Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Switch from Azure AD to Entra ID #845

Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Switch from Azure AD to Entra ID #845

wants to merge 6 commits into from
+125 −67

Conversation

JeffreyThiessen
Copy link
Member

@JeffreyThiessen JeffreyThiessen commented Nov 19, 2024
edited
Loading

What does this PR do and why?

_Describe in detail what your merge request does and why.
Fixes #840

Azure AD is being deprecated in favour of Entra ID. They function identically but with a different name.

Screenshots or screen recordings

Screenshots are required for UI changes, and strongly recommended for all other pull requests.

How to set up and validate locally

Numbered steps to set up and validate the change are strongly suggested.

  1. Clean your db ./scripts/clean_dev.sh
  2. edit config/authentication/auth_config.yml to add entra_id to development: -> omniauth_providers:
  3. edit your credentials file

EDITOR="vim --nofork" bin/rails credentials:edit --environment development

Add the following fields. Message me directly for the secret credentials.

entra_id:
  client_id: secret
  client_secret: secret
  tenant_id: secret
  1. run irida next
  2. click the sign in button for Entra ID
  3. Go to http://localhost:3000/-/profile and verify that a user account has been created for you with the relevant provider info.
    image

Testing the Migration

  1. on the main branch, clean your db with ./scripts/clean_dev.sh
  2. edit auth_config.yml to have omniauth_providers: [azure_activedirectory_v2] for development:
  3. edit your credentials for development to have the required fields under azure:
  4. run irida next, and sign in with Azure AD
  5. verify you have the azure_activedirectory_v2 provider on your profile
  6. Note your Authentication Provider UID
  7. sign out of your account
  8. stop irida next, checkout the oauth_entra_id branch
  9. run the migration with rails info db:migrate
  10. run irida next
  11. sign in using Entra ID
  12. verify that your profile reflects the change to entra_id
  13. verify that your Authentication Provider UID is now the concatenation of the tenant_id and your old Authentication Provider UID

PR acceptance checklist

This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.

@github-actions GitHub Actions

This comment has been minimized.

Sign in to view
@JeffreyThiessen JeffreyThiessen marked this pull request as ready for review November 20, 2024 16:38
@JeffreyThiessen JeffreyThiessen self-assigned this Nov 20, 2024
@JeffreyThiessen JeffreyThiessen added ready for review Pull request is ready for review dependencies Pull requests that update a dependency file labels Nov 20, 2024
@github-actions GitHub Actions
Copy link

Code Metrics Report

Coverage Test Execution Time
93.1% 9m15s

Code coverage of files in pull request scope (13.4%)

Files Coverage
app/controllers/users/omniauth_callbacks_controller.rb 85.0%
app/models/user.rb 0.0%

Reported by octocov

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees

@JeffreyThiessen JeffreyThiessen

Labels
dependencies Pull requests that update a dependency file ready for review Pull request is ready for review
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Deps: Replace omniauth-azure-activedirectory-v2 with omniauth-entra-id
1 participant
@JeffreyThiessen