Skip to content

feat: Allow token auth age to be disabled #362

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

feat: Allow token auth age to be disabled #362

wants to merge 1 commit into from

Conversation

nabeelpaytrix
Copy link

This disable can be via env variable RP_AUTH_SAML_TOKEN_AGE_CHECK

This validation is enabled by default, so reportportal must be explicitly configured to disable this check

Github Issue: #361

@nabeelpaytrix
feat: Allow token auth age to be disabled via env variable RP_AUTH_SA…
fafa07b 
…ML_TOKEN_AGE_CHECK

This validation is enabled by default, so reportportal must be explicitly configured to disable this check
@nabeelpaytrix nabeelpaytrix force-pushed the feat/allow-sso-token-age-auth-to-be-disabled branch from 7dcfe35 to fafa07b Compare January 29, 2025 12:28
@nabeelpaytrix nabeelpaytrix mentioned this pull request Jan 29, 2025
Open
@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
6 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@MeirsPortal
Copy link

Also waiting for a way to handle this issue - will be happy to test this workaround.

ilya-gulyaev
ilya-gulyaev reviewed Mar 26, 2025
View reviewed changes
src/main/java/com/epam/reportportal/auth/config/CustomValidator.java
import static org.springframework.security.saml.util.DateUtils.toZuluTime;
import static org.springframework.util.StringUtils.hasText;

public class CustomValidator extends DefaultValidator {
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

In case you implement CustomValidator, why not change maxAuthenticationAgeMillis to long in your implementation?
There are not many usages inside the DefaultValidator
https://jar-download.com/artifacts/org.springframework.security.extensions/spring-security-saml2-core/2.0.0.M31/source-code/org/springframework/security/saml/spi/DefaultValidator.java

@wesco-HariSarmaNarayana
Copy link

Any tentative timeline for this feature to be enable??? Appreciate your inputs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ilya-gulyaev ilya-gulyaev ilya-gulyaev left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@nabeelpaytrix @MeirsPortal @wesco-HariSarmaNarayana @ilya-gulyaev