Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix(oauth): dont convert config values to string when building consent url #20932

Merged
merged 3 commits into from
Jan 3, 2023

Conversation

pedroslopez
Copy link
Contributor

@pedroslopez pedroslopez commented Dec 30, 2022

What

Fixes OC issue https://github.com/airbytehq/oncall/issues/1250

If the configuration passed to generate the consent URL includes non-string values, they would be implicitly converted to strings when replacing masked values with secrets.

We noticed this happening specifically for Salesforce when re-authenticating the source, since it uses the is_sandbox field, which is a boolean. Issuing the get_consent_url call for an already created connector would return a 422 status code with the following error:

io.airbyte.validation.json.JsonValidationException: json schema validation failed when comparing the data to the json schema. 
Errors: $.is_sandbox: string found, boolean expected 
Schema: 
{
  "type" : "object",
  "properties" : {
    "is_sandbox" : {
      "type" : "boolean",
      "path_in_connector_config" : [ "is_sandbox" ]
    }
  },
  "additionalProperties" : false
}

How

The getOAuthFromDBIfNeeded method was using a string map and calling Jsons.deserializeToStringMap, which basically converts all values to strings. In order to keep the original types, I reworked the implementation to use JsonNodes directly.

@pedroslopez pedroslopez temporarily deployed to more-secrets December 30, 2022 06:10 — with GitHub Actions Inactive
@pedroslopez pedroslopez temporarily deployed to more-secrets December 30, 2022 06:11 — with GitHub Actions Inactive
final String k = entry.getKey();
final JsonNode v = entry.getValue();

// Note: This does not currently handle replacing masked secrets within nested objects.
Copy link
Contributor Author

@pedroslopez pedroslopez Dec 30, 2022

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed this, but it's not an new issue, just commented in case it comes up sometime in the future. I verified with the previous behavior and if there was a nested object in the input configuration, deserializeToStringMap actually threw an error.

@pedroslopez pedroslopez temporarily deployed to more-secrets December 30, 2022 17:51 — with GitHub Actions Inactive
@pedroslopez pedroslopez temporarily deployed to more-secrets December 30, 2022 17:52 — with GitHub Actions Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging this pull request may close these issues.

4 participants