Skip to content

feat(datahub-frontend): add client-cert-based authentication for oidc #15479

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 1 commit into
base: master
Choose a base branch
from
Draft

feat(datahub-frontend): add client-cert-based authentication for oidc #15479

wants to merge 1 commit into from
+619 −17

Conversation

@manuschillerdev
Copy link

@manuschillerdev manuschillerdev commented Dec 4, 2025

  • The PR conforms to DataHub's Contributing Guideline (particularly PR Title Format)
  • Links to related issues (if applicable)
  • Tests for the changes have been added/updated (if applicable)
  • Docs related to the changes have been added/updated (if applicable). If a new feature has been added a Usage Guide has been added for the same.
  • For any breaking change/potential downtime/deprecation/big changes an entry has been made in Updating DataHub

@manuschillerdev manuschillerdev marked this pull request as draft December 4, 2025 11:17
@github-actions github-actions bot added docs Issues and Improvements to docs product PR or Issue related to the DataHub UI/UX community-contribution PR or Issue raised by member(s) of DataHub Community labels Dec 4, 2025
aikido-pr-checks[bot]
aikido-pr-checks bot reviewed Dec 4, 2025
View reviewed changes
datahub-frontend/test/resources/test-private-key-encrypted.pem
Comment on lines +1 to +30
-----BEGIN ENCRYPTED PRIVATE KEY-----
MIIFNTBfBgkqhkiG9w0BBQ0wUjAxBgkqhkiG9w0BBQwwJAQQGK3MHTZ+RiT/gxjg
qyhhrgICCAAwDAYIKoZIhvcNAgkFADAdBglghkgBZQMEASoEEO21i+W2QdFDvuHa
2FVOI6cEggTQrupdsRCBJFt0rLPeazRZI0moiTNIgeX8QwfXmKvwMzDF+DCOoG7h
lnPssA1I/uIpcbKMzAG1bilEnjLPwd+LfWPMokEAzh9exE8tBaThkPTZ78fyEZyh
Z6sF+1T08mksDuRg4HfBXebJ295P7p7G9OL4ReKlNBPmcx4250ihQmhrLgXzWOob
IS5mFd6VOnvf4Qd99pA5Z3DQ0a2cQBwvSraOacSITrF7ry8ts9qDm9noFbT6JP3T
Pwm4h3HT8Jqv2HkIry/tyNSevx+1BbnjcGe5aMQeUC1/VIkbT4TgHTS8F3JY7+P3
0xWBT+l5odALClwvGBR6r1MLEykTFJ+WWkbUGCaMs2MsQ1/o5uqAQqo4pw6YlrRF
24myRD6zo8RgEjJ0C9FjkfqvoPsRyD2tpfjW6nOVReEPZJsbe6i2A5Cm3s6Op1yT
nSp3Lqsw3efAxOESTQ1/wAbrq5KZjOaoVviT9gxB4ioDVnRGcxdqy2YBgc5S0LFT
DO/+53n8PQvVekP3o0nzQMTHExC4MQliL61SNAGFGazbZ0NSq1LiTFt3674k4DF5
3hDrHXZYjPAtags4P2amfpcg/rB8JKRUi2zYGTYBykWAK16l0CawdYC39rw1oOQF
KJ4Qqu4FtdIoQ8dN6t7wi1dr7y3Ct3Fg4cZw9EAMCRv20+EMsZ5yZElj5G3gKIwB
i2tZ6rzngMft1k7b4V30HSyjYuQ5E0t1pybhogbKY/5l9z6+Splsv9gWohdghP+d
nNkK2e0uz2+mprBL7nu5nhe4+ks+6IKlt5hbatoC6ialoml/0Y2rcugU1rT0j/Me
ep8X0kcDWCRMockA4GCYQ5OTqpUuMFjrKhirLRdOJogYFBkuJSlY2a6n3eZ3M5wp
jKuZmdqOYLn2SqsbSnxUnvX+B5MT2ad7ZEOiOD8fQQclk/YgdB6yTCw7csWneXPb
KOvoHbdnSAA7UHCoTeiRvMwodYtyD+fS8GuNMy7XXOTYYzfmpcHF1PAt7v0ycAhO
u1CbC6nIoK1QcUhZsDHZ9yzooKv5lkSdqG42+jyhqd1sgbno4YMTsdZr9tNguhH/
ZpRFW9Kpq7wP3vvkAPvbefivysVilEmqROw0ZN4GRORY2mAa+EXdwnicGOvtLOyX
ow7+/rn+4vkvCuhmRm/xH5CXd/tlNqGjdhakeQPn0NRl//RYZsPznQ94XpY8Nea4
taWUkoQSEu49Ntdn8GdYw5biBwWRv6697cyPAzyPHCXK9SYBdQw/EBX9a/dLu/yY
DAAblsJFaPAPF9F1szLsz9v//7fsq/sYLbRpuLhVtEh/PucMTynLZ75fM1wTmMC5
HyI5t37aEhs+eJ/rwM1mZyPS7KYaI+CtusoX8knpllKYtR2SL/zvNmSwh+7RObxL
Ru/7sCcZ0qaviq01wujNPJ5/a21ZDWYSn1324YXga8AehJ6lK1xtAZr3oe1PDHQW
l723qlu+vO5hqBaKkgcBm91fZm/5CCJN9F39wbW5oBNKrNYTCijWUiZCjDxU89ld
/mWVUA1hmqkie2F+6Ih5RVfpqV3zw6Rb3RZanrYQIlk7CsNRU4W3JZ77QfTVxwH4
XgA1JhiyCFsLM7reKxueOYsK4nogh26QX7BdssHLWsTn7/7L9Nkjd5Q=
-----END ENCRYPTED PRIVATE KEY-----
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Exposed secret in datahub-frontend/test/resources/test-private-key-encrypted.pem - low severity
Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.
View details in Aikido Security

aikido-pr-checks[bot]
aikido-pr-checks bot reviewed Dec 4, 2025
View reviewed changes
datahub-frontend/test/resources/test-private-key.pem
Comment on lines +1 to +28
-----BEGIN PRIVATE KEY-----
MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC6BpgdGo/n6wS7
xfq6nAZNFeasj9UsBrwXyaRP/zUOEW5C7PWoM5bsjI2MaC22/EXQg6Tt5lO3daTE
MDZQk7kPQxnXEv2YPSzavmbOUBlZhtpnJbe+ISdWkj6Yep+giotFqOkH/w2reqXo
hBN4M2pXiipYevZlC+KnPiviqMKP/3021298oFq9lpsdqdMmcygtx60D7ukHZHPh
iQ/V9I9IVarbNjBKzxlQoGo+EJYrE98tXK0n3iD1C81GA0Yayma8O7z/5p1U76li
vDmWh998QT015AlGrZgQ1tOyacv/kQAyGjmJjGNKwQ/iiTQtzCKLVRpRiAd/bZ/e
VoVeWeJDAgMBAAECggEACnrMnvccHEiVH67rjQ+1GyqcsCP6Mly+w+hMJWWPK5e3
ynVm8W7WlcTlRH+p86EKndCMvgo3tSIfgh3lMWzhBAcXsZIUTztDB5+qUv0YMH70
VtM9IqzjdnEOrbBaxcSITAhT+GtZ7csfBZZLMn5TA1N5RzrGHrMotZs/BanULCBz
4g0iaQNY0oTZEWNZIjpvM34pjHCSeH0qxcKgVvTncR5Bx7gzod9yDCWk+Jc7C/So
UPkKNVrmptX+Mu2nfjHA5XG3+BKAqxZgo12EwUHWoOgumy7Yj2bx14FXNYVhallZ
s0lrfuB4Upd10ztl0OQ83kkDfyk7sdKotFGmiUK0oQKBgQDmHkIraNLavYUobAW6
S6NZQvvjw8zA41QOfRKrP5AHpnTEuA9rPqreq3UOvhZdr5fgBdXURKSQTS2gR0AW
6nQna0dtFCEKdYH6QmQdztaT/Y08IV0EDui0bgv7mItv1hZmpnzzkMrvKZn/CfmO
nhsAQ6vwE/HpBBbZJhIfLH8bVwKBgQDO8srDgy2djEtxtPC//cniedFC1F9AMoL+
2Ezr0+EshOpnzZaW3McK99fLrJ4p1sFRI4y6fVut72GSKphNtWGul3+5eDhZEoc4
TARWqhzqyNb8Ib1magFEQ3A83EEsMredYllnyeKDuf219rVLZoAyeBFT1Pjv84xo
fU3ooLYI9QKBgQCTvmejcUi3cii1HC3NP1TgMXaB9KtYSFwmdTzwP/4cO04LI1Wa
+IBCOHkOfxLjEaMEDRsNjwjNMRATMMvAKsVqraENMnhIO8u4vrmCvdLc71Snf5A1
09CqT2FYJseXhS+atlfRFWyFgwNBUMkuPOp/D/OrT1Lo1VxKDPxjkXEGPwKBgDMz
EkMosyJlUU0CbQWy7j2f0cvs6tvhI1OVhAJcWzs+bxfbX0RXvs7R3ou/WyoSvaUr
XGfPF92CeetFqoSfOVmOlcT3H0m6McYV2ITwdVMI+VdLqaYq18FhxeTowR8ENTU0
3dW1ttrMKx7XuKa85z6VQgQxjp0e7j/zsFC7Yg35AoGAVCHESAP4CzNw7nuEYE4G
zxfQLAvdQGsO3vBq+YSbydFuKIUYfQA46tfX2l0VfN7sYsXYwjWXQjZ6wC+sSpNQ
3b71nxTXrZQjV5NaCL7bQK5k8jGyYqD3epLM99/mYUyEUOAWmnpHcOhbO5IS9F5s
1Vl7ftPccTjndGGvsojD3B8=
-----END PRIVATE KEY-----
Copy link

@aikido-pr-checks aikido-pr-checks bot Dec 4, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Exposed secret in datahub-frontend/test/resources/test-private-key.pem - low severity
Identified a Private Key, which may compromise cryptographic security and sensitive data encryption.
View details in Aikido Security

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@aikido-pr-checks aikido-pr-checks[bot] aikido-pr-checks[bot] left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

community-contribution PR or Issue raised by member(s) of DataHub Community docs Issues and Improvements to docs product PR or Issue related to the DataHub UI/UX

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@manuschillerdev