fix: oauth2 credential management improvements (#7220)

* fix: oauth2 credential management improvements Add bru.resetOauth2Credential() API for programmatic credential invalidation from scripts, fix credential clearing to match on credentialsId, expose oauth2 credential variables in test runtime, and add input validation with deduplication to prevent redundant IPC messages. Remove unused collectionGetOauth2CredentialsByUrlAndCredentialsId reducer. * fix: handle invalid URLs in oauth2 callback redirect handler Wrap new URL() calls in try-catch within onWindowRedirect to prevent uncaught TypeError when redirect or callback URLs are invalid. * Update packages/bruno-app/src/utils/codemirror/autocomplete.js Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
2026-06-30 16:14:06 +00:00 · 2026-02-19 15:41:28 +00:00
parent 09b8e8a32a
commit 2fcfdfc338
14 changed files with 171 additions and 24 deletions
--- a/packages/bruno-cli/src/runner/run-single-request.js
+++ b/packages/bruno-cli/src/runner/run-single-request.js
@@ -23,7 +23,8 @@ const protocolRegex = /^([-+\w]{1,25})(:?\/\/|:)/;
 const { NtlmClient } = require('axios-ntlm');
 const { addDigestInterceptor, getHttpHttpsAgents, makeAxiosInstance: makeAxiosInstanceForOauth2 } = require('@usebruno/requests');
 const { getCACertificates, transformProxyConfig } = require('@usebruno/requests');
-const { getOAuth2Token } = require('../utils/oauth2');
+const { getOAuth2Token, getFormattedOauth2Credentials } = require('../utils/oauth2');
+const tokenStore = require('../store/tokenStore');
 const { encodeUrl, buildFormUrlEncodedPayload, extractPromptVariables, isFormData } = require('@usebruno/common').utils;

 const onConsoleLog = (type, args) => {
@@ -225,6 +226,12 @@ const runSingleRequest = async function (
          shouldStopRunnerExecution = true;
        }

+        if (result?.oauth2CredentialsToReset?.length) {
+          for (const credentialId of result.oauth2CredentialsToReset) {
+            tokenStore.deleteCredentialById(credentialId);
+          }
+        }
+
        if (result?.skipRequest) {
          return {
            test: {
@@ -633,6 +640,8 @@ const runSingleRequest = async function (
        console.error('OAuth2 token fetch error:', error.message);
      }

+      request.oauth2CredentialVariables = getFormattedOauth2Credentials();
+
      // Remove oauth2 config from request to prevent it from being sent
      delete request.oauth2;
    }
@@ -787,6 +796,12 @@ const runSingleRequest = async function (
          shouldStopRunnerExecution = true;
        }

+        if (result?.oauth2CredentialsToReset?.length) {
+          for (const credentialId of result.oauth2CredentialsToReset) {
+            tokenStore.deleteCredentialById(credentialId);
+          }
+        }
+
        postResponseTestResults = result?.results || [];
        logResults(postResponseTestResults, 'Post-Response Tests');
      } catch (error) {
@@ -858,6 +873,12 @@ const runSingleRequest = async function (
          shouldStopRunnerExecution = true;
        }

+        if (result?.oauth2CredentialsToReset?.length) {
+          for (const credentialId of result.oauth2CredentialsToReset) {
+            tokenStore.deleteCredentialById(credentialId);
+          }
+        }
+
        logResults(testResults, 'Tests');
      } catch (error) {
        console.error('Test script execution error:', error);
--- a/packages/bruno-cli/src/store/tokenStore.js
+++ b/packages/bruno-cli/src/store/tokenStore.js
@@ -29,6 +29,15 @@ const tokenStore = {
    return false;
  },

+  // Delete all credentials for a given credentialsId (all URLs)
+  deleteCredentialById(credentialsId) {
+    if (this.credentials[credentialsId]) {
+      delete this.credentials[credentialsId];
+      return true;
+    }
+    return false;
+  },
+
  // Get all stored OAuth2 credentials
  getAllCredentials() {
    const result = [];