这是indexloc提供的服务,不要输入任何密码
Skip to content

[pull] master from looker-open-source:master #107

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 2 commits into from
Oct 15, 2025
Merged

[pull] master from looker-open-source:master #107

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
2 commits
Select commit Hold shift + click to select a range
42ae7a3
Refactor to better separate v1 vs v2 oauth flows (#696)
bgraves-lo Oct 15, 2025
64092a8
Version bump to 1.5.26 (#697)
bgraves-lo Oct 15, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 11 additions & 0 deletions lib/actions/google/drive/google_drive.d.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -3,6 +3,10 @@ import { Credentials, OAuth2Client } from "google-auth-library";
import { drive_v3 } from "googleapis";
import * as Hub from "../../../hub";
import Drive = drive_v3.Drive;
interface OauthState {
tokenurl?: string;
stateurl?: string;
}
export declare class GoogleDriveAction extends Hub.OAuthActionV2 {
name: string;
label: string;
Expand Down Expand Up @@ -37,5 +41,12 @@ export declare class GoogleDriveAction extends Hub.OAuthActionV2 {
protected driveClientFromRequest(redirect: string, tokens: Credentials): Promise<drive_v3.Drive>;
protected getUserEmail(redirect: string, tokens: Credentials): Promise<string>;
protected validateUserInDomainAllowlist(domainAllowlist: string | undefined, redirect: string, tokens: Credentials, requestWebhookId: string | undefined): Promise<void>;
protected oauthFetchAndStoreInfo(urlParams: {
[key: string]: string;
}, redirectUri: string, statePayload: OauthState): Promise<void>;
protected oauthCreateLookerRedirectUrl(urlParams: {
[key: string]: string;
}, redirectUri: string, actionCrypto: Hub.ActionCrypto, statePayload: OauthState): Promise<string>;
private loginForm;
}
export {};
41 changes: 23 additions & 18 deletions lib/actions/google/drive/google_drive.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -225,29 +225,15 @@ class GoogleDriveAction extends Hub.OAuthActionV2 {
throw err;
});
const statePayload = JSON.parse(plaintext);
if (statePayload.hasOwnProperty("tokenurl")) {
if (statePayload.tokenurl) {
// redirect user back to Looker with context
winston.info("Redirected with V2 flow");
const newState = {
code: urlParams.code,
redirecturi: redirectUri,
};
const jsonString = JSON.stringify(newState);
const ciphertextBlob = await actionCrypto.encrypt(jsonString).catch((err) => {
winston.error("Encryption not correctly configured");
throw err;
});
return `${statePayload.tokenurl}?state=${ciphertextBlob}`;
return this.oauthCreateLookerRedirectUrl(urlParams, redirectUri, actionCrypto, statePayload);
}
else {
// Pass back context to Looker
winston.info("Posting1 to " + statePayload.stateurl);
const tokens = await this.getAccessTokenCredentialsFromCode(redirectUri, urlParams.code);
winston.info("Posting2 to " + statePayload.stateurl);
await https.post({
url: statePayload.stateurl,
body: JSON.stringify({ tokens, redirect: redirectUri }),
}).catch((_err) => { winston.error(_err.toString()); });
winston.info("Redirected with V1 flow");
await this.oauthFetchAndStoreInfo(urlParams, redirectUri, statePayload);
return "";
}
}
Expand Down Expand Up @@ -420,6 +406,25 @@ class GoogleDriveAction extends Hub.OAuthActionV2 {
}
}
}
async oauthFetchAndStoreInfo(urlParams, redirectUri, statePayload) {
const tokens = await this.getAccessTokenCredentialsFromCode(redirectUri, urlParams.code);
await https.post({
url: statePayload.stateurl,
body: JSON.stringify({ tokens, redirect: redirectUri }),
}).catch((_err) => { winston.error(_err.toString()); });
}
async oauthCreateLookerRedirectUrl(urlParams, redirectUri, actionCrypto, statePayload) {
const newState = {
code: urlParams.code,
redirecturi: redirectUri,
};
const jsonString = JSON.stringify(newState);
const ciphertextBlob = await actionCrypto.encrypt(jsonString).catch((err) => {
winston.error("Encryption not correctly configured");
throw err;
});
return `${statePayload.tokenurl}?state=${ciphertextBlob}`;
}
async loginForm(request) {
const form = new Hub.ActionForm();
form.fields = [];
Expand Down
2 changes: 1 addition & 1 deletion package.json
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "looker-action-hub",
"version": "1.5.20",
"version": "1.5.26",
"description": "",
"main": "lib/index",
"scripts": {
Expand Down
64 changes: 43 additions & 21 deletions src/actions/google/drive/google_drive.ts
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,11 @@ import { DomainValidator } from "./domain_validator"
const LOG_PREFIX = "[GOOGLE_DRIVE]"
const FOLDERID_REGEX = /\/folders\/(?<folderId>[^\/?]+)/

interface OauthState {
tokenurl?: string
stateurl?: string
}

export class GoogleDriveAction extends Hub.OAuthActionV2 {
name = "google_drive"
label = "Google Drive"
Expand Down Expand Up @@ -263,31 +268,16 @@ export class GoogleDriveAction extends Hub.OAuthActionV2 {
winston.error("Encryption not correctly configured" + err)
throw err
})
const statePayload: OauthState = JSON.parse(plaintext)

const statePayload = JSON.parse(plaintext)
if (statePayload.hasOwnProperty("tokenurl")) {
if (statePayload.tokenurl) {
// redirect user back to Looker with context
winston.info("Redirected with V2 flow")
const newState = {
code: urlParams.code,
redirecturi: redirectUri,
}
const jsonString = JSON.stringify(newState)
const ciphertextBlob = await actionCrypto.encrypt(jsonString).catch((err: string) => {
winston.error("Encryption not correctly configured")
throw err
})

return `${statePayload.tokenurl}?state=${ciphertextBlob}`
return this.oauthCreateLookerRedirectUrl(urlParams, redirectUri, actionCrypto, statePayload)
} else {
// Pass back context to Looker
winston.info("Posting1 to " + statePayload.stateurl)
const tokens = await this.getAccessTokenCredentialsFromCode(redirectUri, urlParams.code)
winston.info("Posting2 to " + statePayload.stateurl)
await https.post({
url: statePayload.stateurl,
body: JSON.stringify({tokens, redirect: redirectUri}),
}).catch((_err) => { winston.error(_err.toString()) })
winston.info("Redirected with V1 flow")
await this.oauthFetchAndStoreInfo(urlParams, redirectUri, statePayload)
return ""
}
}
Expand Down Expand Up @@ -480,13 +470,45 @@ export class GoogleDriveAction extends Hub.OAuthActionV2 {

}

protected async oauthFetchAndStoreInfo(
urlParams: { [key: string]: string },
redirectUri: string,
statePayload: OauthState,
) {
const tokens = await this.getAccessTokenCredentialsFromCode(redirectUri, urlParams.code)
await https.post({
url: statePayload.stateurl!,
body: JSON.stringify({tokens, redirect: redirectUri}),
}).catch((_err) => { winston.error(_err.toString()) })
}

protected async oauthCreateLookerRedirectUrl(
urlParams: { [key: string]: string },
redirectUri: string,
actionCrypto: Hub.ActionCrypto,
statePayload: OauthState,
) {
const newState = {
code: urlParams.code,
redirecturi: redirectUri,
}
const jsonString = JSON.stringify(newState)
const ciphertextBlob = await actionCrypto.encrypt(jsonString).catch((err: string) => {
winston.error("Encryption not correctly configured")
throw err
})

return `${statePayload.tokenurl!}?state=${ciphertextBlob}`
}

private async loginForm(request: Hub.ActionRequest) {
const form = new Hub.ActionForm()
form.fields = []

const hasTokenUrl = request.params.hasOwnProperty("state_redir_url")
winston.info(`Using ${hasTokenUrl ? "V2" : "V1"} flow`)
const state = hasTokenUrl ? {tokenurl: request.params.state_redir_url} : {stateurl: request.params.state_url}
const state: OauthState =
hasTokenUrl ? {tokenurl: request.params.state_redir_url} : {stateurl: request.params.state_url}
const jsonString = JSON.stringify(state)

const actionCrypto = new Hub.ActionCrypto()
Expand Down