Skip to content

Fixes and optimisations for the Murfey authentication API #730

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
tieneupin wants to merge 8 commits into
base: main
Choose a base branch
from
Open

Fixes and optimisations for the Murfey authentication API #730

tieneupin wants to merge 8 commits into from

Conversation

@tieneupin
Copy link
Contributor

@tieneupin tieneupin commented Jan 16, 2026
edited
Loading

Changes:

  • Forwards only essential headers to the auth server to prevent timeouts due to mismatch between header, body, and methods.
  • Migrate authentication server querying logic out into a helper function to minimise repetition.

In PR #728 , we introduced logic to forward ALL headers from the incoming requests to the authentication server to support the implementation of local decrypting and parsing of incoming requests without the need to repeatedly query an OAuth2 /userinfo endpoint.

However, it looks like there are headers used by the API endpoint to verify the incoming request, and if a mismatch is found, the request will time out. For example, a POST request sent by the frontend will have its headers forwarded to the authentication server as part of a GET request, and the presence of some headers from the original POST request causes the subsequent GET request to timeout. Fixing this involved amending the logic to forward only the headers that are needed by the authentication server for local decryption and parsing of the request.

Additionally, some duplicated logic was observed in how the validation functions submit requests to the authentication server, so these have been migrated into a helper function that they can call.

@codecov
Copy link

codecov bot commented Jan 16, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 46.46%. Comparing base (467c2d0) to head (3dd9720).

Additional details and impacted files 
@@            Coverage Diff             @@
##             main     #730      +/-   ##
==========================================
+ Coverage   46.07%   46.46%   +0.39%     
==========================================
  Files          91       91              
  Lines        9641     9631      -10     
  Branches     1261     1261              
==========================================
+ Hits         4442     4475      +33     
+ Misses       4979     4943      -36     
+ Partials      220      213       -7
🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@tieneupin
Fixes and optimisations for the Murfey authentication API
b20f07c 
* Forwards only essential headers to the auth server to prevent timeouts due to mismatch between header, body, and methods.
* Migrate authentication server querying logic out into a helper function to minimise repetition.
@tieneupin
Rewrote 'oauth2_scheme' and 'instrument_oauth2_scheme' variables as i…
2b0ac83 
…nline if-else statements instead
@tieneupin
Add placeholder tests for auth functions and API endpoints
3b26241
@tieneupin
Decorated async test stubs
e4a0d78
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@tieneupin