From 07745408e7d6729934314a3e5081bb1c5a96bce9 Mon Sep 17 00:00:00 2001 From: Thomas Bonnin <233326+TBonnin@users.noreply.github.com> Date: Fri, 7 Feb 2025 22:44:07 -0500 Subject: [PATCH] fix: decrypt provider config in refreshConnections We were passing the encrypted oauth client secret to refreshOrTestCredentials because unlike the other method in config.service the getStaleConnections function doesn't decrypt the oauth client secret --- packages/server/lib/refreshConnections.ts | 19 +++++++++++++++---- 1 file changed, 15 insertions(+), 4 deletions(-) diff --git a/packages/server/lib/refreshConnections.ts b/packages/server/lib/refreshConnections.ts index 5b797143e34..0724fbb3161 100644 --- a/packages/server/lib/refreshConnections.ts +++ b/packages/server/lib/refreshConnections.ts @@ -65,14 +65,25 @@ export async function exec(): Promise { } const { connection, account, environment, integration } = staleConnection; - const decrypted = encryptionManager.decryptConnection(connection); - logger.info(`${cronName} refreshing connection '${connection.connection_id}' for accountId '${account.id}'`); + + const decryptedConnection = encryptionManager.decryptConnection(connection); + if (!decryptedConnection) { + logger.error(`${cronName} failed to decrypt stale connection '${connection.id}'`); + continue; + } + + const decryptedIntegration = encryptionManager.decryptProviderConfig(integration); + if (!decryptedIntegration) { + logger.error(`${cronName} failed to decrypt integration '${integration.id} for stale connection '${connection.id}'`); + continue; + } + try { const credentialResponse = await connectionService.refreshOrTestCredentials({ account, environment, - integration, - connection: decrypted!, + integration: decryptedIntegration, + connection: decryptedConnection, logContextGetter, instantRefresh: false, onRefreshSuccess: connectionRefreshSuccessHook,