UNPKG

n8n

Version:

n8n Workflow Automation Tool

n8n.io

n8n-io/n8n

51 lines 2.43 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
"use strict"; var __decorate = (this && this.__decorate) || function (decorators, target, key, desc) { var c = arguments.length, r = c < 3 ? target : desc === null ? desc = Object.getOwnPropertyDescriptor(target, key) : desc, d; if (typeof Reflect === "object" && typeof Reflect.decorate === "function") r = Reflect.decorate(decorators, target, key, desc); else for (var i = decorators.length - 1; i >= 0; i--) if (d = decorators[i]) r = (c < 3 ? d(r) : c > 3 ? d(target, key, r) : d(target, key)) || r; return c > 3 && r && Object.defineProperty(target, key, r), r; }; Object.defineProperty(exports, "__esModule", { value: true }); exports.OAuthCallbackAuthRule = void 0; const di_1 = require("@n8n/di"); let OAuthCallbackAuthRule = class OAuthCallbackAuthRule { constructor() { this.id = 'oauth-callback-auth-v2'; } getMetadata() { return { version: 'v2', title: 'Require auth on OAuth callback URLs by default', description: 'OAuth callbacks now enforce n8n user authentication by default for improved security', category: "instance", severity: 'medium', documentationUrl: 'https://docs.n8n.io/2-0-breaking-changes/#require-authentication-on-oauth-callback-urls-by-default', }; } async detect() { if (process.env.N8N_SKIP_AUTH_ON_OAUTH_CALLBACK) { return { isAffected: false, instanceIssues: [], recommendations: [] }; } return { isAffected: true, instanceIssues: [ { title: 'OAuth callback authentication now required', description: 'OAuth callbacks will now enforce n8n user authentication by default unless N8N_SKIP_AUTH_ON_OAUTH_CALLBACK is explicitly set to true.', level: 'warning', }, ], recommendations: [ { action: 'Review OAuth workflows', description: 'If you need to skip authentication on OAuth callbacks (e.g., for embed mode), set N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true', }, ], }; } }; exports.OAuthCallbackAuthRule = OAuthCallbackAuthRule; exports.OAuthCallbackAuthRule = OAuthCallbackAuthRule = __decorate([ (0, di_1.Service)() ], OAuthCallbackAuthRule); //# sourceMappingURL=oauth-callback-auth.rule.js.map