Skip to content

Improve oauth2 idp-initiated login (backport #13476) (backport #13502) #13507

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 13, 2025
Merged

Improve oauth2 idp-initiated login (backport #13476) (backport #13502) #13507

merged 2 commits into from
Mar 13, 2025

Conversation

mergify[bot]
Copy link

@mergify mergify bot commented Mar 12, 2025

Proposed Changes

This is an improvement to the /login endpoint (rabbit_mgmt_login) used for idp-initiated logons in the management ui.

The previous implementation produced a warning message in the browser the first time the form was submitted. The warning message warned the user that the form was about to be submitted again. This was because the response page to the POST request contained a javascript code that refreshed the page.

With this new change, the rabbit_mgmt_login module instead replies with a redirect 302 including a cookie with the token. This cookie is very short-lived, when the user is redirected to the Overview page of the management, the cookie is already gone.

Types of Changes

What types of changes does your code introduce to this project?
Put an x in the boxes that apply

  • Bug fix (non-breaking change which fixes issue #NNNN)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause an observable behavior change in existing systems)
  • Documentation improvements (corrections, new content, etc)
  • Cosmetic change (whitespace, formatting, etc)
  • Build system and/or CI
This is an automatic backport of pull request #13476 done by [Mergify](https://mergify.com).
This is an automatic backport of pull request #13502 done by [Mergify](https://mergify.com).

@MarcialRosales @mergify
Use POST+Redirect_with_cookie
1c71922 
(cherry picked from commit 69b5486)
(cherry picked from commit 5e5521a)

# Conflicts:
#	deps/rabbitmq_management/src/rabbit_mgmt_oauth_bootstrap.erl
@mergify Mergify
Copy link
Author

mergify bot commented Mar 12, 2025

Cherry-pick of 5e5521a has failed:

On branch mergify/bp/v4.0.x/pr-13502
Your branch is up to date with 'origin/v4.0.x'.

You are currently cherry-picking commit 5e5521a3c.
  (fix conflicts and run "git cherry-pick --continue")
  (use "git cherry-pick --skip" to skip this patch)
  (use "git cherry-pick --abort" to cancel the cherry-pick operation)

Changes to be committed:
	modified:   deps/rabbitmq_management/include/rabbit_mgmt.hrl
	modified:   deps/rabbitmq_management/src/rabbit_mgmt_login.erl

Unmerged paths:
  (use "git add <file>..." to mark resolution)
	both modified:   deps/rabbitmq_management/src/rabbit_mgmt_oauth_bootstrap.erl

To fix up this pull request, you can check it out locally. See documentation: https://docs.github.com/en/pull-requests/collaborating-with-pull-requests/reviewing-changes-in-pull-requests/checking-out-pull-requests-locally

@mergify mergify bot added the conflicts label Mar 12, 2025
@michaelklishin michaelklishin added this to the 4.0.8 milestone Mar 12, 2025
@michaelklishin
Copy link
Collaborator

michaelklishin commented Mar 12, 2025
edited
Loading

@MarcialRosales have I resolved this conflict correctly for v4.0.x? Any reasons not to backport this change?

@MarcialRosales
Copy link
Contributor

You did resolve correctly the conflict. I just manually triggered the only failed CI job and it has passed.

@michaelklishin michaelklishin merged commit 573bdad into v4.0.x Mar 13, 2025
268 checks passed
@michaelklishin michaelklishin deleted the mergify/bp/v4.0.x/pr-13502 branch March 13, 2025 07:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
conflicts
Projects
None yet
Milestone
4.0.8
Development

Successfully merging this pull request may close these issues.
2 participants
@michaelklishin @MarcialRosales