psa-systems/mokosh-apps
8
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix(auth): close OIDC callback role/uuid drift and flow defects #124

Merged
David merged 2 commits from fix/mapps-137-role-parser-uuid-oidc-defects into main 2026-06-13 15:33:28 +02:00
Conversation 0 Commits 2 Files changed 5 +72 -30
David commented 2026-06-13 07:38:40 +02:00
Owner
Copy link

Replace the hand-rolled 4-arm role match on the OIDC-callback path with the shared UserRole::from_str parser (same path as auth.rs:206 / :424) so super_admin/technician/dispatcher/sales no longer downgrade to the default role.

Reject an unparseable id_token subject by setting an error and returning early instead of substituting Uuid::nil(), which could collide or corrupt tenant-scoped writes.

In complete_login, check the OP error param before extracting code/state so an OP error response surfaces honestly instead of masking as "missing code".

In the google_oauth hook, batch both AuthContext mutations into one write to avoid a torn-state render, and deregister the message listener after the first valid message so repeated sign-ins do not accumulate duplicate sends.

Correct the tokens.rs and oidc/mod.rs module docs to state the implemented sessionStorage persistence rather than the stale in-memory-only / reload-reauthorizes claim.

#MAPPS-137

Replace the hand-rolled 4-arm role match on the OIDC-callback path with the shared UserRole::from_str parser (same path as auth.rs:206 / :424) so super_admin/technician/dispatcher/sales no longer downgrade to the default role. Reject an unparseable id_token subject by setting an error and returning early instead of substituting Uuid::nil(), which could collide or corrupt tenant-scoped writes. In complete_login, check the OP error param before extracting code/state so an OP error response surfaces honestly instead of masking as "missing code". In the google_oauth hook, batch both AuthContext mutations into one write to avoid a torn-state render, and deregister the message listener after the first valid message so repeated sign-ins do not accumulate duplicate sends. Correct the tokens.rs and oidc/mod.rs module docs to state the implemented sessionStorage persistence rather than the stale in-memory-only / reload-reauthorizes claim. #MAPPS-137
fix(auth): close OIDC callback role/uuid drift and flow defects
All checks were successful
Check / clippy + fmt + tests (pull_request) Successful in 2m2s
Details
147adbe722 
Replace the hand-rolled 4-arm role match on the OIDC-callback path with the shared UserRole::from_str parser (same path as auth.rs:206 / :424) so super_admin/technician/dispatcher/sales no longer downgrade to the default role.

Reject an unparseable id_token subject by setting an error and returning early instead of substituting Uuid::nil(), which could collide or corrupt tenant-scoped writes.

In complete_login, check the OP error param before extracting code/state so an OP error response surfaces honestly instead of masking as "missing code".

In the google_oauth hook, batch both AuthContext mutations into one write to avoid a torn-state render, and deregister the message listener after the first valid message so repeated sign-ins do not accumulate duplicate sends.

Correct the tokens.rs and oidc/mod.rs module docs to state the implemented sessionStorage persistence rather than the stale in-memory-only / reload-reauthorizes claim.

#MAPPS-137
Merge remote-tracking branch 'origin/main' into fix/mapps-137-role-parser-uuid-oidc-defects
All checks were successful
Check / clippy + fmt + tests (pull_request) Successful in 50s
Details
Create release / Create release from merged PR (pull_request) Has been skipped
Details
200fa61a48 
# Conflicts:
#	src/pages/auth_callback.rs
David merged commit 9e94768b45 into main 2026-06-13 15:33:28 +02:00
David deleted branch fix/mapps-137-role-parser-uuid-oidc-defects 2026-06-13 15:33:28 +02:00
Sign in to join this conversation.
Reviewers
No reviewers
Labels
Clear labels
No items
No labels
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
psa-systems/mokosh-apps!124
No description provided.