update security fix

2026-05-28 09:35:48 +00:00 · 2025-12-17 22:46:01 +08:00 · 2025-12-17 22:46:01 +08:00 · e2f8a2200f
commit e2f8a2200f
parent 0fdce20f90
3 changed files with 27 additions and 21 deletions
--- a/server/app/controller/mcp/proxy_controller.py
+++ b/server/app/controller/mcp/proxy_controller.py
@ -215,13 +215,13 @@ def google_search(query: str, search_type: str = "web", key: Key = Depends(key_m
                    }
                    responses.append(response)
            
-            logger.info("Google search completed", extra={"query": query, "search_type": search_type, "result_count": len(responses)})
+            logger.info("Google search completed", extra={"query": _redact_secret(query), "search_type": _redact_secret(search_type), "result_count": len(responses)})
        else:
            error_info = data.get("error", {})
            sanitized_error = _redact_obj(error_info)
            logger.error(
                "Google search API error",
-                extra={"query": _redact_secret(query), "search_type": _redact_secret(search_type), "api_error": sanitized_error},
+                extra={"query": _redact_secret(query), "search_type": _redact_secret(search_type)},
            )
            raise HTTPException(status_code=500, detail="Internal server error")

--- a/server/app/controller/oauth/oauth_controller.py
+++ b/server/app/controller/oauth/oauth_controller.py
@ -35,13 +35,18 @@ def oauth_login(app: str, request: Request, state: Optional[str] = None):
        logger.error("OAuth login failed", extra={"provider": app, "error": str(e)}, exc_info=True)
        raise HTTPException(status_code=400, detail="OAuth login failed")

-
+ALLOWED_OAUTH_PROVIDERS = {"slack", "notion", "x", "googlesuite"}
@router.get("/{app}/callback", name="OAuth Callback")
@traceroot.trace()
 def oauth_callback(app: str, request: Request, code: Optional[str] = None, state: Optional[str] = None):
    """Handle OAuth provider callback and redirect to client app."""
    import re
    CODE_STATE_REGEX = re.compile(r'^[A-Za-z0-9_\-]+$')
+    from starlette.datastructures import URL
+
+    if app not in ALLOWED_OAUTH_PROVIDERS:
+        logger.warning("Invalid OAuth provider", extra={"provider": app, "code": code})
+        raise HTTPException(status_code=400, detail="Invalid OAuth provider")
    if not code or not CODE_STATE_REGEX.match(code):
        logger.warning("OAuth callback missing or invalid code", extra={"provider": app, "code": code})
        raise HTTPException(status_code=400, detail="Missing or invalid code parameter")
@ -51,15 +56,14 @@ def oauth_callback(app: str, request: Request, code: Optional[str] = None, state
    
    logger.info("OAuth callback received", extra={"provider": app, "has_state": state is not None})

-    params = {
-        "provider": app,
-        "code": code,
-        "state": state,
-    }
-    query = urlencode(params, quote_via=quote)
-    
-    redirect_url = f"eigent://callback/oauth?{query}"
-    return RedirectResponse(redirect_url)
+    base_url = URL("eigent://callback/oauth")
+    redirect_url = base_url.include_query_params(
+        provider=app,
+        code=code,
+        state=state or "",
+    )
+
+    return RedirectResponse(str(redirect_url))


@router.post("/{app}/token", name="OAuth Fetch Token")
--- a/server/app/controller/redirect_controller.py
+++ b/server/app/controller/redirect_controller.py
@ -1,18 +1,20 @@
 import re
-from urllib.parse import urlencode, quote
-from fastapi import APIRouter, Request
+from fastapi import APIRouter, Request,HTTPException
 from fastapi.responses import RedirectResponse
-
+from utils import traceroot_wrapper as traceroot
+logger = traceroot.get_logger("server_redirect_controller")

 router = APIRouter(tags=["Redirect"])


@router.get("/redirect/callback")
 def redirect_callback(code: str, request: Request):
+    from starlette.datastructures import URL
+
    if not re.match(r'^[A-Za-z0-9_-]+$', code):
-        # fallback safe redirect without user data
-        return RedirectResponse("eigent://callback")
-    params = {"code": code}
-    query = urlencode(params, quote_via=quote)
-    redirect_url = f"eigent://callback?{query}"
-    return RedirectResponse(redirect_url)
+        logger.warning("redirect callback invalid code", extra={"code": code})
+        raise HTTPException(status_code=400, detail="Invalid state parameter")
+
+    base_url = URL("eigent://callback")
+    redirect_url = base_url.include_query_params(code=code)
+    return RedirectResponse(str(redirect_url))