Server Connects in App Flow do not have "Credentials" flag

kfawcett · July 27, 2023, 8:48pm

Wappler Version : 5.8.2
Operating System : Windows 11
Server Model: node.js / Capacitor
Database Type: N/A
Hosting Type: docker

Expected behavior

App Flows with Server Connects should be able to work with security-restricted Server Actions by sending the logged-in user’s credentials.

Actual behavior

401 Unauthorized responses are returned.

How to reproduce

Create a Server Connect action that has the Security Restrict action
In a mobile project, create an App Flow and add the Server Connect to it (there is not an option to check “credentials”).

image1466×192 13.7 KB
Attempt to use the App Flow

kfawcett · July 28, 2023, 1:57pm

It seems like App flows, or server connects in flows, do not send the rotating security.auth cookie correctly.

kfawcett · July 29, 2023, 12:27am

I tried my best to understand why this doesn’t work in dmxAppConnect.js, but I couldn’t figure it out.

How do server connect components partially work in app flows but not use the details in the fetch component’s fetch function? I couldn’t fully understand how the two (flows and the rest of app connect) are connected.

Even forcing credentials on all server connects by changing this.props.credentials && (this.xhr.withCredentials = !0) to this.xhr.withCredentials = !0 in the fetch function only affects server connects on a page, not within flows.

Also trying to manually add credentials="true" to a server connect in a flow did nothing.

  exec: {
    steps: [
      {
        serverConnect: {
          url: "http://localhost/api/v1/auth/refresh_google",
          site: "server-v3",
          params: {userid: "{{$param.userid}}"},
          name: "refreshToken",
          outputType: "object",
          credentials: true
        }
      },

patrick · August 7, 2023, 2:43pm

The flow serveronnect action indeed is missing the creadentials option, I’ve added the option in the new App Connect Beta.

kfawcett · August 7, 2023, 3:06pm

Thanks @patrick! Is this also an issue with Flow?

kfawcett · August 26, 2023, 7:00pm

I don’t think this is fixed or I’m encountering a different error in Beta channel. The video below shows Stable channel first, then switches to Beta. In Stable you will see the App Flow triggering the steps in it (there’s not a security restrict currently so they do not require credentials), but when switching to Beta the steps in the App Flow do not fire at all.

Teodor · August 31, 2023, 11:28am

This should be fixed in the latest updates.

kfawcett · August 31, 2023, 12:56pm

@Teodor @patrick my latest message says this is not fixed. Can we please not close this?

kfawcett · August 31, 2023, 3:01pm

I opened a new Bug report.