-
Notifications
You must be signed in to change notification settings - Fork 163
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Preserve Query in nextUrl during openid login redirect #2140
Conversation
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2140 +/- ##
=======================================
Coverage 71.46% 71.46%
=======================================
Files 97 97
Lines 2649 2649
Branches 403 411 +8
=======================================
Hits 1893 1893
Misses 641 641
Partials 115 115 ☔ View full report in Codecov by Sentry. |
@KleinSebastian Can you add a test to go along with the changes being introduced in this PR? |
Signed-off-by: Sebastian Klein <[email protected]>
Signed-off-by: Sebastian Klein <[email protected]>
Signed-off-by: Sebastian Klein <[email protected]>
@cwperks I added a set of unit tests for the handleUnauthRequest call. E2E Tests for the functionality are unfortunately not working on my machine, so I skipped them. If you insist upon Cypress Tests I will try my best to do it on another machine. |
release-notes/opensearch-security-dashboards-plugin.release-notes-2.18.0.0.md
Outdated
Show resolved
Hide resolved
@KleinSebastian please fix the eslint issues. You can fix them automatically with |
Signed-off-by: Sebastian Klein <[email protected]>
Signed-off-by: Sebastian Klein <[email protected]>
@KleinSebastian There are a few test errors. Are these errors due to changes from this PR or was there a change in OSD that introduced these errors? |
Signed-off-by: Sebastian Klein <[email protected]>
@cwperks I was able to reproduce the error. It was an issue with updating the "security_authentication" cookie due to the mismatch of "localhost" and "127.0.0.1" between OSD and Keycloak, resulting rejection of set-cookie in the browser due to the default SameSite behaviour "Lax". Fixing the configuration does fix the E2E Tests as well as the need for a second redirect the existing E2E Tests. |
Awesome, thank you! I just approved the CI checks to run again. We will get results in ~45min - 1 hr |
Signed-off-by: Sebastian Klein <[email protected]>
@cwperks I saw that the E2E test runs failed again, but this time the OSD Server did not even start properly. I also saw that I introduced unwanted line ending changes. I reverted them because this might be the reason for the not starting server. |
I just started the CI checks again. |
…the tests Signed-off-by: Sebastian Klein <[email protected]>
OSD is still not starting, I assume that the server is not able to contact Keycloak by using the "127.0.0.1" address and exits. I reverted the changes done to the E2E Setup and tried fixing the tests with the manual redirect workaround present in the existing tests. |
Signed-off-by: Sebastian Klein <[email protected]>
Signed-off-by: Sebastian Klein <[email protected]>
@cwperks Are there some additional actions required from my side? Its my first time performing a PR on a public repo, so I'm a bit unsure about the process. |
The PR needs 2 maintainer approvals and some are out of the office this week. @DarshitChanpura or @RyanL1997 could you take a look at this PR? |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM! Thanks @KleinSebastian !
* Preserve Query in nextUrl during openid login redirect Signed-off-by: Sebastian Klein <[email protected]> * Add release notes for 2.18 release (#2137) Signed-off-by: Sebastian Klein <[email protected]> * Added Unittest Test Suite for OpenID handling unauthorized calls Signed-off-by: Sebastian Klein <[email protected]> * Revert "Add release notes for 2.18 release (#2137)" Signed-off-by: Sebastian Klein <[email protected]> * Fix ES-Lint issues Signed-off-by: Sebastian Klein <[email protected]> * Fixing OIDC E2E tests and added a new one Signed-off-by: Sebastian Klein <[email protected]> * Reverting line ending changes from last commit Signed-off-by: Sebastian Klein <[email protected]> * Reverting changes to E2E OIDC Setup and added an alternative fix for the tests Signed-off-by: Sebastian Klein <[email protected]> * Fix ESLint issues and try fixing new tests Signed-off-by: Sebastian Klein <[email protected]> * Prevent Tenant Selection Popup to show during new E2E Test Signed-off-by: Sebastian Klein <[email protected]> --------- Signed-off-by: Sebastian Klein <[email protected]> Co-authored-by: Derek Ho <[email protected]> Co-authored-by: SKLEIN3 <[email protected]> Co-authored-by: Darshit Chanpura <[email protected]> (cherry picked from commit ded4012) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
* Preserve Query in nextUrl during openid login redirect * Add release notes for 2.18 release (#2137) * Added Unittest Test Suite for OpenID handling unauthorized calls * Revert "Add release notes for 2.18 release (#2137)" * Fix ES-Lint issues * Fixing OIDC E2E tests and added a new one * Reverting line ending changes from last commit * Reverting changes to E2E OIDC Setup and added an alternative fix for the tests * Fix ESLint issues and try fixing new tests * Prevent Tenant Selection Popup to show during new E2E Test --------- (cherry picked from commit ded4012) Signed-off-by: Sebastian Klein <[email protected]> Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> Co-authored-by: Derek Ho <[email protected]> Co-authored-by: SKLEIN3 <[email protected]> Co-authored-by: Darshit Chanpura <[email protected]>
Description
Successful Openid Login redirects back to the URL, from where the login was initiated.
Category
Bug fix
Why these changes are required?
Bug was reported: #1823 and #2119
What is the old behaviour before changes and new behaviour after changes?
The changed behaviour is best explained by following user-flow
The whole functionality is basically ported from the SAML login method.
Issues Resolved
Fix: #1823
Fix: #2119
Testing
Existing Tests pass
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.