security: redact gateway tokens + avoid query-string auth leaks#274
Open
christniel39-glitch wants to merge 1 commit into
Open
security: redact gateway tokens + avoid query-string auth leaks#274christniel39-glitch wants to merge 1 commit into
christniel39-glitch wants to merge 1 commit into
Conversation
Author
|
Follow-up from local security audit + hardening pass. Recommended merge order:
Why this order:
Both are designed to preserve current Mission Control UX while reducing risk. |
Author
|
@abhi1693 heads-up: this is ready for review.
|
Contributor
There was a problem hiding this comment.
Pull request overview
This PR hardens gateway credential handling across the backend and frontend to reduce accidental token exposure (API payloads, URLs/query strings, logs, and installer output) while preserving gateway connectivity checks.
Changes:
- Backend gateway read responses now redact secrets by returning
has_tokeninstead oftoken, and CRUD endpoints map DB models to the safe read schema. - Added
POST /api/v1/gateways/status/checkto move gateway status checks (including optional token) into a JSON body; server can reuse a saved token by gateway URL when omitted. - Removed token injection into gateway RPC URLs, updated frontend gateway UI to reflect token redaction, and hardened installer/docs/default security headers.
Reviewed changes
Copilot reviewed 12 out of 13 changed files in this pull request and generated 3 comments.
Show a summary per file
| File | Description |
|---|---|
| install.sh | Redacts LOCAL_AUTH_TOKEN from bootstrap summary output. |
| frontend/src/lib/gateway-form.ts | Switches gateway connectivity check to POST JSON request via customFetch. |
| frontend/src/app/gateways/[gatewayId]/page.tsx | Removes token usage in status params and displays token state via has_token. |
| frontend/src/app/gateways/[gatewayId]/edit/page.tsx | Avoids pre-filling token; only sends token on update when explicitly edited. |
| frontend/src/api/generated/model/gatewayRead.ts | Updates generated GatewayRead to use has_token instead of token. |
| docs/reference/security.md | Documents token redaction + recommends POST status-check endpoint. |
| backend/app/services/openclaw/session_service.py | Reuses stored gateway token server-side when caller omits token (resolved by URL). |
| backend/app/services/openclaw/gateway_rpc.py | Stops appending auth tokens to gateway URLs (keeps auth in connect payload). |
| backend/app/schemas/gateways.py | Changes read schema from token to has_token. |
| backend/app/schemas/gateway_api.py | Adds request model for POST-based status checks. |
| backend/app/api/gateways.py | Maps Gateway DB model → GatewayRead with has_token; updates list/create/get/update responses. |
| backend/app/api/gateway.py | Adds POST /gateways/status/check endpoint using JSON body payload. |
| backend/.env.example | Sets secure default values for common security response headers. |
Comment on lines
+96
to
+103
| const response = await customFetch<{ | ||
| data: GatewaysStatusResponse; | ||
| status: number; | ||
| headers: Headers; | ||
| }>("/api/v1/gateways/status/check", { | ||
| method: "POST", | ||
| body: JSON.stringify(payload), | ||
| }); |
Comment on lines
+103
to
+104
| gateways = [item for item in items if isinstance(item, Gateway)] | ||
| return [_to_gateway_read(gateway) for gateway in gateways] |
Comment on lines
116
to
125
| can_query_saved_gateway = organization_id is not None and hasattr(self.session, "exec") | ||
| if can_query_saved_gateway and ( | ||
| params.gateway_allow_insecure_tls is None | ||
| or params.gateway_disable_device_pairing is None | ||
| or token is None | ||
| ): | ||
| gateway_query = Gateway.objects.filter_by(url=raw_url) | ||
| if organization_id is not None: | ||
| gateway_query = gateway_query.filter_by(organization_id=organization_id) | ||
| gateway = await gateway_query.first(self.session) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
This hardens token handling paths to reduce accidental credential disclosure in logs, URLs, and UI payloads.
What changed
GatewayReadnow returnshas_tokeninstead of rawtoken.POST /api/v1/gateways/status/check(JSON body).install.shno longer printsLOCAL_AUTH_TOKENin bootstrap summary.backend/.env.examplenow sets secure header defaults (nosniff,DENY,strict-origin-when-cross-origin).Validation
py_compile.npm run build).Notes