feat(providers): Add HubSpot Provider (#4633)

Miciurash · ThangHuuVu · web-flow · commit a0beb02f7709 · 2022-09-11T10:43:28.000+07:00
* Typos fix

* Added HubSpot Provider

* updates to profile

* Update docs/docs/providers/hubspot.md

Co-authored-by: Thang Vu &lt;31528554+ThangHuuVu@users.noreply.github.com&gt;

* fixed typo and outsourced required fields

* removing redirectURL from the provider config

* replaced with "client_secret_post" client method

Co-authored-by: Thang Vu &lt;31528554+ThangHuuVu@users.noreply.github.com&gt;
diff --git a/SECURITY.md b/SECURITY.md
@@ -15,7 +15,7 @@ If you contact us regarding a serious issue:
 
 The best way to report an issue is by contacting us via email at info@balazsorban.com, yo@ndo.dev, thvu@hey.com and me@iaincollins.com, or raise a public issue requesting someone get in touch with you via whatever means you prefer for more details. (Please do not disclose sensitive details publicly at this stage.)
 
-> For less serious issues (e.g. RFC compliance for unsupported flows or potential issues that may cause a problem in the future) it is appropriate to submit these these publically as bug reports or feature requests or to raise a question to open a discussion around them.
+> For less serious issues (e.g. RFC compliance for unsupported flows or potential issues that may cause a problem in the future) it is appropriate to submit these publicly as bug reports or feature requests or to raise a question to open a discussion around them.
 
 ## Supported Versions
 
diff --git a/docs/docs/providers/hubspot.md b/docs/docs/providers/hubspot.md
@@ -0,0 +1,43 @@
+---
+id: hubspot
+title: HubSpot
+---
+
+:::note
+HubSpot returns a limited amount of information on the token holder (see [docs](https://legacydocs.hubspot.com/docs/methods/oauth2/get-access-token-information)). One other issue is that the name and profile photo cannot be fetched through API as discussed [here](https://community.hubspot.com/t5/APIs-Integrations/Profile-photo-is-not-retrieved-with-User-API/m-p/325521).
+:::
+
+## Documentation
+
+https://developers.hubspot.com/docs/api/oauth-quickstart-guide
+
+## Configuration
+
+You need to have an APP in your Developer Account as described at https://developers.hubspot.com/docs/api/developer-tools-overview
+
+## Options
+
+The **HubSpot Provider** comes with a set of default options:
+
+- [HubSpot Provider options](https://github.com/nextauthjs/next-auth/blob/main/packages/next-auth/src/providers/hubspot.ts)
+
+You can override any of the options to suit your own use case.
+
+## Example
+
+```js
+import HubspotProvider from "next-auth/providers/hubspot";
+...
+providers: [
+  HubspotProvider({
+    clientId: process.env.HUBSPOT_CLIENT_ID,
+    clientSecret: process.env.HUBSPOT_CLIENT_SECRET
+  })
+]
+...
+```
+
+:::warning
+The **Redirect URL** under the **Auth** tab on the HubSpot App Settings page must match the callback url which would be http://localhost:3000/api/auth/callback/hubspot for local development. Only one callback URL per Client ID and Client Secret pair is allowed, so it might be easier to create a new app for local development then fiddle with the url changes.  
+:::
+
diff --git a/packages/next-auth/src/providers/hubspot.ts b/packages/next-auth/src/providers/hubspot.ts
@@ -0,0 +1,79 @@
+import type { OAuthConfig, OAuthUserConfig } from "."
+
+interface HubSpotProfile extends Record<string, any> {
+
+  // TODO: figure out additional fields, for now using 
+  // https://legacydocs.hubspot.com/docs/methods/oauth2/get-access-token-information
+
+  user: string,
+  user_id: string,
+
+  hub_domain: string,
+  hub_id: string,
+}
+
+
+const HubSpotConfig = {
+  authorizationUrl: "https://app.hubspot.com/oauth/authorize",
+  tokenUrl: "https://api.hubapi.com/oauth/v1/token",
+  profileUrl: "https://api.hubapi.com/oauth/v1/access-tokens"
+}
+
+export default function HubSpot<P extends HubSpotProfile>(
+  options: OAuthUserConfig<P>
+): OAuthConfig<P> {
+
+  return {
+    id: "hubspot",
+    name: "HubSpot",
+    type: "oauth",
+
+    ...HubSpotConfig,
+
+    authorization: {
+      url: HubSpotConfig.authorizationUrl,
+      params: {
+        scope: "oauth",
+        client_id: options.clientId,
+      },
+
+    },
+    client: {
+      token_endpoint_auth_method: "client_secret_post",
+    },
+    token: HubSpotConfig.tokenUrl,
+    userinfo: {
+      url: HubSpotConfig.profileUrl,
+      async request(context) {
+
+        const url = `${HubSpotConfig.profileUrl}/${context.tokens.access_token}`;
+
+        const response = await fetch(url, {
+          headers: {
+            "Content-Type": "application/json",
+          },
+          method: "GET",
+        });
+
+        const userInfo = await response.json();
+
+        return { userInfo }
+      }
+    },
+    profile(profile) {
+
+      const { userInfo } = profile
+
+      return {
+        id: userInfo.user_id,
+        name: userInfo.user,
+        email: userInfo.user,
+
+        // TODO: get image from profile once it's available 
+        // Details available https://community.hubspot.com/t5/APIs-Integrations/Profile-photo-is-not-retrieved-with-User-API/m-p/325521
+        image: null
+      }
+    },
+    options,
+  }
+}
