Commit Graph

13 Commits

Author SHA1 Message Date
lohit
95de14adcb feat: add OAuth 1.0 authentication support (#7482)
* feat: add OAuth 1.0 authentication support

Add full OAuth 1.0 (RFC 5849) authentication with support for
HMAC-SHA1/256/512, RSA-SHA1/256/512, and PLAINTEXT signature methods.
Includes UI components, bru/yml serialization, Postman import, code
generation, CLI support, and comprehensive playwright and unit tests.

* test: replace real-looking PEM literals with fake markers in oauth1 tests

Avoid tripping secret scanners by using obviously fake BEGIN/END markers
and non-sensitive base64 content in serialization and round-trip tests.

* fix: remove invalid OAuth1 placeholder header from code generator

OAuth1 requires runtime-computed nonce, timestamp, and signature that
cannot be pre-computed for a static code snippet. Return an empty array
instead of emitting an Authorization header with literal <signature>,
<timestamp>, <nonce> placeholders.

* fix: remove unreachable oauth1 case from WSAuth component

The oauth1 switch branch was dead code since it was not in
supportedAuthModes and the useEffect would reset it to 'none'
before it could render.

* fix: remove unused collectionPath param and use path.basename for filename extraction

* refactor: rename OAuth1 fields for clarity

- tokenSecret → accessTokenSecret
- signatureMethod → signatureEncoding
- addParamsTo value 'queryparams' → 'query'

* refactor: rename addParamsTo to placement in OAuth1 auth

* fix: add missing oauth1: null in buildOAuth2Config and upgrade @opencollection/types to 0.9.0

* test: add oauth1 import tests and fix missing oauth1: null in auth assertions

* ci: add auth playwright tests workflow for Linux, macOS, and Windows

* refactor: rename signatureEncoding to signatureMethod and fix timeline race condition

- Rename OAuth1 signatureEncoding to signatureMethod across all packages
- Fix timeline showing "No Headers/Body found" when request-sent IPC event
  arrives after response by retroactively updating the timeline entry
- Store requestUid in timeline entries for precise matching
- Correct timeline entry timestamp on retroactive update for proper sort order

* ci: add OAuth1 CLI tests and reorganize auth actions under oauth1/

- Add CLI tests that run full BRU and YML collections via bru run
- Add start-test-server actions for Linux, macOS, and Windows
- Move auth e2e and setup actions under auth/oauth1/ directory
- Fix Windows Playwright failures caused by unescaped backslashes in collectionPath template variable

* ci: reorder auth tests to run E2E tests before CLI tests

* ci: start test server after E2E tests to fix port 8081 conflict
2026-03-27 18:59:42 +05:30
Abhishek S Lal
30d2a6d141 Refactor dropdown components to use MenuDropdown for improved functionality and keyboard accessibility (#6404)
* Refactor dropdown components to use MenuDropdown for improved functionality and keyboard accessibility

- Replaced Dropdown with MenuDropdown in various components including BodyModeSelector, AuthMode, and RequestBodyMode.
- Updated styles and structure for better usability and accessibility.
- Removed unused Dropdown component and its associated styles.
- Enhanced action buttons in ResponsePane and Collection components with ActionIcon for better UI consistency.

* fix: Update HttpMethodSelector styles and tests for improved accessibility

- Changed the class name for the "Add Custom" button to include 'text-link' for better styling.
- Updated tests to use role-based queries for dropdown items, enhancing accessibility checks.
- Ensured the correct application of classes in tests to reflect the updated structure.

* refactor: Improve component accessibility and consistency

* fix: update hover behavior for collection actions menu in runner.ts

* refactor: streamline hover interactions for collection actions across tests

* refactor: enhance component structure and accessibility across response actions

* fix: correct fill property syntax in StyledWrapper for consistent styling

* refactor: simplify isDisabled logic in response components for clarity

* fix: correct tabIndex logic in ResponseCopy component for improved accessibility

* fix: update tabIndex logic in ResponseBookmark component for improved accessibility

* fix: enable action buttons in ResponsePaneActions for improved usability

* refactor: remove unnecessary tabIndex attributes in response components for improved accessibility

* refactor: remove keyDown event handlers from response components for cleaner interaction

* refactor: remove SidebarHeader component and related styles for improved structure
2025-12-16 18:26:38 +05:30
Bijin A B
05fe8b1b27 chore: repo-wide lint fixes 2025-12-04 01:37:20 +05:30
Pooja
f439f2de9a add: draft for collection and folder settings (#5947) 2025-11-12 11:11:12 +05:30
Anoop M D
8f754142c7 Merge branch 'pr-2077' into feat/oauth2-improvements 2025-01-23 16:45:51 +05:30
tlaloc911
5500070b49 ntlm auth (#3329)
Co-authored-by: Anoop M D <anoop.md1421@gmail.com>
2025-01-13 18:48:26 +05:30
Mateusz Pietryga
dd9cb21f8c feat: OAuth2 - UI for OAuth2 Credentials independent of the Request Output pane
fix: typo - rename OAuth2PasswordCredentials component
fix: typo - Use the same name for AuthMode - OAuth 2.0 in collection and request level
2024-09-23 21:59:16 +02:00
Sanjai Kumar
4d820af4e0 Improved Feat/wsse auth (#3172)
* adding wsse auth logic

* adding wsse auth logic to electron

* adding wsse auth formatting

* Refactoring WSSE 'secret' to 'password'

* Incorporating PR feedback

* Removed unused packages from package.json

* Fixed issue caused when resolving merge conflicts and added new route to test wsse

* Removed deprecated package usages from bruno-cli

* Fixed tests

---------

Co-authored-by: dwolter-emarsys <dylan.wolter@emarsys.com>
2024-09-23 17:46:31 +05:30
Sanjai Kumar
637e53421e Feat/api key auth (#2478)
* feat: Added ApiKeyAuth component

* feat: Add support for API Key authentication

- Added the ApiKeyAuth component to handle API Key authentication mode.
- Updated the AuthMode component to include an option for API Key authentication.
- Updated the collections schema to include validation for API Key authentication.
- Updated the collectionsSlice to handle API Key authentication in the Redux store.

* refactor: input value handlers

- Removed the separate handleKeyChange, handlePlacementChange and handleValueChange functions and consolidated them into handleAuthChange.

* feat: Update prepare-request to handle API Key authentication in query parameters

* refactor: handling the queryparams placement api key values in the ConfigureRequest function

* refactor: added collection level api key auth

* refactor: updated collection export function

* refactor: add default placement for API key authentication in ApiKeyAuth component

* refactor: add default placement for API key authentication in ApiKeyAuth component in CollectionSettings

* refactor: update generateAuth function to handle API key authentication in postman collection exporter

* refactor: fix typo in API key placement for collection export

* Made minor changes in the logic.

* Updated the importers for postman to handle new auth type.
2024-09-20 17:28:53 +05:30
lohit
858536e13d feat(#1003): collection level oauth2, access_token_url & scope for 'Client Credentials' and 'Password Credentials' grant types (#1691)
* feat(#1003): authorization_code grant type PKCE support, code cleanup..
---------

Co-authored-by: lohit-1 <lohit@usebruno.com>
2024-03-04 15:21:05 +05:30
Tasos Piotopoulos
3838848b03 Add Digest Auth Support (MD5) 2023-10-29 02:36:34 +00:00
Brian Rodgers
ba8bfc6d17 Added AWS SigV4 to collection auth 2023-10-11 17:00:47 -07:00
Anoop M D
1ce8d707f1 feat(#334): collection level headers, auth, scripts and tests 2023-10-09 06:18:05 +05:30