Merge pull request #815 from airweave-ai/hotfix/oauth_endpoint

hotfix: pass validated config to source authentication validation methods

Author: felixschmetz

backend/airweave/core/source_connection_service.py

@@ -345,7 +345,7 @@ async def _create_with_direct_auth(
         )
 
         # Validate credentials with source
-        await self._validate_direct_auth(db, source, validated_auth, ctx)
+        await self._validate_direct_auth(db, source, validated_auth, validated_config, ctx)
 
         async with UnitOfWork(db) as uow:
             # Get collection
@@ -552,14 +552,16 @@ async def _create_with_oauth_token(
         if obj_in.authentication.expires_at:
             oauth_creds["expires_at"] = obj_in.authentication.expires_at.isoformat()
 
-        # Validate token
-        await self._validate_oauth_token(db, source, obj_in.authentication.access_token, ctx)
-
         # Validate config
         validated_config = await self._validate_config_fields(
             db, obj_in.short_name, obj_in.config, ctx
         )
 
+        # Validate token
+        await self._validate_oauth_token(
+            db, source, obj_in.authentication.access_token, validated_config, ctx
+        )
+
         async with UnitOfWork(db) as uow:
             # Get collection
             collection = await self._get_collection(uow.session, obj_in.readable_collection_id, ctx)
@@ -1036,6 +1038,7 @@ async def complete_oauth_callback(
             db,
             await crud.source.get_by_short_name(db, short_name=init_session.short_name),
             token_response.access_token,
+            None,
             ctx,
         )
 

backend/airweave/core/source_connection_service_helpers.py

@@ -33,6 +33,7 @@
 from airweave.models.sync import Sync
 from airweave.models.sync_job import SyncJob
 from airweave.platform.auth.services import oauth2_service
+from airweave.platform.configs._base import ConfigValues
 from airweave.platform.configs.auth import AuthConfig
 from airweave.platform.locator import resource_locator
 from airweave.platform.temporal.schedule_service import temporal_schedule_service
@@ -232,12 +233,13 @@ async def validate_direct_auth(
         db: AsyncSession,
         source: schemas.Source,
         auth_fields: AuthConfig,
+        config_fields: Optional[ConfigValues],
         ctx: ApiContext,
     ) -> Dict[str, Any]:
         """Validate direct authentication credentials."""
         try:
             source_cls = resource_locator.get_source(source)
-            source_instance = await source_cls.create(auth_fields, config=None)
+            source_instance = await source_cls.create(auth_fields, config=config_fields)
             source_instance.set_logger(ctx.logger)
 
             if hasattr(source_instance, "validate"):
@@ -262,12 +264,15 @@ async def validate_oauth_token(
         db: AsyncSession,
         source: schemas.Source,
         access_token: str,
+        config_fields: Optional[ConfigValues],
         ctx: ApiContext,
     ) -> Dict[str, Any]:
         """Validate OAuth access token."""
         try:
             source_cls = resource_locator.get_source(source)
-            source_instance = await source_cls.create(access_token=access_token, config=None)
+            source_instance = await source_cls.create(
+                access_token=access_token, config=config_fields
+            )
             source_instance.set_logger(ctx.logger)
 
             if hasattr(source_instance, "validate"):

backend/airweave/platform/sources/linear.py

@@ -952,4 +952,4 @@ async def validate(self) -> bool:
             return False
         except Exception as e:
             self.logger.error(f"Unexpected error during Linear validation: {e}")
-            return False            
+            return False