Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Platform] API tokens do not work with SSO #5587

Closed
iSignal opened this issue Sep 3, 2020 · 0 comments
Closed

[Platform] API tokens do not work with SSO #5587

iSignal opened this issue Sep 3, 2020 · 0 comments
Assignees
@Arnav15
Labels
area/platform Yugabyte Platform platform/current

Comments

@iSignal
Copy link
Contributor

iSignal commented Sep 3, 2020

Repro:

  1. Enable SSO auth
  2. Create an API token in the User profile
  3. Attempt to make a curl request with the API token in the headers - see HTTP error.
@iSignal iSignal added the area/platform Yugabyte Platform label Sep 3, 2020
@chirag-yb chirag-yb mentioned this issue Sep 3, 2020
Open
Arnav15 added a commit that referenced this issue Sep 18, 2020
@Arnav15
[#5587]: Authenticate API tokens even when using OAuth.
e83d249 
Summary:
We want to be able to serve curl requests as well on the platform, even when OAuth is
enabled. So with this diff, we also authenticate based on the API token.

Test Plan:
Tested the following flows:
1) Login without SSO: Made API calls using both auth token and api token and verified it worked as expected.
2) Login with SSO: Logged in via SSO on the browser and set the API token. Verified that on removing the PLAY_SESSION cookie, the session gets logged out, even with the API token set, but the API calls using the API token go through.

Reviewers: daniel, wesley, sanketh

Reviewed By: sanketh

Subscribers: andrew, jenkins-bot, yugaware

Differential Revision: https://phabricator.dev.yugabyte.com/D9362
Arnav15 added a commit that referenced this issue Sep 18, 2020
@Arnav15
[#5587]: Authenticate API tokens even when using OAuth.
e683be1 
Summary:
We want to be able to serve curl requests as well on the platform, even when OAuth is
enabled. So with this diff, we also authenticate based on the API token.

Test Plan:
Tested the following flows:
1) Login without SSO: Made API calls using both auth token and api token and verified it worked as expected.
2) Login with SSO: Logged in via SSO on the browser and set the API token. Verified that on removing the PLAY_SESSION cookie, the session gets logged out, even with the API token set, but the API calls using the API token go through.

Reviewers: daniel, wesley, sanketh

Reviewed By: sanketh

Subscribers: andrew, jenkins-bot, yugaware

Differential Revision: https://phabricator.dev.yugabyte.com/D9362
@Arnav15 Arnav15 closed this as completed Oct 13, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Arnav15 Arnav15

Labels
area/platform Yugabyte Platform platform/current
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@iSignal @Arnav15 @streddy-yb