Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix: Modify the callback URL string in auth flow, to support custom base URLs in deployments #5192

Merged
merged 3 commits into from
Jun 13, 2024

Conversation

ddl-rliu
Copy link
Contributor

@ddl-rliu ddl-rliu commented Apr 5, 2024

Why are the changes needed?

In the auth flow, it seems that Flyteadmin always generates a callback URL, that looks like foo.tech/callback

However, when Flyte is configured on a custom subpath, this causes an issue, and we actually want the callback to look like foo.tech/custom-subpath/callback

What changes were proposed in this pull request?

By changing the callbackURL variable to "callback", the logic is fixed. Note that this also may require a change to the flyte config, since e.g. foo.tech/custom-subpath/login should be set as an AuthorizedURI in the config.yaml

How was this patch tested?

Setup process

Screenshots

Check all the applicable boxes

  • I updated the documentation accordingly.
  • All new and existing tests passed.
  • All commits are signed-off.

Related PRs

Docs link

@ddl-rliu ddl-rliu marked this pull request as draft April 5, 2024 22:51
@dosubot dosubot bot added size:XS This PR changes 0-9 lines, ignoring generated files. bug Something isn't working labels Apr 5, 2024
@ddl-rliu ddl-rliu changed the title x fix: Use absolute redirectURL in auth callback rather than relative redirectURL, to support custom base URLs in deployments Apr 5, 2024
@@ -29,7 +29,7 @@ const (
)

var (
callbackRelativeURL = config.MustParseURL("/callback")
callbackRelativeURL = config.MustParseURL("callback")
Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this is necessary, because when Flyteadmin generates the callback URL, the logic looks like URL("foo.tech").ResolveReference(URL("/callback")) -> "foo.tech/callback"

In fact, the base URL can have any path after it, but the result is the same. URL("foo.tech/any/path").ResolveReference(URL("/callback")) -> "foo.tech/callback"

This causes issues when flyte is configured on a custom subpath. To fix this...

By adding foo.tech/custom-subpath/login as an AuthorizedURI, and changing the reference to "callback", the logic becomes URL("foo.tech/custom-subpath/login").ResolveReference(URL("callback")) -> "foo.tech/custom-subpath/callback"

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should any tests be updated in

func TestGetCallbackHandler(t *testing.T) {
to help verify this change?

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Added the test here https://github.com/flyteorg/flyte/pull/5192/files#diff-aa5ac252b2ec45c95649a3a874e727e436be5c932e3d93b5b2aadcfcc83d57feR12

Although I could also merge this into handlers_test.go, no strong preference.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think what you did is better / clearer - thanks!

@ddl-rliu ddl-rliu changed the title fix: Use absolute redirectURL in auth callback rather than relative redirectURL, to support custom base URLs in deployments fix: Modify the callback URL string in auth flow, to support custom base URLs in deployments Apr 9, 2024
@ddl-rliu ddl-rliu force-pushed the rliu.redirect-url branch 2 times, most recently from e9a568c to 3975fa2 Compare April 9, 2024 22:19
@ddl-rliu ddl-rliu marked this pull request as ready for review April 9, 2024 23:29
@dosubot dosubot bot added size:M This PR changes 30-99 lines, ignoring generated files. and removed size:XS This PR changes 0-9 lines, ignoring generated files. labels Apr 9, 2024
@ddl-rliu ddl-rliu force-pushed the rliu.redirect-url branch 2 times, most recently from 30016de to bb76066 Compare April 9, 2024 23:33
x
Signed-off-by: ddl-rliu <[email protected]>

x

Signed-off-by: ddl-rliu <[email protected]>

x

Signed-off-by: ddl-rliu <[email protected]>
x
Signed-off-by: ddl-rliu <[email protected]>
@ddl-rliu ddl-rliu force-pushed the rliu.redirect-url branch from 1425610 to a068bab Compare April 11, 2024 18:20
@davidmirror-ops davidmirror-ops requested a review from EngHabu April 12, 2024 21:28
@ddl-ebrown
Copy link
Contributor

Just FYI - we are successfully running this in our environment with flyte hosted under /flyte. That requires us to do a custom build of flyteadmin though, so we're hoping to see this one make it in as its backwards compatible

@eapolinario eapolinario enabled auto-merge (squash) June 13, 2024 22:35
Copy link

codecov bot commented Jun 13, 2024

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 60.98%. Comparing base (653ca85) to head (48719d7).
Report is 134 commits behind head on master.

Additional details and impacted files
@@            Coverage Diff             @@
##           master    #5192      +/-   ##
==========================================
+ Coverage   60.97%   60.98%   +0.01%     
==========================================
  Files         793      793              
  Lines       51331    51331              
==========================================
+ Hits        31299    31306       +7     
+ Misses      17147    17139       -8     
- Partials     2885     2886       +1     
Flag Coverage Δ
unittests-datacatalog 69.31% <ø> (ø)
unittests-flyteadmin 58.71% <ø> (+0.04%) ⬆️
unittests-flytecopilot 17.79% <ø> (ø)
unittests-flytectl 67.97% <ø> (ø)
unittests-flyteidl 79.04% <ø> (ø)
unittests-flyteplugins 61.78% <ø> (ø)
unittests-flytepropeller 57.32% <ø> (ø)
unittests-flytestdlib 65.82% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@eapolinario eapolinario merged commit 9b78125 into flyteorg:master Jun 13, 2024
50 checks passed
robert-ulbrich-mercedes-benz pushed a commit to robert-ulbrich-mercedes-benz/flyte that referenced this pull request Jul 2, 2024
…ase URLs in deployments (flyteorg#5192)

* x

Signed-off-by: ddl-rliu <[email protected]>

x

Signed-off-by: ddl-rliu <[email protected]>

x

Signed-off-by: ddl-rliu <[email protected]>

* x

Signed-off-by: ddl-rliu <[email protected]>

---------

Signed-off-by: ddl-rliu <[email protected]>
Signed-off-by: Eduardo Apolinario <[email protected]>
Co-authored-by: Eduardo Apolinario <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working size:M This PR changes 30-99 lines, ignoring generated files.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants