Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

TT-11298 added possibilit to fill the state by url or form encoded body #389 #427

Merged
merged 4 commits into from
Jan 6, 2025
Merged

TT-11298 added possibilit to fill the state by url or form encoded body #389 #427

merged 4 commits into from
Jan 6, 2025

Conversation

mativm02
Copy link
Contributor

Duplicated of #389 with latest master changes.

Description

In the current implementation of tib the state used is always the value state this is contradicting the RFC 6749

Related Issue

#388
Tyk Support Request #18436
Tyk Feature Issue: TT-11298

Motivation and Context

It enables the application that wants to log in via tib to send its own state what makes it opaque and non guessable.
But in the implementation I kept the hardcoded state as a fallback to keep it backwards compatible.

How This Has Been Tested

I tested this in our tyk on prem production environment with a oauth provider that required a minimum length of the state value. Also I added tests to the tothic_test.go file.

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)
  • Refactoring or add test (improvements in base code or adds test coverage to functionality)

Checklist

  • [x ] Make sure you are requesting to pull a topic/feature/bugfix branch (right side). If pulling from your own
    fork, don't request your master!
  • [ x] Make sure you are making a pull request against the master branch (left side). Also, you should start
    your branch off our latest master.
  • My change requires a change to the documentation.
    • If you've changed APIs, describe what needs to be updated in the documentation.
    • If new config option added, ensure that it can be set via ENV variable
  • I have updated the documentation accordingly.
  • Modules and vendor dependencies have been updated; run go mod tidy && go mod vendor
  • When updating library version must provide reason/explanation for this update.
  • I have added tests to cover my changes.
  • All new and existing tests passed.
  • Check your code additions will not fail linting checks:
    • go fmt -s
    • go vet

@mativm02 mativm02 mentioned this pull request Dec 18, 2024
Closed
15 tasks
sredxny
sredxny requested changes Jan 6, 2025
View reviewed changes
tothic/tothic.go Outdated Show resolved Hide resolved
@sredxny sredxny merged commit 97d9d63 into master Jan 6, 2025
9 checks passed
@sredxny sredxny deleted the TT-11298 branch January 6, 2025 17:08
@sonarqubecloud SonarQubeCloud
Copy link

sonarqubecloud bot commented Jan 6, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
100.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sredxny sredxny sredxny approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mativm02 @sredxny @codingWombat