Skip to content

handle an OAUTH2 offline token refresh #241

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 5 commits into from
Sep 17, 2021
Merged

handle an OAUTH2 offline token refresh #241

merged 5 commits into from
Sep 17, 2021

Conversation

@lpardoRH
Copy link
Contributor

@lpardoRH lpardoRH commented Aug 24, 2021

This PR adds OAUTH2 offline token handle for ZAP users.

  • Authentication/OfflineTokenRefresher.js will automatically fetch the new access token for every unauthorized request determined by the "Logged Out" or "Logged In" indicator previously set in Context -> Authentication.

  • HTTP Sender/AddBearerTokenHeader.js will add the new access token to all requests in scope made by ZAP (except the authentication ones) as an "Authorization: Bearer [access_token]" HTTP Header.

@lpardoRH
handle an OAUTH2 offline token refresh
d9b276f 
Signed-off-by: Laura Pardo <lpardo@redhat.com>
@lpardoRH
Copy link
Contributor Author

lpardoRH commented Sep 7, 2021

any updates on this? Am I missing a previous step or anything for this to get reviewed/accepted?

kingthorin
kingthorin requested changes Sep 7, 2021
View reviewed changes
Copy link
Member

@kingthorin kingthorin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Just minor things for consistency

@kingthorin
Copy link
Member

kingthorin commented Sep 7, 2021

The conflict in CHANGELOG.md also needs to be addressed.

@kingthorin
Copy link
Member

kingthorin commented Sep 10, 2021

To address the DCO requirement you'll need to sign-off the commit(s):

lpardoRH and others added 2 commits September 13, 2021 16:55
@lpardoRH @kingthorin
Apply suggestions from code review
40f52e4 
Co-authored-by: Rick M <kingthorin@users.noreply.github.com>
Signed-off-by: Laura Pardo <lpardo@redhat.com>
@lpardoRH
Merge branch 'main' of https://github.com/zaproxy/community-scripts
60d7c66
@lpardoRH lpardoRH requested a review from kingthorin September 14, 2021 10:49
kingthorin
kingthorin reviewed Sep 14, 2021
View reviewed changes
@lpardoRH lpardoRH requested a review from kingthorin September 15, 2021 07:09
@kingthorin
Copy link
Member

kingthorin commented Sep 16, 2021

To address the DCO requirement you'll need to sign-off the commit(s):

kingthorin
kingthorin requested changes Sep 16, 2021
View reviewed changes
Copy link
Member

@kingthorin kingthorin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Getting close

kingthorin
kingthorin approved these changes Sep 17, 2021
View reviewed changes
Copy link
Member

@kingthorin kingthorin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me

@thc202 thc202 merged commit b1f3726 into zaproxy:main Sep 17, 2021
@thc202
Copy link
Member

thc202 commented Sep 17, 2021

Thank you!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thc202 thc202 thc202 approved these changes

@kingthorin kingthorin kingthorin approved these changes

Assignees

No one assigned

Labels

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@lpardoRH @kingthorin @thc202