Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[v15] move acs_url and relay_state input validation to rpc create and update methods #46846

Merged
merged 1 commit into from
Sep 25, 2024

Conversation

flyinghermit
Copy link
Contributor

  • Moves the strict validation from local package to RPC create and update methods in auth package. Performing such strict validation in the local methods breaks cache writes in a cluster that may already have service provider configured with unsupported values.
  • Create and update methods on the local package still calls the validation functions but only logs a warning on error.
  • The behavior of FilterSAMLEntityDescriptor is slightly updated to return error if at least one ACS value is filtered. Previously, it would return error only if all the provided ACS value were filtered.

Backport of #46833 to Branch/v15

changelog: Fixed a regression in the SAML IdP service which prevented cache from initializing in a cluster that may have a service provider configured with unsupported acs_url and relay_state values.

@flyinghermit flyinghermit added this pull request to the merge queue Sep 25, 2024
Merged via the queue into branch/v15 with commit 2ee58a0 Sep 25, 2024
38 checks passed
@flyinghermit flyinghermit deleted the sshah/v15-move-acs-relay-validation-to-rpc branch September 25, 2024 14:34
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants