refactor: OpenID strategy and Enhance role extraction and validation logic #6741
+393
−218
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
…proved assertions
…traction, and user creation logic
…ultiple sources and improve error handling
There was a problem hiding this comment.
Copilot reviewed 2 out of 3 changed files in this pull request and generated 1 comment.
Files not reviewed (1)
- .env.example: Language not supported
Comments suppressed due to low confidence (2)
api/strategies/openidStrategy.js:231
- Fallbacking to an empty string for client_secret may lead to silent misconfiguration if a client secret is required. Consider explicitly validating its presence.
client_secret: process.env.OPENID_CLIENT_SECRET || '',
api/strategies/openidStrategy.js:46
- [nitpick] On download failure, returning an empty string may lead to type inconsistencies with the expected Buffer type. Consider returning null or a consistent type to clearly indicate a failure.
return await response.buffer();
|
@danny-avila @rubentalstra This functionality is important for Cornell, wondering if there is a timeline? Thanks |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Summary
This pull request includes significant updates to the OpenID strategy and its related tests, focusing on enhancing functionality and improving code quality. The most important changes include adding new environment variables, refactoring functions for clarity and correctness, and updating test cases to reflect the new logic.
Enhancements to OpenID Strategy:
.env.example: AddedOPENID_USE_PKCEandOPENID_REQUIRED_ROLE_SOURCEenvironment variables to support PKCE and specify the source for required roles.api/strategies/openidStrategy.js: Refactored thedownloadImage,getFullName,convertToUsername, andsetupOpenIdfunctions for better readability and added new functionsextractRolesFromandgetUserRolesto handle role extraction logic.Improvements to OpenID Strategy Tests:
api/strategies/openidStrategy.spec.js: Updated mock configurations and added missing mock functions. Enhanced test cases to validate new logic, including role extraction and PKCE support. [1] [2] [3] [4] [5] [6] [7] [8] [9] [10] [11] [12] [13]Change Type
Testing
Please describe your test process and include instructions so that we can reproduce your test. If there are any important variables for your testing configuration, list them here.
Test Configuration:
Checklist