[go: nahoru, domu]
Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

馃泜 fix: OIDC Username Array Edge Case #2394

Merged
merged 3 commits into from
Apr 12, 2024
Merged

馃泜 fix: OIDC Username Array Edge Case #2394

merged 3 commits into from
Apr 12, 2024

Conversation

ventz
Copy link
Contributor
@ventz ventz commented Apr 11, 2024
edited
Loading

Pull Request Template

鈿狅笍 Before Submitting a PR, read the Contributing Docs in full!

Summary

username is generally based on email, rather than given_name. The challenge with given_name is that it can be a multi-value array (ex: "Nick, Fullname"), which completely breaks the system with:

LibreChat      | ValidationError: User validation failed: username: Cast to string failed for value "[ 'Nickname', 'Firstname' ]" (type Array) at path "username"
LibreChat      |     at Document.invalidate (/app/node_modules/mongoose/lib/document.js:3200:32)
LibreChat      |     at model.$set (/app/node_modules/mongoose/lib/document.js:1459:12)
LibreChat      |     at model.set [as username] (/app/node_modules/mongoose/lib/helpers/document/compile.js:205:19)
LibreChat      |     at OpenIDConnectStrategy._verify (/app/api/strategies/openidStrategy.js:127:27)
LibreChat      |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)

Change Type

  • Bug fix (non-breaking change which fixes an issue)

Testing

Lots of testing in dev and production. See dev channel in Discord for more info.

Test Configuration:

Checklist

Please delete any irrelevant options.

  • My code adheres to this project's style guidelines

  • I have performed a self-review of my own code

  • My changes do not introduce new warnings

  • Local unit tests pass with my changes

ventz and others added 2 commits April 11, 2024 18:25
@ventz
Patch for OpenID username
bc8aa75 
`username` is generally based on email, rather than `given_name`. The challenge with `given_name` is that it can be a multi-value array (ex: "Nick, Fullname"), which completely breaks the system with: 

```
LibreChat      | ValidationError: User validation failed: username: Cast to string failed for value "[ 'Nickname', 'Firstname' ]" (type Array) at path "username"
LibreChat      |     at Document.invalidate (/app/node_modules/mongoose/lib/document.js:3200:32)
LibreChat      |     at model.$set (/app/node_modules/mongoose/lib/document.js:1459:12)
LibreChat      |     at model.set [as username] (/app/node_modules/mongoose/lib/helpers/document/compile.js:205:19)
LibreChat      |     at OpenIDConnectStrategy._verify (/app/api/strategies/openidStrategy.js:127:27)
LibreChat      |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
```
@danny-avila
Update openidStrategy.js
6cb5fba
@danny-avila
Copy link
Owner

email can be undefined for some using OIDC. I made a change so that this way, userinfo.given_name can still be used.

@danny-avila
Copy link
Owner

Also, I think it would be better to handle the edge case of an array now that I think about. Joining the array to a string.

@danny-avila danny-avila changed the title Patch for OpenID username - fixes LibreChat Error 馃泜 fix: OIDC Username Array Edge Case Apr 12, 2024
@danny-avila danny-avila merged commit f380f26 into danny-avila:main Apr 12, 2024
1 check passed
@ventz
Copy link
Contributor Author
ventz commented Apr 12, 2024

@danny-avila Hi - I think it may make sense to flip these around:

from:

const username = convertToUsername(userinfo.username || userinfo.given_name || userinfo.email);

to:

const username = convertToUsername(userinfo.username || userinfo.email || userinfo.given_name);

Usernames generally are expected to be "continuous" and looking at a couple of directories of 10K+ users, "given_name" seems to container things like NickName, FullFirstName in the field. Assuming you don't want that as a username -- and then for other systems like Langfuse that would translate very poorly, as they expect an "email like" identifier.

@ventz
Copy link
Contributor Author
ventz commented Apr 12, 2024

Also, I think it would be better to handle the edge case of an array now that I think about. Joining the array to a string.

Oh nice! (just saw this comment). Perfect, thanks!

If you can, please look at the user.attributes.$ABC fields too -- I've seen a few systems now that contain the email there (ex: user.attributes.email).

jinzishuai pushed a commit to aitok-ai/LibreChat that referenced this pull request May 20, 2024
@ventz @danny-avila
馃泜 fix: OIDC Username Array Edge Case (danny-avila#2394)
d740257 
* Patch for OpenID username

`username` is generally based on email, rather than `given_name`. The challenge with `given_name` is that it can be a multi-value array (ex: "Nick, Fullname"), which completely breaks the system with: 

```
LibreChat      | ValidationError: User validation failed: username: Cast to string failed for value "[ 'Nickname', 'Firstname' ]" (type Array) at path "username"
LibreChat      |     at Document.invalidate (/app/node_modules/mongoose/lib/document.js:3200:32)
LibreChat      |     at model.$set (/app/node_modules/mongoose/lib/document.js:1459:12)
LibreChat      |     at model.set [as username] (/app/node_modules/mongoose/lib/helpers/document/compile.js:205:19)
LibreChat      |     at OpenIDConnectStrategy._verify (/app/api/strategies/openidStrategy.js:127:27)
LibreChat      |     at process.processTicksAndRejections (node:internal/process/task_queues:95:5)
```

* Update openidStrategy.js

* refactor(openidStrategy): add helper function for stringy username

---------

Co-authored-by: Danny Avila <danny@librechat.ai>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@danny-avila danny-avila danny-avila approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@ventz @danny-avila