Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(DHIS2-18994): support OAuth2 client credentials flow for Route API #19953

Open
wants to merge 12 commits into
base: master
Choose a base branch
from
Open

feat(DHIS2-18994): support OAuth2 client credentials flow for Route API #19953

wants to merge 12 commits into from
+1,022 −135

Conversation

cjmamo
Copy link
Contributor

@cjmamo cjmamo commented Feb 17, 2025
edited
Loading

  • Support OAuth2 client credentials flow for Route API
  • Solve nasty security regression which dirties the route entity during decryption causing the clear text secret to be inadvertently persisted. Will attempt to implement a safeguard in a separate PR so that this doesn't happen again.

@cjmamo cjmamo requested review from a team February 17, 2025 13:40
@cjmamo cjmamo self-assigned this Feb 17, 2025
@cjmamo cjmamo marked this pull request as draft February 18, 2025 10:15
@cjmamo
perf: cache OAuth2 client
2199510 
fix(security): solve regression which dirties the route entity during decryption causing the clear text secret to be inadvertently persisted

refactor: replace copy methods in AuthScheme implementations with Lombok builders
@cjmamo
Merge branch 'master' into DHIS2-18994
65e96ea
@cjmamo
refactor: address SonarQube issues
09087c4
@cjmamo
refactor: address SonarQube issues
27978a9
@cjmamo cjmamo marked this pull request as ready for review February 20, 2025 19:43
@cjmamo cjmamo requested a review from netroms February 20, 2025 19:47
jbee
jbee approved these changes Feb 21, 2025
View reviewed changes
Copy link
Contributor

@jbee jbee left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I can't really judge the details of the security related code but the rest looks fine. The one comment that is important to me is about the throws Exception in the controller. If possible we want to list concrete exceptions as that is how OpenAPI knows what error responses are possible.

@cjmamo
Merge branch 'master' into DHIS2-18994
8c7a5a7
@cjmamo
refactor: handle generic exceptions within RouteService
d1dc556 
doc: add note about exception handling in WebhookHandler

test: replace nulls with stubs
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
6 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jbee jbee jbee approved these changes

@netroms netroms Awaiting requested review from netroms

At least 2 approving reviews are required to merge this pull request.

Assignees

@cjmamo cjmamo

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cjmamo @jbee