Notify users on failed/successful login attempts

service_auth/actions.py

@@ -20,6 +20,7 @@
 CODECOV_PUBLIC_API = os.environ.get("CODECOV_PUBLIC_API")
 CODECOV_API_URL = os.environ.get("CODECOV_API_URL")
 
+
 def verify_codecov_access_token(slack_user: SlackUser):
     owner = slack_user.active_service.service_username
     service = slack_user.active_service.name
@@ -111,9 +112,10 @@ def view_login_modal(
     # create slack user
     user_info = client.users_info(user=slack_user_id)
     get_or_create_slack_user(user_info)
+    channel_id = command["channel_id"]
 
     # we support gh flow at first
-    github_auth_url = f"https://github.com/login/oauth/authorize?client_id={GITHUB_CLIENT_ID}&redirect_uri={GITHUB_REDIRECT_URI}&scope={GITHUB_SCOPES}&state={slack_user_id_jwt}"
+    github_auth_url = f"https://github.com/login/oauth/authorize?client_id={GITHUB_CLIENT_ID}&redirect_uri={GITHUB_REDIRECT_URI}&scope={GITHUB_SCOPES}&state={slack_user_id_jwt}-{channel_id}"
 
     client.views_open(
         trigger_id=command["trigger_id"],
@@ -177,19 +179,21 @@ def handle_codecov_public_api_request(
     codecov_access_token = slack_user.codecov_access_token
 
     if codecov_access_token:
-        codecov_access_token = slack_user.codecov_access_token
         headers["Authorization"] = f"Bearer {codecov_access_token}"
 
     response = requests.get(request_url, headers=headers)
     if response.status_code == 200:
-        data = response.json()
-        return data
+        return response.json()
     elif response.status_code == 404:
         msg = (
             f"Please use `/codecov login` if you are accessing private data."
             if not codecov_access_token
             else ""
         )
         raise Exception("Error: Not found." + msg)
+    elif response.status_code == 401:
+        raise Exception(
+            "Error: Unauthorized access, are you sure you have a Codecov account?"
+        )
     else:
-        raise Exception(f"Error: {response.status_code}, {response.text}")
+        raise Exception("Error: Could not get data from Codecov")

service_auth/helpers.py

@@ -5,8 +5,10 @@
 
 import requests
 from rest_framework.exceptions import ValidationError
+from slack_sdk import WebClient
 
 from core.enums import EndpointName
+from core.models import SlackInstallation
 
 CODECOV_PUBLIC_API = os.environ.get("CODECOV_PUBLIC_API")
 
@@ -147,3 +149,33 @@ def get_endpoint_details(
         endpoint.url = f"{endpoint.url}?{params_str}"
 
     return endpoint
+
+
+def notify_user_of_error(user, channel_id=None):
+    team_id = user.team_id
+    installation = SlackInstallation.objects.filter(team_id=team_id).first()
+    if not installation:
+        return Response(
+            {"detail": f"Slack installation not found {team_id}"}, status=404
+        )
+
+    client = WebClient(token=installation.bot_token)
+    client.chat_postMessage(
+        channel=channel_id or user.user_id,
+        text=f"Error creating Codecov access token for {user.username}, are you sure you have a Codecov account?",
+    )
+
+
+def notify_user_of_successful_auth(user, channel_id=None):
+    team_id = user.team_id
+    installation = SlackInstallation.objects.filter(team_id=team_id).first()
+    if not installation:
+        return Response(
+            {"detail": f"Slack installation not found {team_id}"}, status=404
+        )
+
+    client = WebClient(token=installation.bot_token)
+    client.chat_postMessage(
+        channel=channel_id or user.user_id,
+        text=f"Successfully authenticated with Codecov",
+    )

service_auth/views.py

@@ -7,7 +7,8 @@
 from rest_framework.views import APIView
 
 from .actions import create_new_codecov_access_token
-from .helpers import get_github_user, validate_gh_call_params
+from .helpers import (get_github_user, notify_user_of_error,
+                      notify_user_of_successful_auth, validate_gh_call_params)
 from .models import Service, SlackUser
 
 GITHUB_CLIENT_ID = os.environ.get("GITHUB_CLIENT_ID")
@@ -27,9 +28,11 @@ def get(self, request, format=None):
         # Get the authorization code from the GitHub's callback request
         code = request.GET.get("code")
         state = request.GET.get("state")
-        user_id = jwt.decode(state, USER_ID_SECRET, algorithms=["HS256"])[
-            "user_id"
-        ]
+        user_id_state = state.split("-")[0]
+        user_id = jwt.decode(
+            user_id_state, USER_ID_SECRET, algorithms=["HS256"]
+        )["user_id"]
+        channel_id = state.split("-")[1]
 
         validate_gh_call_params(code, state)
 
@@ -67,7 +70,9 @@ def get(self, request, format=None):
 
         user = SlackUser.objects.filter(user_id=user_id).first()
         if not user:
-            return Response({"detail": f"Slack user not found {user_id}"}, status=404)
+            return Response(
+                {"detail": f"Slack user not found {user_id}"}, status=404
+            )
 
         service = Service.objects.filter(user=user, name=provider).first()
         if not service:
@@ -83,12 +88,20 @@ def get(self, request, format=None):
         service.save()
 
         # create new codecov access token
-        create_new_codecov_access_token(user)
+        try:
+            create_new_codecov_access_token(user)
+        except Exception as e:
+            notify_user_of_error(user, channel_id)
+            return Response(
+                {
+                    "detail": "Error creating Codecov access token, are you sure you have a Codecov account?"
+                },
+                status=400,
+            )
 
         # redirect to slack app
         team_id = user.team_id
-        slack_url = (
-            f"https://slack.com/app_redirect?app={SLACK_APP_ID}&team={team_id}"
-        )
+        slack_url = f"https://slack.com/app_redirect?app={SLACK_APP_ID}&channel={channel_id}&team={team_id}"
 
+        notify_user_of_successful_auth(user, channel_id)
         return redirect(slack_url)