-
Notifications
You must be signed in to change notification settings - Fork 147
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Handle token expiration in SSO #611
Merged
nielsdejong
merged 11 commits into
neo4j-labs:develop
from
OskarDamkjaer:handle_token_expiration
Feb 28, 2024
Merged
Handle token expiration in SSO #611
nielsdejong
merged 11 commits into
neo4j-labs:develop
from
OskarDamkjaer:handle_token_expiration
Feb 28, 2024
+108
−13
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Kudos, SonarCloud Quality Gate passed! |
Kudos, SonarCloud Quality Gate passed! |
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
BennuFire
approved these changes
Feb 28, 2024
Quality Gate passedIssues Measures |
nielsdejong
approved these changes
Feb 28, 2024
nielsdejong
changed the title
[proof of concept] Handle token expiration
Handle token expiration in SSO
Feb 28, 2024
nielsdejong
added a commit
that referenced
this pull request
Mar 4, 2024
This reverts commit 001cee1.
nielsdejong
added a commit
that referenced
this pull request
Mar 4, 2024
nielsdejong
added a commit
that referenced
this pull request
Mar 6, 2024
* fixing gantt chart, new driver version was returning {low,high} numbers * Revert "fixing gantt chart, new driver version was returning {low,high} numbers" This reverts commit 4eb9285. * fixing gantt chart, new driver version was returning {low,high} numbers * NaNs * fixing number parsing * Revert "Handle token expiration in SSO (#611)" (#815) This reverts commit 001cee1. * Fixing RBAC feature + parameters (#813) * fixed race condition, to work on other points in PR * Fixes for complex parameter types in forms * Added special case for handling cross-db label access * handling fixed grants without non-fixed grants * Added error handling to RBAC extension * Added back async modifier * bug fixin grbac --------- Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com> Co-authored-by: Niels de Jong <niels-121@hotmail.com> * Added 2.4.4 release notes, bumped version (#818) * Removed old console.log statements --------- Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com> Co-authored-by: alfredorubin96 <103421036+alfredorubin96@users.noreply.github.com> Co-authored-by: Harold Agudelo <agudeloharold13@gmail.com>
nielsdejong
added a commit
that referenced
this pull request
Mar 15, 2024
* 2.4.4 Release (#821) * fixing gantt chart, new driver version was returning {low,high} numbers * Revert "fixing gantt chart, new driver version was returning {low,high} numbers" This reverts commit 4eb9285. * fixing gantt chart, new driver version was returning {low,high} numbers * NaNs * fixing number parsing * Revert "Handle token expiration in SSO (#611)" (#815) This reverts commit 001cee1. * Fixing RBAC feature + parameters (#813) * fixed race condition, to work on other points in PR * Fixes for complex parameter types in forms * Added special case for handling cross-db label access * handling fixed grants without non-fixed grants * Added error handling to RBAC extension * Added back async modifier * bug fixin grbac --------- Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com> Co-authored-by: Niels de Jong <niels-121@hotmail.com> * Added 2.4.4 release notes, bumped version (#818) * Removed old console.log statements --------- Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com> Co-authored-by: alfredorubin96 <103421036+alfredorubin96@users.noreply.github.com> Co-authored-by: Harold Agudelo <agudeloharold13@gmail.com> * Update Dockerfile to use yarn.lock --------- Co-authored-by: Alfred Rubin <alfredo.rubin@neo4j.com> Co-authored-by: alfredorubin96 <103421036+alfredorubin96@users.noreply.github.com> Co-authored-by: Harold Agudelo <agudeloharold13@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Currently neodash does not handle SSO access token expiry. There is a new AuthManager concept in the driver that can make sure the tokens get refreshed as intended. I tested this with a local keycloak SSO provider.
I've inlined the
createDriver
method from theuse-neo4j
project to use the auth token manager. The problem is that theuse-neo4j
is behind on driver versions (4.4.x
), so it doesn't have the "AuthTokenManager" yet. It'd better to update the driver andcreateDriver
inuse-neo4j
since I don't know how welluse-neo4j
handles the driver version mismatch.Right now the new auth management code will trigger as long as the SSOProviders are present. It'd be better to change the
createDriver
to take either username&password or auth token manager, so you don't use the SSO code by mistake.