Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Workplace Search] Fix confidential OAuth flow #111802

Merged
merged 1 commit into from
Sep 9, 2021
Merged

[Workplace Search] Fix confidential OAuth flow #111802

merged 1 commit into from
Sep 9, 2021

Conversation

yakhinvadim
Copy link
Contributor

@yakhinvadim yakhinvadim commented Sep 9, 2021
edited
Loading

Summary

Fixes https://github.com/elastic/workplace-search-team/issues/2010

Previously we were accepting "string | undefined" as state parameter.
But if the state was not present in the URL, we actually received null.
That was breaking the confidential flow in cases where state was not provided.
This commit changes the type of parameter to "string | null" which fixes the flow in such cases.

Before:

(Authorize)

Screen.Cast.2021-09-09.at.5.07.03.PM.mp4

(Deny)

Screen.Cast.2021-09-09.at.5.06.50.PM.mp4

After:

(Authorize)

Screen.Cast.2021-09-09.at.4.41.36.PM.mp4

(Deny)

Screen.Cast.2021-09-09.at.5.01.02.PM.mp4

Checklist

Delete any items that are not applicable to this PR.

  • Tested the changes locally

For maintainers

@yakhinvadim
Fix confidential OAuth flow
2336295 
Previously we were accepting "string | undefined" as `state` parameter.
But if the `state` was not present in the URL, we received null.
That was breaking the confidential flow in cases where `state` was not provided.
This commit changes the type of parameter to "string | null" and fixes the flow in such cases.
@yakhinvadim yakhinvadim requested a review from jgr September 9, 2021 20:08
@yakhinvadim yakhinvadim marked this pull request as ready for review September 9, 2021 20:08
@yakhinvadim yakhinvadim requested a review from a team September 9, 2021 20:08
@yakhinvadim yakhinvadim added auto-backport Deprecated - use backport:version if exact versions are needed v7.16.0 release_note:skip Skip the PR/issue when compiling release notes bug Fixes for quality problems that affect the customer experience labels Sep 9, 2021
scottybollinger
scottybollinger approved these changes Sep 9, 2021
View reviewed changes
Copy link
Contributor

@scottybollinger scottybollinger left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for the videos!

jgr
jgr approved these changes Sep 9, 2021
View reviewed changes
Copy link

@jgr jgr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for fixing this @yakhinvadim! 🎉

@yakhinvadim yakhinvadim enabled auto-merge (squash) September 9, 2021 21:27
@kibanamachine
Copy link
Contributor

💚 Build Succeeded

Metrics [docs]

✅ unchanged

To update your PR or re-run it, just comment with:
@elasticmachine merge upstream

@yakhinvadim yakhinvadim merged commit 48f9923 into elastic:master Sep 9, 2021
@kibanamachine kibanamachine mentioned this pull request Sep 9, 2021
Merged
kibanamachine pushed a commit to kibanamachine/kibana that referenced this pull request Sep 9, 2021
@yakhinvadim @kibanamachine
Fix confidential OAuth flow (elastic#111802)
6512487 
Previously we were accepting "string | undefined" as `state` parameter.
But if the `state` was not present in the URL, we received null.
That was breaking the confidential flow in cases where `state` was not provided.
This commit changes the type of parameter to "string | null" and fixes the flow in such cases.
@kibanamachine
Copy link
Contributor

💚 Backport successful

Status Branch Result
7.x

This backport PR will be merged automatically after passing CI.

kibanamachine added a commit that referenced this pull request Sep 10, 2021
@kibanamachine @yakhinvadim
Fix confidential OAuth flow (#111802) (#111809)
9b6629a 
Previously we were accepting "string | undefined" as `state` parameter.
But if the `state` was not present in the URL, we received null.
That was breaking the confidential flow in cases where `state` was not provided.
This commit changes the type of parameter to "string | null" and fixes the flow in such cases.

Co-authored-by: Vadim Yakhin <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@scottybollinger scottybollinger scottybollinger approved these changes

@jgr jgr jgr approved these changes

Assignees
No one assigned
Labels
auto-backport Deprecated - use backport:version if exact versions are needed bug Fixes for quality problems that affect the customer experience release_note:skip Skip the PR/issue when compiling release notes v7.16.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@yakhinvadim @kibanamachine @jgr @scottybollinger