Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove unnecessary details logged for OIDC #48746

Merged
merged 11 commits into from
Nov 13, 2019
Merged

Remove unnecessary details logged for OIDC #48746

merged 11 commits into from
Nov 13, 2019

Conversation

jkakavas
Copy link
Member

@jkakavas jkakavas commented Oct 31, 2019
edited
Loading

This change removes unnecessary details logged for OIDC.

Supersedes: #48271

Yogesh Gaikwad and others added 9 commits October 21, 2019 15:52
Remove unnecessary details logged for OIDC
756f028 
This commit removes unnecessary details logged for
OIDC.
address review comment
07c3302 
- truncate the string keeping first and last 2 chars.
- the `OIDCTokenResponse` did not parse the error
scenario correctly.
- checks for the response status and then on error prints
the response message as warning
Merge branch 'master' into do-not-log
9b40046
@bizybot @jkakavas
Update x-pack/plugin/security/src/main/java/org/elasticsearch/xpack/s…
e653f6f 
…ecurity/authc/oidc/OpenIdConnectAuthenticator.java

Co-Authored-By: Ioannis Kakavas <ikakavas@protonmail.com>
address review comment
20d04cd
its okay to log Id token, address review comment
5d96c77
Merge branch 'master' into do-not-log
5184c6b
remove unused import
c8ded84
@jkakavas
Parse the response as a token error response, only when the status is…
4e2a0d6 
… 400 as indicated by the standard
@jkakavas jkakavas added >bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v8.0.0 v7.5.0 v7.6.0 labels Oct 31, 2019
@jkakavas jkakavas requested a review from tvernum October 31, 2019 12:34
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Authentication)

@jkakavas jkakavas mentioned this pull request Oct 31, 2019
Closed
@jkakavas
Copy link
Member Author

@elasticmachine update branch

@jkakavas
Copy link
Member Author

@elasticmachine run elasticsearch-ci/bwc

1 similar comment
@jkakavas
Copy link
Member Author

@elasticmachine run elasticsearch-ci/bwc

@jkakavas
Copy link
Member Author

jkakavas commented Nov 4, 2019

@elasticmachine update branch

@jimczi jimczi removed the v7.5.0 label Nov 12, 2019
@jkakavas jkakavas merged commit 42b3cd0 into elastic:master Nov 13, 2019
jkakavas added a commit to jkakavas/elasticsearch that referenced this pull request Nov 13, 2019
@jkakavas
Remove unnecessary details logged for OIDC (elastic#48746)
26c627e 
This commit removes unnecessary details logged for
OIDC.

Co-Authored-By: Ioannis Kakavas <ikakavas@protonmail.com>
@jkakavas jkakavas mentioned this pull request Nov 13, 2019
Merged
jkakavas added a commit that referenced this pull request Nov 13, 2019
@jkakavas
Remove unnecessary details logged for OIDC (#48746) (#49031)
4405042 
This commit removes unnecessary details logged for
OIDC.

Co-Authored-By: Ioannis Kakavas <ikakavas@protonmail.com>
@russcam russcam mentioned this pull request Feb 3, 2020
Closed
@russcam russcam mentioned this pull request Feb 3, 2020
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tvernum tvernum tvernum approved these changes

Assignees
No one assigned
Labels
>bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) v7.6.0 v8.0.0-alpha1
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
6 participants
@jkakavas @elasticmachine @tvernum @jakelandis @jimczi @bizybot