JSON circular reference in debug statement: wicked.auth #188
Milestone
Comments
maksimlikharev
changed the title
maksimlikharev
pushed a commit
to clarivate/wicked.auth
that referenced
this issue
Apr 15, 2019
* Refactor out build to separate script * Add a /ping endpoint (for health checks) * Ease up strictness of redirect_uri checking slightly * Use updated redirect_uri function * Kong does not accept null scopes, fix for TypeScript * Stringifying recursive structures is not a good idea * Inject client_secret in special cases (password grant) * Now the client_secret thing should be correct * Refactoring of pool properties to an array * Adaptions to registrations refactoring * Bugfix: Check for trustUsers configuration oauth2 auth methods * Disallow signup/registration and namespace handling * Updated dependencies * If client_id/client_secret aren't passed in, check Basic Auth for id/secret * Updated dependencies * Working SAML identity provider implementation * Remove wicked-types (these are in the wicked sdk); use wicked-sdk as TypeScript * Update all API calls to wicked to use the node SDK instead * Remove some dedicated Callback types; not finished yet * Move OidcProfile to wicked SDK * PassthroughScope resolution via external service * Disallow -> disable * Updated dependencies * Add namespace and registration handling for the password grant. * Use = instead of : for separating keys and values * Add user groups as scopes to access tokens - Also fix refresh_token for passthrough APIs (to enable scope changes). * Fixed broken group mapping for ADFS/OAuth2 * Move to services+routes for Kong * Updated dependencies * Don't use ".total" for routes, it's not returned * For simplified integration testing, allow JSON rendering (with env var) * Corner case fixes; integration testing made easier - Check for invalid sessions * Minor fixes of bugs in error handling - Mostly popped up during writing of integration tests - Some adaptions to the OAuth2 RFC (Response codes) * Answer health check both on /auth/ping and /ping * Take out implicit style and add a class * Ad-hoc localization to german (specify LANGUAGE env var) * Display app name with login screen (and some others) - Prepare using a custom URL for the top logo * Check on build that translations are correct * Add some space between log in and links * Updated dependencies * Updated dependencies * Updated dependencies * Add basic prometheus metrics * Change how authenticated_userid is created (adding namespace and sub=). * Also add namespace to back redirect for authorize endpoint (both flows) * Updated dependencies * Make getting a scope from an external URL more robust (retry logic) * Bugfix (for refresh token); the auth server always creates a user id with sub= * Don't rely in service_id in token data (not available for shared_credentials) - Instead use credential_id, which is always present * Move metrics and ping to after prometheus middleware * Bug fix: Go back to "log in" from "sign up" form didn't work * Use specified password validation strategy (and pluggable regex) * Some CSRF security changes; support for "must change password". * Prepare to force password change on resource owner password grant * Support PKCE for Auth Code Grant and Public clients * Verify length of code_verifier (has to have specific length) * Improved email regex when creating a user * Updated dependencies * Fixes Haufe-Lexware/wicked.haufe.io#124 - Answer to IdP initiated logout request (logout responses) - Enable initiating SSO logout requests * Better error message when sso_logout_url is missing * Part I of fix Haufe-Lexware/wicked.haufe.io#127 * Implemementation Haufe-Lexware/wicked.haufe.io#128 - Auth method type "external" - Large refactorings to partly use async/await; which substantially simplifies the code - wicked node SDK also supports Promises now * Slight fix for non-passthrough user and external IDP - Don't ask IdP for refresh token if the user is federated to wicked, it wouldn't be able to answer anyway. * Allow APIs with passthrough Scopes to use Resource Owner Password Grant * Fixes at least parts of Haufe-Lexware/wicked.haufe.io#135 - By passing in "renderSignup" to setTimeout as a function, "this" was lost * Fixes Haufe-Lexware/wicked.haufe.io#137 * Basic scope restriction logic, Haufe-Lexware/wicked.haufe.io#138 * Fixes Haufe-Lexware/wicked.haufe.io#142 - Check for defaultGroups also on subsequent logins - Remove unused code * Fixes Haufe-Lexware/wicked.haufe.io#143 * Fixes Haufe-Lexware/wicked.haufe.io#131 * Fix a potential IE11 caching problem * Fixes Haufe-Lexware/wicked.haufe.io#130 - More elaborate scope checking with refresh tokens * Removed package-lock.json * Actually output some debug information on the redis connection * Renaming images (drop portal-) * Corrected reverse build trigger * Updated bootstrap to 3.4.0 * Wrong base image for actual image, corrected. * Force authentication with SAML in case prompt=login is supplied * Copy/Paste mistake fixed when instantiating Logger * Check for sso_logout_url on identityProvider, not on serviceProvider (bug) * Registration validation was not working properly * For security reasons, take out refresh token for... - Authorization Code Grant, in combination with - Public clients * Add build information to /ping status for Auth Server * Enable local docker builds of auth server; enable git info in image * Check for more specific type of client - Actual implementation of Haufe-Lexware/wicked.haufe.io#159 * Default to using the defined internal Kong proxy port, if defined - otherwise, fall back to external API host (as before) * Remove unused package ldapjs * Ignore build_date file * Ignore git_* files * Bump to version 1.0.0-rc.1 * Remove versioning from portal-env.tgz * Turn off build caching * Bump to version 1.0.0-rc.2 * Endline * Support multiple redirectUris in the auth server - Fixes parts of Haufe-Lexware/wicked.haufe.io#178 * Issue prompt=none errors as redirects, not as JSON * Support OIDC type userinfo endpoints for profile * Neater layout of login page. According to me. * Support prefilling username for login screen - Add autofocus for login screen; looks nicer * Support forgotten password URLs for external auth method * Text tweaks * Ahem. * Bump to version 1.0.0-rc.3 * Bump to version 1.0.0-rc.4 * Update morgan to 1.9.1 * Add typescript devDependency * Update bootstrap * Update async and request * Fixes Haufe-Lexware/wicked.haufe.io#188 * Fix typescript version for build and dev
maksimlikharev
pushed a commit
to clarivate/wicked.auth
that referenced
this issue
Apr 18, 2019
* Refactor out build to separate script * Add a /ping endpoint (for health checks) * Ease up strictness of redirect_uri checking slightly * Use updated redirect_uri function * Kong does not accept null scopes, fix for TypeScript * Stringifying recursive structures is not a good idea * Inject client_secret in special cases (password grant) * Now the client_secret thing should be correct * Refactoring of pool properties to an array * Adaptions to registrations refactoring * Bugfix: Check for trustUsers configuration oauth2 auth methods * Disallow signup/registration and namespace handling * Updated dependencies * If client_id/client_secret aren't passed in, check Basic Auth for id/secret * Updated dependencies * Working SAML identity provider implementation * Remove wicked-types (these are in the wicked sdk); use wicked-sdk as TypeScript * Update all API calls to wicked to use the node SDK instead * Remove some dedicated Callback types; not finished yet * Move OidcProfile to wicked SDK * PassthroughScope resolution via external service * Disallow -> disable * Updated dependencies * Add namespace and registration handling for the password grant. * Use = instead of : for separating keys and values * Add user groups as scopes to access tokens - Also fix refresh_token for passthrough APIs (to enable scope changes). * Fixed broken group mapping for ADFS/OAuth2 * Move to services+routes for Kong * Updated dependencies * Don't use ".total" for routes, it's not returned * For simplified integration testing, allow JSON rendering (with env var) * Corner case fixes; integration testing made easier - Check for invalid sessions * Minor fixes of bugs in error handling - Mostly popped up during writing of integration tests - Some adaptions to the OAuth2 RFC (Response codes) * Answer health check both on /auth/ping and /ping * Take out implicit style and add a class * Ad-hoc localization to german (specify LANGUAGE env var) * Display app name with login screen (and some others) - Prepare using a custom URL for the top logo * Check on build that translations are correct * Add some space between log in and links * Updated dependencies * Updated dependencies * Updated dependencies * Add basic prometheus metrics * Change how authenticated_userid is created (adding namespace and sub=). * Also add namespace to back redirect for authorize endpoint (both flows) * Updated dependencies * Make getting a scope from an external URL more robust (retry logic) * Bugfix (for refresh token); the auth server always creates a user id with sub= * Don't rely in service_id in token data (not available for shared_credentials) - Instead use credential_id, which is always present * Move metrics and ping to after prometheus middleware * Bug fix: Go back to "log in" from "sign up" form didn't work * Use specified password validation strategy (and pluggable regex) * Some CSRF security changes; support for "must change password". * Prepare to force password change on resource owner password grant * Support PKCE for Auth Code Grant and Public clients * Verify length of code_verifier (has to have specific length) * Improved email regex when creating a user * Updated dependencies * Fixes Haufe-Lexware/wicked.haufe.io#124 - Answer to IdP initiated logout request (logout responses) - Enable initiating SSO logout requests * Better error message when sso_logout_url is missing * Part I of fix Haufe-Lexware/wicked.haufe.io#127 * Implemementation Haufe-Lexware/wicked.haufe.io#128 - Auth method type "external" - Large refactorings to partly use async/await; which substantially simplifies the code - wicked node SDK also supports Promises now * Slight fix for non-passthrough user and external IDP - Don't ask IdP for refresh token if the user is federated to wicked, it wouldn't be able to answer anyway. * Allow APIs with passthrough Scopes to use Resource Owner Password Grant * Fixes at least parts of Haufe-Lexware/wicked.haufe.io#135 - By passing in "renderSignup" to setTimeout as a function, "this" was lost * Fixes Haufe-Lexware/wicked.haufe.io#137 * Basic scope restriction logic, Haufe-Lexware/wicked.haufe.io#138 * Fixes Haufe-Lexware/wicked.haufe.io#142 - Check for defaultGroups also on subsequent logins - Remove unused code * Fixes Haufe-Lexware/wicked.haufe.io#143 * Fixes Haufe-Lexware/wicked.haufe.io#131 * Fix a potential IE11 caching problem * Fixes Haufe-Lexware/wicked.haufe.io#130 - More elaborate scope checking with refresh tokens * Removed package-lock.json * Actually output some debug information on the redis connection * Renaming images (drop portal-) * Corrected reverse build trigger * Updated bootstrap to 3.4.0 * Wrong base image for actual image, corrected. * Force authentication with SAML in case prompt=login is supplied * Copy/Paste mistake fixed when instantiating Logger * Check for sso_logout_url on identityProvider, not on serviceProvider (bug) * Registration validation was not working properly * For security reasons, take out refresh token for... - Authorization Code Grant, in combination with - Public clients * Add build information to /ping status for Auth Server * Enable local docker builds of auth server; enable git info in image * Check for more specific type of client - Actual implementation of Haufe-Lexware/wicked.haufe.io#159 * Default to using the defined internal Kong proxy port, if defined - otherwise, fall back to external API host (as before) * Remove unused package ldapjs * Ignore build_date file * Ignore git_* files * Bump to version 1.0.0-rc.1 * Remove versioning from portal-env.tgz * Turn off build caching * Bump to version 1.0.0-rc.2 * Endline * Support multiple redirectUris in the auth server - Fixes parts of Haufe-Lexware/wicked.haufe.io#178 * Issue prompt=none errors as redirects, not as JSON * Support OIDC type userinfo endpoints for profile * Neater layout of login page. According to me. * Support prefilling username for login screen - Add autofocus for login screen; looks nicer * Support forgotten password URLs for external auth method * Text tweaks * Ahem. * Bump to version 1.0.0-rc.3 * Bump to version 1.0.0-rc.4 * Update morgan to 1.9.1 * Add typescript devDependency * Update bootstrap * Update async and request * Fixes Haufe-Lexware/wicked.haufe.io#188 * Fix typescript version for build and dev
maksimlikharev
pushed a commit
to clarivate/wicked.auth
that referenced
this issue
Apr 18, 2019
* Refactor out build to separate script * Add a /ping endpoint (for health checks) * Ease up strictness of redirect_uri checking slightly * Use updated redirect_uri function * Kong does not accept null scopes, fix for TypeScript * Stringifying recursive structures is not a good idea * Inject client_secret in special cases (password grant) * Now the client_secret thing should be correct * Refactoring of pool properties to an array * Adaptions to registrations refactoring * Bugfix: Check for trustUsers configuration oauth2 auth methods * Disallow signup/registration and namespace handling * Updated dependencies * If client_id/client_secret aren't passed in, check Basic Auth for id/secret * Updated dependencies * Working SAML identity provider implementation * Remove wicked-types (these are in the wicked sdk); use wicked-sdk as TypeScript * Update all API calls to wicked to use the node SDK instead * Remove some dedicated Callback types; not finished yet * Move OidcProfile to wicked SDK * PassthroughScope resolution via external service * Disallow -> disable * Updated dependencies * Add namespace and registration handling for the password grant. * Use = instead of : for separating keys and values * Add user groups as scopes to access tokens - Also fix refresh_token for passthrough APIs (to enable scope changes). * Fixed broken group mapping for ADFS/OAuth2 * Move to services+routes for Kong * Updated dependencies * Don't use ".total" for routes, it's not returned * For simplified integration testing, allow JSON rendering (with env var) * Corner case fixes; integration testing made easier - Check for invalid sessions * Minor fixes of bugs in error handling - Mostly popped up during writing of integration tests - Some adaptions to the OAuth2 RFC (Response codes) * Answer health check both on /auth/ping and /ping * Take out implicit style and add a class * Ad-hoc localization to german (specify LANGUAGE env var) * Display app name with login screen (and some others) - Prepare using a custom URL for the top logo * Check on build that translations are correct * Add some space between log in and links * Updated dependencies * Updated dependencies * Updated dependencies * Add basic prometheus metrics * Change how authenticated_userid is created (adding namespace and sub=). * Also add namespace to back redirect for authorize endpoint (both flows) * Updated dependencies * Make getting a scope from an external URL more robust (retry logic) * Bugfix (for refresh token); the auth server always creates a user id with sub= * Don't rely in service_id in token data (not available for shared_credentials) - Instead use credential_id, which is always present * Move metrics and ping to after prometheus middleware * Bug fix: Go back to "log in" from "sign up" form didn't work * Use specified password validation strategy (and pluggable regex) * Some CSRF security changes; support for "must change password". * Prepare to force password change on resource owner password grant * Support PKCE for Auth Code Grant and Public clients * Verify length of code_verifier (has to have specific length) * Improved email regex when creating a user * Updated dependencies * Fixes Haufe-Lexware/wicked.haufe.io#124 - Answer to IdP initiated logout request (logout responses) - Enable initiating SSO logout requests * Better error message when sso_logout_url is missing * Part I of fix Haufe-Lexware/wicked.haufe.io#127 * Implemementation Haufe-Lexware/wicked.haufe.io#128 - Auth method type "external" - Large refactorings to partly use async/await; which substantially simplifies the code - wicked node SDK also supports Promises now * Slight fix for non-passthrough user and external IDP - Don't ask IdP for refresh token if the user is federated to wicked, it wouldn't be able to answer anyway. * Allow APIs with passthrough Scopes to use Resource Owner Password Grant * Fixes at least parts of Haufe-Lexware/wicked.haufe.io#135 - By passing in "renderSignup" to setTimeout as a function, "this" was lost * Fixes Haufe-Lexware/wicked.haufe.io#137 * Basic scope restriction logic, Haufe-Lexware/wicked.haufe.io#138 * Fixes Haufe-Lexware/wicked.haufe.io#142 - Check for defaultGroups also on subsequent logins - Remove unused code * Fixes Haufe-Lexware/wicked.haufe.io#143 * Fixes Haufe-Lexware/wicked.haufe.io#131 * Fix a potential IE11 caching problem * Fixes Haufe-Lexware/wicked.haufe.io#130 - More elaborate scope checking with refresh tokens * Removed package-lock.json * Actually output some debug information on the redis connection * Renaming images (drop portal-) * Corrected reverse build trigger * Updated bootstrap to 3.4.0 * Wrong base image for actual image, corrected. * Force authentication with SAML in case prompt=login is supplied * Copy/Paste mistake fixed when instantiating Logger * Check for sso_logout_url on identityProvider, not on serviceProvider (bug) * Registration validation was not working properly * For security reasons, take out refresh token for... - Authorization Code Grant, in combination with - Public clients * Add build information to /ping status for Auth Server * Enable local docker builds of auth server; enable git info in image * Check for more specific type of client - Actual implementation of Haufe-Lexware/wicked.haufe.io#159 * Default to using the defined internal Kong proxy port, if defined - otherwise, fall back to external API host (as before) * Remove unused package ldapjs * Ignore build_date file * Ignore git_* files * Bump to version 1.0.0-rc.1 * Remove versioning from portal-env.tgz * Turn off build caching * Bump to version 1.0.0-rc.2 * Endline * Support multiple redirectUris in the auth server - Fixes parts of Haufe-Lexware/wicked.haufe.io#178 * Issue prompt=none errors as redirects, not as JSON * Support OIDC type userinfo endpoints for profile * Neater layout of login page. According to me. * Support prefilling username for login screen - Add autofocus for login screen; looks nicer * Support forgotten password URLs for external auth method * Text tweaks * Ahem. * Bump to version 1.0.0-rc.3 * Bump to version 1.0.0-rc.4 * Update morgan to 1.9.1 * Add typescript devDependency * Update bootstrap * Update async and request * Fixes Haufe-Lexware/wicked.haufe.io#188 * Fix typescript version for build and dev
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
incorrect order:
https://github.com/apim-haufe-io/wicked.auth/blob/next/src/common/redis-connection.ts#L36
sessionStoreOptions.client = redisConnection.getRedis();
//this will die with circular reference error, because
sessionStoreOptions.clientis complex objectdebug('Using redis session store with options ' + JSON.stringify(sessionStoreOptions));
debug statement should be before client is assigned.
The text was updated successfully, but these errors were encountered: