Commit Graph

41 Commits

Author SHA1 Message Date
lohit
2fcfdfc338 fix: oauth2 credential management improvements (#7220)
* fix: oauth2 credential management improvements

Add bru.resetOauth2Credential() API for programmatic credential invalidation
from scripts, fix credential clearing to match on credentialsId, expose
oauth2 credential variables in test runtime, and add input validation
with deduplication to prevent redundant IPC messages. Remove unused
collectionGetOauth2CredentialsByUrlAndCredentialsId reducer.

* fix: handle invalid URLs in oauth2 callback redirect handler

Wrap new URL() calls in try-catch within onWindowRedirect to prevent
uncaught TypeError when redirect or callback URLs are invalid.

* Update packages/bruno-app/src/utils/codemirror/autocomplete.js

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>

---------

Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com>
2026-02-19 21:11:28 +05:30
lohit
923d26ce56 fix: get certs and proxy config based on oauth2 token and refresh urls instead of resource url (#6164) 2026-01-20 21:43:54 +05:30
Abhishek S Lal
c918c679d7 fix: handle optional clientSecret in OAuth2 authorization header (#6186)
* fix: handle optional clientSecret in OAuth2 authorization header

* style: standardize string quotes in OAuth2 token functions

* test: add comprehensive tests for OAuth2 client credentials and password grant flows
2026-01-13 19:30:11 +05:30
lohit
4831434e37 fix: oauth2 url update (#6489) 2025-12-23 16:00:17 +05:30
lohit
231776ca4b feat: use default browser for oauth2 authorization bru-2167 (#6101)
* feat: use default browser for oauth2 authorization bru-2167

* fix: coderabbit review comment fixes

* fix: coderabbit review comment fixes

* fix: protocol registration updates

* fix: coderabbit review comment suggestions

* fix: oauth2 auth form use system browser option
2025-12-16 17:23:49 +05:30
Bijin A B
05fe8b1b27 chore: repo-wide lint fixes 2025-12-04 01:37:20 +05:30
Sanjai Kumar
9d6486ba3e fix: update OAuth2 authorization header encoding to remove unnecessary URI encoding (#6263) 2025-12-02 12:56:08 +05:30
lohit
9f47200e7b fix(bru-1939): fix OAuth2 credentials not persisting across requests in the same collection run. (#5730) 2025-10-07 22:40:51 +05:30
lohit-bruno
8d1f292b83 updates 2025-08-19 17:46:05 +05:30
lohit-bruno
953024dae7 Merge remote-tracking branch 'origin/main' into oauth2_additional_params 2025-08-19 17:39:02 +05:30
naman-bruno
060c613aa1 fix: client id placement issue (#5348) 2025-08-19 14:21:00 +05:30
naman-bruno
b804ff6dfd oauth2 fixes (#5259) 2025-08-19 11:17:39 +05:30
lohit-bruno
7de3e6e3ff review update fixes 2025-08-14 15:04:45 +05:30
lohit-bruno
ceab0b4dc1 additional params updates 2025-08-13 21:42:04 +05:30
lohit
e5d30c2920 Merge branch 'main' into oauth2_additional_params 2025-07-23 15:05:17 +05:30
lohit
31e555812c use dedicated axiosRequestConfig and fix request info logs across all OAuth2 flows, token request call refactor (#5066) 2025-07-14 22:03:37 +05:30
naman-bruno
a68833089f Feat: OAuth2 implicit grant type (#4307)
* add: implicit grant type
2025-07-11 13:55:03 +05:30
naman-bruno
5065b2ac37 fix: oauth2 scope 2025-06-26 17:26:59 +05:30
lohit
6d38f2b38c Merge branch 'main' into lint_gh_workflow_step 2025-05-15 23:09:57 +05:30
lohxt1
44cef9999c clear stored token when refresh call returns an error 2025-04-08 18:49:04 +05:30
lohxt1
3a792a021c oauth2 refresh token under request pane creates dup network logs 2025-04-08 18:49:04 +05:30
lohit
2e5c63cfb9 improve network error handling, oauth2 logic cleanup, tls settings, and ui/test updates (#4444)
~ axios error interceptor fixes and timeline network logs ui updates
~ axios instance error interceptor now returns promise rejects instead of plain objects
~ fixed digest_auth regression
~ removed the interceptor logic for the oauth2 token url calls
~ timeline network logs ui updates
~ updated oauth2 test collections

* ssl/tls fixes and error handling
~ set the min allowed tls version to 1.0 (TLSv1)
~ proxy/certs/tls setup error handling

* enhance JSON stringification with circular reference handling
- Add getCircularReplacer to safely handle circular references in objects
- Update safeStringifyJSON to support indentation and handle undefined values
~ we currently support digest auth for bruno-cli

---------

Co-authored-by: lohit <lohit@usebruno.com>
Co-authored-by: Anoop M D <anoop.md1421@gmail.com>
2025-04-07 23:03:49 +05:30
lohxt1
dd7ff97090 fix(oauth2): improve additional parameters handling and ui updates
~ fix oauth2 additional parameters encoding and url handling
~ show authorization tab only for authorization_code grant type
~ set active tab based on grant type
~ update schema validation for grant type-specific parameters
~ add url tooltip in responsepane timeline
~ clean up variable naming and parameter handling
2025-04-06 19:01:23 +05:30
naman-bruno
b9c2a42344 feat: added options to add additional params in oauth2 requests 2025-04-03 16:35:59 +05:30
lohxt1
dbba22131c fix: proxy and certs not being used for oauth2 calls 2025-03-27 22:56:00 +05:30
lohit
268ede869d handle oauth2 timeline response, remove dataBuffer from debugInfo obj (#4330) 2025-03-25 22:28:29 +05:30
lohxt1
14ee26557a query stringify request payload data before the oauth2 token url request 2025-03-25 17:09:36 +05:30
lohxt1
8e873013a9 oauth2 fixes 2025-03-25 15:42:58 +05:30
lohxt1
61ba5f5c39 check if token is expired only if expires_in prop is present, clear response and clear timeline are 2 different things, clear redux state after clearing oauth2 credentials cache 2025-03-24 22:49:21 +05:30
lohxt1
b09b4b1d17 timeline ui fixes, oauth2 validation fixes 2025-03-21 15:56:02 +05:30
lohxt1
3a81ebf0e2 oauth2 fixes 2025-03-20 20:11:12 +05:30
lohxt1
3ffaaab8f3 Merge remote-tracking branch 'upstream/main' into feat/oauth2-improvements 2025-03-20 19:38:54 +05:30
lohxt1
5a98da2031 oauth2 fixes 2025-03-20 19:27:14 +05:30
lohxt1
d3fcb42a8f timeline ui updates wip 2025-03-17 14:09:36 +05:30
lohxt1
f99e8770f0 ~ reverting the bruno-electron ipc-network files refactoring work to keep the diff minimal 2025-03-16 13:37:59 +05:30
naman-bruno
8cda05c431 updated timeline to show body in oauth (#4168) 2025-03-06 17:04:07 +05:30
naman-bruno
3169e6cdf4 Oauth2 folder (#4105) 2025-03-06 11:03:34 +05:30
pooja-bruno
4e88cbf318 feat: add refresh url for oauth2 (#4028) 2025-02-18 17:24:56 +05:30
lohxt1
b5e53ec25c include oauth2 request data along with headers in the access token url call 2025-02-10 20:20:40 +05:30
lohit
1d1e701ccb oauth2 workflow improvements (#3874)
~ basic auth credentials should be assigned to `request.basicAuth` instead `request.auth` object
~ added credentials_placement option, fixed headers issue client credentials flow
~ cache input field values when grant type select box value changes
~ updated logic for - cache input field values when grant type select box value changes
~ updated token expiry timer component logic
2025-01-24 18:44:02 +05:30
lohit
f38c7ae03a oauth2 ui/ux improvements (#3868) 2025-01-23 22:06:50 +05:30