Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Incorrect "Collections" type check in OpenID Connect Realm #50250

Closed
tvernum opened this issue Dec 16, 2019 · 1 comment · Fixed by #50521
Closed

Incorrect "Collections" type check in OpenID Connect Realm #50250

tvernum opened this issue Dec 16, 2019 · 1 comment · Fixed by #50521
Assignees
@tvernum
Labels
>bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)

Comments

@tvernum
Copy link
Contributor

tvernum commented Dec 16, 2019

Reported: https://discuss.elastic.co/t/openid-connect-not-parsing-multi-value-array-list-user-attributes/212025

When parsing OIDC metadata we do an instanceof Collections check that should be Collection.
This prevents mutli-valued metadata from being provided.
@tvernum tvernum added >bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc) labels Dec 16, 2019
@elasticmachine
Copy link
Collaborator

Pinging @elastic/es-security (:Security/Authentication)

@tvernum tvernum self-assigned this Dec 30, 2019
tvernum added a commit to tvernum/elasticsearch that referenced this issue Dec 30, 2019
@tvernum
Populate OpenIDConnect metadata collections
be265df 
The OpenIdConnectRealm had a bug which would cause it not to populate
User metadata for collections contained in the user JWT claims.

This commit fixes that bug.

Resolves: elastic#50250
@tvernum tvernum mentioned this issue Dec 30, 2019
Merged
tvernum added a commit that referenced this issue Jan 8, 2020
@tvernum
Populate OpenIDConnect metadata collections (#50521)
7e12d5a 
The OpenIdConnectRealm had a bug which would cause it not to populate
User metadata for collections contained in the user JWT claims.

This commit fixes that bug.

Resolves: #50250
tvernum added a commit to tvernum/elasticsearch that referenced this issue Jan 13, 2020
@tvernum
Populate OpenIDConnect metadata collections
14852ed 
The OpenIdConnectRealm had a bug which would cause it not to populate
User metadata for collections contained in the user JWT claims.

This commit fixes that bug.

Resolves: elastic#50250
Backport of: elastic#50521
SivagurunathanV pushed a commit to SivagurunathanV/elasticsearch that referenced this issue Jan 23, 2020
@tvernum @SivagurunathanV
Populate OpenIDConnect metadata collections (elastic#50521)
60a3314 
The OpenIdConnectRealm had a bug which would cause it not to populate
User metadata for collections contained in the user JWT claims.

This commit fixes that bug.

Resolves: elastic#50250
This was referenced Feb 3, 2020
Closed
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@tvernum tvernum

Labels
>bug :Security/Authentication Logging in, Usernames/passwords, Realms (Native/LDAP/AD/SAML/PKI/etc)
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Populate User metadata with OpenIDConnect collections tvernum/elasticsearch
2 participants
@tvernum @elasticmachine