Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

authhelper: try login links if authentication fails WIP #6203

Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

authhelper: try login links if authentication fails WIP #6203

wants to merge 1 commit into from
+371 −4

Conversation

psiinon
Copy link
Member

@psiinon psiinon commented Feb 19, 2025
edited
Loading

Overview

As per title.
Ready for review but would like the auth tests in place before its merged so we can see what impact it has.

Related Issues

Checklist

  • Update help
  • Update changelog
  • Run ./gradlew spotlessApply for code formatting
  • Write tests
  • Check code coverage
  • Sign-off commits
  • Squash commits
  • Use a descriptive title

For more details, please refer to the developer rules and guidelines.

@psiinon
Copy link
Member Author

psiinon commented Feb 19, 2025
edited
Loading

Logo
Checkmarx One – Scan Summary & Detailsd91599c2-9c10-4f1e-9208-73e4e69ce005

Great job, no security vulnerabilities found in this Pull Request

@kingthorin
Copy link
Member

Should we have a list of fields/buttons to avoid or exclude? Like: reset, forgot etc (To ensure we aren't hitting a PW reset form)

@psiinon
Copy link
Member Author

psiinon commented Feb 20, 2025

Should we have a list of fields/buttons to avoid or exclude? Like: reset, forgot etc (To ensure we aren't hitting a PW reset form)

Yes, but that would be for the AJAX/client spiders. This code will only click on Login type links, which should not have any logout / reset terms? If they could be present then we could avoid them, but I dont know of any examples right now.

@psiinon psiinon force-pushed the authhelper/loginlinks branch 3 times, most recently from c6dc362 to 812fb86 Compare February 21, 2025 10:15
@psiinon psiinon changed the title authhelper: try login links if authentication fails WIP authhelper: try login links if authentication fails Feb 21, 2025
@psiinon psiinon force-pushed the authhelper/loginlinks branch from 812fb86 to 70b17e0 Compare February 21, 2025 11:22
kingthorin
kingthorin reviewed Feb 21, 2025
View reviewed changes
Copy link
Member

@kingthorin kingthorin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One very minor thing, otherwise looks good.

addOns/authhelper/CHANGELOG.md
@@ -4,6 +4,9 @@ All notable changes to this add-on will be documented in this file.
The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/).

## Unreleased
### Added
- If authentication fails then try to find a likely looking login link
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Add a period?

@psiinon psiinon changed the title authhelper: try login links if authentication fails authhelper: try login links if authentication fails WIP Feb 21, 2025
@psiinon
Copy link
Member Author

psiinon commented Feb 21, 2025

Moved back to WIP as its not working with some of the real world sites I'm testing with ☹️

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thc202 thc202 thc202 left review comments

@kingthorin kingthorin kingthorin left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@psiinon @kingthorin @thc202