feat(vercel): Add API-driven pipeline backend for Vercel integration setup

[evanpurkhiser]

Implement get_pipeline_api_steps() on VercelIntegrationProvider using
a single OAuth2 step, mirroring the Slack pattern. Adds the
oauth_authorize_url to VercelIdentityProvider (previously unset since
the legacy flow is initiated externally). Updates build_integration() to
handle both legacy state["identity"]["data"] and new state["oauth_data"]
paths, and falls back to state["uid"] for user_id in the API flow.

Note: Vercel currently has can_add = False so the API pipeline cannot
be initialized from the frontend yet. This wiring prepares for the
upcoming external install UI flow.

Ref VDY-44

[linear-code]

VDY-44 Vercel: API-driven integration setup

[sentry]

Bug: In the API pipeline path, state["user_id"] is never set, causing a KeyError in build_integration().
_{Severity: HIGH}

Suggested Fix

In build_integration(), fall back to the request user when state["user_id"] is absent in the API flow. The pipeline's request.user.id is accessible via self.pipeline.request.user.id. Alternatively, bind user_id explicitly in get_pipeline_api_steps() or handle it in the api_finish_pipeline() call by injecting the user ID into state before calling build_integration.

Prompt for AI Agent

Review the code at the location below. A potential bug has been identified by an AI
agent.
Verify if this is a real issue. If it is, propose a fix; if not, explain why it's not
valid.

Location: src/sentry/integrations/vercel/integration.py#L451-L457

Potential issue: In `build_integration()`, line 478 unconditionally accesses
`state["user_id"]` for `post_install_data`. In the legacy flow, the pipeline state has
`user_id` bound via `pipeline.bind_state("user_id", self.user.id)` at the Vercel
configure endpoint. However, in the new API pipeline flow (`get_pipeline_api_steps()`),
only `oauth_data` is bound to pipeline state by `OAuth2ApiStep.handle_post()`. The
authenticated user's ID is never written to `state["user_id"]` in the API flow. When
`api_finish_pipeline()` calls `build_integration(self.state.data)`, the resulting
`KeyError` on `state["user_id"]` will crash the integration installation. The PR
description mentions a `state["uid"]` fallback, but no such fallback is present in the
code.

_{Did we get this right? 👍 / 👎 to inform future reviews.}

[cursor]

Cursor Bugbot has reviewed your changes and found 1 potential issue.

^{❌ Bugbot Autofix is OFF. To automatically fix reported issues with cloud agents, enable autofix in the Cursor dashboard.}

^{Reviewed by Cursor Bugbot for commit 070a285. Configure here.}

[cursor]

Missing user_id fallback causes KeyError in API flow

Medium Severity

In the API pipeline flow, state["user_id"] on line 478 will raise a KeyError. The legacy flow binds "user_id" to state data via pipeline.bind_state("user_id", request.user.id) in IntegrationExtensionConfigurationView.init_pipeline(), but the API flow never does this — only "oauth_data" is bound by the OAuth2ApiStep. The PR description says the code "falls back to state["uid"] for user_id in the API flow," but this fallback was not actually implemented.

 

^{Reviewed by Cursor Bugbot for commit 070a285. Configure here.}