Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bed-4851 OIDC API Provider Registration #894

Open
wants to merge 22 commits into
base: main
Choose a base branch
from
Open

Bed-4851 OIDC API Provider Registration #894

wants to merge 22 commits into from
+328 −69

Conversation

mvlipka
Copy link
Contributor

@mvlipka mvlipka commented Oct 1, 2024
edited
Loading

Description

Modify the previously merged OIDC provider registration endpoint to support the new slug formatting, new sso_provider table, and move the URL to a new location to prevent collisions with existing endpoints.

Motivation and Context

After our syncs on 09/27 and 09/30, we decided to make some changes to the last PR in order to better support an agnostic API for both oidc & saml providers.

This PR addresses: BED-4766

How Has This Been Tested?

just bh-dev to start up BHCE and ensure the migrations ran
image

Verified a 201 response and that the data was inserted into the database with the correct formatting and referencing:
image

Screenshots (optional):

Types of changes

  • New feature (non-breaking change which adds functionality)
  • Database Migrations

Checklist:

@mvlipka mvlipka added work in progress This pull request is a work in progress and should not be merged api A pull request containing changes affecting the API code. labels Oct 1, 2024
@mvlipka mvlipka changed the title Bed 4851 OIDC api provider registration 2 Bed-4851 OIDC API Provider Registration Oct 1, 2024
@mvlipka mvlipka marked this pull request as ready for review October 2, 2024 15:35
mvlipka
mvlipka commented Oct 2, 2024
View reviewed changes
cmd/api/src/database/sso.go Outdated Show resolved Hide resolved
@mvlipka mvlipka removed the work in progress This pull request is a work in progress and should not be merged label Oct 2, 2024
ddlees
ddlees reviewed Oct 2, 2024
View reviewed changes
cmd/api/src/database/oidc.go Outdated Show resolved Hide resolved
mvlipka
mvlipka commented Oct 2, 2024
View reviewed changes
cmd/api/src/database/oidc.go Outdated
return provider, CheckError(s.db.WithContext(ctx).Table("oidc_providers").Create(&provider))
// Create both the sso_providers and oidc_providers rows in a single transaction
// If one of these requests errors, both changes will be rolled back
err := s.db.WithContext(ctx).Transaction(func(tx *gorm.DB) error {
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not the BIGGEST fan of intermingling the CreateSSOProvider and CreateOIDCProvider methods since the end-user may simply want to just create an oidc_provider, for whatever reason. With our usecase, though, these tables are required to be in sync with each other so I felt comfortable doing this

mistahj67
mistahj67 reviewed Oct 2, 2024
View reviewed changes
cmd/api/src/model/oidc_provider.go Outdated Show resolved Hide resolved
cmd/api/src/model/auth.go Show resolved Hide resolved
cmd/api/src/api/v2/auth/oidc.go Outdated Show resolved Hide resolved
cmd/api/src/database/sso.go Outdated Show resolved Hide resolved
mistahj67
mistahj67 reviewed Oct 4, 2024
View reviewed changes
Copy link
Contributor

@mistahj67 mistahj67 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Did we want to also update the SAML create db op with a tx for creating SSO in this PR or wait for another one?

We still need to update the users table as well I think. Might be able to swap to sso_id vs 2 separate columns 🤔 That's likely worth a full separate PR

cmd/api/src/database/sso_providers.go Outdated Show resolved Hide resolved
cmd/api/src/test/integration/database.go Outdated Show resolved Hide resolved
cmd/api/src/database/oidc_providers.go
if ssoProvider, err := bhdb.CreateSSOProvider(ctx, name, model.SessionAuthProviderOIDC); err != nil {
return err
} else {
oidcProvider.SSOProviderID = int(ssoProvider.ID)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Nit: With everything being serial, we shouldn't need the type assertion here.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We still need the conversion since Serial is explicitly denoted as int32
Annoying, but I'd rather keep the int field for SSOProviderID

@mvlipka
Copy link
Contributor Author

mvlipka commented Oct 4, 2024

Did we want to also update the SAML create db op with a tx for creating SSO in this PR or wait for another one?

We still need to update the users table as well I think. Might be able to swap to sso_id vs 2 separate columns 🤔 That's likely worth a full separate PR

I was thinking another ticket, but there's no harm in throwing it in here as well while it's fresh in our minds

This was referenced Oct 4, 2024
Draft
Draft
Draft
@mvlipka mvlipka added the work in progress This pull request is a work in progress and should not be merged label Oct 7, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mistahj67 mistahj67 mistahj67 left review comments

@ddlees ddlees Awaiting requested review from ddlees

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
api A pull request containing changes affecting the API code. work in progress This pull request is a work in progress and should not be merged
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mvlipka @ddlees @mistahj67