in a space and having multiple gmail-importers that use it.
There was a problem hiding this comment.
3 issues found across 2 files
Prompt for AI agents (all 3 issues)
Understand the root cause of the following 3 issues and fix them.
<file name="recipes/gmail-importer.tsx">
<violation number="1" location="recipes/gmail-importer.tsx:126">
Remove logging of the OAuth refresh token; it exposes secrets in logs.</violation>
<violation number="2" location="recipes/gmail-importer.tsx:439">
Add base64 padding before calling atob so Gmail payloads without '=' padding decode correctly.</violation>
<violation number="3" location="recipes/gmail-importer.tsx:698">
Handle Gmail history pagination before advancing the stored historyId; otherwise updates beyond the first page are skipped.</violation>
</file>
React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.
| refreshToken: this.auth.get().refreshToken, | ||
| }; | ||
|
|
||
| console.log("refreshAuthToken", body); |
There was a problem hiding this comment.
Remove logging of the OAuth refresh token; it exposes secrets in logs.
Prompt for AI agents
Address the following comment on recipes/gmail-importer.tsx at line 126:
<comment>Remove logging of the OAuth refresh token; it exposes secrets in logs.</comment>
<file context>
@@ -0,0 +1,952 @@
+ refreshToken: this.auth.get().refreshToken,
+ };
+
+ console.log("refreshAuthToken", body);
+
+ const res = await fetch(
</file context>
| // Replace URL-safe characters back to their original form | ||
| const sanitized = data.replace(/-/g, "+").replace(/_/g, "/"); | ||
| // Decode the base64 string | ||
| return atob(sanitized); |
There was a problem hiding this comment.
Add base64 padding before calling atob so Gmail payloads without '=' padding decode correctly.
Prompt for AI agents
Address the following comment on recipes/gmail-importer.tsx at line 439:
<comment>Add base64 padding before calling atob so Gmail payloads without '=' padding decode correctly.</comment>
<file context>
@@ -0,0 +1,952 @@
+ // Replace URL-safe characters back to their original form
+ const sanitized = data.replace(/-/g, "+").replace(/_/g, "/");
+ // Decode the base64 string
+ return atob(sanitized);
+}
+
</file context>
| return atob(sanitized); | |
| return atob(sanitized.padEnd(sanitized.length + ((4 - (sanitized.length % 4)) % 4), "=")); |
| } | ||
| } | ||
|
|
||
| newHistoryId = historyResponse.historyId; |
There was a problem hiding this comment.
Handle Gmail history pagination before advancing the stored historyId; otherwise updates beyond the first page are skipped.
Prompt for AI agents
Address the following comment on recipes/gmail-importer.tsx at line 698:
<comment>Handle Gmail history pagination before advancing the stored historyId; otherwise updates beyond the first page are skipped.</comment>
<file context>
@@ -0,0 +1,952 @@
+ }
+ }
+
+ newHistoryId = historyResponse.historyId;
+ console.log("\n=== INCREMENTAL SYNC SUMMARY ===");
+ console.log(`Messages to fetch: ${messagesToFetch.length}`);
</file context>
| @@ -0,0 +1,952 @@ | |||
| /// <cts-enable /> | |||
There was a problem hiding this comment.
How does this differ from gmail.tsx? Does this replace it, augment? The gmail.tsx implementation currently has a lot of extra/unused/untested features AFAIK (history? people?), but handling the batch requests and rate limiting are both a PITA but handled at least for the email portions
There was a problem hiding this comment.
Ah I see it takes the auth token from the other charm
|
Looks like this needs a quick format: |
gmail-importer expects to be linked to a gmail-auth.
This allows authenticating a single time in a space and having multiple gmail-importers that use it.
Summary by cubic
Split the Gmail recipe into two charms: gmail-auth (Google OAuth) and gmail-importer (email fetching). Authenticate once per space and reuse the same auth across multiple importers.
New Features
Migration