feat: remove Revert.dev dependency from Pipedrive integration #22492
+292
−143
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Replace Revert API calls with direct Pipedrive OAuth2 and REST API - Update OAuth flow to use Pipedrive's authorization endpoint - Implement token exchange in callback handler - Map Revert's unified API format to Pipedrive's native API structure - Remove REVERT_* environment variables from configuration - Update app config to reflect direct Pipedrive integration - Follow patterns from other CRM integrations like HubSpot Breaking change: Requires PIPEDRIVE_CLIENT_ID and PIPEDRIVE_CLIENT_SECRET environment variables instead of REVERT_* variables Co-Authored-By: anik@cal.com <adhabal2002@gmail.com>
🤖 Devin AI EngineerI'll be helping with this pull request! Here's what you should know: ✅ I will automatically:
Note: I can only respond to comments from users who have write access to this repository. ⚙️ Control Options:
|
|
Important Review skippedDraft detected. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the ✨ Finishing Touches🧪 Generate unit tests
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. 🪧 TipsChatThere are 3 ways to chat with CodeRabbit:
SupportNeed help? Create a ticket on our support page for assistance with any issues or questions. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
|
The latest updates on your projects. Learn more about Vercel for Git ↗︎ 2 Skipped Deployments
|
|
✅ No security or compliance issues detected. Reviewed everything up to 9b9d86b. Security Overview
Detected Code Changes
Reply to this PR with |
- Add token refresh implementation following Pipedrive OAuth2 specification - Use proper Basic Auth for token refresh requests - Handle token refresh errors with appropriate logging - Update access token and expiry date after successful refresh - Add note about database credential update requirement Co-Authored-By: anik@cal.com <adhabal2002@gmail.com>
- Import updateTokenObjectInDb utility for proper credential management - Store credentialId in constructor for database updates - Update token refresh logic to persist refreshed tokens to database - Follow Cal.com patterns for OAuth credential management - Ensure tokens are properly updated after successful refresh Co-Authored-By: anik@cal.com <adhabal2002@gmail.com>
dakshgup
added a commit
to dakshgup/cal.com
that referenced
this pull request
Jul 14, 2025
…drive integration
Originally by: anikdhabal
# Remove Revert.dev dependency from Pipedrive integration
## Summary
This PR removes the dependency on Revert.dev from the Pipedrive CRM integration and implements direct OAuth2 authentication with Pipedrive's native API. The changes follow the same patterns used by other CRM integrations in the codebase (particularly HubSpot).
**Key Changes:**
- **OAuth Flow**: Replaced Revert redirect with direct Pipedrive OAuth2 authorization
- **API Integration**: Converted all API calls from Revert's unified format to Pipedrive's native REST API
- **Token Management**: Implemented OAuth token storage and basic refresh logic
- **Environment Variables**: Removed `REVERT_*` variables, now requires `PIPEDRIVE_CLIENT_ID` and `PIPEDRIVE_CLIENT_SECRET`
- **Data Mapping**: Mapped contact and activity data between Revert's unified format and Pipedrive's native structure
**Breaking Change**: Existing Pipedrive integrations will need to be reconfigured with new OAuth credentials.
## Review & Testing Checklist for Human
- [ ] **Test OAuth flow end-to-end** - Create a Pipedrive OAuth app and verify the complete authorization flow works
- [ ] **Test contact creation and search** - Verify contacts can be created and searched properly with real data
- [ ] **Test activity/meeting management** - Verify activities can be created, updated, and deleted correctly
- [ ] **Verify token refresh logic** - The current implementation is incomplete and may need proper refresh token handling
- [ ] **Test error handling** - Verify proper error responses for failed API calls and invalid tokens
**Recommended Test Plan:**
1. Set up a Pipedrive developer account and create an OAuth app
2. Configure `PIPEDRIVE_CLIENT_ID` and `PIPEDRIVE_CLIENT_SECRET` in environment
3. Test the integration setup flow in Cal.com
4. Create a test booking and verify it creates contacts and activities in Pipedrive
5. Test updating and canceling bookings
---
### Diagram
```mermaid
%%{ init : { "theme" : "default" }}%%
graph TB
subgraph "OAuth Flow"
A["api/add.ts<br/>OAuth Authorization"]:::major-edit
B["api/callback.ts<br/>Token Exchange"]:::major-edit
end
subgraph "CRM Integration"
C["lib/CrmService.ts<br/>Pipedrive API Client"]:::major-edit
D["config.json<br/>App Configuration"]:::minor-edit
end
subgraph "Configuration"
E["turbo.json<br/>Environment Variables"]:::minor-edit
F[".env.appStore.example<br/>Environment Template"]:::minor-edit
end
subgraph "External APIs"
G["Pipedrive OAuth API<br/>oauth.pipedrive.com"]:::context
H["Pipedrive REST API<br/>api.pipedrive.com"]:::context
end
A --> B
B --> C
C --> H
A --> G
B --> G
C --> D
subgraph Legend
L1[Major Edit]:::major-edit
L2[Minor Edit]:::minor-edit
L3[Context/No Edit]:::context
end
classDef major-edit fill:#90EE90
classDef minor-edit fill:#ADD8E6
classDef context fill:#FFFFFF
```
### Notes
- **Token Refresh**: The current `getValidAccessToken()` implementation is incomplete - it doesn't actually refresh expired tokens, just returns the existing one. This should be addressed before production use.
- **OAuth Scopes**: Using comprehensive scopes: `deals:read,deals:write,persons:read,persons:write,activities:read,activities:write`
- **API Mapping**: Activities are used for meetings/events instead of a separate events API, following Pipedrive's data model
- **Error Handling**: Basic error handling is implemented but may need enhancement for production edge cases
**Session Info**:
- Link to Devin run: https://app.devin.ai/sessions/ca8c7c0a8b9b4b87ae92d5db2d23039a
- Requested by: @anikdhabal
|
This PR is being marked as stale due to inactivity. |
3 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Remove Revert.dev dependency from Pipedrive integration
Fixes #16797
Summary
This PR removes the dependency on Revert.dev from the Pipedrive CRM integration and implements direct OAuth2 authentication with Pipedrive's native API. The changes follow the same patterns used by other CRM integrations in the codebase (particularly HubSpot).
Key Changes:
REVERT_*variables, now requiresPIPEDRIVE_CLIENT_IDandPIPEDRIVE_CLIENT_SECRETBreaking Change: Existing Pipedrive integrations will need to be reconfigured with new OAuth credentials.
Review & Testing Checklist for Human
Recommended Test Plan:
PIPEDRIVE_CLIENT_IDandPIPEDRIVE_CLIENT_SECRETin environmentDiagram
%%{ init : { "theme" : "default" }}%% graph TB subgraph "OAuth Flow" A["api/add.ts<br/>OAuth Authorization"]:::major-edit B["api/callback.ts<br/>Token Exchange"]:::major-edit end subgraph "CRM Integration" C["lib/CrmService.ts<br/>Pipedrive API Client"]:::major-edit D["config.json<br/>App Configuration"]:::minor-edit end subgraph "Configuration" E["turbo.json<br/>Environment Variables"]:::minor-edit F[".env.appStore.example<br/>Environment Template"]:::minor-edit end subgraph "External APIs" G["Pipedrive OAuth API<br/>oauth.pipedrive.com"]:::context H["Pipedrive REST API<br/>api.pipedrive.com"]:::context end A --> B B --> C C --> H A --> G B --> G C --> D subgraph Legend L1[Major Edit]:::major-edit L2[Minor Edit]:::minor-edit L3[Context/No Edit]:::context end classDef major-edit fill:#90EE90 classDef minor-edit fill:#ADD8E6 classDef context fill:#FFFFFFNotes
getValidAccessToken()implementation is incomplete - it doesn't actually refresh expired tokens, just returns the existing one. This should be addressed before production use.deals:read,deals:write,persons:read,persons:write,activities:read,activities:writeSession Info: