Skip admin and change oidc user not found message more readable

fixes #21041 Signed-off-by: stonezdj <stone.zhang@broadcom.com>
goharbor · Oct 18, 2024 · 4ba168e · 4ba168e
1 parent ab3d350
commit 4ba168e
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 0 deletions.
diff --git a/src/pkg/oidc/secret.go b/src/pkg/oidc/secret.go
@@ -18,6 +18,7 @@ import (
 	"context"
 	"encoding/json"
 	"fmt"
+	"strings"
 	"sync"
 
 	"github.com/goharbor/harbor/src/common/utils"
@@ -86,6 +87,9 @@ var m SecretManager = &defaultManager{
 func (dm *defaultManager) VerifySecret(ctx context.Context, username string, secret string) (*UserInfo, error) {
 	log.Debugf("Verifying the secret for user: %s", username)
 	oidcUser, err := dm.metaDao.GetByUsername(ctx, username)
+	if strings.Contains(err.Error(), "no row found") {
+		return nil, fmt.Errorf("oidc user: %v not found", username)
+	}
 	if err != nil {
 		return nil, fmt.Errorf("failed to get oidc user info, error: %v", err)
 	}

diff --git a/src/server/middleware/security/oidc_cli.go b/src/server/middleware/security/oidc_cli.go
@@ -63,6 +63,10 @@ func (o *oidcCli) Generate(req *http.Request) security.Context {
 		return nil
 	}
 
+	if username == "admin" {
+		return nil
+	}
+
 	info, err := oidc.VerifySecret(ctx, username, secret)
 	if err != nil {
 		logger.Errorf("failed to verify secret, username: %s, error: %v", username, err)