Fixes saml login flow to work with anonymous auth #1839
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
…orrectly Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
…ion header Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
DarshitChanpura
requested review from
cliu123,
cwperks,
davidlago,
peternied,
RyanL1997 and
stephen-crawford
as code owners
3 tasks
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #1839 +/- ##
==========================================
- Coverage 68.25% 68.16% -0.09%
==========================================
Files 94 94
Lines 2416 2422 +6
Branches 330 330
==========================================
+ Hits 1649 1651 +2
- Misses 689 694 +5
+ Partials 78 77 -1 ☔ View full report in Codecov by Sentry. |
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
DarshitChanpura
changed the title
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
DarshitChanpura
commented
Mar 21, 2024
derek-ho
reviewed
Mar 21, 2024
stephen-crawford
previously approved these changes
Apr 9, 2024
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
derek-ho
reviewed
Apr 9, 2024
derek-ho
reviewed
Apr 9, 2024
derek-ho
reviewed
Apr 9, 2024
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
cwperks
reviewed
Apr 10, 2024
cwperks
reviewed
Apr 10, 2024
cwperks
reviewed
Apr 10, 2024
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
DarshitChanpura
force-pushed
the
fixes-saml-login-flow
branch
from
95067e8
to
d756b6c
Compare
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
Signed-off-by: Darshit Chanpura <dchanp@amazon.com>
derek-ho
approved these changes
Apr 11, 2024
cwperks
approved these changes
Apr 12, 2024
There was a problem hiding this comment.
LGTM! Thank you @DarshitChanpura!
FYI I don't think there is a way to setup Basic Auth + Anonymous without it automatically logging in as anonymous when first loading OSD. I think the issue is in auth_handler_factory.ts where even if multi-auth is enabled and only one auth_type is in the list it will create an instance of the single auth type instead of using MultipleAuthentication
opensearch-trigger-bot bot
pushed a commit
that referenced
this pull request
Apr 12, 2024
* Fixes anonymous auth flow to work with SAML Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds hardcoded credentials for anonymous user Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Updates basic auth header to be a config constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unneeded usage of anonymous auth header constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Updates logic to display anonymous auth login button Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds test to check whether anonymous auth login button is displayed correctly Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes integrationtests Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds integration tests for anonymous auth login with basic authorization header Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Generates random password for anonymous user Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes lint errors Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds saml auth header to differentiate saml requests Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes linter errors Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes basic auth tests Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes console loggers Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes lint error Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Addresses feedback Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Resolves #1840 Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Replace magic value with constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Renames query param and removes unused variables Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Uses enum instead of magic constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Extracts template function to a separate util file Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Renames test Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unnecessary modifications required to solve this bug Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes import Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unused param Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unused method param Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes incorrect method param Signed-off-by: Darshit Chanpura <dchanp@amazon.com> --------- Signed-off-by: Darshit Chanpura <dchanp@amazon.com> (cherry picked from commit 681d1b1)
derek-ho
pushed a commit
that referenced
this pull request
Apr 12, 2024
* Fixes anonymous auth flow to work with SAML Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds hardcoded credentials for anonymous user Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Updates basic auth header to be a config constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unneeded usage of anonymous auth header constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Updates logic to display anonymous auth login button Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds test to check whether anonymous auth login button is displayed correctly Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes integrationtests Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds integration tests for anonymous auth login with basic authorization header Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Generates random password for anonymous user Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes lint errors Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Adds saml auth header to differentiate saml requests Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes linter errors Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes basic auth tests Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes console loggers Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes lint error Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Addresses feedback Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Resolves #1840 Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Replace magic value with constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Renames query param and removes unused variables Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Uses enum instead of magic constant Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Extracts template function to a separate util file Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Renames test Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unnecessary modifications required to solve this bug Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Fixes import Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unused param Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes unused method param Signed-off-by: Darshit Chanpura <dchanp@amazon.com> * Removes incorrect method param Signed-off-by: Darshit Chanpura <dchanp@amazon.com> --------- Signed-off-by: Darshit Chanpura <dchanp@amazon.com> (cherry picked from commit 681d1b1) Co-authored-by: Darshit Chanpura <35282393+DarshitChanpura@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This PR fixes 2 things:
Category
Why these changes are required?
What is the old behavior before changes and new behavior after changes?
[1] - Companion PR: opensearch-project/security#4152
Issues Resolved
Testing
Manual testing:
Screen.Recording.2024-04-11.at.11.55.53.AM.mov
Check List
- [ ] New functionality has been documentedBy submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.