Allow OIDC Providers to be available via local socket #2616
Conversation
jvanderhoof
force-pushed
the
provider-list-via-socket
branch
from
98bd22c to
368531e
Compare
![qlty-cloud-legacy[bot]](https://avatars.githubusercontent.com/in/9403?s=60&v=4){kind=small}
| # message: passed_arguments | ||
| # ) | ||
| # end | ||
| def run(&block) |
There was a problem hiding this comment.
Method run has a Cognitive Complexity of 7 (exceeds 5 allowed). Consider refactoring.
app/domain/util/socket_server.rb
Outdated
| begin | ||
| connection.puts(block.call(arguments)) | ||
| rescue | ||
| @message_writer.puts("Error in service '#{@socket}': #{$!}") |
There was a problem hiding this comment.
Prefer $ERROR_INFO from the stdlib 'English' module (don't forget to require it) over $!.
app/domain/util/socket_server.rb
Outdated
|
|
||
| @message_writer.puts("service is listening at #{@socket}") | ||
|
|
||
| while connection = server.accept |
There was a problem hiding this comment.
Use == if you meant to do a comparison or wrap the expression in parentheses to indicate you meant to assign in a condition.
| # message: passed_arguments | ||
| # ) | ||
| # end | ||
| def run(&block) |
There was a problem hiding this comment.
Complex method Util::SocketService#run (25.8)
| module Authentication | ||
| module AuthnOidc | ||
| module V2 | ||
| module Commands |
There was a problem hiding this comment.
Authentication::AuthnOidc::V2::Commands has no descriptive comment
|
Code Climate has analyzed commit 368531e and detected 11 issues on this pull request. Here's the issue category breakdown:
The test coverage on the diff in this pull request is 34.6% (50% is the threshold). This pull request will bring the total coverage in the repository to 89.7% (-1.7% change). View more on Code Climate. |
This commit includes an a rework of the authn-local socket server to enable a secondary local socket (intended for Conjur UI) to deliver the list of available OIDC Providers to the UI. This work is a temporary stopgap. It will be removed when partial replication (Conjur Enterprise) has been completed.
This is a refactor of authn-local to leverage the generic Socket Server, which is used by the ui service.
jvanderhoof
force-pushed
the
provider-list-via-socket
branch
from
87ec682 to
6f1ab8a
Compare
conjur-jenkins
force-pushed
the
master
branch
2 times, most recently
from
6566647 to
d65d499
Compare
conjur-jenkins
force-pushed
the
master
branch
from
d65d499 to
dbea020
Compare
conjur-jenkins
force-pushed
the
master
branch
from
dbea020 to
8031a2a
Compare
1 participant
Desired Outcome
The outcome of this PR is to provide a mechanism for a local service to retrieve a list of configured OIDC authenticators.
Note
This functionality is intended as a stop-gap for the UI in Conjur Enterprise. The
uisocket service will be removed in the near future.Implemented Changes
This PR includes a couple of changes:
authn-localunix socket server to accept a custom response./:authenticator/:account/providersroute to be served over a local unix socket.authn-localto utilize the generic unix socket serviceConnected Issue/Story
CyberArk internal issue link: ONYX-23542
Definition of Done
At least 1 todo must be completed in the sections below for the PR to be
merged.
Changelog
CHANGELOG update
Test coverage
changes, or
Note
Authentication::AuthnOidc::V2::Views::ProviderContextclass is well tested with unit tests.Documentation
READMEs) were updated in this PRBehavior
Security