You are viewing a plain text version of this content. The canonical link for it is here.

Posted to reviews@iotdb.apache.org by GitBox <gi...@apache.org> on 2021/04/27 01:23:15 UTC

[GitHub] [iotdb] CloudWise-Lukemiao opened a new pull request #3073: Fixed openid bug

CloudWise-Lukemiao opened a new pull request #3073:
URL: https://github.com/apache/iotdb/pull/3073


   Fix the exception of starting report when the configuration openid_url is HTTP and using keyclock to login without password abnormal bug


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] CloudWise-Lukemiao commented on a change in pull request #3073: Fixed openid bug

Posted by GitBox <gi...@apache.org>.

CloudWise-Lukemiao commented on a change in pull request #3073:
URL: https://github.com/apache/iotdb/pull/3073#discussion_r620877187



##########
File path: server/src/main/java/org/apache/iotdb/db/auth/authorizer/OpenIdAuthorizer.java
##########
@@ -189,7 +188,7 @@ private Claims validateToken(String token) {
         .setAllowedClockSkewSeconds(Long.MAX_VALUE / 1000)
         // .setSigningKey(DatatypeConverter.parseBase64Binary(secret))
         .setSigningKey(providerKey)
-        .parseClaimsJws(token)
+        .parseClaimsJws(token.replaceAll("access_token:", ""))

Review comment:
       I'm sorry, I take the return value( eg:{"access_token":xxx, "token_type": "Bearer","not-before-policy": 0, "session_state": "xxx","scope": "profile email","expires_in": 300,"refresh_expires_in": 1800,"refresh_token": ""} )as the token.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] JulianFeinauer commented on a change in pull request #3073: Fixed openid bug

Posted by GitBox <gi...@apache.org>.

JulianFeinauer commented on a change in pull request #3073:
URL: https://github.com/apache/iotdb/pull/3073#discussion_r620823723



##########
File path: server/src/main/java/org/apache/iotdb/db/auth/authorizer/OpenIdAuthorizer.java
##########
@@ -99,8 +99,7 @@ private static JSONObject getJWKFromProvider(String providerUrl)
     logger.debug("Using Provider Metadata: {}", providerMetadata);
 
     try {
-      URL url =
-          new URI(providerMetadata.getJWKSetURI().toString().replace("http", "https")).toURL();
+      URL url = new URI(providerMetadata.getJWKSetURI().toString().replace("http", "http")).toURL();

Review comment:
       Why do we generally need the replace here? 

##########
File path: server/src/main/java/org/apache/iotdb/db/auth/authorizer/OpenIdAuthorizer.java
##########
@@ -189,7 +188,7 @@ private Claims validateToken(String token) {
         .setAllowedClockSkewSeconds(Long.MAX_VALUE / 1000)
         // .setSigningKey(DatatypeConverter.parseBase64Binary(secret))
         .setSigningKey(providerKey)
-        .parseClaimsJws(token)
+        .parseClaimsJws(token.replaceAll("access_token:", ""))

Review comment:
       What does this line do? 




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] JulianFeinauer commented on pull request #3073: Fixed openid bug

Posted by GitBox <gi...@apache.org>.

JulianFeinauer commented on pull request #3073:
URL: https://github.com/apache/iotdb/pull/3073#issuecomment-827550571


   LGTM. Is the failing test systematic or should we care about it @jixuan1989 or @qiaojialin ? Otherwise this could be merged IMHO.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] HTHou merged pull request #3073: Fixed openid bug

Posted by GitBox <gi...@apache.org>.

HTHou merged pull request #3073:
URL: https://github.com/apache/iotdb/pull/3073


   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [iotdb] CloudWise-Lukemiao commented on a change in pull request #3073: Fixed openid bug

Posted by GitBox <gi...@apache.org>.

CloudWise-Lukemiao commented on a change in pull request #3073:
URL: https://github.com/apache/iotdb/pull/3073#discussion_r620875400



##########
File path: server/src/main/java/org/apache/iotdb/db/auth/authorizer/OpenIdAuthorizer.java
##########
@@ -189,7 +188,7 @@ private Claims validateToken(String token) {
         .setAllowedClockSkewSeconds(Long.MAX_VALUE / 1000)
         // .setSigningKey(DatatypeConverter.parseBase64Binary(secret))
         .setSigningKey(providerKey)
-        .parseClaimsJws(token)
+        .parseClaimsJws(token.replaceAll("access_token:", ""))

Review comment:
       I'm sorry, I take the return value( eg:{"access_token":xxx, "token_type": "Bearer","not-before-policy": 0, "session_state": "xxx","scope": "profile email","expires_in": 300,"refresh_expires_in": 1800,"refresh_token": ""} )as the token.




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org