Closed stiwarisemanticbits closed 2 months ago
JFU-NAVA-PBC
commented
2 months ago looking at the server pull down list - currently it is locked to SBX:
it used to be that, the target server is locked by the servers list in the openapi.yaml, now it seems that is no longer used...
if so, is it possible that the user can point it any environment?
Just realized that the traffic actually goes to SBX, it is just a bit off that a TEST canary wired up with SBX apps etc.
stiwarisemanticbits
commented
2 months ago looking at the server pull down list - currently it is locked to SBX:
it used to be that, the target server is locked by the servers list in the openapi.yaml, now it seems that is no longer used...
if so, is it possible that the user can point it any environment?
Just realized that the traffic actually goes to SBX, it is just a bit off that a TEST canary wired up with SBX apps etc.
Yeah, for now this is hard coded to use sandbox env only
JIRA Ticket: BB2-3389
What Does This PR Do?
Currently oauth2-redirect.html is being served from static folder. This works fine locally but in sandbox and test environment this static files are served from s3. This causes issue for oauth2-redirect.html not served from server, which is required.
What Should Reviewers Watch For?
This is working on canary environment https://10.224.90.59/docs/openapi Make sure to add redirect url to your application
If you're reviewing this PR, please check for these things in particular:
Validation
What Security Implications Does This PR Have?
Please indicate if this PR does any of the following:
Adds any new software dependencies
Modifies any security controls
Adds new transmission or storage of data
Any other changes that could possibly affect security?
[ ] Yes, one or more of the above security implications apply. This PR must not be merged without the ISSO or team security engineer's approval.
Any Migrations?