fix(schemas): fix the get interation/consent api bug #5503
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
simeng-li
requested review from
a team and
charIeszhao
and removed request for
a team
COMPARE TO
|
| Name | Diff |
|---|---|
| .changeset/seven-socks-perform.md | 📈 +1.16 KB |
| packages/console/src/pages/ApiResourceDetails/ApiResourcePermissions/components/CreatePermissionModal/index.tsx | 📈 +12 Bytes |
| packages/experience/src/pages/Consent/ScopesListCard/index.tsx | 📈 +116 Bytes |
| packages/integration-tests/src/api/interaction.ts | 📈 +217 Bytes |
| packages/integration-tests/src/client/index.ts | 📈 +311 Bytes |
| packages/integration-tests/src/tests/api/interaction/third-party-sign-in/happy-path.test.ts | 📈 +4.17 KB |
| packages/integration-tests/src/tests/api/resource.scope.test.ts | 📈 +51 Bytes |
| packages/schemas/alterations/next-1710408335-make-resource-scopes-description-nullable.ts | 📈 +559 Bytes |
| packages/schemas/src/types/consent.ts | 📈 +1 Bytes |
| packages/schemas/tables/scopes.sql | 📈 +9 Bytes |
4 tasks
wangsijie
approved these changes
Mar 15, 2024
gao-sun
reviewed
Mar 18, 2024
gao-sun
reviewed
Mar 18, 2024
gao-sun
reviewed
Mar 20, 2024
gao-sun
reviewed
Mar 20, 2024
gao-sun
approved these changes
Mar 20, 2024
fix the get interation/consent api bug
update changeset
update changeset
…ld to nullable (#5504) * refactor(schemas, console): alter the resoruce scopes description field nullable make the resourec scopes description nullable * fix(test): fix the type issue in the integration test fix the type issue in the integration test * fix(console): add the field register add the field register * fix: update the changeset update the changeset
simeng-li
force-pushed
the
simeng-third-party-org-permission-bug-fix
branch
from
659e978
to
3be157e
Compare
update comments and rebase the master
SamSalvatico
added a commit
to ogcio/logto
that referenced
this pull request
Apr 11, 2024
* chore(schemas): renaming * refactor(core): refactor code * refactor(core): overload function interface * refactor(core): refactor * feat(core): add GET /configs/jwt-customizer API * chore(core,test): update tests and refactor getJwtCustomizer query * fix(test): fix tests * refactor(core): refactor * feat(core): add GET /configs/jwt-customizer API * feat(core): add DELETE /configs/jwt-customizer API * fix(core): fix rebase * refactor(console): implement environment variables input field (1/2) (logto-io#5471) * refactor(console): extract the KeyValueInput ds component extract the KeyValueInput ds component * fix(console): remove unused styles remove unused styles * refactor(console): extract the FormField from KeyValueInput extract the FormField from KeyValueInput * fix(console): refactor some code based on code review comment refactor some code based the code review comment * feat(console,phrases): implement environment variables input field (2/2) (logto-io#5473) feat(console,phrases): implement environment variables input field implement environment variables input field * feat(console,phrases): add test sample code editor (logto-io#5475) * feat(console,phrases): add test sample code editor add test sample code editor * fix(console): remove unused styles remove unused styles * refactor(console): refactor the components structure erfactor the components structure * refactor(console): clean up the root component clean up the root component * feat(console,phrases): add test result component (logto-io#5479) * feat(console,phrases): add test result component add test result component * fix(console): remove unused styles remove unused styles * feat(core): create user with avatar and custom data (logto-io#5476) * feat(core): add password algorithm transition (logto-io#5481) * chore(console): component rename (logto-io#5480) rename component XXXPanel -> XXXSection * fix(console): fix input field background color (logto-io#5478) * feat(console, phrases): implement the copy, clear and reset button (logto-io#5490) * refactor(console): replace copy button with CopyToClipboard component replace copy button with CopyToClipboard component * feat(console): implement the clear and reset button implement the clear and reset button * refactor(console): bind RHF controller to the code editor bind RHF controller to the code editor * chore(console): add some comments add some comments * feat(core,schemas): update jwt customizer user info context * feat(console): add change alert and save changes footer (logto-io#5492) * feat(console): add change alert and save changes footer add change alert and save changes footer * chore(console): add useMemo hook add useMemo hook * refactor(experience): skip non-object messages in native (logto-io#5491) * refactor(experience): skip non-object messages in native * chore: add changeset * chore(schemas): add cloud scope, service log type and API guard * refactor(core): update organization invitation apis (logto-io#5474) * refactor(core): update organization invitation apis * chore: add api tests * refactor(core,console): align the jwt token path enum (logto-io#5493) align the jwt token path enum used in console and core * feat(console,phrases): integrate jwt customizer api (logto-io#5495) * feat(console,phrases): integrate jwt customizer api integrate jwt customizer api * chore(console): update the comment update the comment * fix(console): clear the console logs clear the console logs * refactor(console,core,schemas): rename the jwtCustomizer related type and guards (logto-io#5496) rename the jwtCustomizer related type and guards * feat(phrases): add i18n phrases for cloud collaboration * feat(console): add global loading skeleton (logto-io#5498) add global loading skeleton * fix(console): fix code edtior set undefined value bug (logto-io#5499) fix the code editor set undefined value bug * fix(core): the koa response status guard missing 422 in sso integration API (logto-io#5506) * chore(schemas): export custom JWT API request body type (logto-io#5510) chore(schemas): export custom jwt API request body type * refactor: remove slonik from shared * refactor: fix errors * refactor: use silverhand slonik * chore: upgrade slonik * refactor: remove unused files * chore: add changeset for the bug fix PR (logto-io#5507) add changeset for the bug fix PR * feat(core): set oidc issuer to custom domain (logto-io#5509) * feat(core): set oidc issuer to custom domain * refactor(core): get tenant id return whether is custom domain * test(core): mock crypto functions in password tests (logto-io#5522) * refactor: update invitation apis * feat: allow get invitations by invitee * refactor(console): refactor the code editor type definition (logto-io#5516) * refactor(console): refactor the code editor type definition refactor the code editor type definition * refactor(console): extract type definition gen process extract the type definition gen step to the build time. As typescript is not available at run time. * fix(console): add generate to console build script add generate to console build script * fix(console): add prettier format add prettier format * refactor(console): replace the field table with type definition code (logto-io#5519) * refactor(console): replace the field table with type definition code replace the field table with type definition code * refactor(console): rebase and pickup the generated type definitions rebase and pickup the generated type definitions * feat: return and store connector raw data * chore: add exception for connector template * refactor(core): update user context type * feat: add oidc standard claims to user * refactor(core,schemas): refactor to improve lib method performance * fix(console): fix some user related type in console * refactor(console,phrases): refactor the jwt customizer content (logto-io#5527) * refactor(console,phrases): refactor the jwt customizer content refactor the jwt customizer content * fix(console): add isDev guard add isDev guard * refactor(core): refactor oidc sso connector (logto-io#5528) refactor oidc sso connector * refactor: fix type issues * refactor: fix tests * chore: remove org role scopes field since it relies on pagination setup * feat: add profile api, update api and database, add tests * chore: add changeset and api doc * ci: bump workflow version (logto-io#5533) * fix(schemas): fix the get interation/consent api bug (logto-io#5503) * fix(schemas): fix the get interation/consent api bug fix the get interation/consent api bug * chore: update changeset update changeset * fix: update changeset update changeset * refactor(schemas, console): alter the resource scopes description field to nullable (logto-io#5504) * refactor(schemas, console): alter the resoruce scopes description field nullable make the resourec scopes description nullable * fix(test): fix the type issue in the integration test fix the type issue in the integration test * fix(console): add the field register add the field register * fix: update the changeset update the changeset * fix(console,test): update comments and rebase update comments and rebase the master * chore: add comments * feat(core): add POST /configs/jwt-customizer/test API * refactor(core): use discriminate union for custom jwt test API * chore: update core dependency * chore: add todo * chore: remove 500 status guard * refactor: refactor * refactor(core): add cloud-only API prune for API docs * refactor: remove cloud only operations when needed * refactor: keep origin customJwtFetcherGuard * refactor: adopt suggestion * chore(schemas): remove deprecated `prune:logs` scope (logto-io#5524) * chore: add status 403 for custom jwt test API * feat(console): integrate jwt customizer test api (logto-io#5532) * feat(console): integrate jwt customizer test api integrate jwt customizer test api * refactor(console,core): jwt test api integration jwt test api integration * chore: add cloud connection scope config for fetching custom jwt --------- Co-authored-by: Darcy Ye <darcyye@silverhand.io> * feat(console): add tenant member and invitation lists (logto-io#5501) * feat(console): add tenant member and invitation lists * refactor: polish code per comments * fix: lockfile * Update README.md (logto-io#5535) logto-io#1937 (comment) * refactor: fix test and ci * feat(core): add the support on custom JWT feature * fix: cloud connection should bypass custom JWT flow * chore: update cloud dependency * refactor(core): add cache for cloud connection data * refactor: block admin tenant from using creating jwt-customizer API * refactor: remove credentials cache * refactor: try catch extraTokenClaims function to avoid breaking the auth process * style(console): fix the jwt test panel layout (logto-io#5538) fix the jwt test panel layout * chore: fix * chore: fix * refactor(core): remove unused mark mfa skip function (logto-io#5517) fixed logto-io#5482 * chore(schemas): add comments for `ReservedPlanId` (logto-io#5542) * refactor(console): extract shared quota between featured plan and comparison table (logto-io#5543) * refactor(console): avoid nested modal content for role creation (logto-io#5544) * refactor: reorder code * refactor: not update console cloud dependency * refactor(phrases,core,console): update API and console error handling/display * chore: add comments * refactor(schemas,core,console): skip onboarding if user has pending invitations (logto-io#5547) * fix(core): fix the post domains api error status code (logto-io#5552) fix the post domains api error status code * chore: bump @logto dependencies (logto-io#5548) * chore(phrases): add i18n phrases for console invitation interim pages (logto-io#5553) * refactor(console): reorg sidebar menu items (logto-io#5550) * fix(core,phrases): fix custom JWT PUT API block admin tenant logic * feat: support direct sign-in (logto-io#5536) * feat: support direct sign-in * chore: add changesets * refactor: add test cases * chore(deps): upgrade logto sdks * chore(deps): update softprops/action-gh-release action to v2 (logto-io#5486) Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> * chore(schemas): update customJwtFetcherGuard to specify custom jwt use case * feat(console): invite members dialog (logto-io#5531) * feat(console): add console landing page to accept user invitation (logto-io#5554) * chore(deps): update packges (logto-io#5545) * chore(deps): upgrade puppeteer * chore: replace plugin * refactor: fix tests * feat(core,schemas): add new Azure OIDC SSO connector (logto-io#5540) add new Azure OIDC SSO connector * refactor(core,schemas): refactor the sso connector factory type (logto-io#5541) * refactor(core,schemas): refactor the sso connector factory type refactor the sso connector factory type and add providerType to the config data * fix(core): fix ut fix ut * refactor(schemas): add the providerType to the providerDetails return type add the new providerType property to the providerDetails return type * refactor(console): refactor useApi (logto-io#5549) refactor useApi hideToast logic * refactor(console): refactor sso detail pages (logto-io#5551) * refactor(console): refactor sso detail pages refactor sso details pages * fix(console): fix the sso paywall guard content fix the sso paywall guard content * style(console): fix the color code white css (logto-io#5564) fix the color code white css * feat(console): support signing-key rotation for oss version (logto-io#5559) * fix(console,phrases): api resource indicator should be a valid absolute uri (logto-io#5561) * fix(console,phrases): api resource indicator should be a valid absolute uri * refactor: use vitest for connectors (logto-io#5562) * fix(console): fix jwt test context code editor bug (logto-io#5563) fix jwt test context code editor bug * fix(console): fix the zod-to-ts type infer bug (logto-io#5566) fix the zod-to-ts type infer bug * feat(console): implement interim landing page for new users to join invited tenants (logto-io#5560) * feat(console): support permission editing (logto-io#5567) * chore(schemas,core): update custom JWT sample token payload guard * feat(console): add quick join options in tenant selector dropdown (logto-io#5568) * feat(console): implement interim landing page for new users to join invited tenants * feat(console): add quick join options in tenant selector dropdown * chore(console): update the default user context as well * refactor: remove jest * refactor: remove jest * refactor: add back `build:test` for other packages * chore: add test coverage pacakge * refactor: remove jest * test: wait 0ms after each test * refactor(console): update tenant settings access per user tenant scopes (logto-io#5571) * test: add integration tests for jwt (logto-io#5565) * test: improve integration tests (logto-io#5577) * refactor(schemas): remove invite member scope from tenant member role (logto-io#5578) * fix(deps): update dependency snakecase-keys to v7 (logto-io#5556) * fix(deps): update dependency snakecase-keys to v7 * test: wait for 1ms for every api test --------- Co-authored-by: Gao Sun <gao@silverhand.io> * fix(deps): update dependency snake-case to v4 (logto-io#5534) Co-authored-by: Gao Sun <gao@silverhand.io> * chore: add comments for cloud seed data (logto-io#5583) * feat(schemas): add new scope read:member to both tenant admin and member roles (logto-io#5582) * chore: update cloud version and the way to call cloud custom JWT API * fix(console,phrases): should check duplicated emails when inviting members (logto-io#5581) fix(console,phrases): check duplicated emails when inviting members * fix(console): revert the custom jwt forms overflow hidden (logto-io#5573) revert the custom jwt forms overflow hidden styles * feat(schemas): add util method to convert admin tenant org id to user tenant id (logto-io#5570) * refactor: use ky in integration tests (logto-io#5584) * refactor: use ky in integration tests * refactor: remove node-fetch * refactor: fix test cases * refactor: remove waitFor after each test * feat: support direct sign-in for sso (logto-io#5589) * chore(core): update GET /configs/jwt-customizer/:tokenPath API error handling (logto-io#5595) * refactor(core): reorg and separate logto-config APIs into files * chore(cli): update translate CLI configs * fix(console): refresh invitation list after inviting members (logto-io#5593) * test: add tests for username case sensitive (logto-io#5597) * refactor(console): move organization template into a single page (logto-io#5590) * refactor(console): move organization template into a single page * feat(phrases): add org template translations * feat(console): implement custom jwt landing page implement custom jwt landing page * refactor(console): relocalte the component files relocate the component files * refactor(console): rename the jwtClaims page rename the jwtClaims page * refactor(console,phrases): refactor the customize jwt details page refactor the customize jwt details page * refactor(console): remove unused element remove unused element * refactor(console): redesign the jwt details page redesign the jwt details page * feat(console): update jwt create page button text update jwt create page button text * chore(console): align custom JWT path and hide the entrance for OSS * style(console): refine the SSO connector create model (logto-io#5594) refine the sso connector create model * fix(console): only pending invitations can be resent (logto-io#5601) * fix(core): update expired invitation to expired before inserting a new one (logto-io#5609) * feat(console): add leave tenant button in tenant settings (logto-io#5600) * fix(console): joining tenant should navigate user to the new tenant (logto-io#5602) * chore(core,console): update error handling of testing custom JWT * feat(core): add PATCH /configs/jwt-customizer API * fix(console): reset form as soon as JWT customizer is created (logto-io#5612) * feat(core,schemas): log extraTokenClaims exception (logto-io#5539) * refactor(console): improve invitation email input field (logto-io#5615) * refactor(schemas): rename tenant member role to collaborator (logto-io#5616) * fix(console,phrases): fix a batch of organization invitation console ui issues (logto-io#5614) * feat(console): support org permission management on new org template page (logto-io#5603) * feat(console): support org permission management on new org template page * refactor(console): rename org pages * refactor(console): rename phrase keys * refactor(console): rename org to organization * feat(console): add org role details general settings page (logto-io#5610) * chore(console,phrases): update content and fix console * chore(console,toolkit): update custom JWT details page code editor action buttons style * refactor(console,phrases): rename tenant member role to collaborator (logto-io#5618) * chore(console,toolkit): update custom JWT details page code editor action buttons style * chore(core,console,schemas): update variable name and field name * refactor(experience): fix sso callback page style (logto-io#5624) * refactor(phrases): add zh-cn phrases in OIDC consent page (logto-io#5606) * feat(phrases): add i18n phrases for zh-cn about OICD Authorize page * refactor: apply suggestions from code review --------- Co-authored-by: Gao Sun <gao@silverhand.io> * chore(console): update style chore(console): update style * refactor(console,phrases): display inviter name on tenant invitations table (logto-io#5622) * refactor(console,phrases): display inviter name on tenant invitations table * chore: bump @logto/cloud * chore: update pnpm lockfile * refactor: update dependency on @logto/cloud and update legacy JWT customizer * fix(console): temporarily fix pro plan cannot invite members issue (logto-io#5629) * feat(console): create organization role (logto-io#5630) * feat(console): add permissions page for org role details page (logto-io#5631) * refactor(console): reorg resource details page (logto-io#5634) * feat(core): search organization roles (logto-io#5627) * feat(core,schemas): add organization resource scope relations (logto-io#5608) * feat(console): add azure OIDC guide (logto-io#5592) add azure OIDC guide * feat(core,schemas): edit and query resource scopes for org role (logto-io#5613) * fix(console,phrases): update the jwt test section content (logto-io#5641) update the jwt test section content * style(console): fix the jwt details page style (logto-io#5642) * style(console): fix the jwt details page style fix the jwt details page style * fix(console): remove the unused style remove the unused style * fix(console): remove sticky position remove sticky position * feat(console,core,phrases): add quota guard for cloud collaboration in console (logto-io#5644) * fix(console): fix test result panel overflow bug (logto-io#5643) fix test result panel overflow bug * chore(schemas): fix alteration timestamp (logto-io#5645) chore(schemas): fix alteration scripts order * feat(console): support searching for organization roles (logto-io#5646) * chore(schemas): fix alteration down (logto-io#5648) * refactor(console): show confirm box when inviting a member as admin (logto-io#5649) * fix(console): should stop requesting invitations api for collaborator role (logto-io#5650) * feat(console): add guide for organization template page (logto-io#5647) * refactor(console): collaborator can see tenant domain settings in readonly mode (logto-io#5652) * refactor(console): hide switching tabs and invite button for collaborators (logto-io#5654) * refactor(console): improve switch button styles (logto-io#5655) * fix(console): user should switch account and accept invitation properly in console (logto-io#5657) * fix(console): bump js sdks to fix the cannot switch user account issue * fix(console): accept invitation automatically after switching account * refactor(console): improve tenant member role related experience (logto-io#5659) * refactor(console,phrases): improve invite email input (logto-io#5661) * fix(console): go to onboarding process on clicking create new tenant button (logto-io#5663) * fix(connector): fix microsoft social connector readme (logto-io#5658) * fix(connector): fix microsoft social connector readme fix microsoft social connector readme * fix(connector): improve wording improve wording * fix(experience): fix the terms of use not clickable bug (logto-io#5670) * fix(experience): fix the terms of use not clickable bug fix the terms of use not clickable bug * chore: remove changeset remove changeset * chore(console): remove dev feature flags for cloud collaboration (logto-io#5666) * chore(console): update pricing plan items for jwt claims (logto-io#5672) * refactor(console): redirect to sign-up page on clicking invitation links (logto-io#5669) * chore: add changeset (logto-io#5668) add changeset * refactor(experience): fall back to sign-in page when error (logto-io#5673) * refactor(experience): fall back to sign-in page for edge cases * refactor: add unit tests * refactor: fix tests * release: version packages (logto-io#5463) * feat(cli): updated references to slonik lib --------- Co-authored-by: Darcy Ye <darcyye@silverhand.io> Co-authored-by: simeng-li <simeng@silverhand.io> Co-authored-by: wangsijie <wangsijie@silverhand.io> Co-authored-by: Charles Zhao <charleszhao@silverhand.io> Co-authored-by: Gao Sun <gao@silverhand.io> Co-authored-by: Xiao Yijun <xiaoyijun@silverhand.io> Co-authored-by: Julian Hackenberg <julian@hackenberg.dev> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: pawn <115976311+the-pawn-2017@users.noreply.github.com> Co-authored-by: silverhand-bot <107667382+silverhand-bot@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Resolve Third-Party App's /interaction/consent Endpoint 500 Error
Reproduction Steps
Create an organization scope with an empty description and assign this scope to a third-party application.
Login to the third-party application and request the organization scope.
Proceed through the interaction flow until reaching the consent page.
An internal server error 500 is returned.
Root Cause
For the /interaction/consent endpoint, the organization scope is returned alongside other resource scopes in the missingResourceScopes property.
In the consentInfoResponseGuard, we utilize the resource Scopes zod guard to validate the missingResourceScopes property. However, the description field in the resource scope is mandatory while the organization scopes' description is optional. An organization scope with an empty description will not pass the validation.
Solution
Modify the consentInfoResponseGuard's missingResourceScopes property. Use the organization scope zod guard which does not necessitate the description field.
The alignment of the resource scope and organization scope types will be addressed in the next release.
Testing
integration tests added
Checklist
.changesetunit tests