Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add Functionality Enable or Disable ID Token Issuer Validation in My Account and Console #5050

Merged
merged 3 commits into from
Dec 19, 2023
Merged

Add Functionality Enable or Disable ID Token Issuer Validation in My Account and Console #5050

merged 3 commits into from
Dec 19, 2023

Conversation

dhaura
Copy link
Contributor

@dhaura dhaura commented Dec 13, 2023
edited
Loading

Purpose

  • This PR adds functionality to enable or disable ID Token issuer validation in My Account and Console.

  • For the default behavior (tented paths enabled) of the IS, this fix can be ignored.

  • But for migrating users, there might be a requirement to use the old Identity Provider Entity Value with tenanted paths disabled. In that case, one of the following configs in deployment.toml can be used for a flawless login for My Account and Console.

    • Skip ID Token Issuer validation by adding the following configurations in deployment.toml.
    [myaccount]
idp_configs = { "validateIDTokenIssuer" = false }

[console]
idp_configs = { "validateIDTokenIssuer" = false }
    • Update "issuer" through deployment.toml in order to be consistent with Identity Provider Entity Value.
    [myaccount]
idp_configs = { "issuer" = "https://localhost:9443/oauth2/oidcdiscovery" }

[console]
idp_configs = { "issuer" = "https://localhost:9443/oauth2/oidcdiscovery" }

Related Issues

Related PRs

@dhaura
Copy link
Contributor Author

dhaura commented Dec 13, 2023

  • Since auth-react package bump is a major version bump, the following verify the persistence of the expected behavior of My Account and Console.

    • My Account
    Screen.Recording.2023-12-13.at.14.08.50.mov
    • Console
    Screen.Recording.2023-12-13.at.14.07.39.mov

pavinduLakshan
pavinduLakshan requested changes Dec 13, 2023
View reviewed changes
Copy link
Contributor

@pavinduLakshan pavinduLakshan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's also test and verify the j2 changes by testing the console and myaccount war builds with the pack.

...nsole/java/org.wso2.identity.apps.console.server.feature/resources/deployment.config.json.j2 Outdated Show resolved Hide resolved
apps/console/src/features/authentication/utils/authenticate-utils.ts Outdated Show resolved Hide resolved
apps/console/src/features/authentication/utils/authenticate-utils.ts Outdated Show resolved Hide resolved
apps/console/src/init/app-utils.ts Outdated Show resolved Hide resolved
...unt/java/org.wso2.identity.apps.myaccount.server.feature/resources/deployment.config.json.j2 Outdated Show resolved Hide resolved
apps/myaccount/package.json Show resolved Hide resolved
apps/myaccount/src/init/app-utils.ts Outdated Show resolved Hide resolved
apps/myaccount/src/utils/authenticate-util.ts Outdated Show resolved Hide resolved
apps/myaccount/src/utils/authenticate-util.ts Outdated Show resolved Hide resolved
pavinduLakshan
pavinduLakshan approved these changes Dec 19, 2023
View reviewed changes
Copy link
Contributor

@pavinduLakshan pavinduLakshan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Let's send the framework PRs for j2 update as well.

@pavinduLakshan pavinduLakshan merged commit f4234aa into wso2:master Dec 19, 2023
5 checks passed
@wso2-jenkins-bot wso2-jenkins-bot mentioned this pull request Dec 19, 2023
Merged
@dhaura
Copy link
Contributor Author

dhaura commented Dec 19, 2023

Let's send the framework PRs for j2 update as well.

  • Since the validateIDTokenIssuer config was moved to idpConfigs, there are no j2 changes.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brionmario brionmario brionmario approved these changes

@pavinduLakshan pavinduLakshan pavinduLakshan approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@dhaura @brionmario @pavinduLakshan