-
Notifications
You must be signed in to change notification settings - Fork 37
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use new class ProxyConfig for proxy selection in OIDC configuration #466
Conversation
HTTPRequest httpRequest = new UserInfoRequest(configuration.getUserInfoEndpointUri(), new BearerAccessToken(accessToken)).toHTTPRequest(); | ||
final ProxyConfig proxyCfg = ProxyUtil.getProxyConfig(); | ||
|
||
if (proxyCfg.shouldProxy(configuration.getUserInfoEndpointUri().toURL())) { |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
NULL_DEREFERENCE: object proxyCfg
last assigned on line 51 could be null and is dereferenced at line 53.
ℹ️ Expand to see all @sonatype-lift commands
You can reply with the following commands. For example, reply with @sonatype-lift ignoreall to leave out all findings.
Command | Usage |
---|---|
@sonatype-lift ignore |
Leave out the above finding from this PR |
@sonatype-lift ignoreall |
Leave out all the existing findings from this PR |
@sonatype-lift exclude <file|issue|path|tool> |
Exclude specified file|issue|path|tool from Lift findings by updating your config.toml file |
Note: When talking to LiftBot, you need to refresh the page to see its response.
Click here to add LiftBot to another repo.
Help us improve LIFT! (Sonatype LiftBot external survey)
Was this a good recommendation for you? Answering this survey will not impact your Lift settings.
[ 🙁 Not relevant ] - [ 😕 Won't fix ] - [ 😑 Not critical, will fix ] - [ 🙂 Critical, will fix ] - [ 😊 Critical, fixing now ]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@zgael A check for proxyCfg
being null
would be good here. getProxyConfig
will return null
when no proxy config was found at all.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh, was already addressed. Never mind then, please mark this conversation as resolved.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @zgael!
Code looks good to me, but I'd like to test it with DT to make sure it works as intended.
Depending on how you plan to test it, I might be able to help :
Keep me informed! |
@nscuro Have you tested this with DT? |
@stevespringett Not yet, sorry. I'll try to get it done tomorrow. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Tested with Dependency-Track by proxying requests to a local Keycloak server through ZAP. Both config resolution and UserInfo requests are proxied correctly for the ALPINE_HTTP_PROXY_*
and "standard" HTTP_PROXY
way. Including the Keycloak address in NO_PROXY
bypasses the proxy as expected.
This is good to merge from my side @stevespringett. Thanks for the PR @zgael! 🚀
Fixes an oversight of stevespringett#466 Relates to DependencyTrack/dependency-track#2696 Signed-off-by: nscuro <nscuro@protonmail.com>
Hi,
following this (closed/not merged) issue #422 , I create this new one to make use of the newly created ProxyConfig class in order to have OIDC configuration use proxy if declared in configuration.
Thanks @nscuro for the work on ProxyConfig, looks good to me !