Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: update kickstart.json #84

Closed
wants to merge 17 commits into from
Closed

fix: update kickstart.json #84

wants to merge 17 commits into from

Conversation

techsavvyash
Copy link
Owner

@techsavvyash techsavvyash commented Sep 26, 2024
edited by coderabbitai bot
Loading

Checklist

Make sure you have

  • Added relevant @nestjs/swagger decorators wherever required
  • Added test cases (unit and integration) wherever required

Description

Describe the aim/objective of this PR

Steps to test

Add steps to run and test teh desired changes

References

Add relevant links and screenshots outlining the working status of this PR

Demo

If relevant to your change, attach a screen recording showcasing that the change is working and giving desired results.

Summary by CodeRabbit

  • New Features

    • Introduced a new docker-compose.yml for easier application setup and management.
    • Added an InteractionHelper class for streamlined handling of OIDC interactions.
    • Expanded kickstart.json to support multiple application configurations and OAuth2 settings.
    • Added new decorators and utility functions for OIDC context management.

  • Bug Fixes

    • Commented out test execution in the pre-commit hook to prevent failures during commits.

  • Tests

    • Added comprehensive unit tests for the InteractionHelper and OidcController classes.

Zolo-Ryan and others added 17 commits August 29, 2024 22:42
@Zolo-Ryan
feat: integrate node-oidc-provider by panva
15929eb 
This commit is responsible for integrating the node-oidc-provider created by panva and
removing the custom implementation of oidc. As a result there was a change in schema and
a lot of things got deprecated and broken. Tests broke, code failed. Deprecated code was removed and All of the mess was
cleaned and stabilized. Zolo.md is created to help understand the next developer the
remaining tasks and how to accomplish them. Tests were removed as a result the count came
down to 386 from 510 :(
@Zolo-Ryan
chore: update kickstart.json
854e8f9
@techsavvyash
Merge pull request #78 from Zolo-Ryan/oidcDev
747cae2 
feat: integrate node-oidc-provider by panva
@techsavvyash
fix: integrate sqlite
bfc0b10
@Zolo-Ryan
refactor: update code to remove errors
300feb4 
This commit is responsible for removing server_error from the devInteractions page
@techsavvyash
Merge pull request #79 from Zolo-Ryan/oidcDev
2117ab3 
refactor: update code to remove errors
@techsavvyash
fix: start using nest oidc provider
c01791f
@Zolo-Ryan
refactor: make nest-oidc-provider to handle login
e9184a7 
Nest oidc provider was used to made login process smooth and easy. Some errors were
encountered since sqlite was used. however was corrected
@Zolo-Ryan
fix: user can login with correct password
d47aefb 
Earlier a user/someone else can login from any password value, however it is changed to ->
match the original password value to avoid unauthorized access
@Zolo-Ryan
fix: minio policy login issue
261582e 
Minio requires that the AS supports a policy claim in the id_token, hence it needed to be mapped
using the roles available to a user in that tenant, now the user is login based on admin or normal user
@Zolo-Ryan
feat: add consentless login
ad9612b 
Now applications can login without asking for consent from the end user

This feature has been warned not to used because 1. asking for user consent is ethical
2. This might be not be bug-free as mentioned below

link: https:/panva/node-oidc-provider/blob/v7.x/recipes/skip_consent.md
@techsavvyash
Merge pull request #80 from Zolo-Ryan/oidcDev
094b1d4 
refactor: make nest-oidc-provider to handle login
@Zolo-Ryan
Merge branch 'BharatSahAIyak:oidcDev' into oidcDev
4311f0d
@techsavvyash
Merge pull request #81 from Zolo-Ryan/oidcDev
af3e761 
OIDC dev
@Zolo-Ryan
fix: prevent possible privilege escalation
87ce70a 
earlier findAccount just returns the role and don't check whether the role belongs to
corresponding application or not which might have led to privilege escalation. Now it
is fixed in the findAccount function
@Zolo-Ryan
test: update tests
2bf98ac 
This commit fixes failing tests due to change in schema of application and other minor fixes
@Zolo-Ryan
fix: update kickstart.json (#83)
ecf061a 
* fix: user registration on login

User registration info is being saved in the user Registration
minor bug fixes

* chore: a minor fix

* chore: docker compose and kickstart.json

updated kickstart.json to have more than 1 tenant and client
created docker compose file
@coderabbitai coderabbitai
Copy link

coderabbitai bot commented Sep 26, 2024
edited
Loading

Caution

Review failed

The pull request is closed.

📝 Walkthrough

Walkthrough

The pull request introduces several modifications across multiple files. Key changes include the commenting out of scripts in the .husky directory to disable commit and pre-commit hooks, the addition of a new docker-compose.yml file for application configuration, and significant updates to the kickstart.json file to enhance application management. New files related to OpenID Connect (OIDC) functionality are introduced, including decorators, utilities, interfaces, and a controller, along with corresponding unit tests to ensure functionality.

Changes

Files Change Summary
.husky/commit-msg, .husky/pre-commit Commented out scripts to disable execution of commitlint and npm test.
docker-compose.yml Introduced a new file defining a service named app, including build configurations, port mappings, environment variable loading, and database migration commands.
kickstart.json Expanded variables section for multiple applications and OAuth2 settings, updated API request structures, and redefined roles with new IDs and configurations.
lib/common/oidc.decorators.ts Introduced two decorators for handling OIDC context and interactions.
lib/common/oidc.utils.ts Added utility functions for path validation and request/response handling in a NestJS application.
lib/helpers/interaction.helper.spec.ts Introduced unit tests for the InteractionHelper class, verifying interactions with the OIDC provider.
lib/helpers/interaction.helper.ts Created InteractionHelper class to manage OIDC interactions with methods for details, finishing, and results.
lib/index.ts Consolidated exports related to OIDC functionalities for easier integration.
lib/interfaces/oidc-module.interface.ts Introduced TypeScript interfaces for OIDC module configuration and options in a NestJS application.
lib/oidc.constants.ts Added a constant OIDC_MODULE_OPTIONS as a unique identifier for OIDC module options.
lib/oidc.controller.spec.ts Introduced unit tests for the OidcController class, covering various scenarios based on configurations.
lib/oidc.controller.ts Introduced the OidcController class for handling OIDC requests in a NestJS application.

Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Generate unit testing code for this file.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai generate unit testing code for this file.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and generate unit testing code.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

CodeRabbit Configuration File (.coderabbit.yaml)

  • You can programmatically configure CodeRabbit by adding a .coderabbit.yaml file to the root of your repository.
  • Please see the configuration documentation for more information.
  • If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: # yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

@techsavvyash techsavvyash deleted the oidcDev branch September 26, 2024 04:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@techsavvyash @Zolo-Ryan