Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add more flexibility to authorization unique identifier expectations #730

Merged
merged 1 commit into from
Aug 25, 2022
Merged

Add more flexibility to authorization unique identifier expectations #730

merged 1 commit into from
Aug 25, 2022

Conversation

rbclark
Copy link
Contributor

@rbclark rbclark commented May 18, 2022
edited

The current code just assumes the unique identifier responds to client ID and issuer. That is currently the case however it is potentially a flawed assumption with new authentication methods being added going forward.

Description

I am currently working to add support to the googleauth library for Workload Identity Federation. As part of this, I am adding a new type of authentication to the googleauth library itself. It is currently assumed that the authorization responds to client_id and issuer, and if either of these are not present then train exits with a stacktrace. This small changes makes train more flexible regarding the authorization object.

Related Issue

googleapis/google-auth-library-ruby#354

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New content (non-breaking change)
  • Breaking change (a content change which would break existing functionality or processes)

Checklist:

  • I have read the CONTRIBUTING document.

@rbclark
Add more flexibility to authentication unique identifier expectations
62fff4a 
The current code just assumes the unique identifier responds to client ID and issuer. That is currently the case however it is potentially a flawed assumption going forward.

Signed-off-by: Robert Clark <robert.clark@kirkpatrickprice.com>
@rbclark rbclark requested a review from a team as a code owner May 18, 2022 21:13
@chef-expeditor
Copy link
Contributor

Hello rbclark! Thanks for the pull request!

Here is what will happen next:

  1. Your PR will be reviewed by the maintainers.
  2. Possible Outcomes
    a. If everything looks good, one of them will approve it, and your PR will be merged.
    b. The maintainer may request follow-on work (e.g. code fix, linting, etc). We would encourage you to address this work in 2-3 business days to keep the conversation going and to get your contribution in sooner.
    c. Cases exist where a PR is neither aligned to Chef InSpec's product roadmap, or something the team can own or maintain long-term. In these cases, the maintainer will provide justification and close out the PR.

Thank you for contributing!

@rbclark
Copy link
Contributor Author

rbclark commented Jun 10, 2022

Sorry to be a bother but would it be possible for someone to take a look at this and let me know if it needs any changes?

Vasu1105
Vasu1105 approved these changes Jul 5, 2022
View reviewed changes
Copy link
Contributor

@Vasu1105 Vasu1105 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This looks good to me. @clintoncwolfe

@clintoncwolfe clintoncwolfe merged commit b9c5c78 into inspec:main Aug 25, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vasu1105 Vasu1105 Vasu1105 approved these changes

@clintoncwolfe clintoncwolfe Awaiting requested review from clintoncwolfe clintoncwolfe is a code owner automatically assigned from inspec/inspec-core-team

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@rbclark @Vasu1105 @clintoncwolfe