Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Set the CookieStore key in Auth API Server #1248

Merged
merged 1 commit into from
Nov 27, 2023
Merged

Set the CookieStore key in Auth API Server #1248

merged 1 commit into from
Nov 27, 2023

Conversation

pratap0007
Copy link
Contributor

@pratap0007 pratap0007 commented Nov 24, 2023
edited

Changes

This commit sets CookieStore key to a random string
earlier it was empty and due change in gorilla/securecookie
package, CookieStore expects to set the key

Submitter Checklist

These are the criteria that every PR should meet, please check them off as you
review them:

  • Includes tests (if functionality changed/added)
  • Run API Unit Tests, Lint Checks, API Design, Golden Files with make api-check
  • Run UI Unit Tests, Lint Checks with make ui-check
  • Commit messages follow commit message best practices

See the contribution guide for more details.

Release Notes

Set the CookieStore key in Auth API Server to fix login

@tekton-robot tekton-robot added the size/S Denotes a PR that changes 10-29 lines, ignoring generated files. label Nov 24, 2023
jkandasa
jkandasa reviewed Nov 24, 2023
View reviewed changes
api/pkg/auth/base.go Outdated
key := make([]byte, length)
_, err := rand.Read(key)
if err != nil {
return "SESSION_SECRET"
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pratap0007 can you add panic of fatal on error response from generate random key. static key is not advised
@vdemeester @piyush-garg WDYT?

jkandasa
jkandasa reviewed Nov 24, 2023
View reviewed changes
api/pkg/auth/base.go Outdated
if err != nil {
return "SESSION_SECRET"
}
return base64.StdEncoding.EncodeToString(key)
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@pratap0007 Is there any restriction on the key length? encoding it to base64 may result unpredictable key length.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

maximum 64 bytes

@pratap0007
Set the CookieStore key in Auth API Server
d9fa130 
This commit sets CookieStore key to a random string
earlier it was empty and due change in `gorilla/securecookie`
package CookieStore expects to set the key

Signed-off-by: Shiv Verma <shverma@redhat.com>
@PuneetPunamiya
Copy link
Member

Thanks :)
/approve

@tekton-robot tekton-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Nov 27, 2023
vinamra28
vinamra28 approved these changes Nov 27, 2023
View reviewed changes
Copy link
Member

@vinamra28 vinamra28 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@tekton-robot tekton-robot added the lgtm Indicates that a PR is ready to be merged. label Nov 27, 2023
@tekton-robot
Copy link

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: PuneetPunamiya, vinamra28

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:
  • OWNERS [PuneetPunamiya,vinamra28]

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot merged commit 9ca575f into tektoncd:main Nov 27, 2023
5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@jkandasa jkandasa jkandasa left review comments

@vinamra28 vinamra28 vinamra28 approved these changes

@PuneetPunamiya PuneetPunamiya Awaiting requested review from PuneetPunamiya

Assignees

@vinamra28 vinamra28

Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. lgtm Indicates that a PR is ready to be merged. size/S Denotes a PR that changes 10-29 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
5 participants
@pratap0007 @PuneetPunamiya @tekton-robot @jkandasa @vinamra28