Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[2.8] Do not recreate OIDCConf object from UI IntegrationsController #1838

Merged
merged 2 commits into from
Apr 30, 2020
Merged

[2.8] Do not recreate OIDCConf object from UI IntegrationsController #1838

merged 2 commits into from
Apr 30, 2020

Conversation

Martouta
Copy link
Contributor

@Martouta Martouta commented Apr 28, 2020
edited
Loading

2.8 patch for THREESCALE-5103

Verification steps

Follow these steps to test it locally.

  1. Add this to config/rolling_updates.yml (I think that only the 2nd one is necessary for this, but just in case):
apicast_v2: true
apicast_oidc: true
  1. Make webpack work properly for development bundle exec rake webpack:dev
  2. Run the rails server UNICORN_WORKERS=8 bundle exec rails server -b 0.0.0.0
  3. You need to ensure that your service has a service token. If you are not sure of that, open sidekiq with the default queue bundle exec sidekiq -q default -L log/sidekiq.log and run bundle exec rake fixes:create_missing_service_tokens. Then you won't need sidekiq anymore for this so feel free to close it after this 😄
  4. Go to http://provider-admin.example.com.lvh.me:3000/apiconfig/services/2/integration, Edit authentication settings and select the Authentication OpenID Connect
    image
    image
  5. In http://provider-admin.example.com.lvh.me:3000/apiconfig/services/2/integration, add the base URL of your API and save the configuration, scroll down to Authentication Settings, change the OIDC config, and click to Update.
    image
    image
  6. Go to the rails console with bundle exec rails console and check the OIDCConfig with Proxy.find(2).oidc_configuration. Ensure that it has the configuration that you saved and that it contains an ID.
  7. Repeat step 6 with a different configuration. Then repeat step 7 and see that the new configuration is saved with the data you sent and that the ID is the same one as before.
    As a bonus, do OIDCConfiguration.all and see that there is only one.

It is recommended to do these steps with this branch and also in a branch without these changes so you can see the difference.

@Martouta Martouta marked this pull request as ready for review April 29, 2020 11:27
@Martouta Martouta requested a review from a team April 29, 2020 11:27
@guicassolato
Copy link
Contributor

@Martouta , does it also affect

porta/app/controllers/api/services_controller.rb

Line 104 in 62f27e8

oidc_params = %i[oidc_issuer_type oidc_issuer_endpoint jwt_claim_with_client_id jwt_claim_with_client_id_type] + [{oidc_configuration_attributes: OIDCConfiguration::Config::FLOWS}]
maybe?

@Martouta Martouta changed the title [2.8] Do not recreate OIDCConf object from UI IntegrationsController [WIP][2.8] Do not recreate OIDCConf object from UI IntegrationsController Apr 29, 2020
@Martouta
Copy link
Contributor Author

U were right, @guicassolato . Good catch! 👏

@Martouta Martouta changed the title [WIP][2.8] Do not recreate OIDCConf object from UI IntegrationsController [2.8] Do not recreate OIDCConf object from UI IntegrationsController Apr 29, 2020
@Martouta Martouta mentioned this pull request Apr 29, 2020
Merged
@Martouta Martouta merged commit 6491630 into 3scale-2.8-stable Apr 30, 2020
@Martouta Martouta deleted the 2.8/fix/THREESCALE-5103-oidc_conf_attrs-revert-to-default-values branch April 30, 2020 08:15
@Martouta Martouta mentioned this pull request May 6, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@guicassolato guicassolato guicassolato approved these changes

Assignees

@Martouta Martouta

@damianpm damianpm

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Martouta @guicassolato @damianpm