Protei/PromucFlow_constructor
2
0
Fork 0
Code Issues Pull Requests Actions 2 Packages Projects Releases Wiki Activity
4df6b9258f
PromucFlow_constructor/app
History
subratadeypappu 4df6b9258f
fix(oauth2): ensure single-valued hd parameter for Spring Boot 3.3.13+ compatibility (#41271) 
## Description
**Problem:**
Spring Boot 3.3.13 enforces single-valued OAuth2 parameters, causing
failures when multiple hd values are present in authorization requests.

**Solution:**
- Single-valued hd: Always 0 or 1 hd parameter
- Domain selection: Use request context to pick the domain
- Fallback: Use the first allowed domain when no match is found
- Multi-TLD support: Works with .com, .org, .io, etc.
- Proxy support: Handles X-Forwarded-Host headers
- Case-insensitive: Normalizes domain matching

EE Counterpart PR: https://github.com/appsmithorg/appsmith-ee/pull/8211

Fixes #`Issue Number`  
_or_  
Fixes `Issue URL`
> [!WARNING]  
> _If no issue exists, please create an issue first, and check with the
maintainers if the issue is valid._

## Automation

/ok-to-test tags="@tag.Authentication,@tag.Sanity"

### 🔍 Cypress test results
<!-- This is an auto-generated comment: Cypress test results  -->
> [!TIP]
> 🟢 🟢 🟢 All cypress tests have passed! 🎉 🎉 🎉
> Workflow run:
<https://github.com/appsmithorg/appsmith/actions/runs/18095565045>
> Commit: e4e0e93ddb4a2f9a7c2babd9247dcadafa73dc90
> <a
href="https://internal.appsmith.com/app/cypress-dashboard/rundetails-65890b3c81d7400d08fa9ee5?branch=master&workflowId=18095565045&attempt=2"
target="_blank">Cypress dashboard</a>.
> Tags: `@tag.Authentication,@tag.Sanity`
> Spec:
> <hr>Mon, 29 Sep 2025 12:34:36 UTC
<!-- end of auto-generated comment: Cypress test results  -->


## Communication
Should the DevRel and Marketing teams inform users about this change?
- [ ] Yes
- [ ] No


<!-- This is an auto-generated comment: release notes by coderabbit.ai
-->

## Summary by CodeRabbit

- New Features
- Improved OAuth login for setups with multiple allowed domains. The
system now auto-derives the most appropriate domain from incoming
requests, supports subdomain and multi-level matches, and gracefully
falls back when no match is found. Ensures OAuth parameters remain
single-valued for better compatibility and reliability.
- Tests
- Added comprehensive test coverage for multi-domain handling, subdomain
matching, fallback behavior, empty configurations, and parameter
single-value validation.

<!-- end of auto-generated comment: release notes by coderabbit.ai -->
2025-09-29 19:25:37 +06:00
..
client fix: tab navigation not working in Fixed Layout due to event listener timing issue (#41256) 2025-09-28 17:14:08 -07:00
server fix(oauth2): ensure single-valued hd parameter for Spring Boot 3.3.13+ compatibility (#41271) 2025-09-29 19:25:37 +06:00
util