Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

poc: feat: oidc bearer authz header #4322

Draft
wants to merge 19 commits into
base: master
Choose a base branch
from
Draft

poc: feat: oidc bearer authz header #4322

wants to merge 19 commits into from

Conversation

james-d-elliott
Copy link
Member

No description provided.

@authelia
Copy link

authelia bot commented Nov 3, 2022

Artifacts

These changes are published for testing on Buildkite, DockerHub and GitHub Container Registry.

Docker Container

  • docker pull authelia/authelia:feat-oidc-bearer
  • docker pull ghcr.io/authelia/authelia:feat-oidc-bearer

@codecov
Copy link

codecov bot commented Nov 3, 2022
edited

Codecov Report

Merging #4322 (cf31247) into master (4c64ae7) will decrease coverage by 26.67%.
The diff coverage is 24.36%.

❗ Current head cf31247 differs from pull request most recent head 8918a27. Consider uploading reports for the commit 8918a27 to get more accurate results

Additional details and impacted files

Impacted file tree graph

@@             Coverage Diff             @@
##           master    #4322       +/-   ##
===========================================
- Coverage   67.05%   40.38%   -26.68%     
===========================================
  Files         263      264        +1     
  Lines       18271    18649      +378     
  Branches      431      431               
===========================================
- Hits        12252     7531     -4721     
- Misses       5292    10780     +5488     
+ Partials      727      338      -389
Flag Coverage Δ
backend 41.11% <24.36%> (-26.34%) ⬇️
frontend 34.50% <ø> (-28.10%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files Coverage Δ
internal/handlers/handler_oauth_introspection.go 0.00% <0.00%> (ø)
internal/handlers/handler_oauth_revocation.go 0.00% <0.00%> (ø)
internal/handlers/handler_oidc_authorization.go 0.00% <0.00%> (-42.17%) ⬇️
...nal/handlers/handler_oidc_authorization_consent.go 0.00% <0.00%> (-29.68%) ⬇️
...ers/handler_oidc_authorization_consent_explicit.go 0.00% <0.00%> (-41.54%) ⬇️
...ers/handler_oidc_authorization_consent_implicit.go 0.00% <0.00%> (ø)
...ndler_oidc_authorization_consent_pre_configured.go 0.00% <0.00%> (ø)
...ers/handler_oidc_automatic_authorization_bearer.go 0.00% <0.00%> (ø)
internal/handlers/handler_oidc_token.go 0.00% <0.00%> (-47.73%) ⬇️
internal/oidc/hmac.go 0.00% <0.00%> (ø)
... and 152 more

autheliabot
autheliabot reviewed Nov 3, 2022
View reviewed changes
internal/oidc/const.go
)

const (
ContextKeySecretInternal = "urn:authelia:secret:internal"
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚫 [golangci] reported by reviewdog 🐶
G101: Potential hardcoded credentials (gosec)

autheliabot
autheliabot reviewed Nov 3, 2022
View reviewed changes
internal/handlers/handler_oidc_automatic_authorization_bearer.go Outdated
accessForm.Set(oidc.FormCode, responder.GetParameters().Get(oidc.FormCode))
accessForm.Set(oidc.FormCodeVerifier, verifier)
accessForm.Set(oidc.FormClientID, client.GetID())
//accessForm.Set(oidc.FormClientSecret, config.Secret)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚫 [golangci] reported by reviewdog 🐶
commentFormatting: put a space between // and comment text (gocritic)

internal/handlers/handler_oidc_automatic_authorization_bearer.go
"github.com/authelia/authelia/v4/internal/utils"
)

func OpenIDConnectAutomaticAuthorizationBearer(ctx *middlewares.AutheliaCtx, client *oidc.Client, config *schema.OpenIDConnectAuthorizationBearerConfiguration) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚫 [golangci] reported by reviewdog 🐶
cyclomatic complexity 23 of func OpenIDConnectAutomaticAuthorizationBearer is high (> 15) (gocyclo)

internal/handlers/handler_oidc_automatic_authorization_bearer.go
reqHTTPAccess.Header.Set("Content-Type", "application/x-www-form-urlencoded")

accessCtx := context.Background()
accessCtx = context.WithValue(accessCtx, oidc.ContextKeySecretInternal, true)
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚫 [golangci] reported by reviewdog 🐶
SA1029: should not use built-in type string as key for value; define your own type to avoid collisions (staticcheck)

@netlify
Copy link

netlify bot commented Nov 4, 2022

Deploy Preview for authelia-staging ready!

Name Link
🔨 Latest commit 6c3a215
🔍 Latest deploy log https://app.netlify.com/sites/authelia-staging/deploys/63645f8ff4de15000811c210
😎 Deploy Preview https://deploy-preview-4322--authelia-staging.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.

To edit notification comments on pull requests, go to your Netlify site settings.

@james-d-elliott james-d-elliott added the type/proof-of-concept Proof of Concept Pull Requests label Jan 3, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@autheliabot autheliabot autheliabot left review comments

Assignees
No one assigned
Labels
type/proof-of-concept Proof of Concept Pull Requests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@james-d-elliott @autheliabot