This is an automated email from the ASF dual-hosted git repository.
jshao pushed a commit to branch main
in repository https://gitbox.apache.org/repos/asf/gravitino.git
The following commit(s) were added to refs/heads/main by this push:
new a7af6033a6 [#7947] fix(web): Prevent OAuth headers from being sent to
GitHub API causing 401 errors (#8106)
a7af6033a6 is described below
commit a7af6033a6f86e27449c1bddd611e66c4748a7e1
Author: Bharath Krishna <[email protected]>
AuthorDate: Mon Aug 18 18:57:06 2025 -0700
[#7947] fix(web): Prevent OAuth headers from being sent to GitHub API
causing 401 errors (#8106)
### What changes were proposed in this pull request?
(Please outline the changes and how this PR fixes the issue.)
### Why are the changes needed?
Since Github APIs are external and public APIs, we don't need to attach
OAuth headers for those calls.
Current code also prevents calling this API before login, which is
unnecessary. Users don't need to be logged in to access this API
Fix: #7947
### Does this PR introduce _any_ user-facing change?
No
### How was this patch tested?
Tested on localhost. No headers attached:
<img width="1264" height="537" alt="Screenshot 2025-08-14 at 3 57 51 PM"
src="https://github.com/user-attachments/assets/e3622675-bc6a-4de1-89cd-1a2de90ce15c";
/>
---
web/web/src/lib/provider/session.js | 5 +++--
web/web/src/lib/utils/axios/index.js | 18 ++++++++++++++----
2 files changed, 17 insertions(+), 6 deletions(-)
diff --git a/web/web/src/lib/provider/session.js
b/web/web/src/lib/provider/session.js
index 1d482ff31c..5750c61dab 100644
--- a/web/web/src/lib/provider/session.js
+++ b/web/web/src/lib/provider/session.js
@@ -77,9 +77,11 @@ const AuthProvider = ({ children }) => {
const [authConfigsErr, resAuthConfigs] = await
to(dispatch(getAuthConfigs()))
const authType = resAuthConfigs?.payload?.authType
+ // Always fetch GitHub info since it's a public API call
+ dispatch(fetchGitHubInfo())
+
if (authType === 'simple') {
dispatch(initialVersion())
- dispatch(fetchGitHubInfo())
goToMetalakeListPage()
} else if (authType === 'oauth') {
const tokenToUse = await oauthProviderFactory.getAccessToken()
@@ -90,7 +92,6 @@ const AuthProvider = ({ children }) => {
if (tokenToUse) {
dispatch(setAuthToken(tokenToUse))
dispatch(initialVersion())
- dispatch(fetchGitHubInfo())
goToMetalakeListPage()
} else {
// Don't redirect to login if we're on the OAuth callback page
diff --git a/web/web/src/lib/utils/axios/index.js
b/web/web/src/lib/utils/axios/index.js
index 944fa0e3ca..a0710bb08b 100644
--- a/web/web/src/lib/utils/axios/index.js
+++ b/web/web/src/lib/utils/axios/index.js
@@ -174,12 +174,22 @@ const transform = {
*/
requestInterceptors: async (config, options) => {
// ** Pre-Request Configuration Handling
+
+ // Skip token retrieval for GitHub API calls entirely
+ if (config.url === githubApis.GET) {
+ return config
+ }
+
// Use OAuth provider factory for proper token management
- const token = await oauthProviderFactory.getAccessToken()
+ try {
+ const token = await oauthProviderFactory.getAccessToken()
- if (token && config?.requestOptions?.withToken !== false) {
- // ** jwt token
- config.headers.Authorization = options.authenticationScheme ?
`${options.authenticationScheme} ${token}` : token
+ if (token && config?.requestOptions?.withToken !== false) {
+ // ** jwt token
+ config.headers.Authorization = options.authenticationScheme ?
`${options.authenticationScheme} ${token}` : token
+ }
+ } catch (error) {
+ console.warn('Failed to get access token:', error)
}
return config
