feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
import * as E from "fp-ts/Either"
|
|
|
|
|
|
|
|
|
|
import { BehaviorSubject, Subject } from "rxjs"
|
|
|
|
|
import { Ref, ref, watch } from "vue"
|
|
|
|
|
|
|
|
|
|
import { content } from "@hoppscotch/kernel"
|
|
|
|
|
|
|
|
|
|
import { Io } from "@hoppscotch/common/kernel/io"
|
|
|
|
|
import { listen } from "@tauri-apps/api/event"
|
|
|
|
|
import { getService } from "@hoppscotch/common/modules/dioc"
|
|
|
|
|
import { parseBodyAsJSON } from "@hoppscotch/common/helpers/functional/json"
|
|
|
|
|
import { AuthEvent, AuthPlatformDef } from "@hoppscotch/common/platform/auth"
|
|
|
|
|
import { PersistenceService } from "@hoppscotch/common/services/persistence"
|
|
|
|
|
import { KernelInterceptorService } from "@hoppscotch/common/services/kernel-interceptor.service"
|
|
|
|
|
|
|
|
|
|
import Login from "@platform-components/Login.vue"
|
|
|
|
|
import { getAllowedAuthProviders, updateUserDisplayName } from "./api"
|
|
|
|
|
|
|
|
|
|
export type HoppUserWithAuthDetail = {
|
|
|
|
|
uid: string
|
|
|
|
|
displayName: string | null
|
|
|
|
|
email: string | null
|
|
|
|
|
photoURL: string | null
|
|
|
|
|
provider?: string
|
|
|
|
|
accessToken?: string
|
|
|
|
|
refreshToken?: string
|
|
|
|
|
emailVerified: boolean
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
interface GQLResponse {
|
|
|
|
|
data?: {
|
|
|
|
|
me: HoppUserWithAuthDetail
|
|
|
|
|
}
|
|
|
|
|
errors?: Array<{ message: string }>
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export const authEvents$ = new Subject<AuthEvent>()
|
|
|
|
|
export const currentUser$ = new BehaviorSubject<HoppUserWithAuthDetail | null>(
|
|
|
|
|
null
|
|
|
|
|
)
|
|
|
|
|
export const probableUser$ = new BehaviorSubject<HoppUserWithAuthDetail | null>(
|
|
|
|
|
null
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const isGettingInitialUser: Ref<null | boolean> = ref(null)
|
|
|
|
|
|
|
|
|
|
const persistenceService = getService(PersistenceService)
|
|
|
|
|
const interceptorService = getService(KernelInterceptorService)
|
|
|
|
|
|
|
|
|
|
async function logout() {
|
|
|
|
|
const { response } = interceptorService.execute({
|
|
|
|
|
id: Date.now(),
|
|
|
|
|
url: `${import.meta.env.VITE_BACKEND_API_URL}/auth/logout`,
|
|
|
|
|
version: "HTTP/1.1",
|
|
|
|
|
method: "GET",
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
await response
|
|
|
|
|
await persistenceService.removeLocalConfig("refresh_token")
|
|
|
|
|
await persistenceService.removeLocalConfig("access_token")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function signInUserWithGithubFB() {
|
|
|
|
|
await Io.openExternalLink({
|
2025-07-25 07:12:51 +00:00
|
|
|
url: `${
|
|
|
|
|
import.meta.env.VITE_BACKEND_API_URL
|
|
|
|
|
}/auth/github?redirect_uri=desktop`,
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function signInUserWithGoogleFB() {
|
|
|
|
|
await Io.openExternalLink({
|
2025-07-25 07:12:51 +00:00
|
|
|
url: `${
|
|
|
|
|
import.meta.env.VITE_BACKEND_API_URL
|
|
|
|
|
}/auth/google?redirect_uri=desktop`,
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function signInUserWithMicrosoftFB() {
|
|
|
|
|
await Io.openExternalLink({
|
2025-07-25 07:12:51 +00:00
|
|
|
url: `${
|
|
|
|
|
import.meta.env.VITE_BACKEND_API_URL
|
|
|
|
|
}/auth/microsoft?redirect_uri=desktop`,
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function getInitialUserDetails(): Promise<
|
|
|
|
|
GQLResponse | { error: string }
|
|
|
|
|
> {
|
|
|
|
|
try {
|
|
|
|
|
const accessToken = await persistenceService.getLocalConfig("access_token")
|
2025-07-28 18:20:36 +00:00
|
|
|
const refreshToken =
|
|
|
|
|
await persistenceService.getLocalConfig("refresh_token")
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
|
|
|
|
|
if (!accessToken || !refreshToken) {
|
|
|
|
|
return { error: "auth/cookies_not_found" }
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const { response } = interceptorService.execute({
|
|
|
|
|
id: Date.now(),
|
|
|
|
|
url: `${import.meta.env.VITE_BACKEND_GQL_URL}`,
|
|
|
|
|
method: "POST",
|
|
|
|
|
version: "HTTP/1.1",
|
|
|
|
|
headers: {
|
|
|
|
|
Authorization: `Bearer ${accessToken}`,
|
fix(web): add explicit headers following prior normalization (#4951)
These changes add explicit `Content-Type` headers to direct (via `native` interceptor)
authentication requests after changes made in [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931) that modified how `Content-Type`
headers are handled in the `relay` plugin.
In [issue #4905](https://github.com/hoppscotch/hoppscotch/issues/4905), that was about Hoppscotch Agent and Native interceptor inconsistently
handling `Content-Type` headers. The issue had two main manifestations,
duplicate headers - when overriding the `Content-Type` header in the UI or using OAuth2 authentication, the agent
would send multiple `Content-Type` headers to the web server. This caused undefined behavior
and often 400 errors for backends that don't accept duplicate headers.
And inconsistent overrides - even when the content type was explicitly set (for example to
`application/json;v=2`), the agent/native would inconsistently apply this override. Server
logs revealed that roughly 50% of requests would use the correct override value, while the
others would revert to the default `application/json`.
The two-part solution implemented first in [PR #4911](https://github.com/hoppscotch/hoppscotch/pull/4911) addressed the duplicate headers issue
by implementing header normalization before final relay. This prevented duplicate headers
with different casing from being sent and [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931) then resolved the inconsistent override
behavior by removing the automatic `Content-Type` header insertion in the `ContentHandler`
component. As explained in the PR description, this was a temporary workaround until we
implement a HTTP/2-compliant solution with proper normalization.
While the fixes in PR #4911 and #4931 correctly resolved the header inconsistency issues
for general API requests, they introduced a new problem: **requests that previously relied
on the automatic `Content-Type` insertion now have no `Content-Type` header at all**.
This mainly affects direct calls around authentication flows in the desktop module, which
were using the `content.json()` functionality without explicitly setting `Content-Type`
headers, relying on the automatic insertion that has now been removed.
These changes add the now-required explicit `Content-Type` headers to three
authentication-related API calls in the desktop platform module:
- **The initial user details GraphQL query**:
```javascript
headers: {
Authorization: `Bearer ${accessToken}`,
"Content-Type": "application/json",
},
```
- **The magic link email submission endpoint**:
```javascript
headers: {
"Content-Type": "application/json",
},
```
- **The token verification endpoint**:
```javascript
headers: {
"Content-Type": "application/json",
},
```
This will make sure that authentication flows continue to work properly with the native
interceptor after the header handling changes.
As noted in [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931), this is considered a **temporary solution**. The plan is to revisit the
content-type handling when we implement a more comprehensive HTTP/2-compliant header
normalization system in the kernel layer.
While HTTP/1.1 headers are case-insensitive
per [RFC 7230](https://tools.ietf.org/html/rfc7230), inconsistent handling across server implementations can treat differently-cased
variations as distinct headers. HTTP/2 ([RFC 7540](https://tools.ietf.org/html/rfc7540)) mandates converting all header field
names to lowercase, which would prevent these issues altogether. In such cases, relying
fully on `MediaType` interface from the kernel will help handling these edge-cases.
2025-04-04 09:15:05 +00:00
|
|
|
"Content-Type": "application/json",
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
},
|
|
|
|
|
content: content.json({
|
|
|
|
|
query: `query Me {
|
|
|
|
|
me {
|
|
|
|
|
uid
|
|
|
|
|
displayName
|
|
|
|
|
email
|
|
|
|
|
photoURL
|
|
|
|
|
isAdmin
|
|
|
|
|
createdOn
|
|
|
|
|
}
|
|
|
|
|
}`,
|
|
|
|
|
}),
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const responseBytes = await response
|
|
|
|
|
|
|
|
|
|
if (E.isLeft(responseBytes)) {
|
|
|
|
|
return { error: "auth/cookies_not_found" }
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const res = parseBodyAsJSON<GQLResponse>(responseBytes.right.body)
|
|
|
|
|
if (res._tag == "Some" && res.value.data?.me) {
|
|
|
|
|
return {
|
|
|
|
|
data: {
|
|
|
|
|
me: {
|
|
|
|
|
...res.value.data.me,
|
|
|
|
|
refreshToken,
|
|
|
|
|
accessToken,
|
|
|
|
|
emailVerified: true,
|
|
|
|
|
},
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
return { error: "auth/cookies_not_found" }
|
|
|
|
|
} catch (error) {
|
|
|
|
|
return { error: "auth/cookies_not_found" }
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function setUser(user: HoppUserWithAuthDetail | null) {
|
|
|
|
|
const accessToken = await persistenceService.getLocalConfig("access_token")
|
|
|
|
|
const refreshToken = await persistenceService.getLocalConfig("refresh_token")
|
|
|
|
|
|
|
|
|
|
if (!accessToken || !refreshToken) return null
|
|
|
|
|
|
|
|
|
|
const userWithToken =
|
|
|
|
|
user && accessToken && refreshToken
|
|
|
|
|
? {
|
|
|
|
|
...user,
|
|
|
|
|
accessToken,
|
|
|
|
|
refreshToken,
|
|
|
|
|
}
|
|
|
|
|
: null
|
|
|
|
|
|
|
|
|
|
currentUser$.next(userWithToken)
|
|
|
|
|
probableUser$.next(userWithToken)
|
|
|
|
|
await persistenceService.setLocalConfig(
|
|
|
|
|
"login_state",
|
|
|
|
|
JSON.stringify(userWithToken)
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export async function setInitialUser() {
|
|
|
|
|
isGettingInitialUser.value = true
|
|
|
|
|
const res = await getInitialUserDetails()
|
|
|
|
|
|
|
|
|
|
if ("error" in res) {
|
|
|
|
|
await setUser(null)
|
|
|
|
|
isGettingInitialUser.value = false
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (res.errors?.[0]?.message === "Unauthorized") {
|
|
|
|
|
const isRefreshSuccess = await refreshToken()
|
|
|
|
|
if (isRefreshSuccess) {
|
|
|
|
|
await setInitialUser()
|
|
|
|
|
} else {
|
|
|
|
|
await setUser(null)
|
|
|
|
|
isGettingInitialUser.value = false
|
|
|
|
|
}
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (res.data?.me) {
|
|
|
|
|
const hoppBackendUser = res.data.me
|
|
|
|
|
const accessToken = await persistenceService.getLocalConfig("access_token")
|
|
|
|
|
if (!accessToken) return null
|
|
|
|
|
|
|
|
|
|
if (!accessToken) {
|
|
|
|
|
await setUser(null)
|
|
|
|
|
isGettingInitialUser.value = false
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const HoppUserWithAuthDetail: HoppUserWithAuthDetail = {
|
|
|
|
|
uid: hoppBackendUser.uid,
|
|
|
|
|
displayName: hoppBackendUser.displayName,
|
|
|
|
|
email: hoppBackendUser.email,
|
|
|
|
|
photoURL: hoppBackendUser.photoURL,
|
|
|
|
|
emailVerified: true,
|
|
|
|
|
accessToken,
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
await setUser(HoppUserWithAuthDetail)
|
|
|
|
|
isGettingInitialUser.value = false
|
|
|
|
|
|
|
|
|
|
authEvents$.next({
|
|
|
|
|
event: "login",
|
|
|
|
|
user: HoppUserWithAuthDetail,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function refreshToken() {
|
|
|
|
|
try {
|
2025-07-28 18:20:36 +00:00
|
|
|
const refreshToken =
|
|
|
|
|
await persistenceService.getLocalConfig("refresh_token")
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
if (!refreshToken) return null
|
|
|
|
|
|
|
|
|
|
const { response } = interceptorService.execute({
|
|
|
|
|
id: Date.now(),
|
|
|
|
|
url: `${import.meta.env.VITE_BACKEND_API_URL}/auth/refresh`,
|
|
|
|
|
method: "GET",
|
|
|
|
|
version: "HTTP/1.1",
|
|
|
|
|
headers: {
|
|
|
|
|
Authorization: `Bearer ${refreshToken}`,
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const res = await response
|
|
|
|
|
if (E.isLeft(res)) return false
|
|
|
|
|
|
|
|
|
|
await setAuthCookies(res.right.headers)
|
|
|
|
|
const isSuccessful = res.right.status === 200
|
|
|
|
|
|
|
|
|
|
if (isSuccessful && currentUser$.value) {
|
|
|
|
|
authEvents$.next({
|
|
|
|
|
event: "login",
|
|
|
|
|
user: {
|
|
|
|
|
uid: currentUser$.value.uid,
|
|
|
|
|
displayName: currentUser$.value.displayName,
|
|
|
|
|
email: currentUser$.value.email,
|
|
|
|
|
photoURL: currentUser$.value.photoURL,
|
|
|
|
|
emailVerified: currentUser$.value.emailVerified,
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return isSuccessful
|
|
|
|
|
} catch (err) {
|
|
|
|
|
return false
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function sendMagicLink(email: string) {
|
|
|
|
|
const { response } = interceptorService.execute({
|
|
|
|
|
id: Date.now(),
|
|
|
|
|
url: `${import.meta.env.VITE_BACKEND_API_URL}/auth/signin?origin=desktop`,
|
|
|
|
|
version: "HTTP/1.1",
|
|
|
|
|
method: "POST",
|
fix(web): add explicit headers following prior normalization (#4951)
These changes add explicit `Content-Type` headers to direct (via `native` interceptor)
authentication requests after changes made in [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931) that modified how `Content-Type`
headers are handled in the `relay` plugin.
In [issue #4905](https://github.com/hoppscotch/hoppscotch/issues/4905), that was about Hoppscotch Agent and Native interceptor inconsistently
handling `Content-Type` headers. The issue had two main manifestations,
duplicate headers - when overriding the `Content-Type` header in the UI or using OAuth2 authentication, the agent
would send multiple `Content-Type` headers to the web server. This caused undefined behavior
and often 400 errors for backends that don't accept duplicate headers.
And inconsistent overrides - even when the content type was explicitly set (for example to
`application/json;v=2`), the agent/native would inconsistently apply this override. Server
logs revealed that roughly 50% of requests would use the correct override value, while the
others would revert to the default `application/json`.
The two-part solution implemented first in [PR #4911](https://github.com/hoppscotch/hoppscotch/pull/4911) addressed the duplicate headers issue
by implementing header normalization before final relay. This prevented duplicate headers
with different casing from being sent and [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931) then resolved the inconsistent override
behavior by removing the automatic `Content-Type` header insertion in the `ContentHandler`
component. As explained in the PR description, this was a temporary workaround until we
implement a HTTP/2-compliant solution with proper normalization.
While the fixes in PR #4911 and #4931 correctly resolved the header inconsistency issues
for general API requests, they introduced a new problem: **requests that previously relied
on the automatic `Content-Type` insertion now have no `Content-Type` header at all**.
This mainly affects direct calls around authentication flows in the desktop module, which
were using the `content.json()` functionality without explicitly setting `Content-Type`
headers, relying on the automatic insertion that has now been removed.
These changes add the now-required explicit `Content-Type` headers to three
authentication-related API calls in the desktop platform module:
- **The initial user details GraphQL query**:
```javascript
headers: {
Authorization: `Bearer ${accessToken}`,
"Content-Type": "application/json",
},
```
- **The magic link email submission endpoint**:
```javascript
headers: {
"Content-Type": "application/json",
},
```
- **The token verification endpoint**:
```javascript
headers: {
"Content-Type": "application/json",
},
```
This will make sure that authentication flows continue to work properly with the native
interceptor after the header handling changes.
As noted in [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931), this is considered a **temporary solution**. The plan is to revisit the
content-type handling when we implement a more comprehensive HTTP/2-compliant header
normalization system in the kernel layer.
While HTTP/1.1 headers are case-insensitive
per [RFC 7230](https://tools.ietf.org/html/rfc7230), inconsistent handling across server implementations can treat differently-cased
variations as distinct headers. HTTP/2 ([RFC 7540](https://tools.ietf.org/html/rfc7540)) mandates converting all header field
names to lowercase, which would prevent these issues altogether. In such cases, relying
fully on `MediaType` interface from the kernel will help handling these edge-cases.
2025-04-04 09:15:05 +00:00
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json",
|
|
|
|
|
},
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
content: content.json({ email }),
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const res = await response
|
|
|
|
|
if (E.isLeft(res)) throw new Error("Failed to send magic link")
|
|
|
|
|
|
|
|
|
|
if (res.right.data && res.right.data.deviceIdentifier) {
|
|
|
|
|
await persistenceService.setLocalConfig(
|
|
|
|
|
"deviceIdentifier",
|
|
|
|
|
res.right.data.deviceIdentifier
|
|
|
|
|
)
|
|
|
|
|
} else {
|
|
|
|
|
throw new Error("Does not get device identifier")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return res.right.data
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
async function setAuthCookies(headers: Headers) {
|
|
|
|
|
const cookieHeader = headers.get("set-cookie")
|
2025-11-10 17:40:43 +00:00
|
|
|
if (!cookieHeader) return
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
|
2025-11-10 17:40:43 +00:00
|
|
|
const accessTMatch = cookieHeader.match(/access_token=([^;,\s]+)/)
|
|
|
|
|
const refreshTMatch = cookieHeader.match(/refresh_token=([^;,\s]+)/)
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
|
2025-11-10 17:40:43 +00:00
|
|
|
if (accessTMatch) {
|
|
|
|
|
await persistenceService.setLocalConfig("access_token", accessTMatch[1])
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
}
|
2025-11-10 17:40:43 +00:00
|
|
|
if (refreshTMatch) {
|
|
|
|
|
await persistenceService.setLocalConfig("refresh_token", refreshTMatch[1])
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
export const def: AuthPlatformDef = {
|
|
|
|
|
customLoginSelectorUI: Login,
|
|
|
|
|
getCurrentUserStream: () => currentUser$,
|
|
|
|
|
getAuthEventsStream: () => authEvents$,
|
|
|
|
|
getProbableUserStream: () => probableUser$,
|
|
|
|
|
getCurrentUser: () => currentUser$.value,
|
|
|
|
|
getProbableUser: () => probableUser$.value,
|
|
|
|
|
|
|
|
|
|
async getAllowedAuthProviders() {
|
|
|
|
|
return await getAllowedAuthProviders()
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
getBackendHeaders() {
|
|
|
|
|
const accessToken = currentUser$.value?.accessToken
|
|
|
|
|
return accessToken
|
|
|
|
|
? {
|
|
|
|
|
Authorization: `Bearer ${accessToken}`,
|
|
|
|
|
}
|
|
|
|
|
: ({} as Record<string, string>)
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
getGQLClientOptions() {
|
|
|
|
|
const accessToken = currentUser$.value?.accessToken
|
|
|
|
|
return {
|
|
|
|
|
// For GraphQL subscriptions via WebSocket
|
|
|
|
|
connectionParams: accessToken
|
|
|
|
|
? {
|
|
|
|
|
Authorization: `Bearer ${accessToken}`,
|
|
|
|
|
}
|
|
|
|
|
: undefined,
|
|
|
|
|
// For regular HTTP queries
|
|
|
|
|
fetchOptions: {
|
|
|
|
|
headers: accessToken
|
|
|
|
|
? { Authorization: `Bearer ${accessToken}` }
|
|
|
|
|
: undefined,
|
|
|
|
|
},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
axiosPlatformConfig() {
|
|
|
|
|
const accessToken = currentUser$.value?.accessToken
|
|
|
|
|
return {
|
|
|
|
|
headers: accessToken
|
|
|
|
|
? {
|
|
|
|
|
Authorization: `Bearer ${accessToken}`,
|
|
|
|
|
}
|
|
|
|
|
: {},
|
|
|
|
|
}
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
willBackendHaveAuthError() {
|
|
|
|
|
return !currentUser$.value
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
onBackendGQLClientShouldReconnect(func) {
|
|
|
|
|
authEvents$.subscribe((event) => {
|
|
|
|
|
if (event.event === "login" || event.event === "logout") {
|
|
|
|
|
func()
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
isSignInWithEmailLink(url: string) {
|
|
|
|
|
const urlObject = new URL(url)
|
|
|
|
|
const searchParams = new URLSearchParams(urlObject.search)
|
|
|
|
|
return searchParams.has("token")
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async processMagicLink(): Promise<void> {
|
|
|
|
|
return Promise.resolve()
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
getDevOptsBackendIDToken() {
|
|
|
|
|
return null
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async performAuthInit() {
|
|
|
|
|
const loginState = await persistenceService.getLocalConfig("login_state")
|
|
|
|
|
const probableUser = JSON.parse(loginState ?? "null")
|
|
|
|
|
probableUser$.next(probableUser)
|
|
|
|
|
await setInitialUser()
|
|
|
|
|
|
|
|
|
|
await listen<string>(
|
|
|
|
|
"scheme-request-received",
|
|
|
|
|
async (event: { payload: string }) => {
|
|
|
|
|
const deepLink = event.payload
|
|
|
|
|
const params = new URLSearchParams(deepLink.split("?")[1])
|
|
|
|
|
|
|
|
|
|
const accessToken = params.get("access_token")
|
|
|
|
|
const refreshToken = params.get("refresh_token")
|
|
|
|
|
const token = params.get("token")
|
|
|
|
|
|
|
|
|
|
if (accessToken && refreshToken) {
|
|
|
|
|
await persistenceService.setLocalConfig("access_token", accessToken)
|
|
|
|
|
await persistenceService.setLocalConfig("refresh_token", refreshToken)
|
|
|
|
|
return
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (token) {
|
|
|
|
|
await persistenceService.setLocalConfig("verifyToken", token)
|
|
|
|
|
await this.signInWithEmailLink("", "")
|
|
|
|
|
await setInitialUser()
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
waitProbableLoginToConfirm() {
|
|
|
|
|
return new Promise<void>((resolve, reject) => {
|
|
|
|
|
if (this.getCurrentUser()) {
|
|
|
|
|
resolve()
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if (!probableUser$.value) reject(new Error("no_probable_user"))
|
|
|
|
|
|
|
|
|
|
const unwatch = watch(isGettingInitialUser, (val) => {
|
|
|
|
|
if (val === true || val === false) {
|
|
|
|
|
resolve()
|
|
|
|
|
unwatch()
|
|
|
|
|
}
|
|
|
|
|
})
|
|
|
|
|
})
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async signInWithEmail(email: string) {
|
|
|
|
|
await sendMagicLink(email)
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async verifyEmailAddress() {
|
|
|
|
|
return
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async signInUserWithGoogle() {
|
|
|
|
|
await signInUserWithGoogleFB()
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async signInUserWithGithub() {
|
|
|
|
|
await signInUserWithGithubFB()
|
|
|
|
|
return undefined
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async signInUserWithMicrosoft() {
|
|
|
|
|
await signInUserWithMicrosoftFB()
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async signInWithEmailLink(_email: string, url: string) {
|
2025-07-28 18:20:36 +00:00
|
|
|
const deviceIdentifier =
|
|
|
|
|
await persistenceService.getLocalConfig("deviceIdentifier")
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
|
|
|
|
|
if (!deviceIdentifier) {
|
|
|
|
|
throw new Error(
|
|
|
|
|
"Device Identifier not found, you can only signin from the browser you generated the magic link"
|
|
|
|
|
)
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const urlObject = new URL(url)
|
|
|
|
|
const searchParams = new URLSearchParams(urlObject.search)
|
|
|
|
|
const token = searchParams.get("token")
|
|
|
|
|
const verifyToken =
|
|
|
|
|
token || (await persistenceService.getLocalConfig("verifyToken"))
|
|
|
|
|
|
|
|
|
|
const { response } = interceptorService.execute({
|
|
|
|
|
id: Date.now(),
|
|
|
|
|
url: `${import.meta.env.VITE_BACKEND_API_URL}/auth/verify`,
|
|
|
|
|
version: "HTTP/1.1",
|
|
|
|
|
method: "POST",
|
fix(web): add explicit headers following prior normalization (#4951)
These changes add explicit `Content-Type` headers to direct (via `native` interceptor)
authentication requests after changes made in [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931) that modified how `Content-Type`
headers are handled in the `relay` plugin.
In [issue #4905](https://github.com/hoppscotch/hoppscotch/issues/4905), that was about Hoppscotch Agent and Native interceptor inconsistently
handling `Content-Type` headers. The issue had two main manifestations,
duplicate headers - when overriding the `Content-Type` header in the UI or using OAuth2 authentication, the agent
would send multiple `Content-Type` headers to the web server. This caused undefined behavior
and often 400 errors for backends that don't accept duplicate headers.
And inconsistent overrides - even when the content type was explicitly set (for example to
`application/json;v=2`), the agent/native would inconsistently apply this override. Server
logs revealed that roughly 50% of requests would use the correct override value, while the
others would revert to the default `application/json`.
The two-part solution implemented first in [PR #4911](https://github.com/hoppscotch/hoppscotch/pull/4911) addressed the duplicate headers issue
by implementing header normalization before final relay. This prevented duplicate headers
with different casing from being sent and [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931) then resolved the inconsistent override
behavior by removing the automatic `Content-Type` header insertion in the `ContentHandler`
component. As explained in the PR description, this was a temporary workaround until we
implement a HTTP/2-compliant solution with proper normalization.
While the fixes in PR #4911 and #4931 correctly resolved the header inconsistency issues
for general API requests, they introduced a new problem: **requests that previously relied
on the automatic `Content-Type` insertion now have no `Content-Type` header at all**.
This mainly affects direct calls around authentication flows in the desktop module, which
were using the `content.json()` functionality without explicitly setting `Content-Type`
headers, relying on the automatic insertion that has now been removed.
These changes add the now-required explicit `Content-Type` headers to three
authentication-related API calls in the desktop platform module:
- **The initial user details GraphQL query**:
```javascript
headers: {
Authorization: `Bearer ${accessToken}`,
"Content-Type": "application/json",
},
```
- **The magic link email submission endpoint**:
```javascript
headers: {
"Content-Type": "application/json",
},
```
- **The token verification endpoint**:
```javascript
headers: {
"Content-Type": "application/json",
},
```
This will make sure that authentication flows continue to work properly with the native
interceptor after the header handling changes.
As noted in [PR #4931](https://github.com/hoppscotch/hoppscotch/pull/4931), this is considered a **temporary solution**. The plan is to revisit the
content-type handling when we implement a more comprehensive HTTP/2-compliant header
normalization system in the kernel layer.
While HTTP/1.1 headers are case-insensitive
per [RFC 7230](https://tools.ietf.org/html/rfc7230), inconsistent handling across server implementations can treat differently-cased
variations as distinct headers. HTTP/2 ([RFC 7540](https://tools.ietf.org/html/rfc7540)) mandates converting all header field
names to lowercase, which would prevent these issues altogether. In such cases, relying
fully on `MediaType` interface from the kernel will help handling these edge-cases.
2025-04-04 09:15:05 +00:00
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json",
|
|
|
|
|
},
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
content: content.json({
|
|
|
|
|
token: verifyToken,
|
|
|
|
|
deviceIdentifier,
|
|
|
|
|
}),
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const res = await response
|
|
|
|
|
if (E.isLeft(res)) throw new Error("Failed to verify email link")
|
|
|
|
|
|
|
|
|
|
await setAuthCookies(res.right.headers)
|
|
|
|
|
|
|
|
|
|
await persistenceService.removeLocalConfig("deviceIdentifier")
|
|
|
|
|
await persistenceService.removeLocalConfig("verifyToken")
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
// Removed parameter from here because we do not use it
|
|
|
|
|
async setEmailAddress() {
|
|
|
|
|
return
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async setDisplayName(name: string) {
|
|
|
|
|
if (!name) return E.left("USER_NAME_CANNOT_BE_EMPTY")
|
|
|
|
|
if (!currentUser$.value) return E.left("NO_USER_LOGGED_IN")
|
|
|
|
|
|
|
|
|
|
const res = await updateUserDisplayName(name)
|
|
|
|
|
|
|
|
|
|
if (E.isRight(res)) {
|
|
|
|
|
const user = currentUser$.value
|
|
|
|
|
if (user) {
|
|
|
|
|
await setUser({
|
|
|
|
|
...user,
|
|
|
|
|
displayName: res.right.updateDisplayName.displayName ?? null,
|
|
|
|
|
})
|
|
|
|
|
}
|
|
|
|
|
return E.right(undefined)
|
|
|
|
|
}
|
|
|
|
|
return E.left(res.left)
|
|
|
|
|
},
|
|
|
|
|
|
|
|
|
|
async signOutUser() {
|
|
|
|
|
await logout()
|
|
|
|
|
|
|
|
|
|
probableUser$.next(null)
|
|
|
|
|
currentUser$.next(null)
|
|
|
|
|
await persistenceService.removeLocalConfig("login_state")
|
|
|
|
|
|
|
|
|
|
authEvents$.next({
|
|
|
|
|
event: "logout",
|
|
|
|
|
})
|
|
|
|
|
},
|
2025-09-22 13:36:40 +00:00
|
|
|
|
2025-10-26 16:54:59 +00:00
|
|
|
async refreshAuthToken() {
|
|
|
|
|
const refreshed = await refreshToken()
|
|
|
|
|
return refreshed ?? false
|
|
|
|
|
},
|
|
|
|
|
|
2025-09-22 13:36:40 +00:00
|
|
|
/**
|
|
|
|
|
* Verifies if the current user's authentication tokens are valid
|
|
|
|
|
* @returns True if tokens are valid, false otherwise
|
|
|
|
|
*/
|
|
|
|
|
async verifyAuthTokens() {
|
|
|
|
|
const BACKEND_API_URL = import.meta.env.VITE_BACKEND_API_URL
|
|
|
|
|
|
|
|
|
|
const { response } = interceptorService.execute({
|
|
|
|
|
id: Date.now(),
|
|
|
|
|
url: `${BACKEND_API_URL}/auth/verify-token`,
|
|
|
|
|
method: "GET",
|
|
|
|
|
version: "HTTP/1.1",
|
|
|
|
|
headers: {
|
|
|
|
|
"Content-Type": "application/json",
|
|
|
|
|
...this.getBackendHeaders(),
|
|
|
|
|
},
|
|
|
|
|
})
|
|
|
|
|
|
|
|
|
|
const res = await response
|
2025-11-10 17:40:43 +00:00
|
|
|
if (E.isLeft(res)) return false
|
|
|
|
|
|
|
|
|
|
const parsed = parseBodyAsJSON<{ isValid: boolean }>(res.right.body)
|
|
|
|
|
if (parsed._tag === "Some" && parsed.value.isValid) {
|
|
|
|
|
return true
|
2025-09-22 13:36:40 +00:00
|
|
|
}
|
|
|
|
|
|
2025-11-10 17:40:43 +00:00
|
|
|
const refreshed = await refreshToken()
|
|
|
|
|
return refreshed ?? false
|
2025-09-22 13:36:40 +00:00
|
|
|
},
|
feat: platform independent core and the new desktop app (#4684)
* feat(desktop): init
* feat(desktop): external app download and setup
* feat(desktop): offload app load to plugin system
* perf(desktop): add rdbms facade and caching layer
* feat: parallelize signing, shared trust, lru cache
* feat: webapp encoder + compressor + hasher server
* feat(desktop): app autoupdate with hashed loader
* feat(kernel): init `hoppscotch-kernel`
* feat(kernel): `io`
* feat(kernel): `network`
* feat(kernel): `network` - native interceptor
* feat(kernel): `network` - interceptor - rest
* feat(kernel): `network` - interceptor - graphql
* feat(kernel): `network` - interceptor - capabilities
* feat(kernel): `network` - interceptor - `FormData`
* feat(kernel): `network` - interceptor - `oauth2.0`
* feat(kernel): `store`
* feat(desktop): dragging, traffic light, plugin workspaces
* feat(kernel|wip): `store`
* feat(kernel): `network` - capabilities - with active
* feat(kernel|wip): `network` - interceptor - `proxy`
* feat(kernel|wip): `network` - relay ext
* feat(kernel): `network` - interceptor - `proxy`
* feat(kernel): `network` - interceptor - decoding
* feat(kernel): `network` - interceptor - Kernel Err
* feat(kernel): `network` - flow transformation
* feat(kernel): `network` - request status
* fix(desktop): repositioning traffic lights on fullscreen exit
* feat(kernel): `network` - interceptor - `agent`
* feat(kernel): `store` - track updates
* feat(kernel): `network` - interceptor - extension
* feat(kernel): `network` - updates as overrides
* feat(interceptor): pre-process request encoding
* fix(ui): mismatched extension button size/position
* feat(kernel): `network` - interceptor - `browser`
* feat(native): common certs componsable
* fix(kernel): interceptor selection store and json parse
* feat(kernel): `network` - consistent multipart encoding
* feat(kernel): `network` - interceptor - `OAuth2.0`
* feat(kernel): `network` - interceptor - cookie support
* feat(agent): registration list, log-sink, relay
* feat(kernel): `network` - interceptor subtitles
* feat(kernel): `store` - persist network settings
* fix(agent): encrypted ser/de certificate requests
* feat(kernel): `kernelInterceptor` spotlight service
* fix(kernel): gql introspection edge-case schema
* ref: conditionals for migrated components
* feat(kernel): `localaccess` capability via relay
* feat(kernel): `network` - explicit types and lint
* feat(kernel): `store` - isolate host and platform
* feat(kernel): `store` - persistence service
* fix(infra): whitelisted origins, non-std engines
* feat(desktop): impl deep-link callbacks
* feat(kernel): `auth`
* feat(kernel): `io` - event listeners
* feat(kernel): platform migration
* fix: dep `vue` import on Win 11
Fixes `error TS2305: Module '"vue"' has no exported member
'VueConstructor'.` arising from `splitpane` dependency.
* fix(webapp-server): platform independent res paths
* feat(desktop): auth and emit via embedded server
* feat(platform): host, csp and bundle compatibility
- Bundle name format for using as host
- Windows UI handler HWND casting and version detection
- CSP headers type handling in URI protocol
- Protocol whitelist in env config
* feat(desktop|wip): login flow with `auth-tokens`
feat(desktop|wip): typesafe auth
* feat(backend): `auth` token flow, gql/websocket
feat(desktop): working auth for gql
feat: gql client with refresh token
* feat(backend): `auth` token flow, authorization bearer
* fix(gen): qualifier clash when invalidating cache
* feat(common): coordinated initialization service
* fix(desktop): appload persistence in data json
* feat(desktop|wip): desktop icons and updater
* fix: typos in readme docs
* fix: docker ignore copying on windows
* fix: update `.lock` file after rebase
* fix: `persistenceService` setup in tests
* fix: remove old console logs
* fix: console error on invalid schema
Show console error if default value is used when loading invalid data from
local storage
* fix(test): `PersistenceService` methods
* fix(test): `PersistenceService` rest tab state
* fix(test): `PersistenceService` gql tab state
* fix(test): `PersistenceService` global env
* fix(test): `PersistenceService` mqtt request
* fix(test): `PersistenceService` sse request
* fix(test): `PersistenceService` socketio request
* fix(test): `PersistenceService` websocket request
* fix(test): `PersistenceService` secret environment
* fix(test): `PersistenceService` selected env
* fix(test): `PersistenceService` collections
* fix(test): `PersistenceService` environments
* fix(test): `PersistenceService` history
* fix(test): `PersistenceService` settings
* fix(test): `PersistenceService` migrations
* fix(test): `InspectionService` request inspector
* feat(desktop): button to clear bundle/key cache
This is useful when there are partial updates to the web app or bundle gen server
which haven't been correctly propagated when the app bundle was downloaded.
If the user were to change the self host instance without updating the
desktop app; which is possible albeit rarely under very certain circumstances,
desktop app will refuse to load the bundle, this is because the desktop app
cannot differentiate between partial updates vs incorrect bundle being hosted
since both will fail verification.
The button lets the user decide what should be the appropriate action,
clear the bundle and trust the hosted app
or make sure the app is built and hosted correctly.
* fix(desktop): enforce one version per instance
This was part of a leftover scaffolding from development.
* fix(desktop): bundle url not stored after download
* fix(desktop): stalling progress on updates
* fix(backend): helper to parse cookie into kv-pairs
* feat(desktop): launch session on working endpoints
* fix(common): preserve `auth` structure and default
* fix: loading native networking with kernel mode
* fix: fallback for unhandled response error
* fix: `urlencoded` content request processing
* feat: `interceptor` - error mapping for `browser`
* fix: backwards compatibility for `digest` auth
* fix: platform check for `initializationService`
* fix: `interceptor` - analytics `strategy` resolution
* fix: `interceptor` - check for `cookies` component
* fix: enable digest auth support for `native`
* test: `interceptor` - kernel interceptor
* fix(relay): `grantType` casing for OAuth2.0
* test(wip): kernel transformers
* fix(relay): auth headers discarding others
* fix(desktop): http version deserialization
* fix(common): `grantType` extractor, auth processor
* fix: `PersistenceService` - parsing edge cases
* fix(infra): post rebase fixup
* fix(web): component structure and lint
* fix(desktop): cohesive splash opener, scroll url section
* fix: explicit auto auth and docs on url auth
* fix(relay): special chars failing proxy auth
* fix: finer cert control setting option
* fix: post-rebase fixup
* feat(appload): ability to vendor pre-built bytes
* fix: avoid copying over `target` dir in containers
* fix: auth key missing in capability set
* fix(desktop): relax `refresh_token` requirement
This is to support Firebase token
* fix(desktop): normalization for Windows WebView
* feat(desktop): instance switcher and vendored app
* fix(desktop): merge artifacts and conflicts
* feat(desktop): instance switcher improvements
* fix: derive instance name from normalized name
* fix: pkg links, lints and UI edge cases
* feat(desktop): restore window state after relaunch
* fix(desktop): distinguish header for cloud/default
* fix: instance switcher in web mode
* fix: close dropdown on new instance modal
* fix: whitelist vendored app origin
* feat(desktop): platform parity - `collections`
* fix: history entries population desync
* fix(desktop): check for history storage status
* fix(desktop): safe parse `globalEnv`
* feat(desktop): platform parity - `environment`
* fix: use settings store for proxy url
* fix: lint, unused imports
* fix: proxy input enabled for other interceptors
* feat: reverse proxy for desktop app server
* fix: duplicate entries after connecting to sh
* fix: specify instance org qualified
* fix: remove debugging logs
* feat(desktop): enable `devtools` in release builds
* fix(desktop): prepend protocol validation edgecase
* feat(desktop): clear cache on removing instance
* fix: better response toast message
* fix: avoid reverse proxy for webapp server
* fix(desktop): ignore subpath in instance name
* feat: switcher ui/ux improvements
* feat: more switcher ui/ux improvements
* feat(server): specify bundle version at build time
* fix(desktop): missing migration as rebase artifact
* fix: minor switcher ui/ux improvement
* fix: rebase artifacts
* fix: consolidated toast on success
* fix: missing i18n strings
* fix(desktop): handle drag and drop fe side
* feat: confirmation modal on instance removal
* chore: minor UI update
* chore: minor UI changes
* fix: gql connection partial refactor
* fix: resolve merge artifacts
* chore: prod lint
* feat(desktop): better desktop app update ux
* fix: broken gql connection.ts
---------
Co-authored-by: nivedin <nivedinp@gmail.com>
Co-authored-by: Andrew Bastin <andrewbastin.k@gmail.com>
2025-02-27 18:31:25 +00:00
|
|
|
}
|