scottk/chatwoot
1
0
Fork 0
mirror of https://github.com/lingble/chatwoot.git synced 2025-11-29 09:33:35 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: fix account id

Browse Source
This commit is contained in:
Muhsin Keloth
2025-07-04 16:52:02 +05:30
parent 4c85a1c6c0
commit 8e98fd26b5
2 changed files with 21 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
app/controllers/github/callbacks_controller.rb
View File

@@ -2,23 +2,13 @@ class Github::CallbacksController < ApplicationController
include Github::IntegrationHelper include Github::IntegrationHelper
def show def show
# Log all received parameters for debugging
Rails.logger.info("GitHub callback received parameters: #{params.to_unsafe_h}")
Rails.logger.info("installation_id present: #{params[:installation_id].present?}")
Rails.logger.info("code present: #{params[:code].present?}")
Rails.logger.info("setup_action: #{params[:setup_action]}")
Rails.logger.info("state present: #{params[:state].present?}")
if params[:installation_id].present? && params[:code].present? if params[:installation_id].present? && params[:code].present?
Rails.logger.info('Handling installation with OAuth')
# Both installation and OAuth code present - handle both # Both installation and OAuth code present - handle both
handle_installation_with_oauth handle_installation_with_oauth
elsif params[:installation_id].present? elsif params[:installation_id].present?
Rails.logger.info('Handling installation only')
# Only installation_id present - redirect to OAuth # Only installation_id present - redirect to OAuth
handle_installation handle_installation
else else
Rails.logger.info('Handling authorization only')
# Only OAuth code present - handle authorization # Only OAuth code present - handle authorization
handle_authorization handle_authorization
end end
@@ -30,7 +20,6 @@ class Github::CallbacksController < ApplicationController
private private
def handle_installation_with_oauth def handle_installation_with_oauth
Rails.logger.info("Processing installation with OAuth - installation_id: #{params[:installation_id]}, code: #{params[:code]}")
# Handle both installation and OAuth in one go # Handle both installation and OAuth in one go
installation_id = params[:installation_id] installation_id = params[:installation_id]
@@ -43,7 +32,6 @@ class Github::CallbacksController < ApplicationController
end end
def handle_installation def handle_installation
Rails.logger.info("Processing installation only - setup_action: #{params[:setup_action]}, installation_id: #{params[:installation_id]}")
if params[:setup_action] == 'install' if params[:setup_action] == 'install'
installation_id = params[:installation_id] installation_id = params[:installation_id]
@@ -55,7 +43,6 @@ class Github::CallbacksController < ApplicationController
end end
def handle_authorization def handle_authorization
Rails.logger.info("Processing authorization only - code: #{params[:code]}")
@response = oauth_client.auth_code.get_token( @response = oauth_client.auth_code.get_token(
params[:code], params[:code],
redirect_uri: "#{base_url}/github/callback" redirect_uri: "#{base_url}/github/callback"
@@ -124,15 +111,23 @@ class Github::CallbacksController < ApplicationController
end end
def account def account
@account ||= Account.find(account_id) @account ||= account_from_state
end end
def account_id def account_from_state
# First try to get from state parameter (OAuth flow) raise ActionController::BadRequest, 'Missing state variable' if params[:state].blank?
return verify_github_token(params[:state]) if params[:state].present?
# Fallback to hardcoded account 1 for installation flow (temporary) # Try signed GlobalID first (installation flow)
1 account = GlobalID::Locator.locate_signed(params[:state])
return account if account
# Fallback to JWT token (direct OAuth flow)
account_id = verify_github_token(params[:state])
return Account.find(account_id) if account_id
raise 'Invalid or expired state'
rescue StandardError
raise ActionController::BadRequest, 'Invalid account context'
end end
def github_redirect_uri def github_redirect_uri
@@ -144,13 +139,11 @@ class Github::CallbacksController < ApplicationController
end end
def fallback_redirect_uri def fallback_redirect_uri
if account_id
github_redirect_uri github_redirect_uri
else rescue StandardError
# Fallback if no account context available # Fallback if no account context available
"#{ENV.fetch('FRONTEND_URL', nil)}/app/settings/integrations" "#{ENV.fetch('FRONTEND_URL', nil)}/app/settings/integrations"
end end
end
def parsed_body def parsed_body
@parsed_body ||= @response.response.parsed @parsed_body ||= @response.response.parsed

4
app/models/integrations/app.rb
View File

@@ -92,8 +92,10 @@ class Integrations::App
GlobalConfigService.load('GITHUB_CLIENT_ID', nil) GlobalConfigService.load('GITHUB_CLIENT_ID', nil)
# For GitHub Apps, we need to redirect to the installation page first # For GitHub Apps, we need to redirect to the installation page first
# Include state parameter with signed account ID for account context
github_app_name = GlobalConfigService.load('GITHUB_APP_NAME', 'chatwoot-qa') github_app_name = GlobalConfigService.load('GITHUB_APP_NAME', 'chatwoot-qa')
"https://github.com/apps/#{github_app_name}/installations/new" state = Current.account.to_signed_global_id(expires_in: 1.hour)
"https://github.com/apps/#{github_app_name}/installations/new?state=#{state}"
end end
def enabled?(account) def enabled?(account)