Fixes saml login flow to work with anonymous auth #1839
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
…orrectly Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
…ion header Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
DarshitChanpura
requested review from
cliu123,
cwperks,
davidlago,
peternied,
RyanL1997 and
stephen-crawford
as code owners
3 tasks
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1839 +/- ##
==========================================
- Coverage 68.25% 68.16% -0.09%
==========================================
Files 94 94
Lines 2416 2422 +6
Branches 330 330
==========================================
+ Hits 1649 1651 +2
- Misses 689 694 +5
+ Partials 78 77 -1 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Darshit Chanpura <[email protected]>
DarshitChanpura
changed the title
Signed-off-by: Darshit Chanpura <[email protected]>
DarshitChanpura
commented
Mar 21, 2024
derek-ho
reviewed
Mar 21, 2024
stephen-crawford
previously approved these changes
Apr 9, 2024
Signed-off-by: Darshit Chanpura <[email protected]>
derek-ho
reviewed
Apr 9, 2024
derek-ho
reviewed
Apr 9, 2024
derek-ho
reviewed
Apr 9, 2024
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
cwperks
reviewed
Apr 10, 2024
cwperks
reviewed
Apr 10, 2024
cwperks
reviewed
Apr 10, 2024
Signed-off-by: Darshit Chanpura <[email protected]>
DarshitChanpura
force-pushed
the
fixes-saml-login-flow
branch
from
95067e8 to
d756b6c
Compare
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
Signed-off-by: Darshit Chanpura <[email protected]>
derek-ho
approved these changes
Apr 11, 2024
cwperks
approved these changes
Apr 12, 2024
There was a problem hiding this comment.
LGTM! Thank you @DarshitChanpura!
FYI I don't think there is a way to setup Basic Auth + Anonymous without it automatically logging in as anonymous when first loading OSD. I think the issue is in auth_handler_factory.ts where even if multi-auth is enabled and only one auth_type is in the list it will create an instance of the single auth type instead of using MultipleAuthentication
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Apr 12, 2024
* Fixes anonymous auth flow to work with SAML Signed-off-by: Darshit Chanpura <[email protected]> * Adds hardcoded credentials for anonymous user Signed-off-by: Darshit Chanpura <[email protected]> * Updates basic auth header to be a config constant Signed-off-by: Darshit Chanpura <[email protected]> * Removes unneeded usage of anonymous auth header constant Signed-off-by: Darshit Chanpura <[email protected]> * Updates logic to display anonymous auth login button Signed-off-by: Darshit Chanpura <[email protected]> * Adds test to check whether anonymous auth login button is displayed correctly Signed-off-by: Darshit Chanpura <[email protected]> * Fixes integrationtests Signed-off-by: Darshit Chanpura <[email protected]> * Adds integration tests for anonymous auth login with basic authorization header Signed-off-by: Darshit Chanpura <[email protected]> * Generates random password for anonymous user Signed-off-by: Darshit Chanpura <[email protected]> * Fixes lint errors Signed-off-by: Darshit Chanpura <[email protected]> * Adds saml auth header to differentiate saml requests Signed-off-by: Darshit Chanpura <[email protected]> * Fixes linter errors Signed-off-by: Darshit Chanpura <[email protected]> * Fixes basic auth tests Signed-off-by: Darshit Chanpura <[email protected]> * Removes console loggers Signed-off-by: Darshit Chanpura <[email protected]> * Fixes lint error Signed-off-by: Darshit Chanpura <[email protected]> * Addresses feedback Signed-off-by: Darshit Chanpura <[email protected]> * Resolves #1840 Signed-off-by: Darshit Chanpura <[email protected]> * Replace magic value with constant Signed-off-by: Darshit Chanpura <[email protected]> * Renames query param and removes unused variables Signed-off-by: Darshit Chanpura <[email protected]> * Uses enum instead of magic constant Signed-off-by: Darshit Chanpura <[email protected]> * Extracts template function to a separate util file Signed-off-by: Darshit Chanpura <[email protected]> * Renames test Signed-off-by: Darshit Chanpura <[email protected]> * Removes unnecessary modifications required to solve this bug Signed-off-by: Darshit Chanpura <[email protected]> * Fixes import Signed-off-by: Darshit Chanpura <[email protected]> * Removes unused param Signed-off-by: Darshit Chanpura <[email protected]> * Removes unused method param Signed-off-by: Darshit Chanpura <[email protected]> * Removes incorrect method param Signed-off-by: Darshit Chanpura <[email protected]> --------- Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit 681d1b1)
derek-ho
pushed a commit
that referenced
this pull request
Apr 12, 2024
* Fixes anonymous auth flow to work with SAML Signed-off-by: Darshit Chanpura <[email protected]> * Adds hardcoded credentials for anonymous user Signed-off-by: Darshit Chanpura <[email protected]> * Updates basic auth header to be a config constant Signed-off-by: Darshit Chanpura <[email protected]> * Removes unneeded usage of anonymous auth header constant Signed-off-by: Darshit Chanpura <[email protected]> * Updates logic to display anonymous auth login button Signed-off-by: Darshit Chanpura <[email protected]> * Adds test to check whether anonymous auth login button is displayed correctly Signed-off-by: Darshit Chanpura <[email protected]> * Fixes integrationtests Signed-off-by: Darshit Chanpura <[email protected]> * Adds integration tests for anonymous auth login with basic authorization header Signed-off-by: Darshit Chanpura <[email protected]> * Generates random password for anonymous user Signed-off-by: Darshit Chanpura <[email protected]> * Fixes lint errors Signed-off-by: Darshit Chanpura <[email protected]> * Adds saml auth header to differentiate saml requests Signed-off-by: Darshit Chanpura <[email protected]> * Fixes linter errors Signed-off-by: Darshit Chanpura <[email protected]> * Fixes basic auth tests Signed-off-by: Darshit Chanpura <[email protected]> * Removes console loggers Signed-off-by: Darshit Chanpura <[email protected]> * Fixes lint error Signed-off-by: Darshit Chanpura <[email protected]> * Addresses feedback Signed-off-by: Darshit Chanpura <[email protected]> * Resolves #1840 Signed-off-by: Darshit Chanpura <[email protected]> * Replace magic value with constant Signed-off-by: Darshit Chanpura <[email protected]> * Renames query param and removes unused variables Signed-off-by: Darshit Chanpura <[email protected]> * Uses enum instead of magic constant Signed-off-by: Darshit Chanpura <[email protected]> * Extracts template function to a separate util file Signed-off-by: Darshit Chanpura <[email protected]> * Renames test Signed-off-by: Darshit Chanpura <[email protected]> * Removes unnecessary modifications required to solve this bug Signed-off-by: Darshit Chanpura <[email protected]> * Fixes import Signed-off-by: Darshit Chanpura <[email protected]> * Removes unused param Signed-off-by: Darshit Chanpura <[email protected]> * Removes unused method param Signed-off-by: Darshit Chanpura <[email protected]> * Removes incorrect method param Signed-off-by: Darshit Chanpura <[email protected]> --------- Signed-off-by: Darshit Chanpura <[email protected]> (cherry picked from commit 681d1b1) Co-authored-by: Darshit Chanpura <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR fixes 2 things:
Category
Why these changes are required?
What is the old behavior before changes and new behavior after changes?
[1] - Companion PR: opensearch-project/security#4152
Issues Resolved
Testing
Manual testing:
Screen.Recording.2024-04-11.at.11.55.53.AM.mov
Check List
- [ ] New functionality has been documentedBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.