[Backport 1.3] Preserve URL Hash for SAML based login #1226
Conversation
* Refactor + add support to run saml based integ tests via selenium web driver Signed-off-by: Deepak Devarakonda <devardee@amazon.com> * Add plugins.security.unsupported.restapi.allow_securityconfig_modification in developer guide Signed-off-by: Deepak Devarakonda <devardee@amazon.com> * Add one more test Signed-off-by: Deepak Devarakonda <devardee@amazon.com> * Added tests for checking tenancy retention after logout in SAML Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Lint formatting fixes Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Removed unused imports Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Add plugins.security.unsupported.restapi.allow_securityconfig_modification in developer guide Signed-off-by: Deepak Devarakonda <devardee@amazon.com> * Added License header Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added building the plugin bundles while running ITs Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Signed off the commit Removed a comment no longer required Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added debug loggers for checking IT failures Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added a new stage for debug loggers before cleanup Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added a new stage for debug loggers before cleanup Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added logger to print error recieved from auth info during saml login Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added Docker host N/W Config to allow connection to SAML IDP Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added discovery type config to be single node for passing bootstrap checks Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Debug loggers Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Debug loggers Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Debug loggers Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Reverted run command to see change in error Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Trying with full docker image of OS Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Refactored the integration test yaml to use OS Full Docker image Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Removed all debug loggers Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added selfSigned package for generating certs and integrated with saml-idp Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Deleted checked-in key and cert for saml-idp server Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Reverted use of docker image and testing again with manual build Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Reverted use of docker image and testing again with manual build Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Upgraded version from 2.3 to 2.4 Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Removed debug pointers Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Commented out failing IT temporarily Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Lint formatting fix Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added the commented failing test back again Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Removed assertion from test again to make it pass Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Used a better XPath and improved error logging in tests Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Removed an unused XPath Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added back the assertion for failing IT Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Added steps to run Selenium based Integ Tests Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Commented out the test, will re-enable it again in the fix PR Signed-off-by: Aniketh Jain <anijainc@amazon.com> * Parameterized the getDriver function Signed-off-by: Aniketh Jain <anijainc@amazon.com> Signed-off-by: Deepak Devarakonda <devardee@amazon.com> Signed-off-by: Aniketh Jain <anijainc@amazon.com> Co-authored-by: Deepak Devarakonda <devardee@amazon.com>
…flow (opensearch-project#1058) * Fix for picking up tenancy from local storage in SAML AuthN flow Signed-off-by: Aniketh Jain <anijainc@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
Signed-off-by: Craig Perkins <cwperx@amazon.com>
…ecurity-dashboards-plugin into backport-saml-hash-fix
Signed-off-by: Craig Perkins <cwperx@amazon.com>
…ecurity-dashboards-plugin into backport-saml-hash-fix
Signed-off-by: Craig Perkins <cwperx@amazon.com>
* Preserve URL HASH after user logs via SAML IDP Co-authored-by: Darshit Chanpura <35282393+DarshitChanpura@users.noreply.github.com>
|
@scrawfor99 Thank you for the help with this backport! I took a look into the node compatibility issue and we are able to get around it by checking in a This PR is a duplicate of #1220. |
Should we leave this PR open or close it? |
|
FYI other dashboards plugins check in the See 3 other dashboards plugin repos that all contain |
|
|
||
| - name: Checkout OpenSearch Dashboard | ||
| uses: actions/checkout@v2 | ||
| with: | ||
| path: OpenSearch-Dashboards | ||
| repository: opensearch-project/OpenSearch-Dashboards | ||
| ref: '1.3' | ||
| ref: '1.3.6' |
There was a problem hiding this comment.
This ref needs to be updated when a build becomes available.
|
@DarshitChanpura I converted this to a Draft since there is a reference to the 1.3.6 tag in here. Once a build of 1.3.7 is available I will update the reference and change this to Ready for Review. |
| resolved "https://registry.yarnpkg.com/@types/scheduler/-/scheduler-0.16.2.tgz#1a62f89525723dde24ba1b01b092bf5df8ad4d39" | ||
| integrity sha512-hppQEBDmlwhFAXKJX2KnWLYu5yMfi91yazPb2l+lbJiwW+wdo1gNeRA+3RgNSO39WYX2euey41KEwnqesU2Jew== | ||
|
|
||
| "@types/selenium-webdriver@^4.0.9": |
There was a problem hiding this comment.
This was manually added to yarn.lock to make sure there is a compatible version with node 10.24.1
| ajv-errors "^1.0.0" | ||
| ajv-keywords "^3.1.0" | ||
|
|
||
| selenium-webdriver@^4.0.0-alpha.7: |
There was a problem hiding this comment.
This was manually added to yarn.lock to make sure there is a compatible version with node 10.24.1
|
This all looks good. I think once we have the correct build an the DCO is fixed we should be all set. |
Signed-off-by: Craig Perkins <cwperx@amazon.com>
|
All of the commits are signed. The cherry-picked commits or the merge commit may be causing the DCO failure. |
Signed-off-by: Craig Perkins <cwperx@amazon.com>
|
It looks like it is the merge commit. |
|
@cwperks Anything you are waiting on before we merge this change? |
|
@peternied Yes, I'm waiting on a 1.3.7 build of OSD so that I can update the ref here: #1226 (comment) |
Signed-off-by: Craig Perkins <cwperx@amazon.com>
|
@peternied @cwperks The OpenSearch and Dashboards distribution build was successful for 1.3.7. Re-ran the CI workflow and it is successful now. |
|
Thank you for the update @rishabh6788! Merging this change now. |
Description
Backport of #1039, #1058, #1088 to 1.3
Note: This PR checks in
yarn.lockto lock the version of dependencies so that yarn does not try to install the latest version of dependencies which may not be compatible with node 10.24.1. This specifically locksselenium-webdriverto4.0.0-alpha.7which is compatible with node 10.24.1. Without the lockfile, yarn resolves this to 4.6.1 and will not build due to node version compatibility becauseselenium-webdriver@4.6.1requires node >= 12.Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.