Skip to content

Dbeaver/cloudbeaver#4120 support token header#4259

Open
HocKu7 wants to merge 19 commits intodevelfrom
dbeaver/cloudbeaver#4120-support-token-header
Open

Dbeaver/cloudbeaver#4120 support token header#4259
HocKu7 wants to merge 19 commits intodevelfrom
dbeaver/cloudbeaver#4120-support-token-header

Conversation

@HocKu7
Copy link
Copy Markdown
Contributor

@HocKu7 HocKu7 commented Apr 2, 2026

Closes #4120

@codacy-production
Copy link
Copy Markdown

codacy-production Bot commented Apr 2, 2026
edited
Loading

Not up to standards ⛔

🔴 Issues 1 critical

Alerts:
⚠ 1 issue (≤ 0 issues of at least minor severity)

Results:
1 new issue

Category Results
Security 1 critical

View in Codacy

🟢 Metrics 0 complexity · -2 duplication

Metric Results
Complexity 0
Duplication -2

View in Codacy

NEW Get contextual insights on your PRs based on Codacy's metrics, along with PR and Jira context, without leaving GitHub. Enable AI reviewer
TIP This summary will be updated as you push new changes.

yagudin10
yagudin10 previously approved these changes Apr 20, 2026
View reviewed changes
serge-rider
serge-rider requested changes Apr 21, 2026
View reviewed changes
Comment thread server/bundles/io.cloudbeaver.server/src/io/cloudbeaver/server/graphql/GraphQLEndpoint.java Outdated
Comment thread server/bundles/io.cloudbeaver.server.ce/src/io/cloudbeaver/service/session/SessionHolder.java Outdated
serge-rider
serge-rider requested changes Apr 24, 2026
View reviewed changes
Comment thread server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/model/session/BaseWebSession.java Outdated
protected final ServletApplication application;
protected volatile long lastAccessTime;
@NotNull
private SessionType sessionType = SessionType.WEB;
Copy link
Copy Markdown
Member

@serge-rider serge-rider Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LEts pass it in constructor and make final

Comment thread server/bundles/io.cloudbeaver.model/src/io/cloudbeaver/server/CBConstants.java

public static final String SECURED_VALUE = "******";

public static final String HEADER_API_TOKEN = "X-API-Token";
Copy link
Copy Markdown
Member

@serge-rider serge-rider Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should use HttpConstants.HEADER_API_KEY?
We already have proxy config for it

Comment thread ...er/bundles/io.cloudbeaver.server.ce/src/io/cloudbeaver/service/session/CBSessionManager.java Outdated
session.close();
}

@NotNull
Copy link
Copy Markdown
Member

@serge-rider serge-rider Apr 24, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why part of it here and part in pro?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@serge-rider serge-rider serge-rider requested changes

@yagudin10 yagudin10 yagudin10 left review comments

Requested changes must be addressed to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Support HTTP header credentials for the authLogin graphql query

3 participants

@HocKu7 @serge-rider @yagudin10