-
-
Notifications
You must be signed in to change notification settings - Fork 1.9k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
FEAT_ Zendesk #1794
base: main
Are you sure you want to change the base?
FEAT_ Zendesk #1794
Conversation
@jwalsh-famkit is attempting to deploy a commit to the Typebot Team on Vercel. A member of the Team first needs to authorize it. |
Important Review skippedAuto reviews are disabled on this repository. Please check the settings in the CodeRabbit UI or the You can disable this status message by setting the Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media? TipsChatThere are 3 ways to chat with CodeRabbit:
Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. CodeRabbit Commands (Invoked using PR comments)
Other keywords and placeholders
CodeRabbit Configuration File (
|
@baptisteArno replacement PR for Zendesk |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok sorry about this but I think the Authenticate User action is useless, it should be directly embedded in the Open Web Widget action. It would definitely make more sense.
|
||
## Authenticate Messaging User | ||
|
||
This action will generate a JWT token that can be passed as a variable to Open Web Widget you to authenticate a user in Zendesk. It requires the `User ID`, `Name` `Email`. Optionally, you can also set `Email Is Verified` if the email address has been verified. This is recommended to be set if appropriate. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Zendesk will only look for verified email addresses in a JWT. If the email_verified claim is not set to true, the email address in the JWT will be ignored, and it will not be included in the end user's profile in Agent Workspace.
So I guess the Email Is Verified field is useless here. We just need to tell the user to make sure the email was verified priori to providing it to Typebot. We could put that in a moreInfoTooltip for the email field
Does that make sense?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I originally thought the same, however, because open web widget is a client side action, that would lead to exposing the secrets used to create the JWT token on the client which would be highly insecure, no?
Email Verified is used in the JWT signing process. It's possible and valid to use verified and unverified emails when launching the web widget however as you may be dealing with new customers as well as existing, verified customers so we need to support verified and unverified emails. What verification does is that it tells the agent on the other end of the chat that the customer is known.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@baptisteArno what are your thoughts on this?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I originally thought the same, however, because open web widget is a client side action, that would lead to exposing the secrets used to create the JWT token on the client which would be highly insecure, no?
You should be able for that action to define a server run function AND and a web function. The server function will first be executed.
It's possible and valid to use verified and unverified emails when launching the web widget
But Zendesk is saying that if we provide Email without the email_verified field set to true then it will completely ignore the Email. So my question is what is the point to provide the email_verified field on Typebot. Let's make it always true and document the fact that the creator of the bot verifies the user email before providing it to Zendesk block
Or am I missing something?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
You should be able for that action to define a server run function AND and a web function. The server function will first be executed.
Oh, I see so, would the run block for openWebWidget look like this then? How do I pass the token from the server side auth function to the client openWebWidget function as it doesn't appear that variables are available to the client functions?
run: { server: async ({ credentials: { conversationsSecretKey, conversationsKeyId }, options: { userId, name, email, isEmailVerified, tokenVariableId }, variables, }) => { if (!email || email.length === 0 || !userId || userId.length === 0 || !name || name.length === 0 || conversationsSecretKey === undefined || conversationsKeyId === undefined || tokenVariableId === undefined ) return variables.set(tokenVariableId, sign({ scope: 'user', external_id: userId, name: name, email: email, email_verified: "true" }, conversationsSecretKey, { algorithm: "HS256", keyid: conversationsKeyId })); }, web: { parseFunction: ({ options }) => { return { args: { isAuthEnabled: options.isAuthEnabled ? options.isAuthEnabled?.toString() : "false", token: options.token ?? null, key: options.key ?? null }, content: parseOpenMessenger() } } }, },
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
In fact parseFunction is executed on the server so you are right it should have access to variables, credentials etc... And you won't even have to declare a server run function. Let me push an update, will let you know once you can merge main into this branch 🙏
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done: f613ce3
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NICE!! Thank you!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ok, have removed the auth action, updated the openWebWidget action to generate the token. Looks good!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
and email_verified is set to true now
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Awesome, that's much better.
I think we can definitely simplify this even more! 😅
- Make userId, name and email optional
- Remove isAuthEnabled ( because auth is implicitely enabled as soon as userId is provided)
Adds a new Zendesk block with initial support for launching the Zendesk Messaging Web Widget