Hooked into the Spring OAuth workflow properly, but breaks all other … #195
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @@ -35,15 +35,14 @@ import org.springframework.security.web.authentication.AnonymousAuthenticationFi | |||
| @ConditionalOnExpression('${auth.anonymous.enabled:false}') | |||
| @Configuration | |||
| @ConfigurationProperties(prefix = "auth.anonymous") | |||
| class AnonymousConfig implements AuthConfig.WebSecurityAugmentor { | |||
| class AnonymousConfig { | |||
There was a problem hiding this comment.
Will this configuration still run without the WebSecurityAugmentor?
There was a problem hiding this comment.
Nope. The anonymous config will need to be reworked, just like the other ones. Want to take a stab at it?
|
LGTM after addressing questions. |
ttomsu
pushed a commit
to ttomsu/gate
that referenced
this pull request
May 2, 2016
ttomsu
pushed a commit
that referenced
this pull request
May 2, 2016
ttomsu
pushed a commit
to ttomsu/gate
that referenced
this pull request
May 6, 2016
Pranav-b-7
referenced
this pull request
in OpsMx/gate
May 25, 2021
pattern complete log download API added
Closed
Closed
Closed
Closed
kirangodishala
pushed a commit
to kirangodishala/gate
that referenced
this pull request
May 23, 2023
Closed
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
…security impls.
The major change here is that instead of handbombing (:hand: :bomb:) the auth workflow, we're delegating all of the OAuth2 workflow calls to Spring Security OAuth. This also means that any call to Gate to a protected endpoint (see
AuthConfig) will result in a HTTP 302 to/login, which itself HTTP 302's to the auth providers page.HUGE thank you to @rwinch for many hours of help and debugging.
Questions/Work still to be done:
1.) What's the scripter's workflow
2.) How to hook up the other (and multiple) auth schemes
3.) Plugging in authorization roles ( @jtk54 )
@jtk54, @rwinch PTAL
@spinnaker/reviewers, @rguthriemsft - FYI. We're still working on the
google-oauthbranch until we have good answers for the questions above.