search

workfloworchestrator / orchestrator-core-gui

The orchestrator frontend.
Apache License 2.0
7 stars 10 forks source link

Rewrite OIDC url with exact match #244

Closed Mark90 closed 1 year ago

Mark90 commented 1 year ago

Here we rewrite OAUTH2_OPENID_CONNECT_URL from /v1/auth/public-bundle to /v1/opa/public-bundle

https://github.com/workfloworchestrator/orchestrator-core-gui/blob/935e6f3548afb3c4f24f726c00f6e0009e285802/src/utils/policy.ts#L10C1-L10C1

However by only searching for "auth" without enclosing slashes, this will replace the first occurrence anywhere in the url. Not a huge problem, but with the wildcard domains we have in our development environment this can lead to surprises.

Fix is probably:

ENV.OAUTH2_OPENID_CONNECT_URL.replace("/auth/", "/opa/") + "/public-bundle/" + ENV.OAUTH2_CLIENT_ID
Mark90 commented 1 year ago

Right / is not guaranteed. replace("/auth", "/opa") should suffice.