Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[v11.0.x] OAuth: Make sub claim required for generic oauth behind feature toggle #86118

Merged
merged 1 commit into from
Apr 15, 2024
Merged

[v11.0.x] OAuth: Make sub claim required for generic oauth behind feature toggle #86118

merged 1 commit into from
Apr 15, 2024

Conversation

grafana-delivery-bot[bot]
Copy link
Contributor

Backport 2f3a01f from #85065

What is this feature?
Replacement for #84745.

As a first step we decided to require sub claim behind a feature toggle so we have a way to opt and give customers time to fix their oauth integrations.

I also decided to perform this check in oauth client instead of the generic oauth connector so we would catch other clients where this could happen as well.

Part of https://github.com/grafana/identity-access-team/issues/603

Special notes for your reviewer:

Please check that:

  • It works as expected from a user's perspective.
  • If this is a pre-GA feature, it is behind a feature toggle.
  • The docs are updated, and if this is a notable improvement, it's added to our What's New doc.

@kalleep @grafana-delivery-bot
OAuth: Make sub claim required for generic oauth behind feature toggle (
949222a 
#85065)

* Add feature toggle for sub claims requirement

* OAuth: require valid auth id

* Fix feature toggle description

(cherry picked from commit 2f3a01f)
@grafana-delivery-bot grafana-delivery-bot bot requested review from grafanabot and a team as code owners April 15, 2024 10:54
@grafana-delivery-bot grafana-delivery-bot bot added this to the 11.0.x milestone Apr 15, 2024
@grafana-delivery-bot grafana-delivery-bot bot added add to changelog area/backend area/frontend backport A backport PR product-approved Pull requests that are approved by product/managers and are allowed to be backported labels Apr 15, 2024
@grafana-delivery-bot grafana-delivery-bot bot requested a review from kalleep April 15, 2024 10:54
ashharrison90
ashharrison90 approved these changes Apr 15, 2024
View reviewed changes
Copy link
Contributor

@ashharrison90 ashharrison90 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

lgtm bot 🤖

@ashharrison90 ashharrison90 merged commit 524c590 into v11.0.x Apr 15, 2024
22 checks passed
@ashharrison90 ashharrison90 deleted the backport-85065-to-v11.0.x branch April 15, 2024 12:59
@fabrizio-grafana fabrizio-grafana modified the milestones: 11.0.x, 11.0.0 May 14, 2024
@BrewTestBot BrewTestBot mentioned this pull request May 14, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ashharrison90 ashharrison90 ashharrison90 approved these changes

@grafanabot grafanabot Awaiting requested review from grafanabot grafanabot is a code owner

@kalleep kalleep Awaiting requested review from kalleep

Assignees
No one assigned
Labels
add to changelog area/backend area/frontend backport A backport PR product-approved Pull requests that are approved by product/managers and are allowed to be backported
Projects
None yet
Milestone
11.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@ashharrison90 @fabrizio-grafana @kalleep