Skip to content

SSO token caching and retrieval in CachePool #4931

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Jul 24, 2025
Merged

SSO token caching and retrieval in CachePool #4931

merged 4 commits into from
Jul 24, 2025

Conversation

vinodkiran
Copy link
Contributor

This implementation improves the authentication process by securely caching SSO tokens and managing user sessions.

@vinodkiran
feat: Implement SSO token caching and retrieval in CachePool
0348889 
This implementation improves the authentication process by securely caching SSO tokens and managing user sessions.
@vinodkiran vinodkiran requested a review from Copilot July 23, 2025 12:30
Copilot
Copilot AI reviewed Jul 23, 2025
View reviewed changes
Copy link
Contributor

@Copilot Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR implements SSO token caching and retrieval functionality to improve authentication security by replacing direct user data transmission via URL parameters with a secure token-based approach.

  • Replaces direct user data URL parameters with secure temporary tokens during SSO redirect flow
  • Adds server-side caching mechanism for SSO tokens with automatic expiration (120 seconds)
  • Updates client-side authentication flow to retrieve user data via API call using the temporary token

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 5 comments.

Show a summary per file
File Description
packages/ui/src/views/auth/ssoSuccess.jsx Updates SSO success handling to use token-based API call instead of parsing user data from URL
packages/ui/src/api/auth.js Adds new API endpoint for SSO token validation and user data retrieval
packages/server/src/enterprise/routes/auth/index.ts Registers new SSO success route endpoint
packages/server/src/enterprise/middleware/passport/index.ts Generates UUID tokens and stores user data in cache during SSO redirect
packages/server/src/enterprise/controllers/auth/index.ts Implements SSO token validation controller with cache lookup
packages/server/src/CachePool.ts Adds SSO token caching methods with Redis support and 120-second expiration

@HenryHengZJ HenryHengZJ requested a review from chungyau97 July 24, 2025 00:05
@chungyau97
Copy link
Contributor

chungyau97 commented Jul 24, 2025
edited
Loading

Local Enterprise Test

  1. Postgres without queue
image image
  1. Postgres with queue
image image

@chungyau97 chungyau97 marked this pull request as ready for review July 24, 2025 12:49
@HenryHengZJ HenryHengZJ merged commit d272683 into FlowiseAI:main Jul 24, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

@HenryHengZJ HenryHengZJ HenryHengZJ approved these changes

@chungyau97 chungyau97 chungyau97 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@vinodkiran @chungyau97 @HenryHengZJ