Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSO - Refresh hsdpamcookie to allow signle sign on between other Philips products #49

Merged
merged 10 commits into from
Feb 1, 2024
Merged

SSO - Refresh hsdpamcookie to allow signle sign on between other Philips products #49

merged 10 commits into from
Feb 1, 2024

Conversation

EriksonBahr
Copy link

@EriksonBahr EriksonBahr commented Feb 1, 2024
edited
Loading

Description

Users with different tabs, applications etc will now have their cookie refreshed so when they open other tabs that have other applications, these applications will now be authenticated.

Example: I'm doing logging for 1 hour, when I open reporting, hsp reporting will ask for login due to expired cookie. Now this is no longer happer

https://www.hsdp.io/documentation/identity-and-access-management-iam/api-documents/resource-reference-api/oauth2-api#/Session%20Refresh/refreshSessionUsingGET

New settings introduced:

OAUTH2_PROXY_OIDC_ENABLE_COOKIE_REFRESH default false
OAUTH2_PROXY_OIDC_COOKIE_REFRESH_NAME default 'hsdpamcookie'

Motivation and Context

How Has This Been Tested?

Tested locally

Checklist:

  • My change requires a change to the documentation or CHANGELOG.
  • I have updated the documentation/CHANGELOG accordingly.
  • I have created a feature (non-master) branch for my PR.

@EriksonBahr EriksonBahr requested a review from a team as a code owner February 1, 2024 12:00
l-lafin
l-lafin reviewed Feb 1, 2024
View reviewed changes
oauthproxy.go Outdated Show resolved Hide resolved
pkg/middleware/cookie_refresh.go Outdated Show resolved Hide resolved
pkg/middleware/cookie_refresh.go Show resolved Hide resolved
l-lafin
l-lafin previously approved these changes Feb 1, 2024
View reviewed changes
@l-lafin l-lafin merged commit 5de6ce4 into philips-forks:pics Feb 1, 2024
3 checks passed
@EriksonBahr EriksonBahr deleted the rv/enable-oidc-single-sign-on-cookie-refresher branch February 1, 2024 18:14
@EriksonBahr EriksonBahr mentioned this pull request Feb 2, 2024
Merged
3 tasks
evozniak added a commit that referenced this pull request Feb 2, 2024
@evozniak
allow setting arbitrary cookie refresh url (#50)
0bf401c 
<!--- Provide a general summary of your changes in the Title above -->

## Description

<!--- Describe your changes in detail -->

Allow setting arbitrary URLs for oauth2 proxy cookie refresh mechanism.
#49

## Motivation and Context

<!--- Why is this change required? What problem does it solve? -->
<!--- If it fixes an open issue, please link to the issue here. -->

## How Has This Been Tested?

<!--- Please describe in detail how you tested your changes. -->
<!--- Include details of your testing environment, and the tests you ran
to -->
<!--- see how your change affects other areas of the code, etc. -->

## Checklist:

<!--- Go over all the following points, and put an `x` in all the boxes
that apply. -->
<!--- If you're unsure about any of these, don't hesitate to ask. We're
here to help! -->

- [ ] My change requires a change to the documentation or CHANGELOG.
- [ ] I have updated the documentation/CHANGELOG accordingly.
- [ ] I have created a feature (non-master) branch for my PR.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@l-lafin l-lafin l-lafin approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@EriksonBahr @l-lafin