From 452aabdec68984efb8b20eeabbe332be62c7860d Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Tue, 10 Sep 2024 12:36:28 +0200 Subject: [PATCH 1/3] :bug: Don't send user props on auth token after oidc login --- backend/src/app/auth/oidc.clj | 1 - backend/src/app/rpc/commands/verify_token.clj | 12 ++---------- 2 files changed, 2 insertions(+), 11 deletions(-) diff --git a/backend/src/app/auth/oidc.clj b/backend/src/app/auth/oidc.clj index 2ac5ab8308..049b95c176 100644 --- a/backend/src/app/auth/oidc.clj +++ b/backend/src/app/auth/oidc.clj @@ -567,7 +567,6 @@ (tokens/generate (::setup/props cfg) {:iss :auth :exp (dt/in-future "15m") - :props (:props info) :profile-id (:id profile)})) props (audit/profile->props profile) context (d/without-nils {:external-session-id (:external-session-id info)})] diff --git a/backend/src/app/rpc/commands/verify_token.clj b/backend/src/app/rpc/commands/verify_token.clj index 67b5425b77..89f56ec850 100644 --- a/backend/src/app/rpc/commands/verify_token.clj +++ b/backend/src/app/rpc/commands/verify_token.clj @@ -82,16 +82,8 @@ (defmethod process-token :auth [{:keys [conn] :as cfg} _params {:keys [profile-id] :as claims}] - (let [profile (profile/get-profile conn profile-id {::sql/for-update true}) - props (merge (:props profile) - (:props claims))] - (when (not= props (:props profile)) - (db/update! conn :profile - {:props (db/tjson props)} - {:id profile-id})) - - (let [profile (assoc profile :props props)] - (assoc claims :profile profile)))) + (let [profile (profile/get-profile conn profile-id)] + (assoc claims :profile profile))) ;; --- Team Invitation From e79f9ba40fecd2028abbd2dceabbd09d7d23ef62 Mon Sep 17 00:00:00 2001 From: Andrey Antukh Date: Tue, 10 Sep 2024 12:37:01 +0200 Subject: [PATCH 2/3] :bug: Increase token limit --- backend/src/app/rpc/commands/verify_token.clj | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/src/app/rpc/commands/verify_token.clj b/backend/src/app/rpc/commands/verify_token.clj index 89f56ec850..6ed6d58140 100644 --- a/backend/src/app/rpc/commands/verify_token.clj +++ b/backend/src/app/rpc/commands/verify_token.clj @@ -30,7 +30,7 @@ (def ^:private schema:verify-token [:map {:title "verify-token"} - [:token [:string {:max 1000}]]]) + [:token [:string {:max 5000}]]]) (sv/defmethod ::verify-token {::rpc/auth false From 5bfb39cdf6d55902367201cdd14e64e0a88d5eca Mon Sep 17 00:00:00 2001 From: Alejandro Alonso Date: Wed, 11 Sep 2024 11:17:29 +0200 Subject: [PATCH 3/3] :bug: Fix challenge redirect with parameters --- frontend/src/app/main/data/users.cljs | 4 +++- frontend/src/app/util/router.cljs | 2 +- 2 files changed, 4 insertions(+), 2 deletions(-) diff --git a/frontend/src/app/main/data/users.cljs b/frontend/src/app/main/data/users.cljs index bd27cddb8a..de3511d6fa 100644 --- a/frontend/src/app/main/data/users.cljs +++ b/frontend/src/app/main/data/users.cljs @@ -143,7 +143,9 @@ (if (and (= :authorization (:type data)) (= :challenge-required (:code data))) (let [path (rt/get-current-path) - href (str "/challenge.html?redirect=" path)] + href (-> path + (str "/challenge.html?redirect=") + (js/encodeURIComponent))] (rx/of (rt/nav-raw href))) (rx/throw cause)))) diff --git a/frontend/src/app/util/router.cljs b/frontend/src/app/util/router.cljs index cb17f1a80b..aab6a4249d 100644 --- a/frontend/src/app/util/router.cljs +++ b/frontend/src/app/util/router.cljs @@ -13,7 +13,7 @@ [app.main.data.events :as ev] [app.util.browser-history :as bhistory] [app.util.dom :as dom] - [app.util.globals :as globals] + [app.util.globals :as globals] [app.util.timers :as ts] [beicon.v2.core :as rx] [cuerdas.core :as str]