Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for SSO authentication #1831

Merged
merged 1 commit into from
Jan 15, 2025
Merged

Add support for SSO authentication #1831

merged 1 commit into from
Jan 15, 2025

Conversation

jderusse
Copy link
Member

Fix #1581

@jderusse jderusse mentioned this pull request Jan 13, 2025
Closed
@shadowhand
Copy link

@jderusse I can try this out sometime in the new few hours. Thank you!

@shadowhand
Copy link

@jderusse took me a couple of hours, and a sleep, to realize that I had a configuration bug when testing this. Now that I have resolved that, I am happy to report that this PR works perfectly. 🎉

@jderusse jderusse merged commit 45227e0 into async-aws:master Jan 15, 2025
17 checks passed
@jderusse jderusse deleted the sso-credential branch January 15, 2025 09:02
@Nyholm Nyholm mentioned this pull request Jan 15, 2025
Merged
stof
stof reviewed Jan 15, 2025
View reviewed changes
src/Core/src/Credentials/IniFileProvider.php

return $this->getCredentialsFromSsoSession($profilesData, $profileData, $profile);
}

if (isset($profileData[IniFileLoader::KEY_SSO_START_URL])) {
if (class_exists(SsoClient::class)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this change the branches without inverting the condition

src/Core/src/Credentials/IniFileProvider.php
@@ -93,14 +93,24 @@ private function getCredentialsFromProfile(array $profilesData, string $profile,
return $this->getCredentialsFromRole($profilesData, $profileData, $profile, $circularCollector);
}

if (isset($profileData[IniFileLoader::KEY_SSO_SESSION])) {
if (!class_exists(SsoClient::class)) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

shouldn't this check for SsoOidcClient instead ?

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

already addressed by #1833

src/Core/src/Credentials/SsoTokenProvider.php
512,
\JSON_BIGINT_AS_STRING | (\PHP_VERSION_ID >= 70300 ? \JSON_THROW_ON_ERROR : 0)
);
} catch (\JsonException $e) {
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

you also need the error handling for PHP 7.2 as it won't throw an error there.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@stof stof stof left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SSO authentication with token provider configuration not working
3 participants
@jderusse @shadowhand @stof