mirror of
https://github.com/Abdulazizzn/n8n-enterprise-unlocked.git
synced 2025-12-18 18:41:14 +00:00
fix(core): Make OAuth1/OAuth2 callback not require auth (#10263)
This commit is contained in:
कारतोफ्फेलस्क्रिप्ट™
committed by
GitHub
GitHub
parent
2a09a036d2
commit
a8e2774f53
@@ -99,9 +99,8 @@ export class OAuth1CredentialController extends AbstractOAuthController {
|
||||
}
|
||||
|
||||
/** Verify and store app code. Generate access tokens and store for respective credential */
|
||||
@Get('/callback', { usesTemplates: true })
|
||||
@Get('/callback', { usesTemplates: true, skipAuth: true })
|
||||
async handleCallback(req: OAuthRequest.OAuth1Credential.Callback, res: Response) {
|
||||
const userId = req.user?.id;
|
||||
try {
|
||||
const { oauth_verifier, oauth_token, state: encodedState } = req.query;
|
||||
|
||||
@@ -124,7 +123,7 @@ export class OAuth1CredentialController extends AbstractOAuthController {
|
||||
const credential = await this.getCredentialWithoutUser(credentialId);
|
||||
if (!credential) {
|
||||
const errorMessage = 'OAuth1 callback failed because of insufficient permissions';
|
||||
this.logger.error(errorMessage, { userId, credentialId });
|
||||
this.logger.error(errorMessage, { credentialId });
|
||||
return this.renderCallbackError(res, errorMessage);
|
||||
}
|
||||
|
||||
@@ -138,7 +137,7 @@ export class OAuth1CredentialController extends AbstractOAuthController {
|
||||
|
||||
if (this.verifyCsrfState(decryptedDataOriginal, state)) {
|
||||
const errorMessage = 'The OAuth1 callback state is invalid!';
|
||||
this.logger.debug(errorMessage, { userId, credentialId });
|
||||
this.logger.debug(errorMessage, { credentialId });
|
||||
return this.renderCallbackError(res, errorMessage);
|
||||
}
|
||||
|
||||
@@ -156,7 +155,7 @@ export class OAuth1CredentialController extends AbstractOAuthController {
|
||||
try {
|
||||
oauthToken = await axios.request(options);
|
||||
} catch (error) {
|
||||
this.logger.error('Unable to fetch tokens for OAuth1 callback', { userId, credentialId });
|
||||
this.logger.error('Unable to fetch tokens for OAuth1 callback', { credentialId });
|
||||
const errorResponse = new NotFoundError('Unable to get access tokens!');
|
||||
return sendErrorResponse(res, errorResponse);
|
||||
}
|
||||
@@ -172,15 +171,11 @@ export class OAuth1CredentialController extends AbstractOAuthController {
|
||||
await this.encryptAndSaveData(credential, decryptedDataOriginal);
|
||||
|
||||
this.logger.verbose('OAuth1 callback successful for new credential', {
|
||||
userId,
|
||||
credentialId,
|
||||
});
|
||||
return res.render('oauth-callback');
|
||||
} catch (error) {
|
||||
this.logger.error('OAuth1 callback failed because of insufficient user permissions', {
|
||||
userId,
|
||||
});
|
||||
// Error response
|
||||
this.logger.error('OAuth1 callback failed because of insufficient user permissions');
|
||||
return sendErrorResponse(res, error as Error);
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user