Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Validate Tenant annotation is applied before authentication happened and fail if wrong tenant was used to authenticate the HTTP request #40054

Conversation

michalvavrik
Copy link
Member

  • adds validation that @Tenant annotation is applied before authentication has begin
  • authentication fails if resolved tenant is not the one selected with the @Tenant annotation
  • adds JAX-RS HTTP Security Policy tests that assures it's always applied

@sberyozkin
Copy link
Member

Thanks Michal @michalvavrik I'll look a bit later. Enjoy your weekend

Copy link

quarkus-bot bot commented Apr 12, 2024

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 62615a6.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

Copy link
Member

@sberyozkin sberyozkin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, but minor update is like needed related to determining if the OIDC tenant config is already set.
@michalvavrik If we handle it in time for 3.10.0 then it would be OK, IMHO does not have to be exactly for 3.10.CR1

@sberyozkin
Copy link
Member

I meant to comment only but approve, it does look good, but a minor update is needed, so please don't merge yet

@michalvavrik michalvavrik requested a review from sberyozkin April 27, 2024 07:53
@sberyozkin sberyozkin merged commit 79af515 into quarkusio:main Apr 28, 2024
22 checks passed
@quarkus-bot quarkus-bot bot added this to the 3.11 - main milestone Apr 28, 2024
@michalvavrik michalvavrik deleted the feature/add-oidc-tenant-annotation-validation branch April 29, 2024 09:45
@gsmet gsmet modified the milestones: 3.11 - main, 3.10.1 May 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants