Commit e017f19

committed

refactor(credentials): consolidate Atlassian SA creation into /api/credentials

Atlassian service-account creation lived in its own route, contract, and mutation hook, copy-pasting ~140 lines of insert/membership/audit/posthog boilerplate from /api/credentials. Two endpoints means two authz paths, two audit shapes, two TOCTOU stories — they will drift. Fold Atlassian into the existing service_account branch of /api/credentials, dispatching by providerId. The Atlassian validator (tenant_info + Bearer /myself, SSRF host allowlist, typed error codes) lives in lib/credentials/atlassian-service-account.ts and is the only Atlassian- specific piece left. AtlassianValidationError maps to a {code, error} 400 in the existing catch block; the rest of the flow (transaction, members, audit, posthog, dup-check) is now shared with Google SA + env credentials. Delete: - /api/auth/atlassian-service-account route - contracts/atlassian-service-account.ts + barrel export - useCreateAtlassianServiceAccount hook - API audit baseline 727 → 726 Both forms (Google JSON-key, Atlassian token+domain) now call useCreateWorkspaceCredential with the appropriate body shape.

1 parent 02a993a commit e017f19Copy full SHA for e017f19

10 files changed

apps/sim
- app
  - api
    - auth/atlassian-service-account
      - route.ts
    - credentials
      - route.ts
  - workspace/[workspaceId]/settings/components/integrations
    - atlassian-service-account-form.tsx
    - integrations-manager.tsx
- hooks/queries
  - credentials.ts
- lib
  - api/contracts
  - credentials
    - atlassian-service-account.ts
scripts
- check-api-validation-contracts.ts

`‎apps/sim/app/api/auth/atlassian-service-account/route.ts‎`

This file was deleted.

Comments

(0)