v0.4.21: more internal auth changes, supabase vector search tool#1708
Merged
icecrasher321 merged 5 commits intomainfrom Oct 22, 2025
Merged
v0.4.21: more internal auth changes, supabase vector search tool#1708icecrasher321 merged 5 commits intomainfrom
icecrasher321 merged 5 commits intomainfrom
Conversation
…#1706) * revert base url * fix tests" ;
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
* feat(supabase): added vector search tool and updated docs * exclude generic webhook from docs gen * change items to pages in meta.json for tools directory in the docs
icecrasher321
changed the title
![greptile-apps[bot]](https://avatars.githubusercontent.com/in/867647?s=60&v=4){kind=small}
Contributor
There was a problem hiding this comment.
Greptile Overview
Summary
This PR consolidates several internal authentication and URL handling fixes across the codebase.
Key Changes:
- Base URL standardization: Replaced direct usage of
request.nextUrl.originwith thegetBaseUrl()helper in the checkpoint revert endpoint for consistency with the rest of the codebase - Internal auth for Mistral OCR: Added internal authentication token when calling the Mistral OCR endpoint from the document processor to ensure proper authorization
- External URL protection: Fixed
handleInternalRequestto only add internal auth tokens to routes starting with/api/, preventing external URLs from incorrectly receiving internal authentication tokens - Case-sensitive headers: Fixed
Authorizationheader handling (headers are case-sensitive in HTTP)
All changes follow consistent patterns established in the codebase and include corresponding test updates. The fixes address authentication gaps that could have caused internal API calls to fail.
Confidence Score: 5/5
- This PR is safe to merge with minimal risk
- All changes are focused bug fixes that improve internal authentication handling and URL consistency. The changes follow established patterns in the codebase, include proper test coverage updates, and fix real issues (preventing external URLs from getting internal tokens, ensuring Mistral OCR calls are properly authenticated, and using consistent base URL helpers). No breaking changes or risky logic modifications.
- No files require special attention
Important Files Changed
File Analysis
| Filename | Score | Overview |
|---|---|---|
| apps/sim/app/api/copilot/checkpoints/revert/route.ts | 5/5 | Replaced request.nextUrl.origin with getBaseUrl() helper for consistency; updated test mocks accordingly |
| apps/sim/app/api/copilot/checkpoints/revert/route.test.ts | 5/5 | Added mock for getBaseUrl helper function to support route changes |
| apps/sim/lib/knowledge/documents/document-processor.ts | 4/5 | Added internal auth token for Mistral OCR API calls; headers variable changed from const to let for reassignment |
| apps/sim/tools/index.ts | 5/5 | Added check to only add internal auth for routes starting with /api/ to prevent external URLs from receiving internal tokens |
Sequence Diagram
sequenceDiagram
participant Client
participant CopilotAPI as Copilot Checkpoint API
participant WorkflowAPI as Workflow State API
participant ToolsHandler as Tools Handler
participant MistralAPI as Mistral OCR API
participant DocProcessor as Document Processor
Note over CopilotAPI,WorkflowAPI: Checkpoint Revert Flow (Fix #1706)
Client->>CopilotAPI: POST /api/copilot/checkpoints/revert
CopilotAPI->>CopilotAPI: getBaseUrl() instead of request.nextUrl.origin
CopilotAPI->>WorkflowAPI: PUT {baseUrl}/api/workflows/{id}/state
Note over CopilotAPI,WorkflowAPI: Uses session cookie for auth
WorkflowAPI-->>CopilotAPI: Checkpoint applied
CopilotAPI-->>Client: Success response
Note over ToolsHandler,MistralAPI: Internal Request Auth Fix (#1704, #1705)
ToolsHandler->>ToolsHandler: Check if endpointUrl.startsWith('/api/')
alt Internal Route
ToolsHandler->>ToolsHandler: generateInternalToken()
ToolsHandler->>MistralAPI: Request with Authorization header
else External Route
ToolsHandler->>ToolsHandler: Skip internal auth
Note over ToolsHandler: Prevents external URLs from getting internal tokens
end
Note over DocProcessor,MistralAPI: Mistral OCR Auth (Fix #1704, #1705)
DocProcessor->>DocProcessor: Check if URL contains '/api/tools/mistral/parse'
DocProcessor->>DocProcessor: generateInternalToken()
DocProcessor->>DocProcessor: Set Authorization header (case-sensitive)
DocProcessor->>MistralAPI: POST /api/tools/mistral/parse
MistralAPI->>MistralAPI: checkHybridAuth validates token
MistralAPI-->>DocProcessor: OCR result
4 files reviewed, no comments
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
fix(kb): added internal auth for Mistral OCR tool via KB (#1704)
fix(case-sensitive-header): fix case-sensitive header (#1705)
fix(external-route): handleInternalRequest should still check if request is internal
fix(base-url): use getBaseUrl helper in Copilot revert state endpoint (#1706)
feat(supabase): added vector search tool and updated docs (#1707)