Added automatic auth mapping of VALID auth in single actions

Shuffle · Jan 24, 2025 · 8f482da · 8f482da
1 parent 57c97a8
commit 8f482da
Showing 3 changed files with 34 additions and 42 deletions.
diff --git a/codegen.go b/codegen.go
@@ -3643,7 +3643,7 @@ func HandlePut(swagger *openapi3.Swagger, api WorkflowApp, extraParameters []Wor
 }
 
 func GetAppRequirements() string {
-	return "requests==2.32.3\nurllib3==2.3.0\nliquidpy==0.8.2\nMarkupSafe==3.0.2\nflask[async]==3.1.0\npython-dateutil==2.9.0.post0\nPyJWT==2.10.1\n"
+	return "requests==2.32.3\nurllib3==2.3.0\nliquidpy==0.8.2\nMarkupSafe==3.0.2\nflask[async]==3.1.0\npython-dateutil==2.9.0.post0\nPyJWT==2.10.1\nshufflepy==0.0.6\nshuffle-sdk==0.0.7"
 }
 
 // Removes JSON values from the input

diff --git a/db-connector.go b/db-connector.go
@@ -1928,7 +1928,8 @@ func Fixexecution(ctx context.Context, workflowExecution WorkflowExecution) (Wor
 		}
 
 		if !skipFinished {
-			log.Printf("[DEBUG][%s] Setting execution to finished because all results are in and it was still in EXECUTING mode. Should set subflow parent result as well (not implemented) - just returning for now for parent function to handle.", workflowExecution.ExecutionId)
+			// FIXME: Is this subflow result (not implemented) valid? I think it should have been added? Hmm.
+			//log.Printf("[DEBUG][%s] Setting execution to finished because all results are in and it was still in EXECUTING mode. Should set subflow parent result as well (not implemented) - just returning for now for parent function to handle.", workflowExecution.ExecutionId)
 			finalWorkflowExecution.Status = "FINISHED"
 			dbsave = true
 			if finalWorkflowExecution.CompletedAt == 0 {

diff --git a/shared.go b/shared.go
@@ -6520,7 +6520,7 @@ func diffWorkflows(oldWorkflow Workflow, parentWorkflow Workflow, update bool) {
 		// i think the following messes everything up with
 		// authenticationIDs. Let's just remove it for now.
 
-		// In case of replication, 
+		// In case of replication,
 		parentWorkflow.Actions[actionIndex].AuthenticationId = ""
 
 		idFound := false
@@ -18493,45 +18493,10 @@ func PrepareSingleAction(ctx context.Context, user User, fileId string, body []b
 		return workflowExecution, err
 	}
 
-	/*
-		// FIXME: Is this required? I don't think so
-		if app.Authentication.Required && len(action.AuthenticationId) == 0 {
-
-			// Basic bypass check for valid headers just in case
-			authFound := false
-			for _, param := range action.Parameters {
-				if param.Name == "headers" || param.Name == "queries" || param.Name == "url" {
-					lowercased := strings.ToLower(param.Value)
-					if strings.Contains(lowercased, "auth") || strings.Contains(lowercased, "bearer") || strings.Contains(lowercased, "basic") || strings.Contains(lowercased, "api") {
-						authFound = true
-						break
-					}
-				}
-			}
-
-			if !authFound {
-				log.Printf("[WARNING] Tried to execute SINGLE %s WITHOUT auth (missing)", app.Name)
-
-				found := false
-				for _, param := range action.Parameters {
-					if param.Configuration {
-						found = true
-						break
-					}
-				}
-
-				if !found {
-					return workflowExecution, errors.New("You must authenticate this API first")
-				}
-			}
-		}
-	*/
-
-	// FIXME: We need to inject missing empty auth here
+	// FIXME: We need to inject missing empty auth here in some cases
 	// This is NOT a good solution, but a good bypass
-	if app.Authentication.Required {
+	if app.Authentication.Required && len(action.AuthenticationId) == 0 {
 		authFields := 0
-
 		foundFields := []string{}
 		for _, actionParam := range action.Parameters {
 			if actionParam.Configuration {
@@ -18570,6 +18535,32 @@ func PrepareSingleAction(ctx context.Context, user User, fileId string, body []b
 				})
 			}
 		}
+
+		auths, err := GetAllWorkflowAppAuth(ctx, user.ActiveOrg.Id)
+		if err != nil {
+			log.Printf("[ERROR] Failed getting auth for single action: %s", err)
+		} else {
+			latestTimestamp := int64(0)
+			for _, auth := range auths {
+				if auth.App.ID != fileId {
+					continue
+				}
+
+				// Fallback to latest created
+				/*
+				if latestTimestamp < auth.Created {
+					latestTimestamp = auth.Created
+					action.AuthenticationId = auth.Id
+				}
+				*/
+
+				// If valid, just choose it
+				if auth.Validation.Valid {
+					action.AuthenticationId = auth.Id
+					break
+				}
+			}
+		}
 	}
 
 	if runValidationAction {
@@ -25431,7 +25422,7 @@ func GetExternalClient(baseUrl string) *http.Client {
 
 			if len(os.Getenv("SHUFFLE_INTERNAL_NO_PROXY")) > 0 {
 				noProxy = os.Getenv("SHUFFLE_INTERNAL_NO_PROXY")
-			} 
+			}
 
 			if len(os.Getenv("SHUFFLE_INTERNAL_NOPROXY")) > 0 {
 				noProxy = os.Getenv("SHUFFLE_INTERNAL_NOPROXY")
@@ -25440,7 +25431,7 @@ func GetExternalClient(baseUrl string) *http.Client {
 
 		// Manage noproxy
 		if len(noProxy) > 0 {
-			isNoProxy := isNoProxyHost(noProxy, parsedUrl.Host) 
+			isNoProxy := isNoProxyHost(noProxy, parsedUrl.Host)
 			if isNoProxy {
 				log.Printf("[INFO] Skipping proxy for %s", parsedUrl)