💥 Disable legacy OIDC endpoints by default #4912
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Codecov ReportAll modified and coverable lines are covered by tests ✅
Additional details and impacted files@@ Coverage Diff @@
## master #4912 +/- ##
=======================================
Coverage 96.61% 96.61%
=======================================
Files 760 760
Lines 25820 25820
Branches 3383 3383
=======================================
Hits 24947 24947
Misses 608 608
Partials 265 265 ☔ View full report in Codecov by Sentry. |
sergei-maertens
changed the title
sergei-maertens
force-pushed
the
cleanup/3283-enable-new-oidc-endpoint-default
branch
from
67ae388 to
990fd6e
Compare
vaszig
approved these changes
Dec 17, 2024
sergei-maertens
commented
Dec 18, 2024
With Open Forms 3.0, we can make the breaking change of updating the default. The new OIDC API endpoints all point to a single callback URL, so it means less configuration overhead on the identity provider side. The breaking change means that the new URI's must be added to the allowlist of the identity provider. The new endpoint is '/auth/oidc/callback/', and it applies to all OIDC configuration flavours.
sergei-maertens
force-pushed
the
cleanup/3283-enable-new-oidc-endpoint-default
branch
from
990fd6e to
64f6152
Compare
sergei-maertens
deleted the
cleanup/3283-enable-new-oidc-endpoint-default
branch
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Part of #3283 - stumbled on this while working on #4911
Changes
While the removal of the legacy endpoints is postponed to Open Forms 4.0, I thought we should grab the chance now to switch the default value for the configuration options from legacy-enabled to legacy-disabled. This makes it more likely that fresh instances are set up with the best situation possible and won't have to deal with breaking changes later for 4.0.
Checklist
Check off the items that are completed or not relevant.
Impact on features
Release management
I have updated the translations assets (you do NOT need to provide translations)
./bin/makemessages_js.sh./bin/compilemessages_js.shDockerfile/scripts
./binfolderCommit hygiene