Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Forwardport main] Switch to supportsImpersonation check for http auth backend and add Privileged Action for JwtParserBuilder #3579

Merged
merged 2 commits into from
Oct 24, 2023
Merged

[Forwardport main] Switch to supportsImpersonation check for http auth backend and add Privileged Action for JwtParserBuilder #3579

merged 2 commits into from
Oct 24, 2023

Conversation

RyanL1997
Copy link
Collaborator

@RyanL1997 RyanL1997 commented Oct 19, 2023
edited
Loading

Description

Switch to supportsImpersonation check for http auth backend + wrap JwtParserBuilder with doPrivileged

Reference to @cwperks's comment:

As a default implementation the authDomain could have:

default boolean supportsImpersonation() { return true; }

and any authDomain that does not support it can override:

@Override
public boolean supportsImpersonation() { return false; }
  • Category (Enhancement, New feature, Bug fix, Test fix, Refactoring, Maintenance, Documentation)
    Enhancement

Issues Resolved

Is this a backport? If so, please add backport PR # and/or commits #
It has already been included in 2.x

Check List

  • New functionality includes testing
  • New functionality has been documented
  • Commits are signed per the DCO using --signoff

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license.
For more information on following Developer Certificate of Origin and signing off your commits, please check here.

@RyanL1997
Forward port supportsImpersonation check for http auth backend
5251e28 
Signed-off-by: Ryan Liang <jiallian@amazon.com>
@RyanL1997 RyanL1997 mentioned this pull request Oct 19, 2023
Closed
@codecov
Copy link

codecov bot commented Oct 19, 2023
edited
Loading

Codecov Report

Merging #3579 (3cbc910) into main (40588e6) will increase coverage by 0.01%.
Report is 1 commits behind head on main.
The diff coverage is 77.77%.

Impacted file tree graph

@@             Coverage Diff              @@
##               main    #3579      +/-   ##
============================================
+ Coverage     64.99%   65.01%   +0.01%     
- Complexity     3644     3648       +4     
============================================
  Files           282      283       +1     
  Lines         20613    20619       +6     
  Branches       3391     3392       +1     
============================================
+ Hits          13398    13405       +7     
  Misses         5535     5535              
+ Partials       1680     1679       -1
Files Coverage Δ
...rg/opensearch/security/auth/HTTPAuthenticator.java 100.00% <100.00%> (ø)
.../org/opensearch/security/auth/BackendRegistry.java 62.54% <0.00%> (ø)
...nsearch/security/http/OnBehalfOfAuthenticator.java 95.04% <85.71%> (-0.79%) ⬇️

... and 1 file with indirect coverage changes

@RyanL1997 RyanL1997 changed the title [Forwardport main] Switch to supportsImpersonation check for http auth backend [Forwardport main] The OBO changes in 2.x Oct 19, 2023
@RyanL1997
Add doPrivileged change
3cbc910 
Signed-off-by: Ryan Liang <jiallian@amazon.com>
@cwperks
Copy link
Member

cwperks commented Oct 20, 2023

@RyanL1997 Can you update the name of this PR to something more pertinent to the content of the changes that could be placed in release notes?

@RyanL1997 RyanL1997 changed the title [Forwardport main] The OBO changes in 2.x [Forwardport main] Switch to supportsImpersonation check for http auth backend and add Privileged Action for JwtParserBuilder Oct 20, 2023
@RyanL1997
Copy link
Collaborator Author

Sure @cwperks, I just updated that.

@stephen-crawford stephen-crawford merged commit ccc3e34 into opensearch-project:main Oct 24, 2023
59 checks passed
@DarshitChanpura DarshitChanpura mentioned this pull request Oct 24, 2023
Merged
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stephen-crawford stephen-crawford stephen-crawford approved these changes

@peternied peternied peternied approved these changes

@cliu123 cliu123 Awaiting requested review from cliu123

@cwperks cwperks Awaiting requested review from cwperks cwperks is a code owner

@DarshitChanpura DarshitChanpura Awaiting requested review from DarshitChanpura DarshitChanpura is a code owner

@davidlago davidlago Awaiting requested review from davidlago

@reta reta Awaiting requested review from reta reta is a code owner

@willyborankin willyborankin Awaiting requested review from willyborankin willyborankin is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@RyanL1997 @cwperks @peternied @stephen-crawford