From ddf0b21525c56095f99aad5996bbdf39055da85e Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Mon, 20 Nov 2023 15:57:40 +0900 Subject: [PATCH 1/6] fix: fix typo for indent (#64) --- src/spaceone/identity/service/user_service.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/spaceone/identity/service/user_service.py b/src/spaceone/identity/service/user_service.py index 8c3ab63c..aad6a054 100644 --- a/src/spaceone/identity/service/user_service.py +++ b/src/spaceone/identity/service/user_service.py @@ -402,8 +402,8 @@ def confirm_mfa(self, params): elif user_mfa.get('state', 'DISABLED') == 'DISABLED': user_mfa['state'] = 'ENABLED' user_vo = self.user_mgr.update_user_by_vo({'mfa': user_mfa}, user_vo) - else: - raise ERROR_INVALID_VERIFY_CODE(verify_code=verify_code) + else: + raise ERROR_INVALID_VERIFY_CODE(verify_code=verify_code) return user_vo From 9ae8ec84a0f211a46a761e70f32b072abbc0406f Mon Sep 17 00:00:00 2001 From: cloudforet-admin Date: Mon, 20 Nov 2023 21:37:22 +0900 Subject: [PATCH 2/6] [CI] Deploy CI --- .github/workflows/dispatch_release.yaml | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/.github/workflows/dispatch_release.yaml b/.github/workflows/dispatch_release.yaml index 10f3b393..65f37ed5 100644 --- a/.github/workflows/dispatch_release.yaml +++ b/.github/workflows/dispatch_release.yaml @@ -6,11 +6,11 @@ on: version: description: 'enter version(x.y.z)' required: true - default: '1.0.0' + default: '2.0.0' container_arch: type: choice description: 'choose container architecture' - default: linux/amd64,linux/arm64 + default: linux/amd64 options: - "linux/amd64" - "linux/amd64,linux/arm64" @@ -139,6 +139,7 @@ jobs: build-args: | PACKAGE_VERSION=${{ env.PACKAGE_VERSION }} BRANCH_NAME=${{ env.BRANCH_NAME }} + provenance: false - name: Notice when job fails if: failure() From e4cecdd0ad4cb4d1b801c5e7c143dbefa7c57425 Mon Sep 17 00:00:00 2001 From: cloudforet-admin Date: Mon, 20 Nov 2023 21:37:25 +0900 Subject: [PATCH 3/6] [CI] Deploy CI --- .github/workflows/dispatch_daily_build.yaml | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/.github/workflows/dispatch_daily_build.yaml b/.github/workflows/dispatch_daily_build.yaml index 168cd6d9..ddbb00e6 100644 --- a/.github/workflows/dispatch_daily_build.yaml +++ b/.github/workflows/dispatch_daily_build.yaml @@ -50,7 +50,8 @@ jobs: cloudforetdev/${{ github.event.repository.name }}:${{ env.TIME }} build-args: | PACKAGE_VERSION=${{ env.PACKAGE_VERSION }} - BRANCH_NAME=${{ env.BRANCH }} + BRANCH_NAME=${{ env.BRANCH_NAME }} + provenance: false - name: Notice when job fails if: failure() @@ -74,7 +75,7 @@ jobs: ignore-unfixed: true vuln-type: 'os,library' severity: 'CRITICAL,HIGH' - + - name: Upload Trivy scan results to GitHub Security tab uses: github/codeql-action/upload-sarif@v2 with: @@ -134,7 +135,7 @@ jobs: ] } env: - SLACK_WEBHOOK_URL: ${{secrets.VULNERABILITY_SLACK_WEBHOOK_URL}} + SLACK_WEBHOOK_URL: ${{secrets.VULNERABILITY_SLACK_WEBHOOK_URL}} notification: needs: docker @@ -146,4 +147,4 @@ jobs: with: status: ${{job.status}} fields: repo,message,commit,author,action,ref,workflow,job - author_name: Github Action Slack \ No newline at end of file + author_name: Github Action Slack From 9f61a6742de08187a4bcf77808d490d8c1029206 Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Tue, 21 Nov 2023 13:25:32 +0900 Subject: [PATCH 4/6] fix: fix parameter name (#64) --- src/spaceone/identity/manager/mfa_manager/email_mfa_manger.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/spaceone/identity/manager/mfa_manager/email_mfa_manger.py b/src/spaceone/identity/manager/mfa_manager/email_mfa_manger.py index 5375fa0f..adadd328 100644 --- a/src/spaceone/identity/manager/mfa_manager/email_mfa_manger.py +++ b/src/spaceone/identity/manager/mfa_manager/email_mfa_manger.py @@ -71,7 +71,7 @@ def send_mfa_authentication_email(self, user_id, domain_id, email, language): verify_code = self.create_mfa_verify_code(user_id, domain_id) template = JINJA_ENV.get_template(f'authentication_code_{language}.html') - email_contents = template.render(user_name=user_id, verification_code=verify_code, + email_contents = template.render(user_name=user_id, authentication_code=verify_code, service_name=service_name) subject = f'[{service_name}] {language_map_info["authentication_mfa_email"]}' From d28bf2d188027a687c9f4dacffde6bf9ff275ce8 Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Thu, 23 Nov 2023 14:11:43 +0900 Subject: [PATCH 5/6] fix: fix wrong manager load code (#64) --- src/spaceone/identity/service/token_service.py | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/spaceone/identity/service/token_service.py b/src/spaceone/identity/service/token_service.py index 19b855cc..9e0cf7b1 100644 --- a/src/spaceone/identity/service/token_service.py +++ b/src/spaceone/identity/service/token_service.py @@ -62,11 +62,11 @@ def issue(self, params): user_mfa = user_vo.mfa.to_dict() if user_vo.mfa else {} if user_mfa.get('state', 'DISABLED') == 'ENABLED': + mfa_manager = MFAManager.get_manager_by_mfa_type(user_mfa.get('mfa_type')) if verify_code: - token_manager.check_mfa_verify_code(user_id, domain_id, verify_code) + mfa_manager.check_mfa_verify_code(user_id, domain_id, verify_code) else: mfa_email = user_mfa['options'].get('email') - mfa_manager = MFAManager.get_manager_by_mfa_type(user_mfa.get('mfa_type')) mfa_manager.send_mfa_authentication_email(user_id, domain_id, mfa_email, user_vo.language) raise ERROR_MFA_REQUIRED(user_id=user_id) From f2479c9c908234d051f8e57bec9f37ac43fe8dbf Mon Sep 17 00:00:00 2001 From: ImMin5 Date: Thu, 23 Nov 2023 16:02:17 +0900 Subject: [PATCH 6/6] fix: modify return value when check mfa verify_code (#64) --- src/spaceone/identity/manager/mfa_manager/__init__.py | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/spaceone/identity/manager/mfa_manager/__init__.py b/src/spaceone/identity/manager/mfa_manager/__init__.py index ea29ed6f..500baa99 100644 --- a/src/spaceone/identity/manager/mfa_manager/__init__.py +++ b/src/spaceone/identity/manager/mfa_manager/__init__.py @@ -6,6 +6,7 @@ from spaceone.core.manager import BaseManager from spaceone.identity.error.error_mfa import ERROR_NOT_SUPPORTED_MFA_TYPE +from spaceone.identity.error.error_user import ERROR_INVALID_VERIFY_CODE __all__ = ['BaseMFAManager', 'MFAManager'] _LOGGER = logging.getLogger(__name__) @@ -67,7 +68,7 @@ def check_mfa_verify_code(user_id, domain_id, verify_code): if cached_verify_code == verify_code: cache.delete(f'mfa-verify-code:{domain_id}:{user_id}') return True - return False + raise ERROR_INVALID_VERIFY_CODE(verify_code=verify_code) @staticmethod def _generate_verify_code():