ep_oauth 11.0.17 → 11.0.18

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -26,7 +26,7 @@ jobs:
26
26
  with:
27
27
  repository: ether/etherpad-lite
28
28
  path: etherpad-lite
29
- - uses: pnpm/action-setup@v3
29
+ - uses: pnpm/action-setup@v6
30
30
  name: Install pnpm
31
31
  with:
32
32
  version: 10
@@ -15,7 +15,7 @@ jobs:
15
15
  uses: actions/checkout@v6
16
16
  with:
17
17
  repository: ether/etherpad-lite
18
- - uses: pnpm/action-setup@v3
18
+ - uses: pnpm/action-setup@v6
19
19
  name: Install pnpm
20
20
  with:
21
21
  version: 10
@@ -31,7 +31,7 @@ jobs:
31
31
  uses: actions/checkout@v6
32
32
  with:
33
33
  repository: ether/etherpad-lite
34
- - uses: pnpm/action-setup@v5
34
+ - uses: pnpm/action-setup@v6
35
35
  name: Install pnpm
36
36
  with:
37
37
  version: 10
@@ -59,12 +59,20 @@ jobs:
59
59
  [ "${NEW_COMMITS}" -gt 0 ] || exit 0
60
60
  git config user.name 'github-actions[bot]'
61
61
  git config user.email '41898282+github-actions[bot]@users.noreply.github.com'
62
- pnpm i
62
+ pnpm i --frozen-lockfile
63
63
  # `pnpm version patch` bumps package.json, makes a commit, and creates
64
64
  # a `v<new-version>` tag. Capture the new tag name from package.json
65
65
  # rather than parsing pnpm's output, which has historically varied.
66
- pnpm version patch
67
- NEW_TAG="v$(node -p "require('./package.json').version")"
66
+ # Bump the patch component directly with Node. pnpm/action-setup@v6
67
+ # sometimes installs pnpm 11 pre-releases even when version: 10.x is
68
+ # requested (pnpm/action-setup#225); those pre-releases either skip
69
+ # the git commit/tag or reject --no-git-tag-version as unknown.
70
+ # Doing the bump in Node sidesteps both failure modes.
71
+ NEW_VERSION=$(node -e "const fs=require('fs');const p=require('./package.json');const v=p.version.split('.');v[2]=String(Number(v[2])+1);p.version=v.join('.');fs.writeFileSync('./package.json',JSON.stringify(p,null,2)+'\n');console.log(p.version);")
72
+ NEW_TAG="v${NEW_VERSION}"
73
+ git add package.json
74
+ git commit -m "${NEW_TAG}"
75
+ git tag -a "${NEW_TAG}" -m "${NEW_TAG}"
68
76
  # CRITICAL: use --atomic so the branch update and the tag update
69
77
  # succeed (or fail) as a single transaction on the server. The old
70
78
  # `git push --follow-tags` was non-atomic per ref: if a concurrent
package/auth.js CHANGED
@@ -8,15 +8,29 @@ const request = require('request');
8
8
  /* eslint-disable-next-line node/no-unpublished-require */
9
9
  const OAuth2 = require('oauth').OAuth2;
10
10
 
11
- // Setup the oauth2 connector -- Doesn't establish any connections etc.
12
- const oauth2 = new OAuth2(settings.ep_oauth.clientID,
13
- settings.ep_oauth.clientSecret,
14
- 'https://github.com/',
15
- 'login/oauth/authorize',
16
- 'login/oauth/access_token',
17
- null); /** Custom headers */
11
+ // If the plugin is installed but the operator hasn't added the
12
+ // `ep_oauth` block to settings.json yet, reading `.clientID` on an
13
+ // undefined object used to crash Etherpad at startup with a cryptic
14
+ // "Cannot read properties of undefined" (that's what produced the "can't
15
+ // access site" report in #63). Bail cleanly with a warning instead so
16
+ // Etherpad keeps running; the plugin's hooks self-disable when the
17
+ // client isn't configured.
18
+ let oauth2 = null;
19
+ if (settings.ep_oauth && settings.ep_oauth.clientID && settings.ep_oauth.clientSecret) {
20
+ // Setup the oauth2 connector -- Doesn't establish any connections etc.
21
+ oauth2 = new OAuth2(settings.ep_oauth.clientID,
22
+ settings.ep_oauth.clientSecret,
23
+ 'https://github.com/',
24
+ 'login/oauth/authorize',
25
+ 'login/oauth/access_token',
26
+ null); /** Custom headers */
27
+ } else {
28
+ console.warn(
29
+ 'ep_oauth: missing settings.ep_oauth.clientID / clientSecret — plugin disabled');
30
+ }
18
31
 
19
32
  exports.expressConfigure = (hookName, args, cb) => {
33
+ if (!oauth2) return cb && cb();
20
34
  // args.app.get('/auth/callback', function(req, res){
21
35
 
22
36
  // THIRD STEP
@@ -92,6 +106,7 @@ exports.expressConfigure = (hookName, args, cb) => {
92
106
 
93
107
  // FIRST STEP
94
108
  exports.authorize = (hookName, args, cb) => {
109
+ if (!oauth2) return cb([true]); // plugin disabled, don't block the request
95
110
  // Never lands here for url /auth/callback
96
111
  if (args.req.url.indexOf('/auth') === 0) return cb([true]);
97
112
 
@@ -104,6 +119,7 @@ exports.authorize = (hookName, args, cb) => {
104
119
 
105
120
  // SECOND STEP
106
121
  exports.authenticate = (hookName, args, cb) => {
122
+ if (!oauth2) return cb([]); // plugin disabled, defer to other auth plugins
107
123
  console.debug(`Database Write -> oauthredirectlookup:${args.req.sessionID}`, '---', args.req.url);
108
124
  db.set(`oauthredirectlookup:${args.req.sessionID}`, args.req.url);
109
125
  // User is not authorized so we need to do the authentication step
package/package.json CHANGED
@@ -1,7 +1,7 @@
1
1
  {
2
2
  "name": "ep_oauth",
3
3
  "description": "Oauth2 authentication for Etherpad",
4
- "version": "11.0.17",
4
+ "version": "11.0.18",
5
5
  "author": {
6
6
  "name": "John McLear",
7
7
  "email": "john@mclear.co.uk",
@@ -25,8 +25,8 @@
25
25
  },
26
26
  "devDependencies": {
27
27
  "eslint": "^8.57.1",
28
- "eslint-config-etherpad": "^4.0.4",
29
- "typescript": "^6.0.2"
28
+ "eslint-config-etherpad": "^4.0.5",
29
+ "typescript": "^6.0.3"
30
30
  },
31
31
  "scripts": {
32
32
  "lint": "eslint .",