Skip to content
This repository has been archived by the owner on Jan 24, 2023. It is now read-only.

Gate SSO redirect on optional state whitelist #3933

Merged
merged 3 commits into from Oct 3, 2019
Merged

Gate SSO redirect on optional state whitelist #3933

merged 3 commits into from Oct 3, 2019

Conversation

richard-cox
Copy link
Contributor

  • Fixes External redirects allowed #3718
  • Supply an optional SSO_WHITELIST env var
  • SSO_WHITELIST is a comma separated list which must contain the state redirect, otherwise return 401

@richard-cox richard-cox self-assigned this Sep 27, 2019
@cfdreddbot
Copy link

✅ Hey richard-cox! The commit authors and yourself have already signed the CLA.

nwmac
nwmac suggested changes Sep 27, 2019
View reviewed changes
src/jetstream/auth.go Outdated Show resolved Hide resolved
@nwmac nwmac added the needs attention This PR needs attention label Sep 27, 2019
@richard-cox richard-cox added ready for review and removed in progress needs attention This PR needs attention labels Oct 1, 2019
@codecov
Copy link

codecov bot commented Oct 1, 2019

Codecov Report

Merging #3933 into v2-master will not change coverage.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           v2-master    #3933   +/-   ##
==========================================
  Coverage      52.21%   52.21%           
==========================================
  Files            785      785           
  Lines          23017    23017           
  Branches        4124     4124           
==========================================
  Hits           12019    12019           
  Misses         10998    10998

nwmac
nwmac approved these changes Oct 3, 2019
View reviewed changes
Copy link
Contributor

@nwmac nwmac left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@nwmac nwmac merged commit ff3a412 into v2-master Oct 3, 2019
KlapTrap added a commit that referenced this pull request Oct 9, 2019
@KlapTrap
Merge branch 'v3-master' into entity-catalogue-list
a532eb2 
* v3-master:
  Fix lint & unit tests
  Fix connect to endpoint subtype
  Ensure we're passing the correct params to action builders.
  Removed console logs
  Ensure endpoint register tiles are ordered correctly
  Start with empty CustomizationsMetadata
  Convert CustomizationsMetadata inject into singleton CustomizationService
  Fix npm audit vulnerabilities (#3899)
  Remove old ingress docs and add new (#3961)
  Helm Chart: Add ingress support (#3935)
  Fix liniting
  unit tests: added more tests for components and utils
  Merge pull request #3939 from cloudfoundry-incubator/mysqldb-dev
  Gate SSO redirect on optional state whitelist (#3933)
  Add debug info for manage users e2e tests (#3938)
  Fix metrics issue with multiple k8s endpoints
  Fix non jetstream requests and other, minor fixes.
@richard-cox richard-cox deleted the whitelist-sso-state branch May 10, 2020 19:56
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@nwmac nwmac nwmac approved these changes

Assignees

@richard-cox richard-cox

Labels
ready for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

External redirects allowed
3 participants
@richard-cox @cfdreddbot @nwmac