603 better oauth datasources #611
Conversation
…e api (localhost:8080 to be used instead of the old localhost:8006)
|
Minimum allowed coverage is Generated by 🐒 cobertura-action against b4f9ea2 |
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
There was a problem hiding this comment.
ESLint found more than 20 potential problems in the proposed changes. Check the Files changed tab for more details.
…handling of new route to get the redirect url for oauth to be completed
webapp/src/router.ts
Outdated
| server.get('/register', unauthedMiddlewareChain, checkSessionWelcome, renderStaticPage(app, '/register')); | ||
| server.get( | ||
| '/login', | ||
| unauthedMiddlewareChain, |
Check failure
Code scanning / CodeQL
Missing rate limiting High
…ve the internal airbyte api handle it
…ill need to patch bugs, fix issues, make dynamic
|
Current status of the code:
The next few commits will likely be refactoring the implementation to do the following in order:
|
… for dynamic custom passport use
| oauthRouter.get( | ||
| '/hubspot/callback', | ||
| useSession, | ||
| useJWT, |
Check failure
Code scanning / CodeQL
Missing rate limiting High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to introduce rate limiting to the routes that use the useJWT middleware. The best way to achieve this is by using the express-rate-limit package, which allows us to easily set up and apply rate limiting to specific routes or the entire application.
- Install the
express-rate-limitpackage. - Import the
express-rate-limitpackage in thewebapp/src/router.tsfile. - Set up a rate limiter with appropriate configuration (e.g., maximum of 100 requests per 15 minutes).
- Apply the rate limiter to the routes that use the
useJWTmiddleware.
| @@ -33,2 +33,8 @@ | ||
| import { PlanLimitsKeys, pricingMatrix, SubscriptionPlan } from 'struct/billing'; | ||
| import RateLimit from 'express-rate-limit'; | ||
|
|
||
| const limiter = RateLimit({ | ||
| windowMs: 15 * 60 * 1000, // 15 minutes | ||
| max: 100, // max 100 requests per windowMs | ||
| }); | ||
|
|
||
| @@ -103,2 +109,3 @@ | ||
| '/google/callback', | ||
| limiter, | ||
| useSession, | ||
| @@ -130,2 +137,3 @@ | ||
| '/hubspot/callback', | ||
| limiter, | ||
| useSession, |
| @@ -127,3 +127,4 @@ | ||
| "tsconfig-paths": "^4.2.0", | ||
| "uuid": "^9.0.1" | ||
| "uuid": "^9.0.1", | ||
| "express-rate-limit": "^7.4.1" | ||
| }, |
| Package | Version | Security advisories |
| express-rate-limit (npm) | 7.4.1 | None |
| oauthRouter.get( | ||
| '/salesforce/callback', | ||
| useSession, | ||
| useJWT, |
Check failure
Code scanning / CodeQL
Missing rate limiting High
| oauthRouter.get( | ||
| '/xero/callback', | ||
| useSession, | ||
| useJWT, |
Check failure
Code scanning / CodeQL
Missing rate limiting High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to introduce rate limiting to the route handlers that perform authorization. The best way to do this is by using the express-rate-limit package, which allows us to easily set up rate limiting middleware. We will configure the rate limiter to allow a maximum of 100 requests per 15 minutes and apply it to the relevant routes.
- Install the
express-rate-limitpackage. - Import the
express-rate-limitpackage in thewebapp/src/router.tsfile. - Set up the rate limiter with the desired configuration.
- Apply the rate limiter to the relevant routes.
| @@ -33,2 +33,8 @@ | ||
| import { PlanLimitsKeys, pricingMatrix, SubscriptionPlan } from 'struct/billing'; | ||
| import RateLimit from 'express-rate-limit'; | ||
|
|
||
| const limiter = RateLimit({ | ||
| windowMs: 15 * 60 * 1000, // 15 minutes | ||
| max: 100, // max 100 requests per windowMs | ||
| }); | ||
|
|
||
| @@ -130,2 +136,3 @@ | ||
| '/hubspot/callback', | ||
| limiter, | ||
| useSession, | ||
| @@ -151,2 +158,3 @@ | ||
| '/salesforce/callback', | ||
| limiter, | ||
| useSession, | ||
| @@ -172,2 +180,3 @@ | ||
| '/xero/callback', | ||
| limiter, | ||
| useSession, |
| @@ -127,3 +127,4 @@ | ||
| "tsconfig-paths": "^4.2.0", | ||
| "uuid": "^9.0.1" | ||
| "uuid": "^9.0.1", | ||
| "express-rate-limit": "^7.4.1" | ||
| }, |
| Package | Version | Security advisories |
| express-rate-limit (npm) | 7.4.1 | None |
…tible verify callback
| oauthRouter.get( | ||
| '/airtable/callback', | ||
| useSession, | ||
| useJWT, |
Check failure
Code scanning / CodeQL
Missing rate limiting High
Show autofix suggestion
Hide autofix suggestion
Copilot Autofix AI 2 months ago
To fix the problem, we need to introduce rate limiting to the routes that use the useJWT middleware. The best way to do this is by using the express-rate-limit package, which allows us to easily set up rate limiting for our Express routes. We will create a rate limiter and apply it to the relevant routes to ensure that they are protected against excessive requests.
- Install the
express-rate-limitpackage if it is not already installed. - Import the
express-rate-limitpackage in thewebapp/src/router.tsfile. - Create a rate limiter with appropriate settings (e.g., maximum of 100 requests per 15 minutes).
- Apply the rate limiter to the routes that use the
useJWTmiddleware.
| @@ -33,2 +33,8 @@ | ||
| import { PlanLimitsKeys, pricingMatrix, SubscriptionPlan } from 'struct/billing'; | ||
| import RateLimit from 'express-rate-limit'; | ||
|
|
||
| const limiter = RateLimit({ | ||
| windowMs: 15 * 60 * 1000, // 15 minutes | ||
| max: 100, // max 100 requests per windowMs | ||
| }); | ||
|
|
||
| @@ -172,2 +178,3 @@ | ||
| '/xero/callback', | ||
| limiter, | ||
| useSession, | ||
| @@ -208,2 +215,3 @@ | ||
| '/airtable/callback', | ||
| limiter, | ||
| useSession, |
| @@ -127,3 +127,4 @@ | ||
| "tsconfig-paths": "^4.2.0", | ||
| "uuid": "^9.0.1" | ||
| "uuid": "^9.0.1", | ||
| "express-rate-limit": "^7.4.1" | ||
| }, |
| Package | Version | Security advisories |
| express-rate-limit (npm) | 7.4.1 | None |
|
Somewhere along the line here a bug was introduced that replaced the file upload/drop area with the connectors dropdown |
|
@NaderRNA what's happening with this PR?? where are we with this?? |
|
Currently the branch supports custom OAuth implementation for any OAuth provider where we have a Client ID and Client Secret for the oauth. Currently HubSpot is completley functional using OAuth but there are some issues with out Airtable, Salesforce and Xero app credentials so I'm just trying to iron those out with Andrew. |
This reverts commit cea520e.
|
reverting back because Airtable was creating more problems as I was implementing it. Using custom strategies on passport seems to be broken with our current versions of passport.js. To use airtable or anything not supported by passport.js, a custom implementation is required that skips passport implementation and is completely end to end handled by the webapp |
Ability to connect to datasources (airbyte) using OAuth login page
Uses passport.js to authenticate the OAuth, gets the refreshToken (which is the only thing airbyte needs to establish a connection to a source with OAuth).
Aims to keep current datasource flow as unchanged as possible.
We only have client ID and client Secrets for the following which will be the only ones supported:
(crossed out oauth providers are implemented)