Fixed the pointer overwrite issue in oauthServer metadata #183

pmahindrakar-oss · 2021-04-14T15:02:07Z

Signed-off-by: Prafulla Mahindrakar prafulla.mahindrakar@gmail.com

Read then delete

Make sure to use a concise title for the pull-request.
Use #patch, #minor or #major in the pull-request title to bump the corresponding version. Otherwise, the patch version
will be bumped. More details

TL;DR

Type

[ X Bug Fix
Feature
Plugin

Are all requirements met?

Complete description

How did you fix the bug, make the feature etc. Link to any design docs etc

Tracking Issue

https://github.com/lyft/flyte/issues/

Follow-up issue

NA
OR
https://github.com/lyft/flyte/issues/

Signed-off-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com>

kumare3 · 2021-04-14T16:20:48Z

pkg/auth/oauthserver/metadata.go

@@ -76,8 +76,9 @@ func getJSONWebKeys(publicKeys []rsa.PublicKey) (jwk.Set, error) {
 		if err != nil {
 			return nil, fmt.Errorf("failed to write public key. Error: %w", err)
 		}
-
-		err = key.Set(KeyMetadataPublicCert, &publicKey)
+		var localPublicKey rsa.PublicKey


Suggested change

var localPublicKey rsa.PublicKey

localPublicKey := publicKey

just replace with oneline

Signed-off-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com> Co-authored-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com>

…D and OAuth2 configs, OAuth2 Metadata over gRPC #minor (#168) * wip: OAuth2 Support Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * wip Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * wip Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * tighten security of generated tokens Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Support storing form post values in auth code JWT Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * save secrets to k8s secrets Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Expose metadata endpoints over gRPC Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * trim OpenID Connect config further Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Selectively authenticate gRPC endpoints Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Support external oauth2 server and Okta Config Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * update config Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Fix nil secrets data map Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Fixed the pointer overwrite issue in oauthServer metadata (#183) Signed-off-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com> Co-authored-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Unit tests Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Unit tests Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Simplify config further and move auth package up Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Fix clusterresource Project and domain(#167) * Fix clusterresource Project Signed-off-by: Anand Swaminathan <aswaminathan@lyft.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Bump flyteidl version to pick up auth role field number fix (#169) Signed-off-by: Katrina Rogan <katroganGH@gmail.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Add option to use project name as namespace for the task pods (#166) * Add option to use project name as namespace for the task pods Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com> * rename Signed-off-by: Jeev B <jeev.balakrishnan@freenome.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * GetExecution performance improvements (#171) Signed-off-by: Katrina Rogan <katroganGH@gmail.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Add exists check for workflow & node executions (#172) Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Remove legacy fetch for workflow execution inputs (#173) Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Added release workflow (#170) Signed-off-by: yuvraj <evalsocket@gmail.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Update Flyteidl version (#175) Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Added version in flyteadmin (#154) * wip: added version pkg Signed-off-by: yuvraj <evalsocket@gmail.com> * wip: resolve conflict Signed-off-by: yuvraj <evalsocket@gmail.com> * wip: added version in rpc Signed-off-by: yuvraj <evalsocket@gmail.com> * wip: small fixes Signed-off-by: yuvraj <evalsocket@gmail.com> * wip: Added panic cache in get version service Signed-off-by: yuvraj <evalsocket@gmail.com> * Added flytestdlib for version package Signed-off-by: yuvraj <evalsocket@gmail.com> * Added version service test Signed-off-by: yuvraj <evalsocket@gmail.com> * wip: added ldflags in goreleaser Signed-off-by: yuvraj <evalsocket@gmail.com> Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Propagate nesting and principal for child executions (#177) Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Write workflow and node execution events asynchronously (#174) Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Add sensible flyteadmin config defaults (#179) Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Lint Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * further cleanup Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Only register authserver when auth is enabled Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Update to latest flyteidl and separate auth interfaces Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * dead code Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * PR Comments Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * merge master Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Move to authorizedUris Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Update to released flyteidl Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Fix response expiry and add unit tests Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * Update go mod Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> * fix unit tests that broke because of identity changes Signed-off-by: Haytham Abuelfutuh <haytham@afutuh.com> Co-authored-by: pmahindrakar-oss <77798312+pmahindrakar-oss@users.noreply.github.com> Co-authored-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com> Co-authored-by: Anand Swaminathan <aswaminathan@lyft.com> Co-authored-by: Katrina Rogan <katrina@nuclyde.io> Co-authored-by: Jeev B <jeevb@users.noreply.github.com> Co-authored-by: Yuvraj <10830562+evalsocket@users.noreply.github.com> Co-authored-by: Flyte Bot <admin@flyte.org>

Fixed the pointer overwrite issue in oauthServer metadata

36081d7

Signed-off-by: Prafulla Mahindrakar <prafulla.mahindrakar@gmail.com>

pmahindrakar-oss requested review from anandswaminathan, EngHabu, katrogan, kumare3 and wild-endeavor as code owners April 14, 2021 15:02

pmahindrakar-oss mentioned this pull request Apr 14, 2021

[Breaking] OAuth2 Authorization Server implementation, Separate OpenID and OAuth2 configs, OAuth2 Metadata over gRPC #minor #168

Merged

8 tasks

kumare3 reviewed Apr 14, 2021

View reviewed changes

EngHabu merged commit 50807cd into flyteorg:oauth2 Apr 14, 2021

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fixed the pointer overwrite issue in oauthServer metadata #183

Fixed the pointer overwrite issue in oauthServer metadata #183

pmahindrakar-oss commented Apr 14, 2021

kumare3 Apr 14, 2021

Fixed the pointer overwrite issue in oauthServer metadata #183

Fixed the pointer overwrite issue in oauthServer metadata #183

Conversation

pmahindrakar-oss commented Apr 14, 2021

Read then delete

TL;DR

Type

Are all requirements met?

Complete description

Tracking Issue

Follow-up issue

kumare3 Apr 14, 2021

Choose a reason for hiding this comment