Fix registration of backchannel logout route #43000
Conversation
Currently the backchannel logout route is registered with the root-path, resulting in a path like this: ``/backend/backend/back-channel-logout`` instead of ``/backend/back-channel-logout`` See also #42990
|
Thanks @AB-xdev, I'll look now at confirming with the test that this route is accessible with the root path configured, I avoided it previous time trying to minimize impact on all the surrounding tests in the test suite, but I'll isolate it now to a dedicated test |
What that is about ? And how is it relevant to the issue at hand ? |
|
I think it was just a gripe about our contributing guide being too long :). That's actually very accurate and we started some work to have a smaller first contribution guide. Looks like I need to get back to it :). |
|
I'm starting looking at adding a back channel test with the http root set |
|
After spending a lot of time trying to add a dedicated test in |
sberyozkin
force-pushed
the
42990-logout-backchannel-with-root-path
branch
from
c8a7a4f
to
d58dc45
Compare
|
Hi @gsmet @cescoffier I added a test. FYI, if I the route path is relative, example, Only having both It also took me a bit of time to realize RestAuured integration will prepend the root path itself for non-absolute URLs :-) |
sberyozkin
force-pushed
the
42990-logout-backchannel-with-root-path
branch
from
d58dc45
to
9f32092
Compare
sberyozkin
force-pushed
the
42990-logout-backchannel-with-root-path
branch
from
9f32092
to
2288830
Compare
|
Why do you need to repeat the root path? Is the route registered correctly? |
| @@ -46,7 +46,7 @@ public void setup(@Observes Router router) { | |||
|
|
|||
| private void addRoute(Router router, OidcTenantConfig oidcTenantConfig) { | |||
| if (oidcTenantConfig.isTenantEnabled() && oidcTenantConfig.logout.backchannel.path.isPresent()) { | |||
| router.route(getRootPath() + oidcTenantConfig.logout.backchannel.path.get()) | |||
| router.route(oidcTenantConfig.logout.backchannel.path.get()) | |||
There was a problem hiding this comment.
Who is calling this method? Which router is it? Why it's not a route registered in the processor?
There was a problem hiding this comment.
Hi @cescoffier
Who is calling this method?
It is called from just above from setup(@Observes Router router) , here.
Which router is it?
The main application one, since it works when accessed from the tests and for example, from Keycloak.
Why it's not a route registered in the processor?
Do you mean the recorder, similar to how it is done WebAuthnRecorder ?
I don't recall now, probably I did not know how to do it at a time, and chose setup(@Observers Router router), or may be because the way it is done now is easier to handle in a multi-tenant setup. I can certainly rework it and move the registration to the recorder. I guess, to have this PR backportable, I should do it as a follow up PR a bit later, does it sound reasonable ?
There was a problem hiding this comment.
Yeah, please let's try to get the simple version of this PR verified, tested and merged.
I need a backportable fix very soon.
Status for workflow
|
Do you mean why the route was registered with the explicit root path ? It was a mistake, the PR from @AB-xdev fixes it, or do you mean something else ? |
|
Ok, so it's an applicatoin router receiving the application router. For sure you must not prefix the root path. I think we would need to switch to a route declared in the extension instead of this, but as you said, for backport reason, let's go with this. |
|
Sure, @cescoffier, I'll open a follow up request, it might take a bit of time to handle that, but I'll optimize, thanks. By the way, |
|
Merging now, @AB-xdev, thanks again for initiating this PR 👍 , we look forward for more :-) |
Disclaimer I couldn't build it locally / had no time to setup the 22 DIN A4 pages of the contribution guide ;)
logout.backchannel.pathfails whenhttp.root-pathis present - Again #42990