Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Handle token expiration in SSO #611

Merged
merged 11 commits into from
Feb 28, 2024

Conversation

OskarDamkjaer
Copy link
Contributor

Currently neodash does not handle SSO access token expiry. There is a new AuthManager concept in the driver that can make sure the tokens get refreshed as intended. I tested this with a local keycloak SSO provider.

I've inlined the createDriver method from the use-neo4j project to use the auth token manager. The problem is that the use-neo4j is behind on driver versions (4.4.x), so it doesn't have the "AuthTokenManager" yet. It'd better to update the driver and createDriver in use-neo4j since I don't know how well use-neo4j handles the driver version mismatch.

Right now the new auth management code will trigger as long as the SSOProviders are present. It'd be better to change the createDriver to take either username&password or auth token manager, so you don't use the SSO code by mistake.

@BennuFire BennuFire changed the base branch from master to develop September 1, 2023 10:40
@BennuFire BennuFire changed the base branch from develop to master September 1, 2023 10:40
@nielsdejong nielsdejong changed the base branch from master to develop September 21, 2023 11:11
@sonarqubecloud
Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

Copy link

Kudos, SonarCloud Quality Gate passed!    Quality Gate passed

Bug A 0 Bugs
Vulnerability A 0 Vulnerabilities
Security Hotspot A 0 Security Hotspots
Code Smell A 0 Code Smells

No Coverage information No Coverage information
No Duplication information No Duplication information

@nielsdejong nielsdejong added 2.4.1 and removed 2.4 labels Nov 14, 2023
@nielsdejong nielsdejong removed the 2.4.1 label Dec 5, 2023
@nielsdejong nielsdejong assigned BennuFire and unassigned nielsdejong Jan 8, 2024
Copy link

Quality Gate Passed Quality Gate passed

Kudos, no new issues were introduced!

0 New issues
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@nielsdejong nielsdejong added 2.4.3 and removed 2.4.2 labels Jan 12, 2024
@BennuFire BennuFire self-requested a review February 28, 2024 10:25
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues

Measures
0 Security Hotspots
No data about Coverage
No data about Duplication

See analysis details on SonarCloud

@nielsdejong nielsdejong changed the title [proof of concept] Handle token expiration Handle token expiration in SSO Feb 28, 2024
@nielsdejong nielsdejong merged commit 001cee1 into neo4j-labs:develop Feb 28, 2024
1 of 2 checks passed
nielsdejong added a commit that referenced this pull request Mar 4, 2024
This reverts commit 001cee1.
nielsdejong added a commit that referenced this pull request Mar 4, 2024
This reverts commit 001cee1.
nielsdejong added a commit that referenced this pull request Mar 6, 2024
* fixing gantt chart, new driver version was returning {low,high} numbers

* Revert "fixing gantt chart, new driver version was returning {low,high} numbers"

This reverts commit 4eb9285.

* fixing gantt chart, new driver version was returning {low,high} numbers

* NaNs

* fixing number parsing

* Revert "Handle token expiration in SSO (#611)" (#815)

This reverts commit 001cee1.

* Fixing RBAC feature + parameters (#813)

* fixed race condition, to work on other points in PR

* Fixes for complex parameter types in forms

* Added special case for handling cross-db label access

* handling fixed grants without non-fixed grants

* Added error handling to RBAC extension

* Added back async modifier

* bug fixin grbac

---------

Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com>
Co-authored-by: Niels de Jong <niels-121@hotmail.com>

* Added 2.4.4 release notes, bumped version (#818)

* Removed old console.log statements

---------

Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com>
Co-authored-by: alfredorubin96 <103421036+alfredorubin96@users.noreply.github.com>
Co-authored-by: Harold Agudelo <agudeloharold13@gmail.com>
nielsdejong added a commit that referenced this pull request Mar 15, 2024
* 2.4.4 Release (#821)

* fixing gantt chart, new driver version was returning {low,high} numbers

* Revert "fixing gantt chart, new driver version was returning {low,high} numbers"

This reverts commit 4eb9285.

* fixing gantt chart, new driver version was returning {low,high} numbers

* NaNs

* fixing number parsing

* Revert "Handle token expiration in SSO (#611)" (#815)

This reverts commit 001cee1.

* Fixing RBAC feature + parameters (#813)

* fixed race condition, to work on other points in PR

* Fixes for complex parameter types in forms

* Added special case for handling cross-db label access

* handling fixed grants without non-fixed grants

* Added error handling to RBAC extension

* Added back async modifier

* bug fixin grbac

---------

Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com>
Co-authored-by: Niels de Jong <niels-121@hotmail.com>

* Added 2.4.4 release notes, bumped version (#818)

* Removed old console.log statements

---------

Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com>
Co-authored-by: alfredorubin96 <103421036+alfredorubin96@users.noreply.github.com>
Co-authored-by: Harold Agudelo <agudeloharold13@gmail.com>

* Update Dockerfile to use yarn.lock

---------

Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com>
Co-authored-by: alfredorubin96 <103421036+alfredorubin96@users.noreply.github.com>
Co-authored-by: Harold Agudelo <agudeloharold13@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

3 participants