Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jwt_authn: make from_cookies JWT removal behaviour similar to from_params #17985

Merged
merged 2 commits into from
Sep 17, 2021
Merged

jwt_authn: make from_cookies JWT removal behaviour similar to from_params #17985

merged 2 commits into from
Sep 17, 2021

Conversation

theshubhamp
Copy link
Contributor

@theshubhamp theshubhamp commented Sep 3, 2021
edited
Loading

jwt_authn: make from_cookies JWT removal behaviour similar to from_params

Removal of params or cookies after authentication is not implemented as of today.

authenticator.cc calls the removeJwt(...) if forward is set to false (default)
and this leads to an assertion failures caused by NOT_IMPLEMENTED_GCOVR_EXCL_LINE.

Changed removeJwt(...) for JwtCookieLocation to be empty, added test coverage
and updated proto doc to call-out this caveat.

Risk Level: Low
Testing: Tests
Docs Changes: Added caveat to proto docs.
Release Notes: None.
Platform Specific Features: None

Follow up for #17424

Signed-off-by: Shubham Patil theshubhamp@gmail.com

@theshubhamp
jwt_authn: make from_cookies JWT removal behaviour similar to from_pa…
d61f437 
…rams

Removal of params or cookies after authentication is not implemented as of today.

authenticator.cc calls the removeJwt(...) if forward is set to false (default)
and this leads to an assertion failures caused by NOT_IMPLEMENTED_GCOVR_EXCL_LINE.

Changed removeJwt(...) for JwtCookieLocation to be empty, added test coverage
and updated proto doc to call-out this caveat.

Signed-off-by: Shubham Patil <theshubhamp@gmail.com>
@theshubhamp theshubhamp requested a review from lizan as a code owner September 3, 2021 19:13
@repokitteh-read-only
Copy link

CC @envoyproxy/api-shepherds: Your approval is needed for changes made to api/envoy/.
envoyproxy/api-shepherds assignee is @markdroth
CC @envoyproxy/api-watchers: FYI only for changes made to api/envoy/.

🐱

Caused by: #17985 was opened by theshubhamp.

see: more, trace.

@markdroth
Copy link
Contributor

/lgtm api

@repokitteh-read-only repokitteh-read-only bot removed the api label Sep 7, 2021
@theshubhamp
Copy link
Contributor Author

cc @lizan, PTAL whenever you can!

@theshubhamp
Merge branch 'main' of github.com:theshubhamp/envoy into theshubhamp/…
c9556c6 
…drop-cookie-remove-panic

Signed-off-by: Shubham Patil <theshubhamp@gmail.com>
@theshubhamp
Copy link
Contributor Author

Ping! Can someone review this PR ?

@qiwzhang
Copy link
Contributor

First commit is good. The second one after the merge seems getting a lot of unrelated changes. Please fix it.

@theshubhamp
Copy link
Contributor Author

theshubhamp commented Sep 15, 2021
edited
Loading

Thanks for taking a look!

The second one after the merge seems getting a lot of unrelated changes. Please fix it.

The second commit shows unrelated changes because it is a merge commit. I had to merge main back into this branch to resolve conflicts (in generated_api_shadow which was removed on main recently)

Only the 3 files changed in the PR should end up on main as a single commit after merge.

@qiwzhang
Copy link
Contributor

LGTM

@lizan lizan merged commit 5591dbc into envoyproxy:main Sep 17, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lizan lizan lizan approved these changes

Assignees

@lizan lizan

@markdroth markdroth

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@theshubhamp @markdroth @qiwzhang @lizan