Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: toggle oidc login via settings #4588

Merged
merged 4 commits into from
Jan 8, 2025
Merged

fix: toggle oidc login via settings #4588

merged 4 commits into from
Jan 8, 2025

Conversation

connoratrug
Copy link
Contributor

@connoratrug connoratrug commented Jan 6, 2025
edited
Loading

What are the main changes you did

  • Keep state in settings ( like the other settings)
  • only check props once ( on system start )
  • always include isOidcEnabled setting on settings request

Closes #4587

How to test

  • explain here what to do to test this (or point to unit tests)

Checklist

  • updated docs in case of new feature
  • added/updated tests
  • added/updated testplan to include a test for this fix, including ref to bug using # notation

@connoratrug
fix: toggle oidc login via settings
f2ce0a3 
- Keep state in settings ( like the other settings)
- only check props once ( on system start )
- always include isOidcEnabled setting on settings request
@connoratrug connoratrug marked this pull request as ready for review January 6, 2025 14:05
@connoratrug connoratrug requested a review from mswertz January 6, 2025 14:58
mswertz
mswertz approved these changes Jan 6, 2025
View reviewed changes
Copy link
Member

@mswertz mswertz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

code and approach looks okay. But how to test?

...lgenis-emx2-graphql/src/main/java/org/molgenis/emx2/graphql/GraphqlDatabaseFieldFactory.java Outdated Show resolved Hide resolved
backend/molgenis-emx2-sql/src/main/java/org/molgenis/emx2/sql/SqlDatabase.java
this.isOidcEnabled = Boolean.parseBoolean(isOidcEnabledSetting);
} else {
Object envSetting =
EnvironmentProperty.getParameter(Constants.MOLGENIS_OIDC_CLIENT_ID, null, STRING);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we should at some point have some way to find out about oidc errors but this is probably not the way.

@mswertz mswertz requested a review from harmbrugge January 7, 2025 08:35
harmbrugge
harmbrugge reviewed Jan 7, 2025
View reviewed changes
Copy link
Member

@harmbrugge harmbrugge left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Always getting the oidc enabled via settings looks fine, but don't we want a check to see if the settings are complete before enabling it?

backend/molgenis-emx2-sql/src/main/java/org/molgenis/emx2/sql/SqlDatabase.java
if (!this.isOidcEnabled) return;

// check if OIDC settings are complete otherwise log error and set to false
if (!isValidOidcSettings()) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

So we don't check if OIDC settings are complete, when enabled? This is fine by me, but I made it because it was requested

@connoratrug
Copy link
Contributor Author

@mswertz @harmbrugge this is a cross service feature, i suggest to keep the setting part as simple ( and stateless ) as possible. The combination of oo programming, globals via statics and caching makes it hard to track the state. We can extend the ci setup to test the config code ( enabling and disabling the oidc login) ( other pr ) , a service check would need some polling ( e2e on prod setup ) per service instance , we do not have a setup for this.

@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jan 8, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
33.3% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

dtroelofsprins
dtroelofsprins approved these changes Jan 8, 2025
View reviewed changes
Copy link
Contributor

@dtroelofsprins dtroelofsprins left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Locally tested:

isOidcEnabled = false:

  • apps/central => SignUp, SignIn buttons
  • schema level => SignUp, SignIn buttons

isOidcEnabled = true:

  • apps/central => only SignIn button
  • schema level => only SignIn button

@connoratrug connoratrug merged commit 44e7daf into master Jan 8, 2025
7 checks passed
@connoratrug connoratrug deleted the fix/4587-toggle-oidc--via-settings branch January 8, 2025 12:04
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@dtroelofsprins dtroelofsprins dtroelofsprins approved these changes

@harmbrugge harmbrugge harmbrugge approved these changes

@mswertz mswertz mswertz approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

fix: OIDC SignIn button not shown in case landing page resolves to an App
4 participants
@connoratrug @mswertz @harmbrugge @dtroelofsprins