Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(core): Make OAuth1/OAuth2 callback not require auth #10263

Merged
merged 1 commit into from
Jul 31, 2024
Merged

fix(core): Make OAuth1/OAuth2 callback not require auth #10263

merged 1 commit into from
Jul 31, 2024

Conversation

netroy
Copy link
Member

@netroy netroy commented Jul 31, 2024

Summary

oauth callback endpoints did not enforce auth until recently, and only used req.user for logging when that info was available.
Since we refactored auth, this is breaking for anyone depending on these endpoints to be authless.

Review / Merge checklist

  • PR title and summary are descriptive. (conventions)
  • Docs updated or follow-up ticket created.
  • Tests included.
  • PR Labeled with release/backport (if the PR is an urgent fix that needs to be backported)

@n8n-assistant n8n-assistant bot added core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team labels Jul 31, 2024
tomi
tomi approved these changes Jul 31, 2024
View reviewed changes
Copy link
Contributor

@tomi tomi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just one question. Otherwise LGTM 🚀

packages/cli/src/controllers/oauth/oAuth1Credential.controller.ts Show resolved Hide resolved
@cypress Cypress
Copy link

cypress bot commented Jul 31, 2024


Test summary

390 0 0 0Flakiness 0

Run details
Project n8n
Status Passed
Commit c08b68d
Started Jul 31, 2024 12:56 PM
Ended Jul 31, 2024 1:01 PM
Duration 04:41 💡
OS Linux Debian -
Browser Electron 118

View run in Cypress Cloud ➡️

This comment has been generated by cypress-bot as a result of this project's GitHub integration settings. You can manage this integration in this project's settings in the Cypress Cloud

@github-actions GitHub Actions
Copy link
Contributor

✅ All Cypress E2E specs passed

@netroy netroy merged commit a8e2774 into master Jul 31, 2024
27 checks passed
@netroy netroy deleted the authless-oauth2-callback branch July 31, 2024 13:03
MiloradFilipovic added a commit that referenced this pull request Jul 31, 2024
@MiloradFilipovic
Merge branch 'master' into ADO-2365-design-system-update
a66c4cb 
* master:
  feat(AWS Lambda Node): Add support for paired items (no-changelog) (#10270)
  fix: Loop node no input data shown (#10224)
  fix(core): Make OAuth1/OAuth2 callback not require auth (#10263)
  🚀 Release 1.53.0 (#10266)
  fix(core): Upgrade @n8n/vm2 to address CVE‑2023‑37466 (#10265)
  feat(Calendly Trigger Node): Add OAuth Credentials Support (#10251)
  test(core): Improve and expand log streaming tests (no-changelog) (#10261)
  refactor(editor): Migrate `WorkflowExecutionsListView.vue` to composition API (no-changelog) (#10198)
  fix(core): Restore log event `n8n.workflow.failed` (#10253)
  test(core): Stop showing JWT warning during test runs (no-changelog) (#10255)
@netroy netroy mentioned this pull request Jul 31, 2024
Merged
2 tasks
MiloradFilipovic added a commit that referenced this pull request Aug 1, 2024
@MiloradFilipovic
Merge branch 'master' into ask-assistant
c65ab51 
* master:
  refactor(core): Decouple workflow created, saved, deleted events from internal hooks (no-changelog) (#10264)
  fix(core): Fix oauth2 callback and add integration tests (no-changelog) (#10272)
  fix(n8n Form Trigger Node): Improve copy and a few tweaks (no-changelog) (#10243)
  fix(core): Fix expressions in webhook nodes(Form, Webhook) to access previous node's data (#10247)
  refactor(core): Port endpoints config (no-changelog) (#10268)
  feat(AWS Lambda Node): Add support for paired items (no-changelog) (#10270)
  fix: Loop node no input data shown (#10224)
  fix(core): Make OAuth1/OAuth2 callback not require auth (#10263)
  🚀 Release 1.53.0 (#10266)
  fix(core): Upgrade @n8n/vm2 to address CVE‑2023‑37466 (#10265)
  feat(Calendly Trigger Node): Add OAuth Credentials Support (#10251)
  test(core): Improve and expand log streaming tests (no-changelog) (#10261)
  refactor(editor): Migrate `WorkflowExecutionsListView.vue` to composition API (no-changelog) (#10198)
  fix(core): Restore log event `n8n.workflow.failed` (#10253)
  test(core): Stop showing JWT warning during test runs (no-changelog) (#10255)
  fix(Postgres Node): Expressions in query parameters for Postgres executeQuery operation (#10217)
  fix(editor): Fix workflow execution list scrolling after filter change (#10226)
@github-actions github-actions bot mentioned this pull request Aug 7, 2024
Merged
@janober
Copy link
Member

janober commented Aug 7, 2024

Got released with n8n@1.54.0

@netroy netroy mentioned this pull request Nov 13, 2024
Merged
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tomi tomi tomi approved these changes

Assignees
No one assigned
Labels
core Enhancement outside /nodes-base and /editor-ui n8n team Authored by the n8n team Released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@netroy @janober @tomi