-
Notifications
You must be signed in to change notification settings - Fork 66
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
GitHub upstream authorize redirect url #1929
GitHub upstream authorize redirect url #1929
Conversation
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## github_identity_provider #1929 +/- ##
============================================================
+ Coverage 29.85% 29.91% +0.05%
============================================================
Files 357 358 +1
Lines 59474 59643 +169
============================================================
+ Hits 17757 17840 +83
- Misses 41190 41277 +87
+ Partials 527 526 -1 ☔ View full report in Codecov by Sentry. |
What is the URI that Pinniped itself sends the user? The URL above Would it be possible to have an E2E test that just asserts that the redirect took place? We could even log in with the right use and make assertions about the resulting urls. |
@benjaminapetersen This PR should add some unit tests in |
internal/federationdomain/resolvedprovider/resolvedgithub/resolved_github_provider.go
Show resolved
Hide resolved
internal/federationdomain/resolvedprovider/resolvedgithub/resolved_github_provider.go
Show resolved
Hide resolved
internal/federationdomain/resolvedprovider/resolvedgithub/resolved_github_provider_test.go
Outdated
Show resolved
Hide resolved
To clarify, visiting URL I suspect that github is then performing its own redirect to |
1995d7f
to
1707e37
Compare
We added this in the most recent commit. |
Note: There is an E2E test started in this branch. However, it is always skipped for now. It uses kubectl to start an auth flow, gets redirected to GitHub, fills in the GitHub login page(s), gets redirected back to the Supervisor. However, there is no code yet to implement handling this callback in the Supervisor's callback endpoint, so the Pinniped CLI hangs waiting for the authcode, and therefore kubectl hangs waiting for the the Pinniped CLI. This test is a work in progress and it's okay to merge it to the long-lived feature branch because we will finish it before we merge to main. |
7cc4890
to
96fad56
Compare
Co-authored-by: Joshua Casey <joshuatcasey@gmail.com>
96fad56
to
0cdbb71
Compare
Using the Supervisor authorize endpoint with a GitHubIdentityProvider will redirect the user to GitHub's authorize endpoint with the appropriate parameters.
Release note: