Skip to content

fix!: Correctly construct OIDC endpoints #910

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 10 commits into from
Nov 22, 2024
Merged

fix!: Correctly construct OIDC endpoints #910

merged 10 commits into from
Nov 22, 2024

Conversation

sbernauer
Copy link
Member

@sbernauer sbernauer commented Nov 22, 2024
edited
Loading

Description

Related to stackabletech/nifi-operator#716, but also will fix stuff in all other tools using OIDC (at least Superset and Trino)

Implementations

Definition of Done Checklist

  • Not all of these items are applicable to all PRs, the author should update this template to only leave the boxes in that are relevant
  • Please make sure all these things are done and tick the boxes
# Author
- [ ] Changes are OpenShift compatible
- [ ] CRD changes approved
- [ ] Integration tests passed (for non trivial changes)

# Reviewer
- [ ] Code contains useful comments
- [ ] (Integration-)Test cases added
- [ ] Documentation added or updated
- [ ] Changelog updated
- [ ] Cargo.toml only contains references to git tags (not specific commits or branches)

# Acceptance
- [ ] Feature Tracker has been updated
- [ ] Proper release label has been added

@sbernauer sbernauer changed the title fix: Calculation of OIDC endpoint fix!: Calculation of OIDC endpoint Nov 22, 2024
@sbernauer sbernauer self-assigned this Nov 22, 2024
@Techassi Techassi self-requested a review November 22, 2024 11:02
Techassi
Techassi requested changes Nov 22, 2024
View reviewed changes
Copy link
Member

@Techassi Techassi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, mostly minor comments.

@Techassi Techassi changed the title fix!: Calculation of OIDC endpoint fix!: Correctly construct OIDC endpoints Nov 22, 2024
Techassi
Techassi reviewed Nov 22, 2024
View reviewed changes
@Techassi
Copy link
Member

Also, we should maybe think about default to an empty string instead.

operator-rs/crates/stackable-operator/src/commons/authentication/oidc.rs

Lines 52 to 54 in 4a8d377

/// Root HTTP path of the identity provider. Defaults to `/`.
#[serde(default = "default_root_path")]
root_path: String,

This was referenced Nov 22, 2024
Closed
Merged
@sbernauer
Copy link
Member Author

Also, we should maybe think about default to an empty string instead.

Even when you change the default to an empty string it currently still returns https://my.keycloak.server/. I personally fine the / a bit more intuitive default (regardless if we strip trailing slashes anyway)

@sbernauer sbernauer requested a review from Techassi November 22, 2024 13:23
Techassi
Techassi requested changes Nov 22, 2024
View reviewed changes
Copy link
Member

@Techassi Techassi left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Two very minor comments.

@sbernauer @Techassi
Apply suggestions from code review
27f322d 
Co-authored-by: Techassi <git@techassi.dev>
@sbernauer sbernauer requested a review from Techassi November 22, 2024 14:40
@sbernauer sbernauer enabled auto-merge November 22, 2024 14:44
@sbernauer sbernauer added this pull request to the merge queue Nov 22, 2024
Merged via the queue into main with commit de15662 Nov 22, 2024
10 checks passed
@sbernauer sbernauer deleted the fix/oidc-endpoint-calculation branch November 22, 2024 15:04
@siegfriedweber siegfriedweber mentioned this pull request Nov 23, 2024
Merged
This was referenced Nov 25, 2024
Merged
Merged
@Techassi Techassi mentioned this pull request Nov 25, 2024
Merged
@sbernauer sbernauer mentioned this pull request Nov 25, 2024
Merged
@sbernauer sbernauer added the release-note Denotes a PR that will be considered when it comes time to generate release notes. label Dec 12, 2024
@sbernauer
Copy link
Member Author

sbernauer commented Dec 12, 2024
edited by NickLarsenNZ
Loading

Release notes

All the affected operators are listed below in the description.

  • Nifi Operator
  • Trino Operator
  • Druid Operator
  • Airflow Operator
  • Superset Operator

Snippet:

Operators have been fixed to work correctly with OpenID Connect rootPaths with and without trailing slashes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Techassi Techassi Techassi approved these changes

Assignees

@sbernauer sbernauer

Labels
release/24.11.1 release-note Denotes a PR that will be considered when it comes time to generate release notes. type/bug
Projects
Stackable Engineering
Archived in project
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@sbernauer @Techassi @lfrancke