Skip to content

Refactor password grant #3165

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
strehle merged 4 commits into from
Nov 29, 2024
Merged

Refactor password grant #3165

strehle merged 4 commits into from
Nov 29, 2024

Conversation

@strehle
Copy link
Member

@strehle strehle commented Nov 28, 2024

  • if origin is available, retrieve IdP and check if password can be used
  • use always identityProviderProvisioning and remove externalOAuthProviderConfigurator

@strehle
Refactor password grant
37b4dd7 
* if origin is available, retrieve IdP and check if password can be used
* use always identityProviderProvisioning and remove externalOAuthProviderConfigurator
@strehle strehle marked this pull request as ready for review November 28, 2024 13:27
@strehle strehle mentioned this pull request Nov 28, 2024
Closed
@strehle strehle requested a review from a team November 28, 2024 13:39
@strehle strehle merged commit 9794737 into develop Nov 29, 2024
20 checks passed
@strehle strehle deleted the refactor/simplifyPasswordGrant branch November 29, 2024 10:11
@mikeroda
Copy link
Contributor

mikeroda commented Jan 31, 2025

@strehle I believe this caused a regression with the password grant. If the IdP config only has the discoveryUrl set, the identityProviderProvisioning lookup does not fill in the tokenUrl like the externalOAuthProviderConfigurator did, and this results in a NullPointerException here:
https://github.com/cloudfoundry/uaa/blob/develop/server/src/main/java/org/cloudfoundry/identity/uaa/authentication/manager/PasswordGrantAuthenticationManager.java#L231

@strehle
Copy link
Member Author

strehle commented Feb 1, 2025

@mikeroda ok, we can check ( FYI @adrianhoelzl-sap ) because this PR was created as optimization for IDP look.

Can you either create an issue ticket with information about type of IdP (oauth or oidc) and then simply discovery only and you do password grant correct ?

@mikeroda mikeroda mentioned this pull request Feb 3, 2025
Closed
@mikeroda
Copy link
Contributor

mikeroda commented Feb 3, 2025

@strehle, OK I created #3271.

@strehle strehle mentioned this pull request Feb 11, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@adrianhoelzl-sap adrianhoelzl-sap adrianhoelzl-sap approved these changes

Assignees

No one assigned

Labels

None yet

Projects

Foundational Infrastructure Working Group
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@strehle @mikeroda @adrianhoelzl-sap