[Backport 1.3] Preserve URL Hash for SAML based login #1226
Conversation
* Refactor + add support to run saml based integ tests via selenium web driver Signed-off-by: Deepak Devarakonda <[email protected]> * Add plugins.security.unsupported.restapi.allow_securityconfig_modification in developer guide Signed-off-by: Deepak Devarakonda <[email protected]> * Add one more test Signed-off-by: Deepak Devarakonda <[email protected]> * Added tests for checking tenancy retention after logout in SAML Signed-off-by: Aniketh Jain <[email protected]> * Lint formatting fixes Signed-off-by: Aniketh Jain <[email protected]> * Removed unused imports Signed-off-by: Aniketh Jain <[email protected]> * Add plugins.security.unsupported.restapi.allow_securityconfig_modification in developer guide Signed-off-by: Deepak Devarakonda <[email protected]> * Added License header Signed-off-by: Aniketh Jain <[email protected]> * Added building the plugin bundles while running ITs Signed-off-by: Aniketh Jain <[email protected]> * Signed off the commit Removed a comment no longer required Signed-off-by: Aniketh Jain <[email protected]> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <[email protected]> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <[email protected]> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <[email protected]> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <[email protected]> * Added a new stage for debug loggers before cleanup Signed-off-by: Aniketh Jain <[email protected]> * Added a new stage for debug loggers before cleanup Signed-off-by: Aniketh Jain <[email protected]> * Added logger to print error recieved from auth info during saml login Signed-off-by: Aniketh Jain <[email protected]> * Added Docker host N/W Config to allow connection to SAML IDP Signed-off-by: Aniketh Jain <[email protected]> * Added discovery type config to be single node for passing bootstrap checks Signed-off-by: Aniketh Jain <[email protected]> * Debug loggers Signed-off-by: Aniketh Jain <[email protected]> * Debug loggers Signed-off-by: Aniketh Jain <[email protected]> * Debug loggers Signed-off-by: Aniketh Jain <[email protected]> * Reverted run command to see change in error Signed-off-by: Aniketh Jain <[email protected]> * Trying with full docker image of OS Signed-off-by: Aniketh Jain <[email protected]> * Refactored the integration test yaml to use OS Full Docker image Signed-off-by: Aniketh Jain <[email protected]> * Removed all debug loggers Signed-off-by: Aniketh Jain <[email protected]> * Added selfSigned package for generating certs and integrated with saml-idp Signed-off-by: Aniketh Jain <[email protected]> * Deleted checked-in key and cert for saml-idp server Signed-off-by: Aniketh Jain <[email protected]> * Reverted use of docker image and testing again with manual build Signed-off-by: Aniketh Jain <[email protected]> * Reverted use of docker image and testing again with manual build Signed-off-by: Aniketh Jain <[email protected]> * Upgraded version from 2.3 to 2.4 Signed-off-by: Aniketh Jain <[email protected]> * Removed debug pointers Signed-off-by: Aniketh Jain <[email protected]> * Commented out failing IT temporarily Signed-off-by: Aniketh Jain <[email protected]> * Lint formatting fix Signed-off-by: Aniketh Jain <[email protected]> * Added the commented failing test back again Signed-off-by: Aniketh Jain <[email protected]> * Removed assertion from test again to make it pass Signed-off-by: Aniketh Jain <[email protected]> * Used a better XPath and improved error logging in tests Signed-off-by: Aniketh Jain <[email protected]> * Removed an unused XPath Signed-off-by: Aniketh Jain <[email protected]> * Added back the assertion for failing IT Signed-off-by: Aniketh Jain <[email protected]> * Added steps to run Selenium based Integ Tests Signed-off-by: Aniketh Jain <[email protected]> * Commented out the test, will re-enable it again in the fix PR Signed-off-by: Aniketh Jain <[email protected]> * Parameterized the getDriver function Signed-off-by: Aniketh Jain <[email protected]> Signed-off-by: Deepak Devarakonda <[email protected]> Signed-off-by: Aniketh Jain <[email protected]> Co-authored-by: Deepak Devarakonda <[email protected]>
…flow (opensearch-project#1058) * Fix for picking up tenancy from local storage in SAML AuthN flow Signed-off-by: Aniketh Jain <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
Signed-off-by: Craig Perkins <[email protected]>
…ecurity-dashboards-plugin into backport-saml-hash-fix
Signed-off-by: Craig Perkins <[email protected]>
…ecurity-dashboards-plugin into backport-saml-hash-fix
Signed-off-by: Craig Perkins <[email protected]>
* Preserve URL HASH after user logs via SAML IDP Co-authored-by: Darshit Chanpura <[email protected]>
|
@scrawfor99 Thank you for the help with this backport! I took a look into the node compatibility issue and we are able to get around it by checking in a This PR is a duplicate of #1220. |
Should we leave this PR open or close it? |
|
FYI other dashboards plugins check in the See 3 other dashboards plugin repos that all contain |
|
|
||
| - name: Checkout OpenSearch Dashboard | ||
| uses: actions/checkout@v2 | ||
| with: | ||
| path: OpenSearch-Dashboards | ||
| repository: opensearch-project/OpenSearch-Dashboards | ||
| ref: '1.3' | ||
| ref: '1.3.6' |
There was a problem hiding this comment.
This ref needs to be updated when a build becomes available.
|
@DarshitChanpura I converted this to a Draft since there is a reference to the 1.3.6 tag in here. Once a build of 1.3.7 is available I will update the reference and change this to Ready for Review. |
| resolved "https://registry.yarnpkg.com/@types/scheduler/-/scheduler-0.16.2.tgz#1a62f89525723dde24ba1b01b092bf5df8ad4d39" | ||
| integrity sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew== | ||
|
|
||
| "@types/selenium-webdriver@^4.0.9": |
There was a problem hiding this comment.
This was manually added to yarn.lock to make sure there is a compatible version with node 10.24.1
| ajv-errors "^1.0.0" | ||
| ajv-keywords "^3.1.0" | ||
|
|
||
| selenium-webdriver@^4.0.0-alpha.7: |
There was a problem hiding this comment.
This was manually added to yarn.lock to make sure there is a compatible version with node 10.24.1
|
This all looks good. I think once we have the correct build an the DCO is fixed we should be all set. |
Signed-off-by: Craig Perkins <[email protected]>
|
All of the commits are signed. The cherry-picked commits or the merge commit may be causing the DCO failure. |
Signed-off-by: Craig Perkins <[email protected]>
|
It looks like it is the merge commit. |
|
@cwperks Anything you are waiting on before we merge this change? |
|
@peternied Yes, I'm waiting on a 1.3.7 build of OSD so that I can update the ref here: #1226 (comment) |
Signed-off-by: Craig Perkins <[email protected]>
|
@peternied @cwperks The OpenSearch and Dashboards distribution build was successful for 1.3.7. Re-ran the CI workflow and it is successful now. |
|
Thank you for the update @rishabh6788! Merging this change now. |
Description
Backport of #1039, #1058, #1088 to 1.3
Note: This PR checks in
yarn.lockto lock the version of dependencies so that yarn does not try to install the latest version of dependencies which may not be compatible with node 10.24.1. This specifically locksselenium-webdriverto4.0.0-alpha.7which is compatible with node 10.24.1. Without the lockfile, yarn resolves this to 4.6.1 and will not build due to node version compatibility because[email protected]requires node >= 12.Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.