fix: Issue DeviceWebToken during Github authn #44656
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
codingllama
added
no-changelog
codingllama
changed the title
|
Requires https://github.com/gravitational/teleport.e/pull/4753 to work properly (otherwise web tokens are only issued to newly-enrolled devices). |
|
FYI @avatus. |
codingllama
force-pushed
the
codingllama/dtw-sso-gh
branch
from
3f619a3 to
b34a2de
Compare
|
Rebased onto latest master and solved protogen conflicts. |
|
Friendly ping @r0mant @rosstimothy @atburke ? |
rosstimothy
approved these changes
Jul 29, 2024
r0mant
approved these changes
Jul 29, 2024
codingllama
force-pushed
the
codingllama/dtw-sso-gh
branch
from
b34a2de to
f36f3d1
Compare
public-teleport-github-review-bot
bot
removed the request for review
from avatus
public-teleport-github-review-bot
bot
removed the request for review
from atburke
github-merge-queue
bot
removed this pull request from the merge queue due to failed status checks
github-merge-queue bot
pushed a commit
that referenced
this pull request
Jul 29, 2024
* Move trusted device mode calculation into CreateWebSessionFromReq * Add the GithubAuthRequest.ClientUserAgent field * Update generated protos * Issue DeviceWebToken during Github authn * Issue DeviceWebToken as part of CreateWebSessionFromReq * nit: Move methods to sessions.go
github-merge-queue
bot
removed this pull request from the merge queue due to no response for status checks
|
@codingllama See the table below for backport results.
|
codingllama
added a commit
that referenced
this pull request
Jul 30, 2024
* Move trusted device mode calculation into CreateWebSessionFromReq * Add the GithubAuthRequest.ClientUserAgent field * Update generated protos * Issue DeviceWebToken during Github authn * Issue DeviceWebToken as part of CreateWebSessionFromReq * nit: Move methods to sessions.go
This was referenced Jul 30, 2024
codingllama
added a commit
that referenced
this pull request
Jul 30, 2024
* Move trusted device mode calculation into CreateWebSessionFromReq * Add the GithubAuthRequest.ClientUserAgent field * Update generated protos * Issue DeviceWebToken during Github authn * Issue DeviceWebToken as part of CreateWebSessionFromReq * nit: Move methods to sessions.go
github-merge-queue bot
pushed a commit
that referenced
this pull request
Jul 30, 2024
* fix: Issue DeviceWebToken during Github authn (#44656) * Move trusted device mode calculation into CreateWebSessionFromReq * Add the GithubAuthRequest.ClientUserAgent field * Update generated protos * Issue DeviceWebToken during Github authn * Issue DeviceWebToken as part of CreateWebSessionFromReq * nit: Move methods to sessions.go * Fix imports and merged code * Fix imports yet again
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue a device web token during GitHub authn.
I've taken the opportunity to also calculate the "trusted device requirement" when a new session is created via CreateWebSessionFromReq (which should address regular and SSO logins too).
Partly addresses GitHub for issue #44598 (missing the frontend hooks).