Cleaning up the Github OAuth2 login flow by adding userNameAttribute to properties
This property helps define for Spring security which field in the OAuth2 user info to read in order to determine the username of the user. This is because this field is non-standard across different OAuth2 implementations. For each new OAuth2 provider that we support, this field will be required. Else the default name field will be picked up by Spring security (which is usually the id of the user).
See merge request theappsmith/internal-tools-server!156
This property helps define for Spring security which field in the OAuth2 user info to read in order to determine the username of the user. This is because this field is non-standard across different OAuth2 implementations. For each new OAuth2 provider that we support, this field will be required. Else the default name field will be picked up by Spring security (which is usually the id of the user).
Mock delete application which returns the application object which was being attempted to be deleted.
See merge request theappsmith/internal-tools-server!155
Adding Github login feature. Also adding condition to limit domain access in Google OAuth2
The domain restriction has been done by adding parameter `hd` in the function CustomServerOAuth2AuthorizationRequestResolver#authorizationRequest. We still verify if the OAuth2 response has the parameter `hd` to ensure that no client side manipulation has been performed.
See merge request theappsmith/internal-tools-server!153
The domain restriction has been done by adding parameter `hd` in the function CustomServerOAuth2AuthorizationRequestResolver#authorizationRequest. We still verify if the OAuth2 response has the parameter `hd` to ensure that no client side manipulation has been performed.
This property helps the spring security library derive the host name, protocol and port accurately even while running behind a Nginx load balancer. This is because nginx adds X-Forward-* headers that are parsed by Spring security library.
This is required for OAuth2 failure handling. When the client makes an OAuth2 request, we don't receive an origin header. If the OAuth2 login fails for some reason, our failure handler will not redirect correctly unless we also check for the referer header.
This is required because when we host inside a docker container, the default host and port picked up by the code is the docker container's name & port. This will not work when Google (for example) needs to redirect back to our server after authentication is complete. Hence, we need to customize the default redirect uri for all OAuth2 endpoints.
Handling the case where the user tries to reset the password for a user that doesn't yet exist in the system. We now return a 404 error for this scenario.
See merge request theappsmith/internal-tools-server!151
Fixing the bug which prevented the reset password token from being saved in the DB
The issue was that the chain would receive a mono instead of an object. This would cause it to not persist the token in the DB. Moving to flatMap fixes this problem as we then deal with the actual object instead of the Mono.
Also fixing the url encoding in the email to ensure that the links generated are correct. By default mustache does HTML escaping and not URL encoding.
See merge request theappsmith/internal-tools-server!147
The issue was that the chain would receive a mono instead of an object. This would cause it to not persist the token in the DB. Moving to flatMap fixes this problem as we then deal with the actual object instead of the Mono.
Also fixing the url encoding in the email to ensure that the links generated are correct. By default mustache does HTML escaping and not URL encoding.
Removed Graph. Extracting action names from JS function as well. Updating LayoutLoadActions to include that
See merge request theappsmith/internal-tools-server!145
Increasing the redis inactive session timeout to 30 days
Now when a user doesn't log into the Appsmith system for 30 days, they will get logged out.
See merge request theappsmith/internal-tools-server!144
Filtering out the groups based on the user's current organization ID
Also refactoring the code to use the MultiValueMap for filter params which is a generic implementation and can support filtering on multiple fields of the domain object groups. This can be replicated to other domain objects as well.
See merge request theappsmith/internal-tools-server!143
Also refactoring the code to use the MultiValueMap for filter params which is a generic implementation and can support filtering on multiple fields of the domain object groups. This can be replicated to other domain objects as well.
Ensuring that a user's personal workspace name is their first name by default.
This is because the full name makes the entire workspace name very long. If we just use the first name, it'll be a shorter string and easier to read by the end user as well.
See merge request theappsmith/internal-tools-server!142
This is because the full name makes the entire workspace name very long. If we just use the first name, it'll be a shorter string and easier to read by the end user as well.
Modifying the forgotPassword flow to send the email to the user with a clickable URL.
Also adding the domain to which we need to link to in the resetPassword POST body. This will ensure that we send a valid URL to redirect the user back to the client app to ensure that they can set a new password.
See merge request theappsmith/internal-tools-server!138
2. Only dependencies of actions over other actions are counted. If the action is dependent on widgets, thats is not counted as a dependency and is left for the frontend to handle.
