Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make auth cookie stricter #19973

Merged
merged 13 commits into from
Jul 1, 2024
Merged

Make auth cookie stricter #19973

merged 13 commits into from
Jul 1, 2024
+145 −31

Conversation

filiptronicek
Copy link
Member

@filiptronicek filiptronicek commented Jun 26, 2024
edited
Loading

Description

Make use of a host-only cookie for the main JWT.

Related Issue(s)

Related to https://gitpod.slack.com/archives/C079V6H3JSW.

How to test

https://ft-playing3314cc781a.preview.gitpod-dev.com

Documentation

Preview status

gitpod:summary

Build Options

Build
  • /werft with-werft
    Run the build with werft instead of GHA
  • leeway-no-cache
  • /werft no-test
    Run Leeway with --dont-test
Publish
  • /werft publish-to-npm
  • /werft publish-to-jb-marketplace
Installer
  • analytics=segment
  • with-dedicated-emulation
  • workspace-feature-flags
    Add desired feature flags to the end of the line above, space separated
Preview Environment / Integration Tests
  • /werft with-local-preview
    If enabled this will build install/preview
  • /werft with-preview
  • /werft with-large-vm
  • /werft with-gce-vm
    If enabled this will create the environment on GCE infra
  • /werft preemptible
    Saves cost. Untick this only if you're really sure you need a non-preemtible machine.
  • with-integration-tests=all
    Valid options are all, workspace, webapp, ide, jetbrains, vscode, ssh. If enabled, with-preview and with-large-vm will be enabled.
  • with-monitoring

/hold

@filiptronicek filiptronicek requested review from a team as code owners June 26, 2024 15:45
@filiptronicek filiptronicek changed the base branch from ft/watch-prebuild-cleanup to main June 26, 2024 15:45
@roboquat roboquat added size/M and removed size/L labels Jun 26, 2024
@filiptronicek
Copy link
Member Author

filiptronicek commented Jun 26, 2024
edited
Loading

Looks like logout still doesn't work :(

@filiptronicek
Copy link
Member Author

Ok, works now, time to 💤

@geropl
[server] Make domain-only cookie work for GitHub oauth login
b8cbef6 
... by adding additional step so we can set the cookie for the base domain only
@geropl
test: fix by redirecting before callbacl/authorize
6a6db48
@roboquat roboquat added size/L and removed size/M labels Jun 27, 2024
geropl
geropl approved these changes Jul 1, 2024
View reviewed changes
Copy link
Member

@geropl geropl left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

✔️

@geropl
Copy link
Member

geropl commented Jul 1, 2024

/unhold

@roboquat roboquat merged commit da1053e into main Jul 1, 2024
17 checks passed
@roboquat roboquat deleted the ft/playing-with-cookies branch July 1, 2024 06:53
@geropl geropl mentioned this pull request Jul 3, 2024
Merged
15 tasks
@GoVulnBot GoVulnBot mentioned this pull request Jul 19, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@geropl geropl geropl approved these changes

Assignees
No one assigned
Labels
size/L team: team-engine team: team-enterprise team: team-experience
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@filiptronicek @geropl @roboquat