Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oidc proxy AuthorizationServer redirect on wrong state #4641

Merged
merged 1 commit into from
May 23, 2024
Merged

oidc proxy AuthorizationServer redirect on wrong state #4641

merged 1 commit into from
May 23, 2024

Conversation

StekPerepolnen
Copy link
Collaborator

@StekPerepolnen StekPerepolnen commented May 17, 2024
edited

Changelog entry

4595

Changelog category

  • Improvement

@StekPerepolnen StekPerepolnen changed the title YDB 4595/oidc proxy return 401 oidc proxy return 401 instead 400 May 17, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 10:45:37 UTC Pre-commit check for 9ef9b9d has started.
2024-05-17 10:45:38 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-17 10:47:04 UTC Build successful.
2024-05-17 10:48:14 UTC Tests are running...
🟢 2024-05-17 10:48:36 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
14 14 0 0 0 0

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 10:47:01 UTC Pre-commit check for 9ef9b9d has started.
2024-05-17 10:47:03 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-17 10:50:39 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 10:47:07 UTC Pre-commit check for 9ef9b9d has started.
2024-05-17 10:47:10 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-17 10:48:59 UTC Build successful.
2024-05-17 10:50:34 UTC Tests are running...
🟢 2024-05-17 10:50:56 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
14 14 0 0 0 0

@StekPerepolnen StekPerepolnen force-pushed the YDB-4595/oidc_proxy_return_401 branch from 7fe147d to 6397c1b Compare May 17, 2024 16:06
@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 16:08:06 UTC Pre-commit check for 54d4a44 has started.
2024-05-17 16:08:08 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-17 16:10:16 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 16:10:00 UTC Pre-commit check for 54d4a44 has started.
2024-05-17 16:10:04 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-17 16:12:01 UTC Build successful.
2024-05-17 16:12:34 UTC Check cancelled

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 16:10:01 UTC Pre-commit check for 54d4a44 has started.
2024-05-17 16:10:03 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-17 16:11:55 UTC Build successful.
2024-05-17 16:12:32 UTC Check cancelled

@StekPerepolnen StekPerepolnen force-pushed the YDB-4595/oidc_proxy_return_401 branch from 6397c1b to add8c90 Compare May 17, 2024 16:12
@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 16:13:42 UTC Pre-commit check for c96406f has started.
2024-05-17 16:13:44 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-17 16:15:14 UTC Build successful.
2024-05-17 16:16:41 UTC Tests are running...
🟢 2024-05-17 16:17:03 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
14 14 0 0 0 0

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 16:15:59 UTC Pre-commit check for c96406f has started.
2024-05-17 16:16:01 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-17 16:17:40 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 16:16:06 UTC Pre-commit check for c96406f has started.
2024-05-17 16:16:08 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-17 16:17:56 UTC Build successful.
2024-05-17 16:19:23 UTC Tests are running...
🟢 2024-05-17 16:19:46 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
14 14 0 0 0 0

@StekPerepolnen StekPerepolnen force-pushed the YDB-4595/oidc_proxy_return_401 branch from add8c90 to e57c9f0 Compare May 17, 2024 17:24
@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 17:26:48 UTC Pre-commit check for c785cf1 has started.
2024-05-17 17:26:49 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-17 17:28:16 UTC Build successful.
2024-05-17 17:29:31 UTC Tests are running...
🔴 2024-05-17 17:29:44 UTC Some tests failed, follow the links below.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 15 0 1 0 0

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 17:28:23 UTC Pre-commit check for c785cf1 has started.
2024-05-17 17:28:28 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-17 17:30:06 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 17:28:30 UTC Pre-commit check for c785cf1 has started.
2024-05-17 17:28:33 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-17 17:30:14 UTC Build successful.
2024-05-17 17:31:41 UTC Tests are running...
🔴 2024-05-17 17:32:06 UTC Some tests failed, follow the links below.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 15 0 1 0 0

@StekPerepolnen StekPerepolnen force-pushed the YDB-4595/oidc_proxy_return_401 branch 2 times, most recently from c98ebb9 to b7611cf Compare May 17, 2024 18:28
@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 18:28:33 UTC Pre-commit check for 697f5bf has started.
2024-05-17 18:28:36 UTC Build linux-x86_64-release-clang14 is running...
2024-05-17 18:28:59 UTC Check cancelled

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 18:30:10 UTC Pre-commit check for 2dcb4bd has started.
2024-05-17 18:30:11 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-17 18:31:48 UTC Build successful.

@StekPerepolnen StekPerepolnen changed the title oidc proxy return 401 instead 400 oidc proxy AuthorizationServer redirect on wrong state May 17, 2024
@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 18:32:20 UTC Pre-commit check for 2dcb4bd has started.
2024-05-17 18:32:22 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-17 18:34:07 UTC Build successful.
2024-05-17 18:35:36 UTC Tests are running...
🟢 2024-05-17 18:35:58 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 16 0 0 0 0

@github-actions GitHub Actions
Copy link

github-actions bot commented May 17, 2024
edited

2024-05-17 18:32:26 UTC Pre-commit check for 2dcb4bd has started.
2024-05-17 18:32:29 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-17 18:34:17 UTC Build successful.
2024-05-17 18:35:45 UTC Tests are running...
🟢 2024-05-17 18:36:08 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 16 0 0 0 0

molotkov-and
molotkov-and reviewed May 21, 2024
View reviewed changes
ydb/mvp/oidc_proxy/oidc_session_create.h
@@ -142,7 +142,7 @@ class THandlerSessionCreate : public NActors::TActorBootstrapped<THandlerSession
NHttp::THeaders headers(Request->Headers);
NHttp::TCookies cookies(headers.Get("cookie"));

if (!code.Empty() && IsStateValid(state, cookies, ctx)) {
if (IsStateValid(state, cookies, ctx) && !code.Empty()) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Why did you switch the conditions?
If parameter "code" is empty then it doesn't make sense to check parameter "state"

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I noticed that in the IsStateValid method, the IsAjaxRequest variable is initialized, which can affect the response code.

@StekPerepolnen StekPerepolnen force-pushed the YDB-4595/oidc_proxy_return_401 branch from b7611cf to bbbca8d Compare May 23, 2024 10:43
@github-actions GitHub Actions
Copy link

github-actions bot commented May 23, 2024
edited

2024-05-23 11:10:03 UTC Pre-commit check for 34a5468 has started.
2024-05-23 11:11:56 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-23 11:21:36 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented May 23, 2024
edited

2024-05-23 11:16:48 UTC Pre-commit check for 34a5468 has started.
2024-05-23 11:18:40 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-23 11:20:09 UTC Build successful.
2024-05-23 11:20:19 UTC Tests are running...
🟢 2024-05-23 11:20:41 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 16 0 0 0 0

@github-actions GitHub Actions
Copy link

github-actions bot commented May 23, 2024
edited

2024-05-23 11:39:35 UTC Pre-commit check for 34a5468 has started.
2024-05-23 11:41:36 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-23 11:43:14 UTC Build successful.
2024-05-23 11:43:24 UTC Tests are running...
🟢 2024-05-23 11:43:46 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 16 0 0 0 0

@StekPerepolnen StekPerepolnen force-pushed the YDB-4595/oidc_proxy_return_401 branch from bbbca8d to 9ffee8b Compare May 23, 2024 12:59
@github-actions GitHub Actions
Copy link

github-actions bot commented May 23, 2024
edited

2024-05-23 13:01:09 UTC Pre-commit check for be0eaac has started.
2024-05-23 13:03:08 UTC Build linux-x86_64-release-clang14 is running...
🟢 2024-05-23 13:06:35 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented May 23, 2024
edited

2024-05-23 13:02:31 UTC Pre-commit check for be0eaac has started.
2024-05-23 13:04:36 UTC Build linux-x86_64-release-asan is running...
🟢 2024-05-23 13:06:57 UTC Build successful.
2024-05-23 13:07:10 UTC Tests are running...
🟢 2024-05-23 13:07:33 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 16 0 0 0 0

@github-actions GitHub Actions
Copy link

github-actions bot commented May 23, 2024
edited

2024-05-23 13:03:39 UTC Pre-commit check for be0eaac has started.
2024-05-23 13:05:40 UTC Build linux-x86_64-relwithdebinfo is running...
🟢 2024-05-23 13:07:24 UTC Build successful.
2024-05-23 13:07:36 UTC Tests are running...
🟢 2024-05-23 13:07:59 UTC Tests successful.

Test history

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
16 16 0 0 0 0

@StekPerepolnen StekPerepolnen merged commit 79aa281 into ydb-platform:main May 23, 2024
5 checks passed
@StekPerepolnen StekPerepolnen deleted the YDB-4595/oidc_proxy_return_401 branch May 23, 2024 14:38
@serbel324 serbel324 mentioned this pull request May 24, 2024
Merged
This was referenced May 27, 2024
Closed
Closed
Merged
@StekPerepolnen StekPerepolnen mentioned this pull request May 28, 2024
Open
MrLolthe1st pushed a commit to MrLolthe1st/ydb that referenced this pull request May 28, 2024
@StekPerepolnen @MrLolthe1st
oidc proxy AuthorizationServer redirect on wrong state (ydb-platform#…
f53e1a9 
…4641)
@niksaveliev niksaveliev mentioned this pull request May 29, 2024
Merged
This was referenced May 29, 2024
Merged
Merged
This was referenced May 30, 2024
Merged
Closed
Closed
Merged
This was referenced Jun 7, 2024
Merged
Merged
@niksaveliev niksaveliev mentioned this pull request Jun 17, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@molotkov-and molotkov-and molotkov-and approved these changes

@adameat adameat Awaiting requested review from adameat

Assignees
No one assigned
Labels
improvement new-feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@StekPerepolnen @molotkov-and