Feature/confluence oauth (#3477)

* first cut at slack oauth flow * fix usage of hooks * fix button spacing * add additional error logging * no dev redirect * early cut at google drive oauth * second pass * switch to production uri's * try handling oauth_interactive differently * pass through client id and secret if uploaded * fix call * fix test * temporarily disable check for testing * Revert "temporarily disable check for testing" This reverts commit 4b5a022a5f. * support visibility in test * missed file * first cut at confluence oauth * work in progress * work in progress * work in progress * work in progress * work in progress * first cut at distributed locking * WIP to make test work * add some dev mode affordances and gate usage of redis behind dynamic credentials * mypy and credentials provider fixes * WIP * fix created at * fix setting initialValue on everything * remove debugging, fix ??? some TextFormField issues * npm fixes * comment cleanup * fix comments * pin the size of the card section * more review fixes * more fixes --------- Co-authored-by: Richard Kuo <rkuo@rkuo.com> Co-authored-by: Richard Kuo (Danswer) <rkuo@onyx.app>
2025-07-09 06:02:00 +02:00 · 2025-02-27 19:48:51 -08:00
parent cd84b65011
commit 909403a648
43 changed files with 2531 additions and 1119 deletions
--- a/backend/onyx/server/utils.py
+++ b/backend/onyx/server/utils.py
@ -46,13 +46,21 @@ def mask_string(sensitive_str: str) -> str:
    return "****...**" + sensitive_str[-4:]


+MASK_CREDENTIALS_WHITELIST = {
+    DB_CREDENTIALS_AUTHENTICATION_METHOD,
+    "wiki_base",
+    "cloud_name",
+    "cloud_id",
+}
+
+
 def mask_credential_dict(credential_dict: dict[str, Any]) -> dict[str, str]:
    masked_creds = {}
    for key, val in credential_dict.items():
        if isinstance(val, str):
            # we want to pass the authentication_method field through so the frontend
            # can disambiguate credentials created by different methods
-            if key == DB_CREDENTIALS_AUTHENTICATION_METHOD:
+            if key in MASK_CREDENTIALS_WHITELIST:
                masked_creds[key] = val
            else:
                masked_creds[key] = mask_string(val)
@ -63,8 +71,8 @@ def mask_credential_dict(credential_dict: dict[str, Any]) -> dict[str, str]:
            continue

        raise ValueError(
-            f"Unable to mask credentials of type other than string, cannot process request."
-            f"Recieved type: {type(val)}"
+            f"Unable to mask credentials of type other than string or int, cannot process request."
+            f"Received type: {type(val)}"
        )

    return masked_creds