Skip to content

handle nil pointer for saml user session validation #539

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
irshadaj merged 2 commits into from
Apr 4, 2024
Merged

handle nil pointer for saml user session validation #539

irshadaj merged 2 commits into from
Apr 4, 2024

Conversation

@irshadaj
Copy link
Contributor

@irshadaj irshadaj commented Apr 4, 2024
edited
Loading

Description

When a User is updated to be SAML, its AuthSecret is set to nil. Thereafter in ValidateSessions, we call a method on the nil AuthSecret leading to a panic in the logs. This MR adds logic to handle that case gracefully.

I also updated the Auth Middleware to return the actual error upon ValidateSession failure, as we were just discarding this information and returning a blanket failure statement before.

How Has This Been Tested?

Manual testing

Types of changes

  • Chore (a change that does not modify the application functionality)
  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing functionality to change)

Checklist:

  • Documentation updates are needed, and have been made accordingly.
  • I have added and/or updated tests to cover my changes.
  • All new and existing tests passed.
  • My changes include a database migration.

@irshadaj irshadaj self-assigned this Apr 4, 2024
@irshadaj irshadaj added bug Something isn't working api A pull request containing changes affecting the API code. labels Apr 4, 2024
ddlees
ddlees requested changes Apr 4, 2024
View reviewed changes
@irshadaj irshadaj merged commit 0128ae9 into main Apr 4, 2024
@irshadaj irshadaj deleted the nil_pointer branch April 4, 2024 17:40
@github-actions github-actions bot locked and limited conversation to collaborators Apr 4, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@ddlees ddlees ddlees approved these changes

Assignees

@irshadaj irshadaj

Labels

api A pull request containing changes affecting the API code. bug Something isn't working

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@irshadaj @ddlees