From 7b726c9a55b49dd77904593907cb810b0ea63dc0 Mon Sep 17 00:00:00 2001 From: Edward Ly Date: Thu, 14 Nov 2024 21:58:19 -0800 Subject: [PATCH] fix(admin): hide saved credentials from user, require client credentials when needed Signed-off-by: Edward Ly --- lib/Settings/Admin.php | 4 ++-- src/components/AdminSettings.vue | 27 +++++++++++++++++++++++---- 2 files changed, 25 insertions(+), 6 deletions(-) diff --git a/lib/Settings/Admin.php b/lib/Settings/Admin.php index f6dcaff..719ea53 100644 --- a/lib/Settings/Admin.php +++ b/lib/Settings/Admin.php @@ -84,8 +84,8 @@ public function getForm(): TemplateResponse { $userEmail = $this->config->getAppValue(Application::APP_ID, 'docusign_user_email'); $adminConfig = [ - 'docusign_client_id' => $clientID, - 'docusign_client_secret' => $clientSecret, + 'docusign_client_id' => $clientID ? 'dummyClientNumber' : '', + 'docusign_client_secret' => $clientSecret ? 'dummyClientSecret' : '', 'docusign_token' => $token !== '', 'docusign_user_name' => $userName, 'docusign_user_email' => $userEmail, diff --git a/src/components/AdminSettings.vue b/src/components/AdminSettings.vue index 19c1429..26d1597 100644 --- a/src/components/AdminSettings.vue +++ b/src/components/AdminSettings.vue @@ -129,10 +129,15 @@ export default { this.loading = true delay(async () => { await confirmPassword() - this.saveOptions({ - docusign_client_id: this.state.docusign_client_id, - docusign_client_secret: this.state.docusign_client_secret, - }) + + const options = {} + if (this.state.docusign_client_id !== 'dummyClientNumber') { + options.docusign_client_id = this.state.docusign_client_id + } + if (this.state.docusign_client_secret !== 'dummyClientSecret') { + options.docusign_client_secret = this.state.docusign_client_secret + } + this.saveOptions(options) }, 2000)() }, saveOptions(values) { @@ -155,6 +160,20 @@ export default { }) }, onOAuthClick() { + let dummyValueProvided = false + if (this.state.docusign_client_id === 'dummyClientNumber') { + this.state.docusign_client_id = '' + dummyValueProvided = true + } + if (this.state.docusign_client_secret === 'dummyClientSecret') { + this.state.docusign_client_secret = '' + dummyValueProvided = true + } + if (dummyValueProvided) { + showError(t('integration_docusign', 'For security reasons, please enter your client credentials again')) + return + } + const oauthState = Math.random().toString(36).substring(3) const scopes = [ 'signature',