Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Allow list for SSO client attributes #506

Closed
rjferguson21 opened this issue Jun 25, 2024 · 0 comments · Fixed by #676
Closed

Allow list for SSO client attributes #506

rjferguson21 opened this issue Jun 25, 2024 · 0 comments · Fixed by #676
Assignees
@UnicornChance
Labels
enhancement New feature or request operator Issues pertaining to the UDS Operator (Pepr) security sso Issues related to the SSO stack (Keycloak/Authservice)
Milestone
0.26.0

Comments

@rjferguson21
Copy link
Contributor

Is your feature request related to a problem? Please describe.

Currently we do not restrict which Keycloak client attributes can be added to clients created through the Package custom resource.
We should enumerate explicitly which attributes we pass through to actual Keycloak client update/create.

Additional context

See https://www.keycloak.org/docs-api/22.0.1/rest-api/index.html#ClientRepresentation client.attributes
@rjferguson21 rjferguson21 added the enhancement New feature or request label Jun 25, 2024
@UnicornChance UnicornChance mentioned this issue Jun 26, 2024
Merged
5 tasks
@mjnagel mjnagel added operator Issues pertaining to the UDS Operator (Pepr) sso Issues related to the SSO stack (Keycloak/Authservice) labels Jul 2, 2024
@UnicornChance UnicornChance self-assigned this Aug 15, 2024
@UnicornChance UnicornChance mentioned this issue Aug 15, 2024
Merged
5 tasks
@UnicornChance UnicornChance linked a pull request Aug 15, 2024 that will close this issue
fix!: client attribute allow list #676
Merged
5 tasks
@mjnagel mjnagel added this to the 0.26.0 milestone Aug 20, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@UnicornChance UnicornChance

Labels
enhancement New feature or request operator Issues pertaining to the UDS Operator (Pepr) security sso Issues related to the SSO stack (Keycloak/Authservice)
Projects
None yet
Milestone
0.26.0
Development

Successfully merging a pull request may close this issue.

fix!: client attribute allow list defenseunicorns/uds-core
3 participants
@rjferguson21 @mjnagel @UnicornChance