Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Bug]: OAuth fails for Azure AD external users due to # in user id #2773

Open
1 task done
nazarewk opened this issue Jan 18, 2024 · 1 comment
Open
1 task done

[Bug]: OAuth fails for Azure AD external users due to # in user id #2773

nazarewk opened this issue Jan 18, 2024 · 1 comment
Assignees
@afeiszli @mattkasun
Labels
bug Something isn't working

Comments

@nazarewk
Copy link

nazarewk commented Jan 18, 2024
edited

What happened?

Azure AD external users are in format: user.name_external.domain.com#EXT#@internaltenant.onmicrosoft.com for user user.name@external.domain.com and internaltenant , which does not pass the internal check due to presence of #:

netmaker/models/structs.go

Lines 274 to 282 in 630c95c

func (user *User) NameInCharSet() bool {
charset := "abcdefghijklmnopqrstuvwxyz1234567890-."
for _, char := range user.UserName {
if !strings.Contains(charset, strings.ToLower(string(char))) {
return false
}
}
return true
}

Version

v0.22.0

What OS are you using?

Linux

Relevant log output

[netmaker] 2024-01-18 09:45:56 error creating user, krzysztof.nazarewski_[REDACTED].com#EXT#@[REDACTED].onmicrosoft.com ; user not added

Contributing guidelines

  • Yes, I did.
@nazarewk nazarewk added the bug Something isn't working label Jan 18, 2024
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 19, 2024
@nazarewk
skip NameInCharSet() validation for SSO users
96e4cae 
fixes gravitl#2773
@nazarewk nazarewk mentioned this issue Jan 19, 2024
Closed
8 tasks
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 19, 2024
@nazarewk
skip NameInCharSet() validation for SSO users
9ca6b44 
fixes gravitl#2773
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 19, 2024
@nazarewk
SSO: skip validation and disable login
3b5c428 
fixes gravitl#2773
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 19, 2024
@nazarewk
SSO: skip validation and disable login
e182232 
fixes gravitl#2773
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 19, 2024
@nazarewk
SSO: skip validation and disable login
306a1b5 
fixes gravitl#2773
@nazarewk
Copy link
Author

nazarewk commented Jan 19, 2024
edited

actually it is a lot more than just a # present in the SSO username, validation should be skipped completely as per #2776
it fails:

  • max=40 and in_charset|email on username
  • required and min=5 on password

nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 22, 2024
@nazarewk
SSO: skip validation and disable login
4c213ed 
fixes gravitl#2773
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 23, 2024
@nazarewk
SSO: skip validation and disable login
bcd9437 
fixes gravitl#2773
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 23, 2024
@nazarewk
SSO: skip validation and disable login
d0709c1 
fixes gravitl#2773
nazarewk added a commit to nazarewk/netmaker that referenced this issue Jan 25, 2024
@nazarewk
SSO: skip validation and disable login
5f7a8a9 
fixes gravitl#2773
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@afeiszli afeiszli

@mattkasun mattkasun

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nazarewk @afeiszli @mattkasun