Skip to content

Fix missing action for OIDC test route#10721

Merged
aduth merged 1 commit intomainfrom
aduth-missing-oidc-start-action
May 30, 2024
Merged

Fix missing action for OIDC test route#10721
aduth merged 1 commit intomainfrom
aduth-missing-oidc-start-action

Conversation

@aduth
Copy link
Contributor

@aduth aduth commented May 30, 2024

🛠 Summary of changes

Fixes a missing action for the /test/oidc route.

In #9923, test routes were added for an OIDC test login controller, including /test/oidc pointing to a #start action, but the #start action wasn't implemented.

The approach here redirects to /test/oidc/auth_request. The thinking being that the corresponding /test/saml request "starts" an IAL1 authentication and returns the user to the sign-in screen, which is the same as what the /test/oidc/auth_request route does.

📜 Testing Plan

  1. Go to http://localhost:3000/test/oidc
  2. Observe that you don't see a 500 error, and instead are redirected to sign in to the OIDC test app

@aduth
Fix missing action for OIDC test route
2c021c4 
changelog: Internal, OIDC, Fix missing action for OIDC test route
zachmargolis
zachmargolis approved these changes May 30, 2024
View reviewed changes
Copy link
Contributor

@zachmargolis zachmargolis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, I got the error "Bad client_id" when I tried that URL? Must be missing some other config

@aduth
Copy link
Contributor Author

aduth commented May 30, 2024

LGTM, I got the error "Bad client_id" when I tried that URL? Must be missing some other config

That's strange! I'm not entirely familiar with how this controller is expected to work, but it does appear to be referencing a client ID I'd expect to be seeded for everyone in local development:

identity-idp/app/controllers/test/oidc_test_controller.rb

Line 11 in d44ec8f

@client_id = 'urn:gov:gsa:openidconnect:sp:test'

identity-idp/config/service_providers.localdev.yml

Line 544 in d44ec8f

'urn:gov:gsa:openidconnect:sp:test':

@aduth
Copy link
Contributor Author

aduth commented May 30, 2024
edited
Loading

Maybe try running ServiceProviderSeeder.new.run in a Rails console and see if that helps, in case your local service providers are out of date? That service provider was added only a few months ago in #9923, so it wouldn't surprise me, since I'm not aware that we have anything that regularly syncs service providers in local development?

Edit: And it's explicitly called out in the Testing Plan for #9923 to "run rake db:seed"

@zachmargolis
Copy link
Contributor

zachmargolis commented May 30, 2024

Maybe try running ServiceProviderSeeder.new.run in a Rails console and see if that helps, in case your local service providers are out of date? That service provider was added only a few months ago in #9923, so it wouldn't surprise me, since I'm not aware that we have anything that regularly syncs service providers in local development?

Edit: And it's explicitly called out in the Testing Plan for #9923 to "run rake db:seed"

Confirmed! It worked after seeding

@aduth aduth merged commit 7cc1392 into main May 30, 2024
@aduth aduth deleted the aduth-missing-oidc-start-action branch May 30, 2024 19:28
@aduth aduth mentioned this pull request Jun 3, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

1 more reviewer

@zachmargolis zachmargolis zachmargolis approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@aduth @zachmargolis