Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ui: mfa: use proper request id generation #17835

Merged
merged 2 commits into from Nov 29, 2022
Merged

ui: mfa: use proper request id generation #17835

merged 2 commits into from Nov 29, 2022

Conversation

rockdrilla
Copy link
Contributor

@rockdrilla rockdrilla commented Nov 7, 2022
edited

Use crypto.randomUUID() to generate mfa_request_id instead of magic with Math.random().

Fixes: 712cc9e, ca14c19

Signed-off-by: Konstantin Demin rockdrilla@gmail.com

@hashicorp-cla
Copy link

hashicorp-cla commented Nov 7, 2022
edited

CLA assistant check
All committers have signed the CLA.

@rockdrilla
Copy link
Contributor Author

NB for backports: apply changes to ui/mirage/handlers/mfa.js (according to commit ca14c19).

@rockdrilla rockdrilla marked this pull request as draft November 7, 2022 12:06
@rockdrilla rockdrilla marked this pull request as ready for review November 7, 2022 12:35
@rockdrilla rockdrilla changed the title ui: mfa: precise mfa_request_id generation ui: mfa: use proper request id generation Nov 7, 2022
hashishaw
hashishaw requested changes Nov 9, 2022
View reviewed changes
Copy link
Contributor

@hashishaw hashishaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you for catching this! We'd like to instead use the built-in randomUUID method so we don't have extra dependencies. Once that's updated we can ship it 🚀

ui/mirage/handlers/mfa-login.js Outdated Show resolved Hide resolved
@rockdrilla rockdrilla marked this pull request as draft November 10, 2022 23:41
@rockdrilla
ui: mfa: use proper request id generation
78b53cd 
Fixes: 712cc9e, ca14c19

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
@rockdrilla rockdrilla marked this pull request as ready for review November 11, 2022 08:12
hashishaw
hashishaw approved these changes Nov 11, 2022
View reviewed changes
Copy link
Contributor

@hashishaw hashishaw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🙏

@hashishaw hashishaw added this to the 1.13.0-rc1 milestone Nov 11, 2022
@hashishaw
Copy link
Contributor

@rockdrilla would you please push an empty commit so that the CircleCI jobs kick off? 🙏

@rockdrilla
Copy link
Contributor Author

@hashishaw I think CircleCI is stuck due to Vercel (it asks "Authorize Fork Deployment").

@hashishaw hashishaw merged commit dfdb14b into hashicorp:main Nov 29, 2022
jayant07-yb pushed a commit to jayant07-yb/hashicorp-vault-integrations that referenced this pull request Mar 15, 2023
@rockdrilla
ui: mfa: use proper request id generation (hashicorp#17835)
6d2a62a 
* ui: mfa: use proper request id generation

Fixes: 712cc9e, ca14c19

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>

Signed-off-by: Konstantin Demin <rockdrilla@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@hashishaw hashishaw hashishaw approved these changes

Assignees
No one assigned
Labels
auth/mfa ui
Projects
None yet
Milestone
1.13.0-rc1
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@rockdrilla @hashicorp-cla @hashishaw @hsimon-hashicorp