At the moment, reactive Spring does not support AuditorAware implementation which also inserts the username of the user making the changes. Reference: https://jira.spring.io/browse/DATACMNS-1231.
This is to ensure that when we deploy in production, we can add redirect rules on Nginx. Now /api and /oauth2 urls will proxy to the API server while all other URLs will proxy to the frontend server.
Bug : After moving action, the action's isValid field becomes null leading to null pointer error.
Because the action was being saved directly, the isValid and invalid fields which are computed every time an action is updated, was not getting computed. isValid and invalids being null led to null pointer error after the action was moved. Fixed that by calling update instead of saving the action directly.
See merge request theappsmith/internal-tools-server!175
UpdateLayout Null Pointer Exception : In case the layouts are null or the DSL is null, it should be handled gracefully.
See merge request theappsmith/internal-tools-server!165
Converted Exceptions thrown in RestAPI plugin to Appsmith Plugin Exception so that its handled correctly.
See merge request theappsmith/internal-tools-server!162
Cleaning up the Github OAuth2 login flow by adding userNameAttribute to properties
This property helps define for Spring security which field in the OAuth2 user info to read in order to determine the username of the user. This is because this field is non-standard across different OAuth2 implementations. For each new OAuth2 provider that we support, this field will be required. Else the default name field will be picked up by Spring security (which is usually the id of the user).
See merge request theappsmith/internal-tools-server!156
This property helps define for Spring security which field in the OAuth2 user info to read in order to determine the username of the user. This is because this field is non-standard across different OAuth2 implementations. For each new OAuth2 provider that we support, this field will be required. Else the default name field will be picked up by Spring security (which is usually the id of the user).
Mock delete application which returns the application object which was being attempted to be deleted.
See merge request theappsmith/internal-tools-server!155
Adding Github login feature. Also adding condition to limit domain access in Google OAuth2
The domain restriction has been done by adding parameter `hd` in the function CustomServerOAuth2AuthorizationRequestResolver#authorizationRequest. We still verify if the OAuth2 response has the parameter `hd` to ensure that no client side manipulation has been performed.
See merge request theappsmith/internal-tools-server!153
The domain restriction has been done by adding parameter `hd` in the function CustomServerOAuth2AuthorizationRequestResolver#authorizationRequest. We still verify if the OAuth2 response has the parameter `hd` to ensure that no client side manipulation has been performed.
This property helps the spring security library derive the host name, protocol and port accurately even while running behind a Nginx load balancer. This is because nginx adds X-Forward-* headers that are parsed by Spring security library.
