Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oidc impersonation #11449

Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

oidc impersonation #11449

wants to merge 5 commits into from

Conversation

StekPerepolnen
Copy link
Collaborator

@StekPerepolnen StekPerepolnen commented Nov 11, 2024
edited
Loading

Changelog entry

https://nebius.atlassian.net/browse/NBYDB-594

oidc impersonation adds impersonated cookie that could be used instead session cookie
to get impersonated cookie session cookie and service-account-id could be used

2 oidc impersonate handler were added
/impersonate/start to add impersonated cookie
/impersonate/stop to remove impersonated cookie

If request to oidc happens, it checks new impersonated cookie. if exists, oidc uses it for next authentification
If the authentication domain returns a status code of 400 or 401, OIDC performs a redirect with a 307 status code to the same address and clears the impersonated cookie.

Changelog category

  • New feature

Additional information

Examples:

  1. /impersonate/start
    curl -i 'https://oidc.net/impersonate/start?service_account_id=serviceaccount-e0tydb-dev'
    -H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7'
    -H 'cookie: __Host_session_cookie_6D76702D6F6964632D74657374696E67=****'
    --insecure

expected result:
set-cookie: __Host_impersonated_cookie_6D76702D6F6964632D74657374696E67=****; Path=/; Secure; HttpOnly; SameSite=None; Partitioned

  1. /impersonate/stop
    curl -i 'https://oidc.net/impersonate/start?service_account_id=service-account-name'
    -H 'accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7'
    -H 'cookie: __Host_session_cookie_6D76702D6F6964632D74657374696E67=****'
    --insecure

expected result:
set-cookie: __Host_impersonated_cookie_6D76702D6F6964632D74657374696E67=; Path=/; Secure; HttpOnly; SameSite=None; Partitioned; Max-Age=0

  1. impersonate access (just new impersonated cookie here)
    curl 'https://oidc.net/storage-status.ydb-global.ik8s-beta.ik8s.man.nbhost.net:8765/viewer/json/describe?database=%2Ftesting%2Fcharlotte&path=%2Ftesting%2Fcharlotte&enums=true&backup=false&private=true&partition_config=false&partition_stats=false&partitioning_info=false&subs=1'
    -H 'accept: application/json, text/plain, /'
    -H 'cookie: __Host_session_cookie_6D76702D6F6964632D74657374696E67=; __Host_impersonated_cookie_6D76702D6F6964632D74657374696E67=; _ga_N2V9EEXZGE=GS1.1.1731507944.10.1.1731507976.0.0.0'
    --insecure

If the authentication domain returns a status code of 400 or 401, OIDC performs a redirect with a 307 status code to the same address and clears the impersonated cookie.
...

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 11, 2024
edited
Loading

2024-11-11 06:25:04 UTC Pre-commit check linux-x86_64-release-asan for ecfceac has started.
2024-11-11 06:25:53 UTC Artifacts will be uploaded here
2024-11-11 06:26:21 UTC Check cancelled

@StekPerepolnen StekPerepolnen force-pushed the oidc-impersonation branch 2 times, most recently from 6964f88 to 67b9241 Compare November 11, 2024 06:27
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 11, 2024
edited
Loading

2024-11-11 06:27:56 UTC Pre-commit check linux-x86_64-relwithdebinfo for 78ffa85 has started.
2024-11-11 06:28:09 UTC Check cancelled

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 11, 2024
edited
Loading

2024-11-11 06:31:58 UTC Pre-commit check linux-x86_64-relwithdebinfo for 29a6483 has started.
2024-11-11 06:32:09 UTC Artifacts will be uploaded here
2024-11-11 06:34:39 UTC ya make is running...
🟢 2024-11-11 06:35:31 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
22 22 0 0 0 0

🟢 2024-11-11 06:35:37 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 11, 2024
edited
Loading

2024-11-11 06:32:05 UTC Pre-commit check linux-x86_64-release-asan for 29a6483 has started.
2024-11-11 06:32:15 UTC Artifacts will be uploaded here
2024-11-11 06:34:45 UTC ya make is running...
🟢 2024-11-11 06:35:55 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
22 22 0 0 0 0

🟢 2024-11-11 06:36:01 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 13, 2024
edited
Loading

2024-11-13 14:14:37 UTC Pre-commit check linux-x86_64-relwithdebinfo for bb4fad7 has started.
2024-11-13 14:14:49 UTC Artifacts will be uploaded here
2024-11-13 14:17:19 UTC ya make is running...
🟢 2024-11-13 14:18:14 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
25 25 0 0 0 0

🟢 2024-11-13 14:18:24 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 13, 2024
edited
Loading

2024-11-13 14:17:39 UTC Pre-commit check linux-x86_64-release-asan for bb4fad7 has started.
2024-11-13 14:17:50 UTC Artifacts will be uploaded here
2024-11-13 14:20:30 UTC ya make is running...
🟢 2024-11-13 14:21:51 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
25 25 0 0 0 0

🟢 2024-11-13 14:22:05 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 13, 2024
edited
Loading

2024-11-13 21:12:51 UTC Pre-commit check linux-x86_64-release-asan for 72da77d has started.
2024-11-13 21:13:02 UTC Artifacts will be uploaded here
2024-11-13 21:15:28 UTC ya make is running...
🟢 2024-11-13 21:16:35 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
26 26 0 0 0 0

🟢 2024-11-13 21:16:41 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 13, 2024
edited
Loading

2024-11-13 21:15:34 UTC Pre-commit check linux-x86_64-relwithdebinfo for 72da77d has started.
2024-11-13 21:15:45 UTC Artifacts will be uploaded here
2024-11-13 21:18:12 UTC ya make is running...
🟢 2024-11-13 21:19:02 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
26 26 0 0 0 0

🟢 2024-11-13 21:19:08 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 14, 2024
edited
Loading

2024-11-14 11:07:02 UTC Pre-commit check linux-x86_64-release-asan for bc32601 has started.
2024-11-14 11:07:07 UTC Artifacts will be uploaded here
2024-11-14 11:09:40 UTC ya make is running...
🟢 2024-11-14 11:10:39 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
26 26 0 0 0 0

🟢 2024-11-14 11:10:45 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 14, 2024
edited
Loading

2024-11-14 11:07:39 UTC Pre-commit check linux-x86_64-relwithdebinfo for bc32601 has started.
2024-11-14 11:07:46 UTC Artifacts will be uploaded here
2024-11-14 11:10:11 UTC ya make is running...
🟢 2024-11-14 11:10:52 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
26 26 0 0 0 0

🟢 2024-11-14 11:10:58 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 14, 2024
edited
Loading

2024-11-14 11:25:27 UTC Pre-commit check linux-x86_64-release-asan for 8ec7c90 has started.
2024-11-14 11:26:04 UTC Artifacts will be uploaded here
2024-11-14 11:29:00 UTC ya make is running...
🟢 2024-11-14 11:29:43 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
26 26 0 0 0 0

🟢 2024-11-14 11:29:49 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 14, 2024
edited
Loading

2024-11-14 11:26:02 UTC Pre-commit check linux-x86_64-relwithdebinfo for 8ec7c90 has started.
2024-11-14 11:26:12 UTC Artifacts will be uploaded here
2024-11-14 11:28:40 UTC ya make is running...
🟢 2024-11-14 11:29:11 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
26 26 0 0 0 0

🟢 2024-11-14 11:29:17 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 14, 2024
edited
Loading

2024-11-14 13:40:05 UTC Pre-commit check linux-x86_64-relwithdebinfo for d3f352b has started.
2024-11-14 13:40:16 UTC Artifacts will be uploaded here
2024-11-14 13:42:55 UTC ya make is running...
🟢 2024-11-14 13:43:53 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-14 13:44:00 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 14, 2024
edited
Loading

2024-11-14 13:40:08 UTC Pre-commit check linux-x86_64-release-asan for d3f352b has started.
2024-11-14 13:40:20 UTC Artifacts will be uploaded here
2024-11-14 13:42:46 UTC ya make is running...
🟢 2024-11-14 13:43:55 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-14 13:44:01 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

2024-11-15 09:33:44 UTC Pre-commit check linux-x86_64-relwithdebinfo for c795117 has started.
2024-11-15 09:33:55 UTC Artifacts will be uploaded here
2024-11-15 09:36:25 UTC ya make is running...
🟢 2024-11-15 09:37:20 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-15 09:37:26 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

2024-11-15 09:35:41 UTC Pre-commit check linux-x86_64-release-asan for c795117 has started.
2024-11-15 09:35:53 UTC Artifacts will be uploaded here
2024-11-15 09:38:33 UTC ya make is running...
🟢 2024-11-15 09:39:44 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-15 09:39:50 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 15, 2024
edited
Loading

2024-11-15 14:45:13 UTC Pre-commit check linux-x86_64-relwithdebinfo for d562ec6 has started.
2024-11-15 14:45:25 UTC Artifacts will be uploaded here
2024-11-15 14:48:09 UTC ya make is running...
🟢 2024-11-15 14:49:10 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-15 14:49:18 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 20, 2024
edited
Loading

2024-11-20 13:34:31 UTC Pre-commit check linux-x86_64-release-asan for ce06d53 has started.
2024-11-20 13:34:43 UTC Artifacts will be uploaded here
2024-11-20 13:37:25 UTC ya make is running...
🟢 2024-11-20 13:38:34 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-20 13:38:40 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 20, 2024
edited
Loading

2024-11-20 13:34:32 UTC Pre-commit check linux-x86_64-relwithdebinfo for ce06d53 has started.
2024-11-20 13:35:07 UTC Artifacts will be uploaded here
2024-11-20 13:38:05 UTC ya make is running...
🟢 2024-11-20 13:39:06 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-20 13:39:12 UTC Build successful.

UgnineSirdis
UgnineSirdis requested changes Nov 20, 2024
View reviewed changes
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp Outdated Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h Outdated Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_stop_page_nebius.h Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp Outdated Show resolved Hide resolved
ydb/mvp/oidc_proxy/openid_connect.cpp Outdated
try {
Base64StrictDecode(cookie, token);
} catch (std::exception& e) {
LOG_DEBUG_S(ctx, EService::MVP, "Base64Decode " << cookie << " cookie: " << e.what());
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You wrote user token into logs just now ;)

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

it was masked. but when exception happens, I think that's a good idea to log whole cookie value

Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can not be masked. If it is masked, Base64StrictDecode will generate exception. At least in this function it is not masked.

ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.cpp Outdated Show resolved Hide resolved
@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 21, 2024
edited
Loading

2024-11-21 05:57:51 UTC Pre-commit check linux-x86_64-relwithdebinfo for 0904399 has started.
2024-11-21 05:58:03 UTC Artifacts will be uploaded here
2024-11-21 06:19:15 UTC ya make is running...
🟢 2024-11-21 06:20:15 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-21 06:20:21 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 21, 2024
edited
Loading

2024-11-21 05:58:09 UTC Pre-commit check linux-x86_64-release-asan for 0904399 has started.
2024-11-21 05:58:21 UTC Artifacts will be uploaded here
2024-11-21 06:19:09 UTC ya make is running...
🟢 2024-11-21 06:20:36 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-21 06:20:42 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 26, 2024
edited
Loading

2024-11-26 12:09:34 UTC Pre-commit check linux-x86_64-release-asan for 2f5b367 has started.
2024-11-26 12:09:38 UTC Artifacts will be uploaded here
2024-11-26 12:12:03 UTC ya make is running...
🟡 2024-11-26 12:13:16 UTC Some tests failed, follow the links below. This fail is not in blocking policy yet

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 21 0 6 0 0

🟢 2024-11-26 12:13:22 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 26, 2024
edited
Loading

2024-11-26 12:10:40 UTC Pre-commit check linux-x86_64-relwithdebinfo for 2f5b367 has started.
2024-11-26 12:10:51 UTC Artifacts will be uploaded here
2024-11-26 12:13:17 UTC ya make is running...
🟡 2024-11-26 12:14:24 UTC Some tests failed, follow the links below. Going to retry failed tests...

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 21 0 6 0 0

2024-11-26 12:14:32 UTC ya make is running... (failed tests rerun, try 2)
🟡 2024-11-26 12:14:54 UTC Some tests failed, follow the links below. Going to retry failed tests...

Test history | Ya make output | Test bloat | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
6 (only retried tests) 0 0 6 0 0

2024-11-26 12:15:01 UTC ya make is running... (failed tests rerun, try 3)
🔴 2024-11-26 12:15:23 UTC Some tests failed, follow the links below.

Test history | Ya make output | Test bloat | Test bloat | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
6 (only retried tests) 0 0 6 0 0

🟢 2024-11-26 12:15:29 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 26, 2024
edited
Loading

2024-11-26 13:01:43 UTC Pre-commit check linux-x86_64-release-asan for e8324b7 has started.
2024-11-26 13:02:24 UTC Artifacts will be uploaded here
2024-11-26 13:05:41 UTC ya make is running...
🟢 2024-11-26 13:06:51 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-26 13:06:58 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 26, 2024
edited
Loading

2024-11-26 13:03:37 UTC Pre-commit check linux-x86_64-relwithdebinfo for e8324b7 has started.
2024-11-26 13:03:50 UTC Artifacts will be uploaded here
2024-11-26 13:06:31 UTC ya make is running...
🟢 2024-11-26 13:07:27 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-26 13:07:34 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 26, 2024
edited
Loading

2024-11-26 13:25:07 UTC Pre-commit check linux-x86_64-release-asan for 46fe47d has started.
2024-11-26 13:25:18 UTC Artifacts will be uploaded here
2024-11-26 13:27:56 UTC ya make is running...
🟢 2024-11-26 13:28:49 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-26 13:28:56 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 26, 2024
edited
Loading

2024-11-26 13:25:26 UTC Pre-commit check linux-x86_64-relwithdebinfo for 46fe47d has started.
2024-11-26 13:25:37 UTC Artifacts will be uploaded here
2024-11-26 13:28:03 UTC ya make is running...
🟢 2024-11-26 13:28:46 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
27 27 0 0 0 0

🟢 2024-11-26 13:28:52 UTC Build successful.

UgnineSirdis
UgnineSirdis requested changes Nov 26, 2024
View reviewed changes
ydb/mvp/oidc_proxy/oidc_protected_page_handler.h
namespace NOIDC {
namespace NMVP::NOIDC {

using namespace NActors;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

using namespace in headers is not recommended

ydb/mvp/oidc_proxy/oidc_session_create_handler.h
namespace NOIDC {
namespace NMVP::NOIDC {

using namespace NActors;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

using namespace in headers is not recommended

ydb/mvp/oidc_proxy/openid_connect.cpp Outdated
@@ -3,15 +3,15 @@
#include <util/string/hex.h>
#include <library/cpp/json/json_reader.h>
#include <library/cpp/string_utils/base64/base64.h>
#include <ydb/library/security/util.h>
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

According to arcadia style guide, headers should be listed in the following order:

  1. Corresponding header of our cpp
  2. Local library headers
  3. Headers of libraries of our project
  4. Library
  5. Util
  6. standard headers

From less common to more common

ydb/mvp/oidc_proxy/openid_connect.cpp Outdated
try {
Base64StrictDecode(cookie, token);
} catch (std::exception& e) {
LOG_DEBUG_S(ctx, EService::MVP, "Base64Decode " << cookie << " cookie: " << e.what());
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It can not be masked. If it is masked, Base64StrictDecode will generate exception. At least in this function it is not masked.

ydb/mvp/oidc_proxy/oidc_session_create_yandex.h
namespace NOIDC {
namespace NMVP::NOIDC {

using namespace NActors;
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

using namespace in headers is not recommended

ydb/mvp/oidc_proxy/oidc_protected_page_nebius.cpp Show resolved Hide resolved
ydb/mvp/oidc_proxy/oidc_protected_page.cpp Outdated
} // NOIDC
} // NMVP
void THandlerSessionServiceCheck::ReplyAndDie(NHttp::THttpOutgoingResponsePtr httpResponse, const NActors::TActorContext& ctx) {
ctx.Send(Sender, new NHttp::TEvHttpProxy::TEvHttpOutgoingResponse(httpResponse));
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

std::move(httpResponse)

ydb/mvp/oidc_proxy/oidc_protected_page.cpp Outdated
@@ -233,5 +226,9 @@ NHttp::THttpOutgoingResponsePtr THandlerSessionServiceCheck::CreateResponseForNo
return Request->CreateResponse("400", "Bad Request", headers, html);
}

} // NOIDC
} // NMVP
void THandlerSessionServiceCheck::ReplyAndDie(NHttp::THttpOutgoingResponsePtr httpResponse, const NActors::TActorContext& ctx) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We can here not use ctx - there are all these methods without ctx

ydb/mvp/oidc_proxy/oidc_impersonate_start_page_nebius.h
STFUNC(StateWork) {
switch (ev->GetTypeRewrite()) {
HFunc(NHttp::TEvHttpProxy::TEvHttpIncomingResponse, Handle);
cFunc(TEvents::TEvPoisonPill::EventType, PassAway);
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we receive Poison here? From who?

ydb/mvp/oidc_proxy/oidc_impersonate_stop_page_nebius.cpp Outdated
ReplyAndDie(httpResponse, ctx);
}

void THandlerImpersonateStop::ReplyAndDie(NHttp::THttpOutgoingResponsePtr httpResponse, const NActors::TActorContext& ctx) {
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It is not neccessary to use ctx here. There are all these methods without ctx

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 27, 2024
edited
Loading

2024-11-27 01:17:32 UTC Pre-commit check linux-x86_64-relwithdebinfo for 5dfa7e6 has started.
2024-11-27 01:17:44 UTC Artifacts will be uploaded here
2024-11-27 01:20:10 UTC ya make is running...
🟢 2024-11-27 01:21:04 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
28 28 0 0 0 0

🟢 2024-11-27 01:21:11 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 27, 2024
edited
Loading

2024-11-27 01:17:39 UTC Pre-commit check linux-x86_64-release-asan for 5dfa7e6 has started.
2024-11-27 01:17:50 UTC Artifacts will be uploaded here
2024-11-27 01:20:19 UTC ya make is running...
🟢 2024-11-27 01:21:21 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
28 28 0 0 0 0

🟢 2024-11-27 01:21:28 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 27, 2024
edited
Loading

2024-11-27 06:19:24 UTC Pre-commit check linux-x86_64-release-asan for 0492864 has started.
2024-11-27 06:19:35 UTC Artifacts will be uploaded here
2024-11-27 06:22:05 UTC ya make is running...
🟢 2024-11-27 06:23:06 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
28 28 0 0 0 0

🟢 2024-11-27 06:23:13 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 27, 2024
edited
Loading

2024-11-27 06:19:32 UTC Pre-commit check linux-x86_64-relwithdebinfo for 0492864 has started.
2024-11-27 06:19:44 UTC Artifacts will be uploaded here
2024-11-27 06:22:10 UTC ya make is running...
🟢 2024-11-27 06:23:01 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
28 28 0 0 0 0

🟢 2024-11-27 06:23:07 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 27, 2024
edited
Loading

2024-11-27 07:36:31 UTC Pre-commit check linux-x86_64-relwithdebinfo for 3cc117e has started.
2024-11-27 07:36:43 UTC Artifacts will be uploaded here
2024-11-27 07:39:09 UTC ya make is running...
🟢 2024-11-27 07:40:04 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
28 28 0 0 0 0

🟢 2024-11-27 07:40:10 UTC Build successful.

@github-actions GitHub Actions
Copy link

github-actions bot commented Nov 27, 2024
edited
Loading

2024-11-27 07:37:24 UTC Pre-commit check linux-x86_64-release-asan for 3cc117e has started.
2024-11-27 07:37:37 UTC Artifacts will be uploaded here
2024-11-27 07:40:18 UTC ya make is running...
🟢 2024-11-27 07:41:30 UTC Tests successful.

Test history | Ya make output | Test bloat

TESTS PASSED ERRORS FAILED SKIPPED MUTED?
28 28 0 0 0 0

🟢 2024-11-27 07:41:36 UTC Build successful.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@UgnineSirdis UgnineSirdis UgnineSirdis requested changes

@molotkov-and molotkov-and Awaiting requested review from molotkov-and

Requested changes must be addressed to merge this pull request.

Assignees
No one assigned
Labels
new-feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@StekPerepolnen @molotkov-and @UgnineSirdis