Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ONYX-10520 : Add CreateConstraintsFromPolicy Command Class #2325

Merged
merged 1 commit into from
Jul 22, 2021
Merged

ONYX-10520 : Add CreateConstraintsFromPolicy Command Class #2325

merged 1 commit into from
Jul 22, 2021

Conversation

tzheleznyak
Copy link
Contributor

What does this PR do?

Add mandatory claims support to JWTGenericVendorConfiguration

What ticket does this PR close?

ONYX-10520

Checklists

Change log

  • The CHANGELOG has been updated, or
  • This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

  • This PR includes new unit and integration tests to go with the code changes, or
  • The changes in this PR do not require tests

Documentation

  • Docs (e.g. READMEs) were updated in this PR, and/or there is a follow-on issue to update docs, or
  • This PR does not require updating any documentation

API Changes

  • The OpenAPI spec has been updated to meet new API changes (or an issue has been opened), or
  • [ x] The changes in this PR do not affect the Conjur API

@tzheleznyak tzheleznyak requested review from orenbm, abrahamko and a team July 20, 2021 16:29
@tzheleznyak tzheleznyak requested a review from a team as a code owner July 20, 2021 16:29
@tzheleznyak tzheleznyak force-pushed the AddCreateConstrainsFromPolicy branch from 1e111de to 4edd308 Compare July 20, 2021 16:31
nessiLahav
nessiLahav reviewed Jul 21, 2021
View reviewed changes
app/domain/logs.rb
@@ -658,6 +658,16 @@ module AuthnJwt
msg: "Successfully fetched mapping claims '{0-mapping-claims}'",
code: "CONJ00130I"
)

CreateContraintsFromPolicy = ::Util::TrackableLogMessageClass.new(
msg: "Creating constraints from policy...",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

challenge the "from policy" term

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@hilagross @shulifink
We did agree we call it from policy in all places not?

tzheleznyak
tzheleznyak commented Jul 21, 2021
View reviewed changes
CHANGELOG.md Outdated Show resolved Hide resolved
@tzheleznyak tzheleznyak force-pushed the AddCreateConstrainsFromPolicy branch 3 times, most recently from 80a3a3c to 60c21d9 Compare July 21, 2021 13:28
nessiLahav
nessiLahav suggested changes Jul 21, 2021
View reviewed changes
Copy link
Contributor

@nessiLahav nessiLahav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only 2 comments left

eladkug
eladkug reviewed Jul 21, 2021
View reviewed changes
cucumber/authenticators_jwt/features/authn_jwt_token_schema.feature Outdated
And I successfully set authn-jwt jwks-uri variable with value of "myJWKs.json" endpoint

Scenario: ONYX-10471 - Mandatory Claims Without Claims Mapping. Single mandatory claim - 200 OK
Given I have a "variable" resource called "test-variable"
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

why its not part of your policy?

eladkug
eladkug reviewed Jul 21, 2021
View reviewed changes
cucumber/authenticators_jwt/features/authn_jwt_token_schema.feature
CONJ00037E Missing value for resource: cucumber:variable:conjur/authn-jwt/raw/mandatory-claims
"""

Scenario: ONYX-10891 - Complex Case - Adding Mandatory Claim after host configuration
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Its not clear the full scenario you run here.
You run three when but by the scenario you run only two.
You run basic scenario(pass), add mandatory claim (fail) update the policy (pass) the last when is not clear for me

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Talked about it

nessiLahav
nessiLahav previously approved these changes Jul 21, 2021
View reviewed changes
Copy link
Contributor

@nessiLahav nessiLahav left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tzheleznyak tzheleznyak force-pushed the AddCreateConstrainsFromPolicy branch 2 times, most recently from 6bf01f7 to 89d5e75 Compare July 22, 2021 07:01
@tzheleznyak tzheleznyak force-pushed the AddCreateConstrainsFromPolicy branch from 89d5e75 to cb34d8b Compare July 22, 2021 07:01
@tzheleznyak tzheleznyak changed the base branch from master to jwt-feature-mandatory-and-mapping July 22, 2021 09:56
sashaCher
sashaCher approved these changes Jul 22, 2021
View reviewed changes
Copy link
Contributor

@sashaCher sashaCher left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@tzheleznyak tzheleznyak merged commit 016413e into jwt-feature-mandatory-and-mapping Jul 22, 2021
@tzheleznyak tzheleznyak deleted the AddCreateConstrainsFromPolicy branch July 22, 2021 09:59
@jtuttle jtuttle mentioned this pull request Aug 17, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@eladkug eladkug eladkug left review comments

@benoaviram benoaviram benoaviram left review comments

@sashaCher sashaCher sashaCher approved these changes

@nessiLahav nessiLahav nessiLahav left review comments

@orenbm orenbm Awaiting requested review from orenbm

@abrahamko abrahamko Awaiting requested review from abrahamko

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@tzheleznyak @benoaviram @sashaCher @nessiLahav @eladkug