Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
47cd68742e
PromucFlow_constructor/app/server
History
subratadeypappu 4df6b9258f
fix(oauth2): ensure single-valued hd parameter for Spring Boot 3.3.13+ compatibility (#41271) 
## Description
**Problem:**
Spring Boot 3.3.13 enforces single-valued OAuth2 parameters, causing
failures when multiple hd values are present in authorization requests.

**Solution:**
- Single-valued hd: Always 0 or 1 hd parameter
- Domain selection: Use request context to pick the domain
- Fallback: Use the first allowed domain when no match is found
- Multi-TLD support: Works with .com, .org, .io, etc.
- Proxy support: Handles X-Forwarded-Host headers
- Case-insensitive: Normalizes domain matching

EE Counterpart PR: https://github.com/appsmithorg/appsmith-ee/pull/8211

Fixes #`Issue Number`  
_or_  
Fixes `Issue URL`
> [!WARNING]  
> _If no issue exists, please create an issue first, and check with the
maintainers if the issue is valid._

## Automation

/ok-to-test tags="@tag.Authentication,@tag.Sanity"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/18095565045>
> Commit: e4e0e93ddb4a2f9a7c2babd9247dcadafa73dc90
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=18095565045&attempt=2"
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.Authentication,@tag.Sanity`
> Spec:
> <hr>Mon, 29 Sep 2025 12:34:36 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- New Features
- Improved OAuth login for setups with multiple allowed domains. The
system now auto-derives the most appropriate domain from incoming
requests, supports subdomain and multi-level matches, and gracefully
falls back when no match is found. Ensures OAuth parameters remain
single-valued for better compatibility and reliability.
- Tests
- Added comprehensive test coverage for multi-domain handling, subdomain
matching, fallback behavior, empty configurations, and parameter
single-value validation.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-09-29 19:25:37 +06:00
..
.run
appsmith-git chore: inclusive redis-cluster redis-cli (#41239) 2025-09-19 10:55:16 +00:00
appsmith-interfaces feat(backend): sort applications and workspaces alphabetically (#41253) 2025-09-25 11:55:06 +05:30
appsmith-plugins feat: add support for listing function versions and aliases in AWS Lambda Plugin (#41263) 2025-09-26 20:45:46 +05:30
appsmith-server fix(oauth2): ensure single-valued hd parameter for Spring Boot 3.3.13+ compatibility (#41271) 2025-09-29 19:25:37 +06:00
envs chore: Move signup_disabled and form_login_enabled from envs to DB (#39882) 2025-03-26 11:26:00 +05:30
mongo-seed
reactive-caching feat: Add instanceId to distributed lock keys for multi-instance isolation (#40966) 2025-06-19 12:20:59 +05:30
scripts chore: Revert "chore: delete redundant files" (#35022) 2024-07-18 16:18:10 +05:30
.gitignore feat: add git route aspect for branch handling (#41097) 2025-07-21 14:11:34 +05:30
build.sh test: Enable server tests for the PRs with base PG branch (#33429) 2024-05-22 15:55:20 +05:30
buildpack-run.sh
pom.xml fix: CVE-2024-38821 (#41188) 2025-08-25 18:04:59 +06:00
Procfile
README.md
system.properties

README.md

Appsmith Server

This is the server-side repository for the Appsmith framework.

For details on setting up your development machine, please refer to this Setup Guide.