Skip to content

feat: okta support #555

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
karenc-bq merged 1 commit into from
Jun 6, 2024
Merged

feat: okta support #555

karenc-bq merged 1 commit into from
Jun 6, 2024

Conversation

@karenc-bq
Copy link
Contributor

@karenc-bq karenc-bq commented May 24, 2024
edited
Loading

Description

  • Okta authentication support
  • Refactored shared utility methods between Fed auth plugin, IAM auth plugin and the Okta Auth Plugin
  • Fixed bugs in the Fed auth plugin sample code
  • Fixed bugs in Fed auth and IAM auth plugins
    • Fed auth was using the incorrect user connection parameter to generate authentication, therefore its initial connection attempt will always fail. Resulting the plugin needing to generate tokens twice.
    • Fed auth and IAM auth were both storing the authentication tokens using the incorrect cache key, when establishing new connections the plugins will never find a cache, causing the plugin to never utilizing the cached token feature.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.

@karenc-bq karenc-bq force-pushed the feat/okta branch 2 times, most recently from c060b15 to a15dc0f Compare May 25, 2024 00:08
sergiyvamz
sergiyvamz reviewed May 27, 2024
View reviewed changes
aws_advanced_python_wrapper/okta_plugin.py
_SAML_RESPONSE_PATTERN = r"\"SAMLResponse\" .* value=\"(?P<saml>[^\"]+)\""
_SAML_RESPONSE_PATTERN_GROUP = "saml"
_HTTPS_URL_PATTERN = r"^(https)://[-a-zA-Z0-9+&@#/%?=~_!:,.']*[-a-zA-Z0-9+&@#/%=~_']"
_OKTA_AWS_APP_NAME = "amazon_aws"
Copy link
Contributor

@sergiyvamz sergiyvamz May 27, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should they ("amazon_aws", "onetimetoken") be configured at Okta side?

@karenc-bq karenc-bq merged commit 2546889 into main Jun 6, 2024
@karenc-bq karenc-bq deleted the feat/okta branch June 6, 2024 19:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sergiyvamz sergiyvamz sergiyvamz approved these changes

+1 more reviewer

@joyc-bq joyc-bq joyc-bq approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@karenc-bq @sergiyvamz @joyc-bq