Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC: validate the client_secret field #46041

Merged
merged 1 commit into from
Oct 16, 2024
Merged

OIDC: validate the client_secret field #46041

merged 1 commit into from
Oct 16, 2024
+36 −2

Conversation

zmb3
Copy link
Collaborator

@zmb3 zmb3 commented Aug 29, 2024

  • Make the client_secret required, as OIDC auth won't work without it
  • Raise a clear error if unsupported file:// URLs are used

Closes #39107

image

@github-actions GitHub Actions
Copy link

The PR changelog entry failed validation: Changelog entry not found in the PR body. Please add a "no-changelog" label to the PR, or changelog lines starting with changelog: followed by the changelog entries for the PR.

ryanclark
ryanclark approved these changes Aug 30, 2024
View reviewed changes
api/types/oidc.go Outdated Show resolved Hide resolved
marcoandredinis
marcoandredinis approved these changes Aug 30, 2024
View reviewed changes
Copy link
Contributor

@marcoandredinis marcoandredinis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would just add a test for this, other than that ✅

@public-teleport-github-review-bot public-teleport-github-review-bot bot removed the request for review from vapopov August 30, 2024 13:26
@zmb3 zmb3 mentioned this pull request Sep 18, 2024
Merged
@zmb3 zmb3 force-pushed the zmb3/oidc-connector-secret branch from d083de0 to 7200b4c Compare October 16, 2024 17:01
@zmb3 zmb3 enabled auto-merge October 16, 2024 17:01
@zmb3 zmb3 added the no-changelog Indicates that a PR does not require a changelog entry label Oct 16, 2024
@zmb3 zmb3 force-pushed the zmb3/oidc-connector-secret branch 3 times, most recently from 56e6757 to f5b7dc6 Compare October 16, 2024 18:17
@zmb3
OIDC: validate the client_secret field
712051d 
- Make the client_secret required, as OIDC auth won't work without it
- Raise a clear error if unsupported file:// URLs are used

Closes #39107
@zmb3 zmb3 force-pushed the zmb3/oidc-connector-secret branch from f5b7dc6 to 712051d Compare October 16, 2024 19:08
@zmb3 zmb3 added this pull request to the merge queue Oct 16, 2024
Merged via the queue into master with commit cce1157 Oct 16, 2024
40 checks passed
@zmb3 zmb3 deleted the zmb3/oidc-connector-secret branch October 16, 2024 19:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@marcoandredinis marcoandredinis marcoandredinis approved these changes

@ryanclark ryanclark ryanclark approved these changes

Assignees
No one assigned
Labels
no-changelog Indicates that a PR does not require a changelog entry size/sm
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Improve error message when invalid client_secret is used
3 participants
@zmb3 @marcoandredinis @ryanclark