Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Pipeline with http basic auth double hashes password for target #4960

Open
hardillb opened this issue Dec 23, 2024 · 1 comment
Open

Pipeline with http basic auth double hashes password for target #4960

hardillb opened this issue Dec 23, 2024 · 1 comment
Labels
bug Something isn't working customer request requested by customer size:M - 3 Sizing estimation point
Milestone
2.13

Comments

@hardillb
Copy link
Contributor

hardillb commented Dec 23, 2024
edited by joepavitt
Loading

Current Behavior

If an instance is configured with HTTP basic auth security the password is stored as a hash, when deploying with pipeline the hashed password is hashed again rather than copied to the second instance.

Expected Behavior

The hash should be copied as is, not hashed agian

Steps To Reproduce

Create 2 instances
setup http basic auth on first instance
create pipeline between instances
deploy first to second
try and access http end point with username/password from first instance on second instance

Environment

  • FlowFuse version: 2.12.0
  • Node.js version: 18
  • npm version: 9
  • Platform/OS: FFC
  • Browser: NA

Customers Impacted

Have you provided an initial effort estimate for this issue?

I have provided an initial effort estimate
@hardillb hardillb added bug Something isn't working needs-triage Needs looking at to decide what to do size:M - 3 Sizing estimation point labels Dec 23, 2024
@joepavitt joepavitt added the customer request requested by customer label Dec 23, 2024
@joepavitt joepavitt removed the needs-triage Needs looking at to decide what to do label Dec 23, 2024
@joepavitt joepavitt moved this to Todo in 🛠 Development Dec 23, 2024
@joepavitt joepavitt added this to the 2.13 milestone Dec 23, 2024
@hardillb
Copy link
Contributor Author

This will be somewhere round here:

flowfuse/forge/db/controllers/ProjectTemplate.js

Lines 198 to 200 in aa77197

if (typeof result.httpNodeAuth?.pass === 'string' && result.httpNodeAuth.pass.length > 0) {
result.httpNodeAuth.pass = hash(result.httpNodeAuth.pass)
}

But need to check where else this code is used

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working customer request requested by customer size:M - 3 Sizing estimation point
Projects
🛠 Development
Status: Todo
Milestone
2.13
Development

No branches or pull requests
2 participants
@hardillb @joepavitt