Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[QOLSVC-5478] gracefully handle shared emails #2

Merged
merged 13 commits into from
Oct 11, 2024
Merged

[QOLSVC-5478] gracefully handle shared emails #2

merged 13 commits into from
Oct 11, 2024

Conversation

ThrawnCA
Copy link

@ThrawnCA ThrawnCA commented Oct 4, 2024

Give a nice error, instead of an ugly one, when encountering multiple accounts with the same email.

@ThrawnCA ThrawnCA requested a review from a team October 4, 2024 05:35
ThrawnCA and others added 3 commits October 4, 2024 15:38
@ThrawnCA
[QOLSVC-5478] reduce duplicate GitHub Actions runs
99f04a6 
- Run on all pushes, but only on PRs to master. This ensures we run tests before incorporating third party changes,
without doubling up on every PR.
@ThrawnCA
[QOLSVC-5478] include SSO in logout
5e08ddb 
- If a logout path is provided, and if we have a logged-in session, then redirect to SSO and back.
@ThrawnCA
[QOLSVC-5478] add logging to SSO logout
5470a47
@duttonw
Copy link
Member

duttonw commented Oct 11, 2024

should really put in unit tests, bit hard to do end to end testing with this without standing up a pkce sever to mock against. which there is actual items out there which we could put in (may need to fine a python version maybe)

https://www.npmjs.com/package/oauth2-mock-server

@ThrawnCA ThrawnCA force-pushed the QOLSVC-5478-add-sso branch 6 times, most recently from 564c602 to 798e9ac Compare October 11, 2024 03:00
@ThrawnCA ThrawnCA force-pushed the QOLSVC-5478-add-sso branch 3 times, most recently from dcde3f4 to 5f734f6 Compare October 11, 2024 05:44
@ThrawnCA ThrawnCA force-pushed the QOLSVC-5478-add-sso branch 2 times, most recently from 49afd83 to 932dd71 Compare October 11, 2024 05:54
duttonw
duttonw approved these changes Oct 11, 2024
View reviewed changes
ckanext/oidc_pkce/plugin.py
log.info("No SSO logout path configured, logout of [%s] will be local only",
current_user.name)
return None
session["_in_logout"] = True
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can you confirm that our hosting will send them back to the same server ( or refresh me that we have a Memcache shared between the 5 server instances so it will work) am a bit fuzzy on this

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Our load balancer is configured with cookie-based stickiness: https://github.com/qld-gov-au/ckan-qld-infrastructure/blob/a441ea7711b326d7d4970a59a1626ee4b017a744/templates/Datashades-OpsWorks-CKAN-Stack.cfn.yml.j2#L596

@ThrawnCA ThrawnCA merged commit 2f0bc9b into develop Oct 11, 2024
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@duttonw duttonw duttonw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@ThrawnCA @duttonw