Andreas/LibreChat
1
0
Fork 0
mirror of https://github.com/danny-avila/LibreChat.git synced 2026-02-23 10:54:11 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions 1

🔒 refactor: graphTokenController to use federated access token for OBO assertion (#11893)

Browse source 
- Removed the extraction of access token from the Authorization header.
- Implemented logic to use the federated access token from the user object.
- Added error handling for missing federated access token.
- Updated related documentation in GraphTokenService to reflect changes in access token usage.
- Introduced unit tests for various scenarios in AuthController.spec.js to ensure proper functionality.
This commit is contained in:
Danny Avila 2026-02-21 18:03:39 -05:00 committed by GitHub
parent 4404319e22
commit cca9d63224
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 152 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

2
api/server/services/GraphTokenService.js
View file

@ -7,7 +7,7 @@ const getLogStores = require('~/cache/getLogStores');
/**
* Get Microsoft Graph API token using existing token exchange mechanism
* @param {Object} user - User object with OpenID information
* @param {string} accessToken - Current access token from Authorization header
* @param {string} accessToken - Federated access token used as OBO assertion
* @param {string} scopes - Graph API scopes for the token
* @param {boolean} fromCache - Whether to try getting token from cache first
* @returns {Promise<Object>} Graph API token response with access_token and expires_in