Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Unable to use hyphen in JSON path for oidc-groups-claim option #2619

Merged
merged 3 commits into from
Oct 7, 2024
Merged

fix: Unable to use hyphen in JSON path for oidc-groups-claim option #2619

merged 3 commits into from
Oct 7, 2024

Conversation

rd-danny-fleer
Copy link
Contributor

@rd-danny-fleer rd-danny-fleer commented Apr 26, 2024
edited by tuunit
Loading

Description

  • Removed dependency "github.com/ohler55/ojg/jp"
  • Always evaluate claim as string literal first and as JSON path as fallback

Motivation and Context

Fix #2618

I know there might be better solutions, like implementing a feature flag and an additional option to control if oidc-groups-claims should be evaluated as string or JSON path.
However such a change might be breaking and I didn't want to anticipate the decision for an alternative. Therefore I implemented a simple solution in the first step.

How Has This Been Tested?

Added additional tests.

Checklist:

  • My change requires a change to the documentation or CHANGELOG.
  • I have updated the documentation/CHANGELOG accordingly.
  • I have created a feature (non-master) branch for my PR.
  • I have written tests for my code changes.

@rd-danny-fleer rd-danny-fleer requested a review from a team as a code owner April 26, 2024 14:50
@github-actions GitHub Actions
Copy link
Contributor

This pull request has been inactive for 60 days. If the pull request is still relevant please comment to re-activate the pull request. If no action is taken within 7 days, the pull request will be marked closed.

@github-actions github-actions bot added the Stale label Jun 26, 2024
@github-actions github-actions bot closed this Jul 4, 2024
@tuunit tuunit removed the Stale label Sep 15, 2024
@tuunit tuunit reopened this Sep 15, 2024
@github-actions github-actions bot added the docs label Oct 7, 2024
@tuunit tuunit merged commit 642ba17 into oauth2-proxy:master Oct 7, 2024
6 checks passed
@BrewTestBot BrewTestBot mentioned this pull request Oct 8, 2024
Merged
tuunit pushed a commit to bjencks/oauth2-proxy that referenced this pull request Oct 13, 2024
@rd-danny-fleer @tuunit
fix: unable to use hyphen in JSON path for oidc-groups-claim option (o…
a473cd2 
…auth2-proxy#2619)
jjlakis pushed a commit to jjlakis/oauth2-proxy that referenced this pull request Oct 19, 2024
@rd-danny-fleer @jjlakis
fix: unable to use hyphen in JSON path for oidc-groups-claim option (o…
db20945 
…auth2-proxy#2619)
@michael-doubez
Copy link

@rd-danny-fleer this removes the possibility to use json path.

The code should be fixed by correcting the inverted logic :

_, err := jp.ParseString(claim)
if err == nil {
         return src.Get(claim).Interface()

And not

	_, err := jp.ParseString(claim)
if err != nil {
          return src.Get(claim).Interface()

Testing for $. prefix could detect the expression is a JSONPath.

@tuunit
Copy link
Member

tuunit commented Oct 30, 2024

@rd-danny-fleer this removes the possibility to use json path.

The code should be fixed by correcting the inverted logic :

_, err := jp.ParseString(claim)
if err == nil {
return src.Get(claim).Interface()

And not

	_, err := jp.ParseString(claim)

if err != nil {
return src.Get(claim).Interface()

Testing for $. prefix could detect the expression is a JSONPath.

Would you be willing to open a PR for this change and add more extensive tests?

@michael-doubez
Copy link

Will do.

I'd prefer JMESPath but JSONPATH would be good enough in most cases.

@michael-doubez michael-doubez mentioned this pull request Nov 1, 2024
Open
4 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@tuunit tuunit tuunit approved these changes

Assignees
No one assigned
Labels
docs go tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

[Bug]: Unable to use hyphen in JSON path for oidc-groups-claim option
3 participants
@rd-danny-fleer @michael-doubez @tuunit