Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[backend] Fix auth0 provider for env variable (#9554) #9557

Merged
merged 4 commits into from
Jan 10, 2025
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
59 changes: 36 additions & 23 deletions opencti-platform/opencti-graphql/src/config/conf.js
Original file line number Diff line number Diff line change
Expand Up @@ -96,41 +96,54 @@ nconf.file('default', resolveEnvFile('default'));
const appLogLevel = nconf.get('app:app_logs:logs_level');
const appLogFileTransport = booleanConf('app:app_logs:logs_files', true);
const appLogConsoleTransport = booleanConf('app:app_logs:logs_console', true);
export const appLogLevelMaxArraySize = nconf.get('app:app_logs:max_array_size') ?? 50;
export const appLogLevelMaxStringSize = nconf.get('app:app_logs:max_string_size') ?? 5000;
export const appLogLevelMaxDepthSize = nconf.get('app:app_logs:control:max_depth_size') ?? 5;
export const appLogLevelMaxDepthKeys = nconf.get('app:app_logs:control:max_depth_keys') ?? 20;
export const appLogLevelMaxArraySize = nconf.get('app:app_logs:control:max_array_size') ?? 50;
export const appLogLevelMaxStringSize = nconf.get('app:app_logs:control:max_string_size') ?? 5000;
export const appLogExtendedErrors = booleanConf('app:app_logs:extended_error_message', false);
export const extendedErrors = (metaExtension) => {
if (appLogExtendedErrors) {
return metaExtension;
}
return {};
};
export const limitMetaErrorComplexity = (obj) => {
if (Array.isArray(obj)) {
// Create a new array with a limited size
const limitedArray = obj.slice(0, appLogLevelMaxArraySize);
// Recursively process each item in the truncated array
const processedArray = [];
for (let i = 0; i < limitedArray.length; i += 1) {
processedArray[i] = limitMetaErrorComplexity(limitedArray[i]);
const limitMetaErrorComplexityWrapper = (obj, acc, current_depth = 0) => {
const noMaxDepth = current_depth < appLogLevelMaxDepthSize;
const noMaxKeys = acc.current_nb_key < appLogLevelMaxDepthKeys;
const isNotAKeyFunction = typeof obj !== 'function';
if (obj !== null && noMaxDepth && noMaxKeys && isNotAKeyFunction) {
if (Array.isArray(obj)) {
// Create a new array with a limited size
const limitedArray = obj.slice(0, appLogLevelMaxArraySize);
// Recursively process each item in the truncated array
const processedArray = [];
for (let i = 0; i < limitedArray.length; i += 1) {
processedArray[i] = limitMetaErrorComplexityWrapper(limitedArray[i], acc, current_depth);
}
return processedArray;
}
return processedArray;
}
if (typeof obj === 'string' && obj.length > appLogLevelMaxStringSize) {
return `${obj.substring(0, appLogLevelMaxStringSize - 3)}...`;
}
if (obj !== null && typeof obj === 'object') {
// Create a new object to hold the processed properties
const limitedObject = {};
const keys = Object.keys(obj); // Get the keys of the object
for (let i = 0; i < keys.length; i += 1) {
const key = keys[i];
limitedObject[key] = limitMetaErrorComplexity(obj[key]);
if (typeof obj === 'string' && obj.length > appLogLevelMaxStringSize) {
return `${obj.substring(0, appLogLevelMaxStringSize - 3)}...`;
}
if (typeof obj === 'object') {
// Create a new object to hold the processed properties
const limitedObject = {};
const keys = Object.keys(obj); // Get the keys of the object
const newDepth = current_depth + 1;
for (let i = 0; i < keys.length; i += 1) {
acc.current_nb_key += 1;
const key = keys[i];
limitedObject[key] = limitMetaErrorComplexityWrapper(obj[key], acc, newDepth);
}
return limitedObject;
}
return limitedObject;
}
return obj;
};
export const limitMetaErrorComplexity = (obj) => {
const acc = { current_nb_key: 0 };
return limitMetaErrorComplexityWrapper(obj, acc);
};

const appLogTransports = [];
const logsDirname = nconf.get('app:app_logs:logs_directory');
Expand Down
4 changes: 2 additions & 2 deletions opencti-platform/opencti-graphql/src/config/providers.js
Original file line number Diff line number Diff line change
Expand Up @@ -487,8 +487,8 @@ for (let i = 0; i < providerKeys.length; i += 1) {
authorizationURL: `https://${authDomain}/authorize`,
tokenURL: `https://${authDomain}/oauth/token`,
userInfoURL: `https://${authDomain}/userinfo`,
client_id: config.clientID,
client_secret: config.clientSecret,
client_id: config.clientID ? config.clientID : mappedConfig.clientID, // backward compatibility with Json conf & env var
client_secret: config.clientSecret ? config.clientSecret : mappedConfig.clientSecret,
redirect_uri: config.callback_url
};
const auth0config = { ...config, ...auth0OpenIDConfiguration };
Expand Down
1 change: 0 additions & 1 deletion opencti-platform/opencti-graphql/src/http/httpPlatform.js
Original file line number Diff line number Diff line change
Expand Up @@ -440,7 +440,6 @@ const createApp = async (app) => {
} catch (e) {
logApp.error('Error auth provider callback', { cause: e, provider });
setCookieError(res, 'Invalid authentication, please ask your administrator');
res.status(503).send({ status: 'error', error: e.message });
} finally {
res.redirect(referer ?? '/');
}
Expand Down
137 changes: 60 additions & 77 deletions opencti-platform/opencti-graphql/tests/01-unit/utils/logger-test.ts
Original file line number Diff line number Diff line change
Expand Up @@ -105,85 +105,68 @@ const TOO_COMPLEX_OBJECT = {
teams: [
{
teamName: 'AI Team',
members: [
{
name: 'Alice',
role: 'Lead Engineer',
category_to_limit: ['2', '1']
},
{
name: 'Bob',
role: 'Data Scientist',
category_to_limit: [
'Item 1',
'Item 2',
'Item 3',
'Item 4',
'Item 5',
'Item 6',
'Item 7',
'Item 8',
'Item 9',
'Item 10',
'Item 11',
'Item 12',
'Item 13',
'Item 14',
'Item 15',
'Item 16',
'Item 17',
'Item 18',
'Item 19',
'Item 20',
'Item 21',
'Item 22',
'Item 23',
'Item 24',
'Item 25',
'Item 26',
'Item 27',
'Item 28',
'Item 29',
'Item 30',
'Item 31',
'Item 32',
'Item 33',
'Item 34',
'Item 35',
'Item 36',
'Item 37',
'Item 38',
'Item 39',
'Item 40',
'Item 41',
'Item 42',
'Item 43',
'Item 44',
'Item 45',
'Item 46',
'Item 47',
'Item 48',
'Item 49',
'Item 50',
'Item 51',
'Item 52',
'Item 53',
'Item 54',
'Item 55',
'Item 56'
]
}
category_to_limit: [
'Item 1',
'Item 2',
'Item 3',
'Item 4',
'Item 5',
'Item 6',
'Item 7',
'Item 8',
'Item 9',
'Item 10',
'Item 11',
'Item 12',
'Item 13',
'Item 14',
'Item 15',
'Item 16',
'Item 17',
'Item 18',
'Item 19',
'Item 20',
'Item 21',
'Item 22',
'Item 23',
'Item 24',
'Item 25',
'Item 26',
'Item 27',
'Item 28',
'Item 29',
'Item 30',
'Item 31',
'Item 32',
'Item 33',
'Item 34',
'Item 35',
'Item 36',
'Item 37',
'Item 38',
'Item 39',
'Item 40',
'Item 41',
'Item 42',
'Item 43',
'Item 44',
'Item 45',
'Item 46',
'Item 47',
'Item 48',
'Item 49',
'Item 50',
'Item 51',
'Item 52',
'Item 53',
'Item 54',
'Item 55',
'Item 56'
]
},
{
teamName: 'Robotics Team',
members: [
{
name: 'Charlie',
role: 'Mechanical Engineer',
category_to_limit: ['2', '1', '3'],
}
]
category_to_limit: ['2', '1', '3'],
}
]
}
Expand Down Expand Up @@ -213,8 +196,8 @@ describe('Logger test suite', () => {
expect(initialSize).to.be.gt(appLogLevelMaxArraySize);
expect(cleanedSize).to.be.eq(appLogLevelMaxArraySize);
// check more inside look
initialSize = TOO_COMPLEX_OBJECT.errors[0].departments[0].teams[0].members[1].category_to_limit.length;
cleanedSize = cleanObject.errors[0].departments[0].teams[0].members[1].category_to_limit.length;
initialSize = TOO_COMPLEX_OBJECT.errors[0].departments[0].teams[0].category_to_limit.length;
cleanedSize = cleanObject.errors[0].departments[0].teams[0].category_to_limit.length;
expect(initialSize).not.toEqual(cleanedSize);
expect(initialSize).to.be.gt(appLogLevelMaxArraySize);
expect(cleanedSize).to.be.eq(appLogLevelMaxArraySize);
Expand Down
Loading