Skip to content

Commit 0cba2fc

Browse files
afitzekafitzek
committed
chore(core): Only encrypt partial oauth state (#23590)
1 parent 1dd9787 commit 0cba2fc

File tree

6 files changed

+272
-137
lines changed

6 files changed

+272
-137
lines changed

packages/cli/src/controllers/oauth/__tests__/oauth1-credential.controller.test.ts

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -56,6 +56,7 @@ describe('OAuth1CredentialController', () => {
5656
cid: '1',
5757
origin: 'static-credential',
5858
createdAt: timestamp,
59+
data: 'encrypted-data',
5960
}),
6061
).toString('base64');
6162

@@ -87,6 +88,7 @@ describe('OAuth1CredentialController', () => {
8788
cid: '1',
8889
origin: 'static-credential' as const,
8990
createdAt: timestamp,
91+
data: 'encrypted-data',
9092
};
9193
oauthService.getCredential.mockResolvedValueOnce(mockResolvedCredential);
9294
// @ts-ignore
@@ -130,6 +132,7 @@ describe('OAuth1CredentialController', () => {
130132
credentialResolverId: 'resolver-id',
131133
authorizationHeader: 'Bearer token123',
132134
createdAt: timestamp,
135+
data: 'encrypted-data',
133136
};
134137
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
135138
const dynamicReq = mock<OAuthRequest.OAuth1Credential.Callback>({
@@ -174,6 +177,7 @@ describe('OAuth1CredentialController', () => {
174177
origin: 'dynamic-credential' as const,
175178
authorizationHeader: 'Bearer token123',
176179
createdAt: timestamp,
180+
data: 'encrypted-data',
177181
};
178182
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
179183
const dynamicReq = mock<OAuthRequest.OAuth1Credential.Callback>({
@@ -211,6 +215,7 @@ describe('OAuth1CredentialController', () => {
211215
origin: 'dynamic-credential' as const,
212216
credentialResolverId: 'resolver-id',
213217
createdAt: timestamp,
218+
data: 'encrypted-data',
214219
};
215220
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
216221
const dynamicReq = mock<OAuthRequest.OAuth1Credential.Callback>({
@@ -249,6 +254,7 @@ describe('OAuth1CredentialController', () => {
249254
credentialResolverId: 'resolver-id',
250255
authorizationHeader: 'Invalid token123',
251256
createdAt: timestamp,
257+
data: 'encrypted-data',
252258
};
253259
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
254260
const dynamicReq = mock<OAuthRequest.OAuth1Credential.Callback>({
@@ -285,6 +291,7 @@ describe('OAuth1CredentialController', () => {
285291
cid: '1',
286292
origin: 'static-credential' as const,
287293
createdAt: timestamp,
294+
data: 'encrypted-data',
288295
};
289296
const undefinedOriginState = Buffer.from(JSON.stringify(mockState)).toString('base64');
290297
const undefinedOriginReq = mock<OAuthRequest.OAuth1Credential.Callback>({

packages/cli/src/controllers/oauth/__tests__/oauth2-credential.controller.test.ts

Lines changed: 11 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -82,6 +82,7 @@ describe('OAuth2CredentialController', () => {
8282
userId: '123',
8383
origin: 'static-credential',
8484
createdAt: timestamp,
85+
data: 'encrypted-data',
8586
}),
8687
).toString('base64');
8788

@@ -120,6 +121,7 @@ describe('OAuth2CredentialController', () => {
120121
userId: '123',
121122
origin: 'static-credential' as const,
122123
createdAt: timestamp,
124+
data: 'encrypted-data',
123125
};
124126
oauthService.resolveCredential.mockResolvedValueOnce([
125127
mockResolvedCredential,
@@ -183,6 +185,7 @@ describe('OAuth2CredentialController', () => {
183185
credentialResolverId: 'resolver-id',
184186
authorizationHeader: 'Bearer token123',
185187
createdAt: timestamp,
188+
data: 'encrypted-data',
186189
};
187190
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
188191
oauthService.resolveCredential.mockResolvedValueOnce([
@@ -246,6 +249,7 @@ describe('OAuth2CredentialController', () => {
246249
origin: 'dynamic-credential' as const,
247250
authorizationHeader: 'Bearer token123',
248251
createdAt: timestamp,
252+
data: 'encrypted-data',
249253
};
250254
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
251255
oauthService.resolveCredential.mockResolvedValueOnce([
@@ -304,6 +308,7 @@ describe('OAuth2CredentialController', () => {
304308
origin: 'dynamic-credential' as const,
305309
credentialResolverId: 'resolver-id',
306310
createdAt: timestamp,
311+
data: 'encrypted-data',
307312
};
308313
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
309314
oauthService.resolveCredential.mockResolvedValueOnce([
@@ -363,6 +368,7 @@ describe('OAuth2CredentialController', () => {
363368
credentialResolverId: 'resolver-id',
364369
authorizationHeader: 'Invalid token123',
365370
createdAt: timestamp,
371+
data: 'encrypted-data',
366372
};
367373
const dynamicState = Buffer.from(JSON.stringify(mockState)).toString('base64');
368374
oauthService.resolveCredential.mockResolvedValueOnce([
@@ -420,6 +426,7 @@ describe('OAuth2CredentialController', () => {
420426
userId: '123',
421427
origin: 'static-credential' as const,
422428
createdAt: timestamp,
429+
data: 'encrypted-data',
423430
};
424431
const undefinedOriginState = Buffer.from(JSON.stringify(mockState)).toString('base64');
425432
oauthService.resolveCredential.mockResolvedValueOnce([
@@ -480,6 +487,7 @@ describe('OAuth2CredentialController', () => {
480487
userId: '123',
481488
origin: 'static-credential' as const,
482489
createdAt: timestamp,
490+
data: 'encrypted-data',
483491
};
484492
oauthService.resolveCredential.mockResolvedValueOnce([
485493
mockResolvedCredential,
@@ -538,6 +546,7 @@ describe('OAuth2CredentialController', () => {
538546
userId: '123',
539547
origin: 'static-credential' as const,
540548
createdAt: timestamp,
549+
data: 'encrypted-data',
541550
};
542551
oauthService.resolveCredential.mockResolvedValueOnce([
543552
mockResolvedCredential,
@@ -598,6 +607,7 @@ describe('OAuth2CredentialController', () => {
598607
userId: '123',
599608
origin: 'static-credential' as const,
600609
createdAt: timestamp,
610+
data: 'encrypted-data',
601611
};
602612
oauthService.resolveCredential.mockResolvedValueOnce([
603613
mockResolvedCredential,
@@ -661,6 +671,7 @@ describe('OAuth2CredentialController', () => {
661671
userId: '123',
662672
origin: 'static-credential' as const,
663673
createdAt: timestamp,
674+
data: 'encrypted-data',
664675
};
665676
oauthService.resolveCredential.mockResolvedValueOnce([
666677
mockResolvedCredential,

0 commit comments

Comments
 (0)