Skip to content

#1004: Add OAuth 1.0 authentication support with CLI integration tests #6005

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: main
Choose a base branch
from
Open

#1004: Add OAuth 1.0 authentication support with CLI integration tests #6005

wants to merge 1 commit into from
+4,747 −116

Conversation

@DerekTBrown
Copy link

@DerekTBrown DerekTBrown commented Nov 6, 2025
edited
Loading

Description

This commit implements complete OAuth 1.0 (RFC 5849) authentication support for Bruno, bringing it to feature parity with OAuth 2.0 implementation. This feature is tracked in #1004.

Screenshot 2025-11-05 at 7 22 26 PM Screenshot 2025-11-05 at 7 22 36 PM Screenshot 2025-11-05 at 7 22 52 PM

Contribution Checklist:

  • The pull request only addresses one issue or adds one feature.
  • The pull request does not introduce any breaking changes
  • I have added screenshots or gifs to help explain the change if applicable.
  • I have read the contribution guidelines.
  • Create an issue and link to the pull request.

@DerekTBrown DerekTBrown force-pushed the db-oauth1-integration-tests branch 2 times, most recently from 108878c to 5828cc7 Compare November 6, 2025 02:24
@DerekTBrown @claude
Add OAuth 1.0 authentication support with CLI integration tests
506cd78 
This commit implements complete OAuth 1.0 (RFC 5849) authentication support for Bruno,
bringing it to feature parity with OAuth 2.0 implementation.

Features implemented:
- OAuth 1.0 signature methods: HMAC-SHA1, HMAC-SHA256, HMAC-SHA512, RSA-SHA256, PLAINTEXT
- Parameter transmission modes: authorization header, query params, request body
- 2-legged OAuth (consumer credentials only)
- 3-legged OAuth (full authorization flow with request tokens, authorization, and access tokens)
- OAuth 1.0 credential management and storage
- Variable interpolation for all OAuth 1.0 configuration fields

Core implementation:
- packages/bruno-requests/src/auth/oauth1-helper.ts: OAuth 1.0 signing and token management
- packages/bruno-cli/src/runner/run-single-request.js: CLI OAuth 1.0 signing integration
- packages/bruno-cli/src/runner/interpolate-vars.js: OAuth 1.0 variable interpolation
- packages/bruno-cli/src/runner/prepare-request.js: OAuth 1.0 request preparation
- packages/bruno-electron/src/ipc/network/prepare-request.js: Electron OAuth 1.0 support
- packages/bruno-app/src/components/RequestPane/Auth/OAuth1/: UI components for OAuth 1.0 configuration

Test infrastructure:
- packages/bruno-tests/src/auth/oauth1/: OAuth 1.0 test server with signature validation
  - utils.js: Signature validation for all methods and parameter transmission modes
  - twoLegged.js: 2-legged OAuth endpoints
  - threeLegged.js: 3-legged OAuth authorization flow endpoints
- packages/bruno-tests/collection_oauth1/: 8 integration test files
  - 2-legged tests for all signature methods and transmission modes
  - 3-legged full authorization flow test
- packages/bruno-tests/collection_level_oauth1/: Collection-level OAuth 1.0 configuration tests
- packages/bruno-requests/src/auth/oauth1-helper.spec.ts: Unit tests for OAuth 1.0 helper

Parser and converter support:
- packages/bruno-lang/v2/: .bru file format support for OAuth 1.0 auth blocks
- packages/bruno-converters/: Postman OAuth 1.0 import support

Documentation:
- Updated bruno-tests README with OAuth 1.0 test documentation

Bug fixes:
- Fixed OAuth 1.0 HMAC algorithm bug (shasha1 -> sha1)
- Fixed oauth_callback parameter handling for 3-legged flow
- Added OAuth 1.0 callback URL support to signature generation

Test results: All 7 integration tests passing (100% success rate)
- 6 two-legged OAuth tests (various signature methods and transmission modes)
- 1 three-legged OAuth flow test (complete authorization flow)

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
@DerekTBrown DerekTBrown force-pushed the db-oauth1-integration-tests branch from 5828cc7 to 506cd78 Compare November 6, 2025 03:21
@DerekTBrown DerekTBrown changed the title Add OAuth 1.0 authentication support with CLI integration tests [#1004] Add OAuth 1.0 authentication support with CLI integration tests Nov 6, 2025
@DerekTBrown DerekTBrown changed the title [#1004] Add OAuth 1.0 authentication support with CLI integration tests #1004: Add OAuth 1.0 authentication support with CLI integration tests Nov 6, 2025
@DerekTBrown DerekTBrown marked this pull request as ready for review November 6, 2025 03:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@helloanoop helloanoop Awaiting requested review from helloanoop helloanoop is a code owner

@bijin-bruno bijin-bruno Awaiting requested review from bijin-bruno bijin-bruno is a code owner

@lohit-bruno lohit-bruno Awaiting requested review from lohit-bruno lohit-bruno is a code owner

@naman-bruno naman-bruno Awaiting requested review from naman-bruno naman-bruno is a code owner

At least 3 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

size/XXL

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DerekTBrown