Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Change authenticator property keys to be specific for different authenticators #186

Merged
merged 2 commits into from
Jul 4, 2024
Merged

Change authenticator property keys to be specific for different authenticators #186

merged 2 commits into from
Jul 4, 2024

Conversation

ZiyamSanthosh
Copy link
Contributor

@ZiyamSanthosh ZiyamSanthosh commented Jul 3, 2024
edited
Loading

When adding the properties such as redirect_url, scope, state and nonce into the authentication context, use the specific authenticator name as the prefix to uniquely identify the specific keys according to each authenticator.

Related issue:

ZiyamSanthosh
ZiyamSanthosh commented Jul 3, 2024
View reviewed changes
...java/org/wso2/carbon/identity/application/authenticator/oidc/OpenIDConnectAuthenticator.java
String nonce = UUID.randomUUID().toString();
context.setProperty(OIDC_FEDERATION_NONCE, nonce);
context.setProperty(getName() + OIDC_FEDERATION_NONCE, nonce);
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@janakamarasena Is it okay to change the nonce value name by adding the authenticator name as the prefix?

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

+1. Even though this is used in the normal flow and not only dedicated for app native auth it should be okay as this should not be used outside of the authenicator

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/9783516912

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/9783516912
Status: success

jenkins-is-staging
jenkins-is-staging approved these changes Jul 3, 2024
View reviewed changes
Copy link

@jenkins-is-staging jenkins-is-staging left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/9783516912

@ZiyamSanthosh ZiyamSanthosh changed the title Enable nonce validation and alter property keys to be based on authenticator names Change authenticator property keys to be specific for different authenticators Jul 4, 2024
@ZiyamSanthosh ZiyamSanthosh mentioned this pull request Jul 4, 2024
Merged
Thumimku
Thumimku approved these changes Jul 4, 2024
View reviewed changes
Copy link

@Thumimku Thumimku left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@ZiyamSanthosh ZiyamSanthosh merged commit e79c363 into wso2-extensions:master Jul 4, 2024
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@janakamarasena janakamarasena janakamarasena left review comments

@jenkins-is-staging jenkins-is-staging jenkins-is-staging approved these changes

@Thumimku Thumimku Thumimku approved these changes

@pamodaaw pamodaaw pamodaaw approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@ZiyamSanthosh @jenkins-is-staging @janakamarasena @pamodaaw @Thumimku