Preserve Query in nextUrl during openid login redirect #2140
Conversation
KleinSebastian
requested review from
cwperks,
DarshitChanpura,
derek-ho and
RyanL1997
as code owners
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## main #2140 +/- ##
=======================================
Coverage 71.46% 71.46%
=======================================
Files 97 97
Lines 2649 2649
Branches 411 403 -8
=======================================
Hits 1893 1893
Misses 641 641
Partials 115 115 ☔ View full report in Codecov by Sentry. |
|
@KleinSebastian Can you add a test to go along with the changes being introduced in this PR? |
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
|
@cwperks I added a set of unit tests for the handleUnauthRequest call. E2E Tests for the functionality are unfortunately not working on my machine, so I skipped them. If you insist upon Cypress Tests I will try my best to do it on another machine. |
release-notes/opensearch-security-dashboards-plugin.release-notes-2.18.0.0.md
Outdated
Show resolved
Hide resolved
|
@KleinSebastian please fix the eslint issues. You can fix them automatically with |
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
|
@KleinSebastian There are a few test errors. Are these errors due to changes from this PR or was there a change in OSD that introduced these errors? |
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
|
@cwperks I was able to reproduce the error. It was an issue with updating the "security_authentication" cookie due to the mismatch of "localhost" and "127.0.0.1" between OSD and Keycloak, resulting rejection of set-cookie in the browser due to the default SameSite behaviour "Lax". Fixing the configuration does fix the E2E Tests as well as the need for a second redirect the existing E2E Tests. |
Awesome, thank you! I just approved the CI checks to run again. We will get results in ~45min - 1 hr |
Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
|
@cwperks I saw that the E2E test runs failed again, but this time the OSD Server did not even start properly. I also saw that I introduced unwanted line ending changes. I reverted them because this might be the reason for the not starting server. |
I just started the CI checks again. |
…the tests Signed-off-by: Sebastian Klein <sebastian.klein93@gmx.de>
|
OSD is still not starting, I assume that the server is not able to contact Keycloak by using the "127.0.0.1" address and exits. I reverted the changes done to the E2E Setup and tried fixing the tests with the manual redirect workaround present in the existing tests. |
Description
Successful Openid Login redirects back to the URL, from where the login was initiated.
Category
Bug fix
Why these changes are required?
Bug was reported: #1823 and #2119
What is the old behaviour before changes and new behaviour after changes?
The changed behaviour is best explained by following user-flow
The whole functionality is basically ported from the SAML login method.
Issues Resolved
Fix: #1823
Fix: #2119
Testing
Existing Tests pass
Check List
By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.