Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix the redirect url for keycloak logout #6144

Merged
merged 1 commit into from
Aug 7, 2023
Merged

Fix the redirect url for keycloak logout #6144

merged 1 commit into from
Aug 7, 2023

Conversation

ahmadhamzh
Copy link
Contributor

@ahmadhamzh ahmadhamzh commented Aug 2, 2023
edited
Loading

What this PR does / why we need it:
Starting from Keycloak 18, RP initiated logout was introduced in keycloak. post_logout_redirect_uri and id_token_hint parameters are required now for logging a user out.

To support this special case, we are now adding a new configuration named oidc_provider which will allow us to manage OIDC provider specific configurations.

Which issue(s) this PR fixes:
Fixes #6127

What type of PR is this?

/kind bug

Fix support for keycloak OIDC logout. New field `oidc_provider` was introduced to support OIDC provider specific configurations. Configuring `oidc_provider` as `keycloak` will properly configure the logout workflow.

https://github.com/kubermatic/docs/pull/1507

@kubermatic-bot kubermatic-bot added docs/none Denotes a PR that doesn't need documentation (changes). release-note-none Denotes a PR that doesn't merit a release note. dco-signoff: yes Denotes that all commits in the pull request have the valid DCO signoff message. approved Indicates a PR has been approved by an approver from all required OWNERS files. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Aug 2, 2023
@ahmadhamzh ahmadhamzh added kind/bug Categorizes issue or PR as related to a bug. sig/ui Denotes a PR or issue as being assigned to SIG UI. labels Aug 2, 2023
@ahmadhamzh ahmadhamzh added this to the KKP 2.24 milestone Aug 2, 2023
@kubermatic-bot kubermatic-bot added docs/tbd Denotes a PR that needs documentation (change) that will be done later. release-note Denotes a PR that will be considered when it comes time to generate release notes. and removed docs/none Denotes a PR that doesn't need documentation (changes). release-note-none Denotes a PR that doesn't merit a release note. labels Aug 3, 2023
@xrstf
Copy link
Contributor

xrstf commented Aug 7, 2023

I just have to say it, sorry, but:

It's keycloak, not keyclock.

Thank you. ;-)

@ahmedwaleedmalik ahmedwaleedmalik changed the title Fix the redirect url for keyclock logout Fix the redirect url for keycloak logout Aug 7, 2023
ahmedwaleedmalik
ahmedwaleedmalik approved these changes Aug 7, 2023
View reviewed changes
Copy link
Member

@ahmedwaleedmalik ahmedwaleedmalik left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/approve

@kubermatic-bot kubermatic-bot added the lgtm Indicates that a PR is ready to be merged. label Aug 7, 2023
@kubermatic-bot
Copy link
Contributor

LGTM label has been added.

Git tree hash: b04aea103cdf904b430587057ce1c7a6a914c057

@kubermatic-bot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: ahmadhamzh, ahmedwaleedmalik

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@ahmedwaleedmalik
Copy link
Member

/retest

@kubermatic-bot kubermatic-bot merged commit e88aa93 into kubermatic:main Aug 7, 2023
@ahmedwaleedmalik
Copy link
Member

/cherry-pick release/v2.23

@ahmedwaleedmalik
Copy link
Member

/cherry-pick release/v2.22

@ahmedwaleedmalik
Copy link
Member

/cherry-pick release/v2.21

@kubermatic-bot
Copy link
Contributor

@ahmedwaleedmalik: #6144 failed to apply on top of branch "release/v2.23":

Applying: fix the redirect URI for keyclock
Using index info to reconstruct a base tree...
M	modules/web/src/app/project/template.html
Falling back to patching base and 3-way merge...
Auto-merging modules/web/src/app/project/template.html
CONFLICT (content): Merge conflict in modules/web/src/app/project/template.html
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 fix the redirect URI for keyclock
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release/v2.23

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@kubermatic-bot
Copy link
Contributor

@ahmedwaleedmalik: #6144 failed to apply on top of branch "release/v2.22":

Applying: fix the redirect URI for keyclock
Using index info to reconstruct a base tree...
M	modules/web/src/app/project/template.html
M	modules/web/src/app/shared/model/Config.ts
Falling back to patching base and 3-way merge...
Auto-merging modules/web/src/app/shared/model/Config.ts
Auto-merging modules/web/src/app/project/template.html
CONFLICT (content): Merge conflict in modules/web/src/app/project/template.html
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 fix the redirect URI for keyclock
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release/v2.22

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@kubermatic-bot
Copy link
Contributor

@ahmedwaleedmalik: #6144 failed to apply on top of branch "release/v2.21":

Applying: fix the redirect URI for keyclock
Using index info to reconstruct a base tree...
A	modules/web/src/app/core/services/auth/service.ts
A	modules/web/src/app/project/template.html
A	modules/web/src/app/shared/model/Config.ts
Falling back to patching base and 3-way merge...
Auto-merging src/app/shared/model/Config.ts
Auto-merging src/app/core/services/auth/service.ts
CONFLICT (modify/delete): modules/web/src/app/project/template.html deleted in HEAD and modified in fix the redirect URI for keyclock. Version fix the redirect URI for keyclock of modules/web/src/app/project/template.html left in tree.
error: Failed to merge in the changes.
hint: Use 'git am --show-current-patch=diff' to see the failed patch
Patch failed at 0001 fix the redirect URI for keyclock
When you have resolved this problem, run "git am --continue".
If you prefer to skip this patch, run "git am --skip" instead.
To restore the original branch and stop patching, run "git am --abort".

In response to this:

/cherry-pick release/v2.21

Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository.

@ahmedwaleedmalik
Copy link
Member

@ahmadhamzh You'll have to manually backport this PR to 2.23, 2.22, 2.21. Also please ensure that the documentation makes its way into those versions as well before the next patch releases.

This was referenced Aug 7, 2023
Merged
Merged
Merged
@ahmadhamzh ahmadhamzh mentioned this pull request Aug 18, 2023
Merged
@kubermatic-bot kubermatic-bot added docs/provided Denotes a PR that has a valid documentation reference. and removed docs/tbd Denotes a PR that needs documentation (change) that will be done later. labels Aug 18, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahmedwaleedmalik ahmedwaleedmalik ahmedwaleedmalik approved these changes

Assignees

@ahmedwaleedmalik ahmedwaleedmalik

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. dco-signoff: yes Denotes that all commits in the pull request have the valid DCO signoff message. docs/provided Denotes a PR that has a valid documentation reference. kind/bug Categorizes issue or PR as related to a bug. lgtm Indicates that a PR is ready to be merged. release-note Denotes a PR that will be considered when it comes time to generate release notes. sig/ui Denotes a PR or issue as being assigned to SIG UI. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
KKP 2.24
Development

Successfully merging this pull request may close these issues.

Logout url does not work with Keycloak 18.0 or higher
4 participants
@ahmadhamzh @xrstf @kubermatic-bot @ahmedwaleedmalik