@budibase/worker 2.4.20 → 2.4.23
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
package/package.json
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "@budibase/worker",
|
|
3
3
|
"email": "hi@budibase.com",
|
|
4
|
-
"version": "2.4.
|
|
4
|
+
"version": "2.4.23",
|
|
5
5
|
"description": "Budibase background service",
|
|
6
6
|
"main": "src/index.ts",
|
|
7
7
|
"repository": {
|
|
@@ -36,10 +36,10 @@
|
|
|
36
36
|
"author": "Budibase",
|
|
37
37
|
"license": "GPL-3.0",
|
|
38
38
|
"dependencies": {
|
|
39
|
-
"@budibase/backend-core": "^2.4.
|
|
40
|
-
"@budibase/pro": "2.4.
|
|
41
|
-
"@budibase/string-templates": "^2.4.
|
|
42
|
-
"@budibase/types": "^2.4.
|
|
39
|
+
"@budibase/backend-core": "^2.4.23",
|
|
40
|
+
"@budibase/pro": "2.4.21",
|
|
41
|
+
"@budibase/string-templates": "^2.4.23",
|
|
42
|
+
"@budibase/types": "^2.4.23",
|
|
43
43
|
"@koa/router": "8.0.8",
|
|
44
44
|
"@sentry/node": "6.17.7",
|
|
45
45
|
"@techpass/passport-openidconnect": "0.3.2",
|
|
@@ -101,5 +101,5 @@
|
|
|
101
101
|
"typescript": "4.7.3",
|
|
102
102
|
"update-dotenv": "1.1.1"
|
|
103
103
|
},
|
|
104
|
-
"gitHead": "
|
|
104
|
+
"gitHead": "8db9f943047b6742a74333c9fa8d73109de85f05"
|
|
105
105
|
}
|
package/src/environment.ts
CHANGED
|
@@ -30,10 +30,8 @@ const environment = {
|
|
|
30
30
|
// auth
|
|
31
31
|
MINIO_ACCESS_KEY: process.env.MINIO_ACCESS_KEY,
|
|
32
32
|
MINIO_SECRET_KEY: process.env.MINIO_SECRET_KEY,
|
|
33
|
-
JWT_SECRET: process.env.JWT_SECRET,
|
|
34
33
|
SALT_ROUNDS: process.env.SALT_ROUNDS,
|
|
35
34
|
REDIS_PASSWORD: process.env.REDIS_PASSWORD,
|
|
36
|
-
INTERNAL_API_KEY: process.env.INTERNAL_API_KEY,
|
|
37
35
|
COOKIE_DOMAIN: process.env.COOKIE_DOMAIN,
|
|
38
36
|
// urls
|
|
39
37
|
MINIO_URL: process.env.MINIO_URL,
|
|
@@ -1,5 +1,5 @@
|
|
|
1
1
|
import env from "../environment"
|
|
2
|
-
import { constants } from "@budibase/backend-core"
|
|
2
|
+
import { constants, utils } from "@budibase/backend-core"
|
|
3
3
|
import { BBContext } from "@budibase/types"
|
|
4
4
|
|
|
5
5
|
/**
|
|
@@ -9,7 +9,15 @@ import { BBContext } from "@budibase/types"
|
|
|
9
9
|
export default async (ctx: BBContext, next: any) => {
|
|
10
10
|
if (!env.SELF_HOSTED && !env.DISABLE_ACCOUNT_PORTAL) {
|
|
11
11
|
const apiKey = ctx.request.headers[constants.Header.API_KEY]
|
|
12
|
-
if (apiKey
|
|
12
|
+
if (!apiKey) {
|
|
13
|
+
ctx.throw(403, "Unauthorized")
|
|
14
|
+
}
|
|
15
|
+
|
|
16
|
+
if (Array.isArray(apiKey)) {
|
|
17
|
+
ctx.throw(403, "Unauthorized")
|
|
18
|
+
}
|
|
19
|
+
|
|
20
|
+
if (!utils.isValidInternalAPIKey(apiKey)) {
|
|
13
21
|
ctx.throw(403, "Unauthorized")
|
|
14
22
|
}
|
|
15
23
|
}
|
package/src/sdk/auth/auth.ts
CHANGED
|
@@ -5,10 +5,10 @@ import {
|
|
|
5
5
|
sessions,
|
|
6
6
|
events,
|
|
7
7
|
HTTPError,
|
|
8
|
+
env as coreEnv,
|
|
8
9
|
} from "@budibase/backend-core"
|
|
9
10
|
import { PlatformLogoutOpts, User } from "@budibase/types"
|
|
10
11
|
import jwt from "jsonwebtoken"
|
|
11
|
-
import env from "../../environment"
|
|
12
12
|
import * as userSdk from "../users"
|
|
13
13
|
import * as emails from "../../utilities/email"
|
|
14
14
|
import * as redis from "../../utilities/redis"
|
|
@@ -26,7 +26,7 @@ export async function loginUser(user: User) {
|
|
|
26
26
|
sessionId,
|
|
27
27
|
tenantId,
|
|
28
28
|
},
|
|
29
|
-
|
|
29
|
+
coreEnv.JWT_SECRET!
|
|
30
30
|
)
|
|
31
31
|
return token
|
|
32
32
|
}
|
|
@@ -74,7 +74,6 @@ class TestConfiguration {
|
|
|
74
74
|
const request: any = {}
|
|
75
75
|
// fake cookies, we don't need them
|
|
76
76
|
request.cookies = { set: () => {}, get: () => {} }
|
|
77
|
-
request.config = { jwtSecret: env.JWT_SECRET }
|
|
78
77
|
request.user = { tenantId: this.getTenantId() }
|
|
79
78
|
request.query = {}
|
|
80
79
|
request.request = {
|
|
@@ -180,7 +179,7 @@ class TestConfiguration {
|
|
|
180
179
|
sessionId: "sessionid",
|
|
181
180
|
tenantId: user.tenantId,
|
|
182
181
|
}
|
|
183
|
-
const authCookie = auth.jwt.sign(authToken,
|
|
182
|
+
const authCookie = auth.jwt.sign(authToken, coreEnv.JWT_SECRET)
|
|
184
183
|
return {
|
|
185
184
|
Accept: "application/json",
|
|
186
185
|
...this.cookieHeader([`${constants.Cookie.Auth}=${authCookie}`]),
|
|
@@ -197,7 +196,7 @@ class TestConfiguration {
|
|
|
197
196
|
}
|
|
198
197
|
|
|
199
198
|
internalAPIHeaders() {
|
|
200
|
-
return { [constants.Header.API_KEY]:
|
|
199
|
+
return { [constants.Header.API_KEY]: coreEnv.INTERNAL_API_KEY }
|
|
201
200
|
}
|
|
202
201
|
|
|
203
202
|
adminOnlyResponse = () => {
|
|
@@ -277,7 +276,7 @@ class TestConfiguration {
|
|
|
277
276
|
// CONFIGS - OIDC
|
|
278
277
|
|
|
279
278
|
getOIDConfigCookie(configId: string) {
|
|
280
|
-
const token = auth.jwt.sign(configId,
|
|
279
|
+
const token = auth.jwt.sign(configId, coreEnv.JWT_SECRET)
|
|
281
280
|
return this.cookieHeader([[`${constants.Cookie.OIDC_CONFIG}=${token}`]])
|
|
282
281
|
}
|
|
283
282
|
|
|
@@ -1,5 +1,10 @@
|
|
|
1
1
|
import fetch from "node-fetch"
|
|
2
|
-
import {
|
|
2
|
+
import {
|
|
3
|
+
constants,
|
|
4
|
+
tenancy,
|
|
5
|
+
logging,
|
|
6
|
+
env as coreEnv,
|
|
7
|
+
} from "@budibase/backend-core"
|
|
3
8
|
import { checkSlashesInUrl } from "../utilities"
|
|
4
9
|
import env from "../environment"
|
|
5
10
|
import { SyncUserRequest, User } from "@budibase/types"
|
|
@@ -9,7 +14,7 @@ async function makeAppRequest(url: string, method: string, body: any) {
|
|
|
9
14
|
return
|
|
10
15
|
}
|
|
11
16
|
const request: any = { headers: {} }
|
|
12
|
-
request.headers[constants.Header.API_KEY] =
|
|
17
|
+
request.headers[constants.Header.API_KEY] = coreEnv.INTERNAL_API_KEY
|
|
13
18
|
if (tenancy.isTenantIdSet()) {
|
|
14
19
|
request.headers[constants.Header.TENANT_ID] = tenancy.getTenantId()
|
|
15
20
|
}
|