Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Downgrade pkce-challenge to fix authentication for insecure (HTTP) contexts #2510

Merged
merged 1 commit into from
Mar 29, 2024
Merged

Downgrade pkce-challenge to fix authentication for insecure (HTTP) contexts #2510

merged 1 commit into from
Mar 29, 2024

Conversation

florian-h05
Copy link
Contributor

@florian-h05 florian-h05 commented Mar 29, 2024
edited
Loading

Regression from #2488.

Version 4.x of pkce-challenge uses the Web Crypto API, which is only available in secure contexts (https) in most browsers.
This broke the login when accessing the UI over an insecure (plain HTTP) connection.
See https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API.

@florian-h05
Downgrade pkce-challenge to 3.x
4347696 
Version 4.x of pkce-challenge uses the Web Crypto API, which is only available in secure contexts (https) in most browsers.
See https://developer.mozilla.org/en-US/docs/Web/API/Web_Crypto_API.

Signed-off-by: Florian Hotze <florianh_dev@icloud.com>
@florian-h05 florian-h05 requested a review from a team as a code owner March 29, 2024 13:25
@florian-h05 florian-h05 added this to the 4.2 milestone Mar 29, 2024
@florian-h05 florian-h05 changed the title Downgrade pkce-challenge to 3.x Downgrade pkce-challenge to 3.x because web crypto API only available with HTTPS Mar 29, 2024
@florian-h05 florian-h05 changed the title Downgrade pkce-challenge to 3.x because web crypto API only available with HTTPS Downgrade pkce-challenge to fix authentication for insecure (HTTP) contexts Mar 29, 2024
@relativeci RelativeCI
Copy link

relativeci bot commented Mar 29, 2024

Job #1875: Bundle Size — 10.56MiB (+0.06%).

4347696(current) vs 01203e1 main#1874(baseline)

Warning

Bundle contains 2 duplicate packages – View duplicate packages

Warning

Bundle introduced one new package: crypto-js – View changed packages

Bundle metrics  Change 3 changes Regression 1 regression Improvement 1 improvement
                 Current
Job #1875		      Baseline
Job #1874
Improvement  Initial JS 1.86MiB(~-0.01%) 1.86MiB
No change  Initial CSS 607.87KiB 607.87KiB
No change  Cache Invalidation 17.64% 17.64%
No change  Chunks 223 223
No change  Assets 246 246
Change  Modules 2861(+0.18%) 2856
No change  Duplicate Modules 141 141
No change  Duplicate Code 1.73% 1.73%
Regression  Packages 95(+1.06%) 94
No change  Duplicate Packages 2 2
Bundle size by type  Change 1 change Regression 1 regression
                 Current
Job #1875		      Baseline
Job #1874
Regression  JS 8.75MiB (+0.08%) 8.74MiB
Not changed  CSS 890.03KiB 890.03KiB
Not changed  Fonts 526.1KiB 526.1KiB
Not changed  Media 295.6KiB 295.6KiB
Not changed  IMG 140.74KiB 140.74KiB
Not changed  HTML 1.24KiB 1.24KiB
Not changed  Other 871B 871B

View job #1875 reportView florian-h05:pkce-challenge branch activityView project dashboard

@florian-h05 florian-h05 merged commit 4d5a4a4 into openhab:main Mar 29, 2024
6 checks passed
@florian-h05 florian-h05 deleted the pkce-challenge branch March 29, 2024 13:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
main ui Main UI regression
Projects
None yet
Milestone
4.2
Development

Successfully merging this pull request may close these issues.
1 participant
@florian-h05