MirrorSave
/
budibase
mirror of https://github.com/Budibase/budibase.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #15803 from Budibase/BUDI-9127/use-env-secrets-on-oauth2 

Allow using env secrets on oauth2
This commit is contained in:
Adria Navarro 2025-03-25 19:06:27 +01:00 committed by GitHub
parent ffcf8452f8 388f0276e8
commit ee066a86ff
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
4 changed files with 56 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
packages/bbui/src/Form/Core/EnvDropdown.svelte
View File

@ -25,11 +25,10 @@
let iconFocused = false let iconFocused = false
let open = false let open = false
//eslint-disable-next-line const STRIP_NAME_REGEX = /{{\s*env\.([^\s]+)\s*}}/g
const STRIP_NAME_REGEX = /(\w+?)(?=\ })/g
// Strips the name out of the value which is {{ env.Variable }} resulting in an array like ["Variable"] // Strips the name out of the value which is {{ env.Variable }} resulting in an array like ["Variable"]
$: hbsValue = String(value)?.match(STRIP_NAME_REGEX) || [] $: hbsValue = (String(value) && STRIP_NAME_REGEX.exec(String(value))) || []
const updateValue = (newValue: any) => { const updateValue = (newValue: any) => {
if (readonly) { if (readonly) {
@ -125,7 +124,7 @@
disabled={!!hbsValue.length || disabled} disabled={!!hbsValue.length || disabled}
{readonly} {readonly}
{id} {id}
value={(hbsValue.length ? `{{ ${hbsValue[0]} }}` : value) ?? ""} value={(hbsValue.length ? `{{ ${hbsValue[1]} }}` : value) ?? ""}
placeholder={placeholder || ""} placeholder={placeholder || ""}
on:click on:click
on:blur on:blur

9
packages/builder/src/pages/builder/app/[application]/settings/oauth2/OAuth2ConfigModalContent.svelte
View File

@ -1,4 +1,5 @@
<script lang="ts"> <script lang="ts">
import EnvVariableInput from "@/components/portal/environment/EnvVariableInput.svelte"
import { oauth2 } from "@/stores/builder" import { oauth2 } from "@/stores/builder"
import type { OAuth2Config } from "@/types" import type { OAuth2Config } from "@/types"
import { import {
@ -133,7 +134,9 @@
$: hasBeenSubmitted && validateConfig(data) $: hasBeenSubmitted && validateConfig(data)
$: isProtectedPassword = config?.clientSecret === PASSWORD_REPLACEMENT $: isProtectedPassword =
config?.clientSecret === PASSWORD_REPLACEMENT ||
config?.clientSecret.match(/{{\s*env\.[^\s]+\s*}}/)
</script> </script>
<ModalContent onConfirm={saveOAuth2Config} size="M"> <ModalContent onConfirm={saveOAuth2Config} size="M">
@ -195,13 +198,13 @@
full URL. full URL.
</Body> </Body>
</div> </div>
<Input <EnvVariableInput
label="Client ID*" label="Client ID*"
placeholder="Type here..." placeholder="Type here..."
bind:value={data.clientId} bind:value={data.clientId}
error={errors.clientId} error={errors.clientId}
/> />
<Input <EnvVariableInput
type={!isProtectedPassword ? "password" : "text"} type={!isProtectedPassword ? "password" : "text"}
label="Client secret*" label="Client secret*"
placeholder="Type here..." placeholder="Type here..."

3
packages/server/src/sdk/app/oauth2/utils.ts
View File

@ -7,6 +7,7 @@ import {
OAuth2GrantType, OAuth2GrantType,
} from "@budibase/types" } from "@budibase/types"
import { cache, context, docIds } from "@budibase/backend-core" import { cache, context, docIds } from "@budibase/backend-core"
import { processEnvironmentVariable } from "../../utils"
interface OAuth2LogDocument extends Document { interface OAuth2LogDocument extends Document {
lastUsage: number lastUsage: number
@ -21,6 +22,8 @@ async function fetchToken(config: {
method: OAuth2CredentialsMethod method: OAuth2CredentialsMethod
grantType: OAuth2GrantType grantType: OAuth2GrantType
}) { }) {
config = await processEnvironmentVariable(config)
const fetchConfig: RequestInit = { const fetchConfig: RequestInit = {
method: "POST", method: "POST",
headers: { headers: {

44
packages/server/src/sdk/utils/index.ts
View File

@ -1,6 +1,7 @@
import { environmentVariables } from "@budibase/pro" import { environmentVariables } from "@budibase/pro"
import { context, db as dbCore } from "@budibase/backend-core" import { context, db as dbCore } from "@budibase/backend-core"
import { AppEnvironment } from "@budibase/types" import { AppEnvironment } from "@budibase/types"
import { processString } from "@budibase/string-templates"
export async function getEnvironmentVariables() { export async function getEnvironmentVariables() {
let envVars = context.getEnvironmentVariables() let envVars = context.getEnvironmentVariables()
@ -14,3 +15,46 @@ export async function getEnvironmentVariables() {
} }
return envVars return envVars
} }
function isEnvironmentVariableKey(str: string) {
return str.match(/{{\s*env\.[^\s]+\s*}}/)
}
export async function processEnvironmentVariable<
T extends string | Record<string, string>
>(value: T): Promise<T> {
let envVariables: Record<string, string>
const getEnvVariables = async () => {
if (!envVariables) {
envVariables = await getEnvironmentVariables()
}
return envVariables
}
if (typeof value !== "string") {
for (const key of Object.keys(value)) {
value[key] = await _processEnvironmentVariable(
value[key],
getEnvVariables
)
}
return value
}
const result = await _processEnvironmentVariable(value, getEnvVariables)
return result as T
}
async function _processEnvironmentVariable(
str: string,
envVariables: () => Promise<Record<string, string>>
) {
if (!isEnvironmentVariableKey(str)) {
return str
}
const result = await processString(str, {
env: await envVariables(),
})
return result
}