Skip to content

Short circuit failure handling in OIDC flow #130618

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 4, 2025
Merged

Short circuit failure handling in OIDC flow #130618

merged 4 commits into from
Aug 4, 2025

Conversation

n1v0lg
Copy link
Contributor

@n1v0lg n1v0lg commented Jul 4, 2025

We should return after the onFailure call during the claims check.

@n1v0lg n1v0lg requested a review from slobodanadamovic July 4, 2025 09:54
@n1v0lg n1v0lg self-assigned this Jul 4, 2025
@n1v0lg n1v0lg added >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) labels Jul 4, 2025
@n1v0lg n1v0lg marked this pull request as ready for review July 4, 2025 10:39
@elasticsearchmachine
Copy link
Collaborator

Pinging @elastic/es-security (Team:Security)

@n1v0lg n1v0lg requested a review from slobodanadamovic August 4, 2025 13:46
slobodanadamovic
slobodanadamovic approved these changes Aug 4, 2025
View reviewed changes
Copy link
Contributor

@slobodanadamovic slobodanadamovic left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM 👍

@n1v0lg n1v0lg added auto-backport Automatically create backport pull requests when merged auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) labels Aug 4, 2025
@elasticsearchmachine elasticsearchmachine merged commit 50a4dfe into elastic:main Aug 4, 2025
39 checks passed
@n1v0lg n1v0lg deleted the oidc-claims-handling-tweak branch August 4, 2025 14:52
This was referenced Aug 4, 2025
Merged
Merged
Merged
@n1v0lg n1v0lg mentioned this pull request Aug 4, 2025
Merged
n1v0lg added a commit to n1v0lg/elasticsearch that referenced this pull request Aug 4, 2025
@n1v0lg
Short circuit failure handling in OIDC flow (elastic#130618)
30bc998 
We should return after the `onFailure` call during the claims check.
@elasticsearchmachine
Copy link
Collaborator

💚 Backport successful

Status Branch Result
9.1
8.19
9.0
8.18

n1v0lg added a commit to n1v0lg/elasticsearch that referenced this pull request Aug 4, 2025
@n1v0lg
Short circuit failure handling in OIDC flow (elastic#130618)
7983124 
We should return after the `onFailure` call during the claims check.
n1v0lg added a commit to n1v0lg/elasticsearch that referenced this pull request Aug 4, 2025
@n1v0lg
Short circuit failure handling in OIDC flow (elastic#130618)
8799e33 
We should return after the `onFailure` call during the claims check.
elasticsearchmachine pushed a commit that referenced this pull request Aug 4, 2025
@n1v0lg
Short circuit failure handling in OIDC flow (#130618) (#132403)
abc527a 
We should return after the `onFailure` call during the claims check.
elasticsearchmachine pushed a commit that referenced this pull request Aug 4, 2025
@n1v0lg
Short circuit failure handling in OIDC flow (#130618) (#132404)
20cfb3b 
We should return after the `onFailure` call during the claims check.
szybia added a commit to szybia/elasticsearch that referenced this pull request Aug 5, 2025
@szybia
Merge remote-tracking branch 'upstream/main' into index-templates-tra…
e3c2985 
…cking

* upstream/main: (26 commits)
  [Fleet] add privileges to `kibana_system` to read integrations data (elastic#132400)
  Add `TestEntitlementsRule` with support for dynamic entitled node paths for testing (elastic#132077)
  Reduce logging frequency for GCS per project clients (elastic#132429)
  Skip update/100_synthetic_source tests in yamlRestCompatTests (elastic#132296)
  Correct exception for missing nested path (elastic#132408)
  Fixing esql release tests elastic#132369 (elastic#132406)
  Adjust date docvalue formatting to return 4xx instead of 5xx (elastic#132414)
  Handle nested fields with the termvectors REST API in artificial docs (elastic#92568)
  Only collect bulk scored vectors when exceeding min competitive (elastic#132293)
  Fix release tests diskbbq update (elastic#132405)
  ESQL: Fix skipping of generative tests (elastic#132390)
  Short circuit failure handling in OIDC flow (elastic#130618)
  Small optimization in OptimizedScalarQuantizer by using mul instead of div (elastic#132397)
  Aggs: Add validation to Bucket script pipeline agg (elastic#132320)
  ESQL: Multiple parameters in ungrouped aggs (elastic#132375)
  ESQL: Explain test operators (elastic#132374)
  EQL: Deal with internally created IN in a different way for EQL (elastic#132167)
  Speed up hierarchical k-means by computing distances in bulk (elastic#132384)
  Reduce the number of fields per document (elastic#132322)
  Assert current thread in ESQL (elastic#132324)
  ...
elasticsearchmachine pushed a commit that referenced this pull request Aug 6, 2025
@n1v0lg @slobodanadamovic
Short circuit failure handling in OIDC flow (#130618) (#132402)
034bfc8 
We should return after the `onFailure` call during the claims check.

Co-authored-by: Slobodan Adamović <[email protected]>
elasticsearchmachine pushed a commit that referenced this pull request Aug 6, 2025
@n1v0lg @slobodanadamovic
Short circuit failure handling in OIDC flow (#130618) (#132401)
cc27d54 
We should return after the `onFailure` call during the claims check.

Co-authored-by: Slobodan Adamović <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@slobodanadamovic slobodanadamovic slobodanadamovic approved these changes

Assignees

@n1v0lg n1v0lg

Labels

auto-backport Automatically create backport pull requests when merged auto-merge-without-approval Automatically merge pull request when CI checks pass (NB doesn't wait for reviews!) >non-issue :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) Team:Security Meta label for security team v8.18.5 v8.19.1 v9.0.5 v9.1.1 v9.2.0

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@n1v0lg @elasticsearchmachine @slobodanadamovic