Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OAuth: Make sub claim required for generic oauth behind feature toggle #85065

Merged
merged 3 commits into from Mar 25, 2024
Merged

OAuth: Make sub claim required for generic oauth behind feature toggle #85065

merged 3 commits into from Mar 25, 2024

Conversation

kalleep
Copy link
Contributor

@kalleep kalleep commented Mar 25, 2024
edited

What is this feature?
Replacement for #84745.

As a first step we decided to require sub claim behind a feature toggle so we have a way to opt and give customers time to fix their oauth integrations.

I also decided to perform this check in oauth client instead of the generic oauth connector so we would catch other clients where this could happen as well.

Part of https://github.com/grafana/identity-access-team/issues/603

Special notes for your reviewer:

Please check that:

  • It works as expected from a user's perspective.
  • If this is a pre-GA feature, it is behind a feature toggle.
  • The docs are updated, and if this is a notable improvement, it's added to our What's New doc.

@kalleep kalleep added this to the 11.0.x milestone Mar 25, 2024
@kalleep kalleep self-assigned this Mar 25, 2024
@kalleep kalleep requested review from grafanabot and a team as code owners March 25, 2024 11:12
Jguer
Jguer approved these changes Mar 25, 2024
View reviewed changes
Copy link
Contributor

@Jguer Jguer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

all good after fixes

@kalleep kalleep mentioned this pull request Mar 25, 2024
Closed
@kalleep kalleep merged commit 2f3a01f into main Mar 25, 2024
18 checks passed
@kalleep kalleep deleted the oauth/require-sub-claim-2 branch March 25, 2024 13:22
kalleep added a commit that referenced this pull request Mar 25, 2024
@kalleep
OAuth: Make sub claim required for generic oauth behind feature toggle (
e586119 
#85065)

* Add feature toggle for sub claims requirement

* OAuth: require valid auth id

* Fix feature toggle description
@ashharrison90 ashharrison90 modified the milestones: 11.0.x, 11.1.x Mar 25, 2024
@ashharrison90 ashharrison90 modified the milestones: 11.1.x, 11.0.0-preview Apr 15, 2024
@ashharrison90 ashharrison90 added product-approved Pull requests that are approved by product/managers and are allowed to be backported backport v11.0.x Mark PR for automatic backport to v11.0.x labels Apr 15, 2024
grafana-delivery-bot bot pushed a commit that referenced this pull request Apr 15, 2024
@kalleep @grafana-delivery-bot
OAuth: Make sub claim required for generic oauth behind feature toggle (
949222a 
#85065)

* Add feature toggle for sub claims requirement

* OAuth: require valid auth id

* Fix feature toggle description

(cherry picked from commit 2f3a01f)
@grafana-delivery-bot grafana-delivery-bot bot mentioned this pull request Apr 15, 2024
Merged
3 tasks
ashharrison90 pushed a commit that referenced this pull request Apr 15, 2024
@grafana-delivery-bot @kalleep
[v11.0.x] OAuth: Make sub claim required for generic oauth behind fea…
524c590 
…ture toggle (#86118)

OAuth: Make sub claim required for generic oauth behind feature toggle (#85065)

* Add feature toggle for sub claims requirement

* OAuth: require valid auth id

* Fix feature toggle description

(cherry picked from commit 2f3a01f)

Co-authored-by: Karl Persson <kalle.persson@grafana.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eleijonmarck eleijonmarck eleijonmarck left review comments

@mgyongyosi mgyongyosi mgyongyosi approved these changes

@Jguer Jguer Jguer approved these changes

@grafanabot grafanabot Awaiting requested review from grafanabot grafanabot is a code owner

Assignees

@kalleep kalleep

Labels
add to changelog area/backend area/frontend backport v11.0.x Mark PR for automatic backport to v11.0.x product-approved Pull requests that are approved by product/managers and are allowed to be backported
Projects
None yet
Milestone
11.0.0-preview
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@kalleep @mgyongyosi @eleijonmarck @Jguer @ashharrison90