SAML enhancements #13316
Merged
SAML enhancements #13316
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
john-westcott-iv
force-pushed
the
saml-enhancements
branch
from
7ac513f
to
c8b5f4e
Compare
john-westcott-iv
force-pushed
the
saml-enhancements
branch
2 times, most recently
from
a48768c
to
864f6f7
Compare
|
@kdelee did you do some performance testing of this PR? Could you give like a really really brief summary? Because right now this just looks like a refactor. |
jjwatt
reviewed
Jan 18, 2023
kdelee
approved these changes
Jan 18, 2023
AlanCoding
reviewed
Jan 20, 2023
AlanCoding
reviewed
Jan 20, 2023
awx/sso/social_pipeline.py
Outdated
| organization_name = organization_alias | ||
| else: | ||
| organization_name = org_name | ||
| org = get_or_create_with_default_galaxy_cred(name=organization_name) |
There was a problem hiding this comment.
huh, I'm surprised that we don't use defaults already, like, set the description of the org to "imported via SAML"
There was a problem hiding this comment.
Its just a straight building of the org. This will be a slight change to how the LDAP adapter works because it didn't used to include adding the default galaxy credential at all.
john-westcott-iv
force-pushed
the
saml-enhancements
branch
from
938fa76
to
9969841
Compare
gamuniz
reviewed
Jan 24, 2023
Prefixing all internal functions with _ Modified subfunctions to not return values but instead manipulate multable objects Modified all functions to not add duplicate orgs to the orgs_to_create list
This made testing easier and allows for any adapter with a flag the ability to simply pass it into a function
Removed orgs_to_create from being passed into user_team functions, common create orgs code will add any team orgs to list of orgs automatically Passed SAML_AUTO_CREATE_OBJECTS flag into create_org_and_teams Fix bug where we were looking at values instead of keys Added loading of all teams if remove flag is set in update_user_teams_by_saml_attr
john-westcott-iv
force-pushed
the
saml-enhancements
branch
from
9969841
to
82650d3
Compare
gamuniz
approved these changes
Jan 27, 2023
jay-steurer
approved these changes
Jan 27, 2023
|
@tvo318 this PR has a minor change to the behavior of the LDAP adapter. It now shares common code with the SAML adapter so if an LDAP login creates an organization the default galaxy credential will be added to that organization. |
TheRealHaoLiu
pushed a commit
to TheRealHaoLiu/awx
that referenced
this pull request
Feb 8, 2023
* Moving reconcile_users_org_team_mappings into common library * Renaming pipeline to social_pipeline * Breaking out SAML and generic Social Auth * Optimizing SMAL login process * Moving extraction of org in teams from backends into sso/common.create_orgs_and_teams * Altering saml_pipeline from testing Prefixing all internal functions with _ Modified subfunctions to not return values but instead manipulate multable objects Modified all functions to not add duplicate orgs to the orgs_to_create list * Updating the common function to respect a teams organization name * Added can_create flag to create_org_and_teams This made testing easier and allows for any adapter with a flag the ability to simply pass it into a function * Multiple changes to SAML pipeline Removed orgs_to_create from being passed into user_team functions, common create orgs code will add any team orgs to list of orgs automatically Passed SAML_AUTO_CREATE_OBJECTS flag into create_org_and_teams Fix bug where we were looking at values instead of keys Added loading of all teams if remove flag is set in update_user_teams_by_saml_attr * Moving common items between SAML and Social into a 'base' * Updating and adding testing * Renamed get_or_create_with_default_galaxy_cred to get_or_create_org_...
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
SUMMARY
Split out SAML and Social Auth pipelines.
Pull common bits between SAML and LDAP auth into common file.
ISSUE TYPE
COMPONENT NAME
AWX VERSION
ADDITIONAL INFORMATION