opensource
/
dify
mirror of https://github.com/langgenius/dify.git
2
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix: return None from retrieve_tokens when access_token is empty (#29516)

This commit is contained in:
Taka Sasaki 2025-12-12 14:49:11 +09:00 committed by GitHub
parent 04d09c2d77
commit bece2f101c
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 13 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
api/core/entities/mcp_provider.py
View File

@ -213,12 +213,23 @@ class MCPProviderEntity(BaseModel):
return None return None
def retrieve_tokens(self) -> OAuthTokens | None: def retrieve_tokens(self) -> OAuthTokens | None:
"""OAuth tokens if available""" """Retrieve OAuth tokens if authentication is complete.
Returns:
OAuthTokens if the provider has been authenticated, None otherwise.
"""
if not self.credentials: if not self.credentials:
return None return None
credentials = self.decrypt_credentials() credentials = self.decrypt_credentials()
access_token = credentials.get("access_token", "")
# Return None if access_token is empty to avoid generating invalid "Authorization: Bearer " header.
# Note: We don't check for whitespace-only strings here because:
# 1. OAuth servers don't return whitespace-only access tokens in practice
# 2. Even if they did, the server would return 401, triggering the OAuth flow correctly
if not access_token:
return None
return OAuthTokens( return OAuthTokens(
access_token=credentials.get("access_token", ""), access_token=access_token,
token_type=credentials.get("token_type", DEFAULT_TOKEN_TYPE), token_type=credentials.get("token_type", DEFAULT_TOKEN_TYPE),
expires_in=int(credentials.get("expires_in", str(DEFAULT_EXPIRES_IN)) or DEFAULT_EXPIRES_IN), expires_in=int(credentials.get("expires_in", str(DEFAULT_EXPIRES_IN)) or DEFAULT_EXPIRES_IN),
refresh_token=credentials.get("refresh_token", ""), refresh_token=credentials.get("refresh_token", ""),