fix 🐛: get the user from jwt token when its undefined

[hasan-dot]

Background:

This PR fixed the issue described here for OAuth2 callback

Testing strategy:

1. Try building the project with the following env:

N8N_BASIC_AUTH_ACTIVE=true
N8N_BASIC_AUTH_USER=user
N8N_BASIC_AUTH_PASSWORD=pass
N8N_AUTH_EXCLUDE_ENDPOINTS="rest/oauth2-credential/callback"

2. Try to add OAuth2 credentials for any node (I tried zendesk)
3. The callback should work and not through an exception

PoF:

[CLAassistant]

All committers have signed the CLA.

[hasan-dot]

@Joffcom

Replying to a message here:

It looks like it was reviewed internally but the PR only covers one endpoint for one case rather than removing the requirement fully for authentication on that end point

Yes the reason behind my solution is the following:

• getCredentialForUser which is also using whereClause
• both requires a User injected to the request
• My hunch is there is a middleware somewhere doing this automatically if the request URL requires authentication
• Since the url was whitelisted, User was not attached to the request

I didn't find where the user is being injected to I went with this approach

[csuermann]

Thanks for the PR that kicked off fruitful internal discussions. #3168 should be addressing this issue.

[hasan-dot]

@csuermann I'm really more than happy! Thanks for appreciation 🙏

[janober]

Thanks a lot for your contribution @hasan-dot ! We merged PR #3168 which should fix your problem.