feat: Google Calendar access revoked and webhook removed

[sajdakabir]

What does this PR do?

Google Calendar access revoked and webhook removed
Fixes:

• [ ] #XXX (GitHub issue number)
• [ ] MAR-296 (Linear issue number - should be visible at the bottom of the GitHub issue description)

Mandatory Tasks:

• I have self-reviewed the code (A decent size PR without self-review might be rejected)
• I pinky swear that my codes gonna work as I have testing every possible scenario.
• I ignored Coderabbit suggestion because it does not make any sense.
• I took Coderabbit suggestion under consideration as some of it makes sense.

How should this be tested?

Environment Setup: ( if applicable)

• Required env variables:

  # Add required env variables here
  

Checklist:

• My code follows the style guidelines of this project.
• I have commented my code, particularly in hard-to-understand areas.
• I have checked if my changes generate no new warnings.
• I have checked for Build errors.
• I have checked if my branch is up to date with preview.

[coderabbitai]

📝 Walkthrough

Walkthrough

The changes in this pull request primarily involve the integration with Google Calendar services across several files. Key modifications include the removal of the getGoogleCalendarOAuthAuthorizationUrl function and the introduction of new functions for revoking access and managing webhooks. The redirectGoogleCalendarOAuthLoginController has been removed, indicating a shift in OAuth handling. Additionally, a new metadata field has been added to the UserSchema to accommodate flexible data storage related to Google Calendar integrations.

Changes

File Path	Change Summary
apps/backend/src/controllers/integration/calendar.controller.js	- Removed: redirectGoogleCalendarOAuthLoginController - Added: revokeGoogleCalendarAccessController - Updated: setUpCalendarWatch to include user parameter
apps/backend/src/models/core/user.model.js	- Added: metadata field of type Schema.Types.Mixed in googleCalendar object within UserSchema
apps/backend/src/routers/integration/calendar.route.js	- Added: Route for revoking access at /revoke-access/ mapped to revokeGoogleCalendarAccessController - Removed: Route for connecting to Google Calendar using redirectGoogleCalendarOAuthLoginController
apps/backend/src/services/integration/calendar.service.js	- Removed: getGoogleCalendarOAuthAuthorizationUrl - Updated: setUpCalendarWatch to include user - Added: revokeGoogleCalendarAccess and removeGoogleCalendarWebhook functions

Possibly related PRs

• Meeting order #380: The changes in calendar.service.js regarding the removal of the getGoogleCalendarOAuthAuthorizationUrl function and the addition of revokeGoogleCalendarAccess are related to the modifications in the same file in this PR, which also focuses on Google Calendar integration.
• feat: check cal connection before api call #399: This PR introduces a check for the Google Calendar connection before making API calls, which aligns with the changes in the main PR that enhance the management of Google Calendar integrations, particularly in handling user-specific data and access.

Suggested reviewers

• deewakar-k
• joaorceschini

🐇 In the garden, hopping free,
Google Calendar's now a glee!
Revoked access, webhooks too,
With metadata, we start anew.
A spring of changes, fresh and bright,
Integration's path is now in sight! 🌼

---

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

• Review comments: Directly reply to a review comment made by CodeRabbit. Example:
  • I pushed a fix in commit <commit_id>, please review it.
  • Generate unit testing code for this file.
  • Open a follow-up GitHub issue for this discussion.
• Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
  • @coderabbitai generate unit testing code for this file.
  • @coderabbitai modularize this function.
• PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
  • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
  • @coderabbitai read src/utils.ts and generate unit testing code.
  • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
  • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

• @coderabbitai pause to pause the reviews on a PR.
• @coderabbitai resume to resume the paused reviews.
• @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
• @coderabbitai full review to do a full review from scratch and review all the files again.
• @coderabbitai summary to regenerate the summary of the PR.
• @coderabbitai resolve resolve all the CodeRabbit review comments.
• @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
• @coderabbitai help to get help.

Other keywords and placeholders

• Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
• Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
• Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

• You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
• Please see the configuration documentation for more information.
• If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

• Visit our Documentation for detailed information on how to use CodeRabbit.
• Join our Discord Community to get help, request features, and share feedback.
• Follow us on X/Twitter for updates and announcements.

[coderabbitai]

Actionable comments posted: 5

🧹 Outside diff range and nitpick comments (6)

apps/backend/src/routers/integration/calendar.route.js (1)

2-2: Consider breaking down the import statement for better readability.

The import statement is becoming quite long. Consider restructuring it into multiple lines for improved readability and maintainability.

-import { getGoogleCalendarAccessTokenController, getGoogleCalendarEventsController, addGoogleCalendarEventController, updateGoogleCalendarEventController, deleteGoogleCalendarEventController, getGoogleCalendarMeetingsController, getGoogleCalendarupComingMeetingsController, revokeGoogleCalendarAccessController } from "../../controllers/integration/calendar.controller.js";
+import {
+  getGoogleCalendarAccessTokenController,
+  getGoogleCalendarEventsController,
+  addGoogleCalendarEventController,
+  updateGoogleCalendarEventController,
+  deleteGoogleCalendarEventController,
+  getGoogleCalendarMeetingsController,
+  getGoogleCalendarupComingMeetingsController,
+  revokeGoogleCalendarAccessController
+} from "../../controllers/integration/calendar.controller.js";

apps/backend/src/models/core/user.model.js (2)

101-103: Consider documenting the metadata field structure and purpose.

While Schema.Types.Mixed provides flexibility, it can make the codebase harder to maintain and migrate. Consider:

1. Adding JSDoc comments describing the expected structure and purpose of the metadata field
2. Adding a default value (e.g., default: {}) to ensure consistency for existing documents

 googleCalendar: {
     accessToken: String,
     refreshToken: String,
+    // Stores additional Google Calendar integration data such as webhook configurations
     metadata: {
         type: Schema.Types.Mixed,
+        default: {}
     },
     connected: { type: Boolean, default: false }
 },

---

101-103: Consider data sanitization for the metadata field.

Since Schema.Types.Mixed allows any type of data, consider implementing middleware to sanitize and validate the metadata content before saving to prevent security issues or data inconsistencies.

apps/backend/src/controllers/integration/calendar.controller.js (1)

172-178: Consider transaction-like behavior for webhook and access revocation.

The current implementation could leave the system in an inconsistent state if webhook removal succeeds but access revocation fails. Consider implementing a transaction-like pattern.

     try {
+        const errors = [];
         if (metadata && metadata.channelId && metadata.resourceId) {
-            await removeGoogleCalendarWebhook(metadata.channelId, metadata.resourceId, accessToken);
+            try {
+                await removeGoogleCalendarWebhook(metadata.channelId, metadata.resourceId, accessToken);
+            } catch (webhookError) {
+                errors.push(`Failed to remove webhook: ${webhookError.message}`);
+            }
         }

         if (accessToken) {
-            await revokeGoogleCalendarAccess(user);
+            try {
+                await revokeGoogleCalendarAccess(user);
+            } catch (accessError) {
+                errors.push(`Failed to revoke access: ${accessError.message}`);
+            }
         }
+
+        if (errors.length > 0) {
+            throw new Error(`Revocation partially failed: ${errors.join(', ')}`);
+        }

🧰 Tools

🪛 Biome

[error] 172-172: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

apps/backend/src/services/integration/calendar.service.js (2)

Line range hint 233-255: Add error handling and improve metadata initialization.

While the webhook setup logic is correct, consider adding error handling and making the metadata initialization more defensive.

 const setUpCalendarWatch = async (accessToken, calendarId, webhookUrl, user) => {
     const auth = new google.auth.OAuth2();
     auth.setCredentials({ access_token: accessToken });
 
     const requestBody = {
         id: uuid(),
         type: 'web_hook',
         address: webhookUrl,
         token: environment.CALENDAR_WEBHOOK_SECRET
     };
     const calendar = google.calendar({ version: 'v3' });
 
+    try {
         const response = await calendar.events.watch({
             auth,
             calendarId,
             requestBody
         });
 
-        user.integration.googleCalendar.metadata = user.integration.googleCalendar.metadata || {};
+        // Ensure all required objects exist
+        user.integration = user.integration || {};
+        user.integration.googleCalendar = user.integration.googleCalendar || {};
+        user.integration.googleCalendar.metadata = user.integration.googleCalendar.metadata || {};
 
         user.integration.googleCalendar.metadata.channelId = response.data.id;
         user.integration.googleCalendar.metadata.resourceId = response.data.resourceId;
         await user.save();
 
         return response.data;
+    } catch (error) {
+        console.error('Failed to set up calendar watch:', error);
+        throw new Error('Failed to set up calendar webhook');
+    }
 };

---

324-356: Consider implementing atomic operations for access revocation.

The revocation process involves multiple steps (token revocation, webhook removal, and user data cleanup). Consider implementing these operations atomically to maintain data consistency in case of failures.

Suggestions:

1. Create a higher-level function that coordinates these operations
2. Implement rollback mechanisms for partial failures
3. Consider using database transactions for user data updates

Example implementation:

const revokeGoogleCalendarAccessAndCleanup = async (user) => {
    try {
        // 1. Remove webhook first (if exists)
        if (user?.integration?.googleCalendar?.metadata?.channelId) {
            await removeGoogleCalendarWebhook(
                user.integration.googleCalendar.metadata.channelId,
                user.integration.googleCalendar.metadata.resourceId,
                user.integration.googleCalendar.accessToken
            );
        }

        // 2. Revoke access
        await revokeGoogleCalendarAccess(user);

        return true;
    } catch (error) {
        console.error('Failed to revoke access and cleanup:', error);
        // Implement rollback logic here if needed
        throw new Error('Failed to complete calendar cleanup');
    }
};

📜 Review details

Configuration used: CodeRabbit UI
Review profile: CHILL

📥 Commits

Reviewing files that changed from the base of the PR and between bc0ac65 and 3a04cf6.

📒 Files selected for processing (4)

• apps/backend/src/controllers/integration/calendar.controller.js (3 hunks)
• apps/backend/src/models/core/user.model.js (1 hunks)
• apps/backend/src/routers/integration/calendar.route.js (1 hunks)
• apps/backend/src/services/integration/calendar.service.js (4 hunks)

🧰 Additional context used

🪛 Biome

apps/backend/src/controllers/integration/calendar.controller.js

[error] 172-172: Change to an optional chain.

Unsafe fix: Change to an optional chain.

(lint/complexity/useOptionalChain)

🔇 Additional comments (6)

apps/backend/src/routers/integration/calendar.route.js (1)

Line range hint 1-17: Verify the impact of removing the Google Calendar connect route.

The removal of the "/connect/" route (previously using redirectGoogleCalendarOAuthLoginController) might affect:

• Client applications that depend on this endpoint
• Documentation that references this endpoint
• User onboarding flows

✅ Verification successful

The removal of the /connect route appears to be a safe refactoring

The codebase analysis shows that:

• The OAuth flow is handled through the Google OAuth2 client configuration in google.loader.js
• The calendar service manages connection state internally via user.integration.googleCalendar.connected
• No direct references to a /connect endpoint were found in frontend components or hooks
• Other integration routes (email, notion, linear) have their own OAuth flows

The removal of the /connect route seems to be part of a refactoring where the OAuth flow is likely handled through the /getAccessToken endpoint instead, maintaining backward compatibility.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for references to the removed connect route
echo "Searching for references to the connect route in the codebase..."
rg -l "\/connect\/" --type js --type ts --type jsx --type tsx

echo "Searching for documentation files that might reference the endpoint..."
fd -e md -e mdx | xargs rg -l "\/connect\/"

echo "Searching for potential client-side API calls..."
rg -l "googleCalendar.*connect" --type js --type ts --type jsx --type tsx

Length of output: 766

---

Script:

#!/bin/bash
# Search for references to the connect route in the codebase with fixed regex
echo "Searching for references to the connect route in the codebase..."
rg -l "/connect/" --type js --type ts

echo "Searching for documentation files that might reference the endpoint..."
fd -e md -e mdx | xargs rg -l "connect"

echo "Searching for the old controller in the codebase..."
rg -l "redirectGoogleCalendarOAuthLoginController" --type js --type ts

# Search for any Google Calendar connect/OAuth related code
echo "Searching for Google Calendar OAuth related code..."
rg -l "googleCalendar.*[Cc]onnect|[Oo]auth" --type js --type ts

Length of output: 1619

---

Script:

#!/bin/bash
# Let's check the content of relevant calendar-related files to understand the OAuth flow
echo "Checking calendar service implementation..."
rg -A 5 "OAuth|connect" apps/backend/src/services/integration/calendar.service.js

echo "Checking calendar-related frontend components..."
rg -A 5 "OAuth|connect" apps/frontend/src/components/atoms/GoogleLogin.tsx

echo "Checking calendar hook implementation..."
rg -A 5 "OAuth|connect" apps/frontend/src/hooks/useCalendar.ts

echo "Checking Google loader implementation..."
rg -A 5 "OAuth|connect" apps/backend/src/loaders/google.loader.js

Length of output: 1590

apps/backend/src/models/core/user.model.js (1)

101-103: Verify the impact of metadata field on existing documents.

The addition of an unstructured metadata field without a default value might affect existing documents or queries.

✅ Verification successful

Let me check the content of the calendar service to understand how the metadata field is being used.

---

Let me check the Meeting model to understand how the metadata field is being used there.

---

The metadata field addition is safe to proceed

The verification shows that:

1. The metadata field in the Meeting model is already being used consistently in the calendar service for storing meeting-related data (status, location, attendees, etc.)
2. For Google Calendar integration, the metadata field is properly initialized with an empty object when revoking access
3. No migrations are needed as the field is of type Mixed, which is flexible and won't affect existing documents
4. The code handles the case where metadata might not exist by using the OR operator (metadata = metadata || {})

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Description: Check for existing documents that might be affected by the schema change

# Test 1: Check if there are any documents with existing metadata field
# Expect: No documents should have this field yet
echo "Checking for existing metadata usage..."
ast-grep --pattern 'integration.googleCalendar.metadata'

# Test 2: Check for queries that might be affected
# Expect: No direct queries on this field
echo "Checking for potential query impacts..."
rg -l "googleCalendar.*metadata" --type js

Length of output: 337

---

Script:

#!/bin/bash
# Check the calendar service implementation
echo "Checking calendar service implementation..."
rg "metadata" -A 5 -B 5 apps/backend/src/services/integration/calendar.service.js

# Check if this is a new file or existing one
echo -e "\nChecking file history..."
git log --follow -p apps/backend/src/services/integration/calendar.service.js | rg "metadata" -C 5

Length of output: 5078

---

Script:

#!/bin/bash
# Check the Meeting model implementation and its usage
echo "Checking Meeting model..."
fd "meeting.*model" --type f --exec rg "metadata" -A 5 -B 5 {}

# Check for any existing migrations
echo -e "\nChecking for migrations..."
fd "migration" --type f --exec rg "metadata" -A 5 -B 5 {}

Length of output: 421

apps/backend/src/controllers/integration/calendar.controller.js (3)

12-14: LGTM: Import statements align with PR objectives.

The new imports support the Google Calendar access revocation and webhook removal functionality.

---

197-198: LGTM: Export changes are consistent.

The exports correctly reflect the addition of the new controller and removal of the OAuth redirect controller.

---

27-27: Verify setUpCalendarWatch parameter change across codebase.

The setUpCalendarWatch function now accepts a user parameter. Let's verify this change is consistently implemented.

✅ Verification successful

Let me search for the implementation of setUpCalendarWatch to verify the parameter changes.

---

Parameter change in setUpCalendarWatch is consistently implemented

The function is only called once in calendar.controller.js and its implementation in calendar.service.js correctly defines all four parameters including the new user parameter. The change is consistent across the codebase.

🏁 Scripts executed

The following scripts were executed for the analysis:

Script:

#!/bin/bash
# Search for all calls to setUpCalendarWatch to ensure consistent parameter usage
ast-grep --pattern 'setUpCalendarWatch($$$)'

Length of output: 193

---

Script:

#!/bin/bash
# Search for the implementation of setUpCalendarWatch
ast-grep --pattern 'function setUpCalendarWatch($$$)'

# Also search with rg to catch any other definitions
rg "setUpCalendarWatch.*=.*" -g "*.js" -A 5

Length of output: 677

apps/backend/src/services/integration/calendar.service.js (1)

370-372: LGTM!

The new functions are correctly exported.

[coderabbitai]

⚠️ Potential issue

Use POST/DELETE instead of GET for revocation endpoint.

The revocation endpoint should use POST or DELETE instead of GET since it's a state-changing operation. Using GET for such operations:

• Doesn't follow RESTful principles
• Could be accidentally triggered (e.g., by prefetching)
• May be cached by browsers/proxies

-router.route("/revoke-access/").get(revokeGoogleCalendarAccessController)
+router.route("/revoke-access/").post(revokeGoogleCalendarAccessController)

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	router.route("/revoke-access/").get(revokeGoogleCalendarAccessController)
	router.route("/revoke-access/").post(revokeGoogleCalendarAccessController)

[coderabbitai]

🛠️ Refactor suggestion

Add validation for user integration.

Consider adding explicit validation for the Google Calendar integration before proceeding with revocation.

-    const { accessToken, metadata } = user.integration.googleCalendar || {};
+    if (!user.integration?.googleCalendar) {
+        return res.status(400).json({
+            message: 'No Google Calendar integration found for this user.'
+        });
+    }
+    const { accessToken, metadata } = user.integration.googleCalendar;

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const { accessToken, metadata } = user.integration.googleCalendar || {};
	if (!user.integration?.googleCalendar) {
	return res.status(400).json({
	message: 'No Google Calendar integration found for this user.'
	});
	}
	const { accessToken, metadata } = user.integration.googleCalendar;

[coderabbitai]

🛠️ Refactor suggestion

Add metadata cleanup after successful revocation.

The user's Google Calendar metadata should be cleaned up after successful revocation.

+        // Clean up user metadata
+        user.integration.googleCalendar = {};
+        await user.save();
+
         res.status(200).json({
             message: 'Google Calendar access revoked and webhook removed successfully.'
         });

Committable suggestion skipped: line range outside the PR's diff.

[coderabbitai]

🛠️ Refactor suggestion

Add error handling and parameter validation for webhook removal.

The webhook removal implementation should validate inputs and handle potential errors.

 const removeGoogleCalendarWebhook = async (channelId, resourceId, accessToken) => {
+    if (!channelId || !resourceId || !accessToken) {
+        throw new Error('Missing required parameters for webhook removal');
+    }
+
     const stopWebhookUrl = 'https://www.googleapis.com/calendar/v3/channels/stop';
 
+    try {
         await axios.post(stopWebhookUrl, {
             id: channelId,
             resourceId
         }, {
             headers: {
                 Authorization: `Bearer ${accessToken}`,
                 'Content-Type': 'application/json'
             }
         });
+    } catch (error) {
+        console.error('Failed to remove calendar webhook:', error);
+        throw new Error('Failed to remove calendar webhook');
+    }
 };

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const removeGoogleCalendarWebhook = async (channelId, resourceId, accessToken) => {
	const stopWebhookUrl = 'https://www.googleapis.com/calendar/v3/channels/stop';
	await axios.post(stopWebhookUrl, {
	id: channelId,
	resourceId
	}, {
	headers: {
	Authorization: `Bearer ${accessToken}`,
	'Content-Type': 'application/json'
	}
	});
	};
	const removeGoogleCalendarWebhook = async (channelId, resourceId, accessToken) => {
	if (!channelId || !resourceId || !accessToken) {
	throw new Error('Missing required parameters for webhook removal');
	}
	const stopWebhookUrl = 'https://www.googleapis.com/calendar/v3/channels/stop';
	try {
	await axios.post(stopWebhookUrl, {
	id: channelId,
	resourceId
	}, {
	headers: {
	Authorization: `Bearer ${accessToken}`,
	'Content-Type': 'application/json'
	}
	});
	} catch (error) {
	console.error('Failed to remove calendar webhook:', error);
	throw new Error('Failed to remove calendar webhook');
	}
	};

[coderabbitai]

🛠️ Refactor suggestion

Add comprehensive error handling for token revocation.

The token revocation logic should handle various edge cases and potential failures.

 const revokeGoogleCalendarAccess = async (user) => {
+    try {
+        // Validate user has required data
+        if (!user?.integration?.googleCalendar?.accessToken) {
+            console.log('No access token found to revoke');
+            return;
+        }
+
         const revokeTokenUrl = 'https://oauth2.googleapis.com/revoke';
         const accessToken = user.integration.googleCalendar.accessToken;
 
         await axios.post(revokeTokenUrl, null, {
             params: {
                 token: accessToken
             },
             headers: {
                 'Content-Type': 'application/x-www-form-urlencoded'
             }
         });
 
+        // Ensure integration object exists
+        user.integration = user.integration || {};
+        user.integration.googleCalendar = user.integration.googleCalendar || {};
+
         user.integration.googleCalendar.accessToken = null;
         user.integration.googleCalendar.refreshToken = null;
         user.integration.googleCalendar.connected = false;
         user.integration.googleCalendar.metadata = {};
         await user.save();
+    } catch (error) {
+        console.error('Failed to revoke Google Calendar access:', error);
+        throw new Error('Failed to revoke calendar access');
+    }
 };

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const revokeGoogleCalendarAccess = async (user) => {
	const revokeTokenUrl = 'https://oauth2.googleapis.com/revoke';
	const accessToken = user.integration.googleCalendar.accessToken;
	await axios.post(revokeTokenUrl, null, {
	params: {
	token: accessToken
	},
	headers: {
	'Content-Type': 'application/x-www-form-urlencoded'
	}
	});
	user.integration.googleCalendar.accessToken = null;
	user.integration.googleCalendar.refreshToken = null;
	user.integration.googleCalendar.connected = false;
	user.integration.googleCalendar.metadata = {};
	await user.save();
	};
	const revokeGoogleCalendarAccess = async (user) => {
	try {
	// Validate user has required data
	if (!user?.integration?.googleCalendar?.accessToken) {
	console.log('No access token found to revoke');
	return;
	}
	const revokeTokenUrl = 'https://oauth2.googleapis.com/revoke';
	const accessToken = user.integration.googleCalendar.accessToken;
	await axios.post(revokeTokenUrl, null, {
	params: {
	token: accessToken
	},
	headers: {
	'Content-Type': 'application/x-www-form-urlencoded'
	}
	});
	// Ensure integration object exists
	user.integration = user.integration || {};
	user.integration.googleCalendar = user.integration.googleCalendar || {};
	user.integration.googleCalendar.accessToken = null;
	user.integration.googleCalendar.refreshToken = null;
	user.integration.googleCalendar.connected = false;
	user.integration.googleCalendar.metadata = {};
	await user.save();
	} catch (error) {
	console.error('Failed to revoke Google Calendar access:', error);
	throw new Error('Failed to revoke calendar access');
	}
	};