artin/sourcegraph
1
0
Fork 0
mirror of https://github.com/sourcegraph/sourcegraph.git synced 2026-02-06 15:31:48 +00:00
Code Issues Packages Projects Releases Wiki Activity
02a08981d0
sourcegraph/internal/auth
History
Erik Seliger c4c375a642
chore: Move authn into cmd/frontend (#63648) 
They should not be used outside of cmd/frontend, so making it a frontend
internal package.

While doing that, I realized that there is a coupling dependency between
authz providers and auth (which is authN) providers: GitLab code host
connections can do authz mapping via the usernames of another OIDC or
SAML auth provider
(https://sourcegraph.com/docs/admin/code_hosts/gitlab#administrator-sudo-level-access-token).
It turns out this feature does not work anymore, since at least several
releases, because we don't actually instantiate auth providers outside
of `cmd/frontend` and thus the mapping will never find anything (auth
providers don't explode when queried before init, unlike authz).
This only now became clear as I moved this code, and the dependency
graph was broken, so that's a nice property of these cleanups I guess 😬
Since it doesn't seem to work for quite some time, I opted for removing
it, and added a changelog entry about it. Not sure if that is
sufficient, I raised a thread here:
https://sourcegraph.slack.com/archives/C03K05FCRFH/p1721848436473209.
This would've prevented this change and needed more refactoring as
unfortunately we cannot map an auth provider by the conf type to a
record in the `user_external_accounts` table and need to actually
instantiate it.

Test plan: Compiler doesn't complain, tests still pass.

## Changelog

GitLab code host connections were [able to sync permissions by mapping
Sourcegraph users to GitLab users via the username property of an
external OIDC or SAML
provider](https://sourcegraph.com/docs/admin/code_hosts/gitlab#administrator-sudo-level-access-token)
that is shared across Sourcegraph and GitLab. This integration stopped
working a long time ago, and it has been removed in this release.
2024-07-31 03:26:25 +02:00
..
backoff.go debt: extract a buncha stuff from cmd/frontend that was used outside of frontend (#52570) 2023-06-01 14:20:11 +01:00
BUILD.bazel fetch NamespaceSelector namespaces from GraphQL (viewer { affiliatedNamespaces }) (#63592) 2024-07-04 01:50:50 -05:00
const.go Backend: remove EnterpriseDB (#54699) 2023-07-06 20:03:31 -06:00
forbid_all_test.go debt: extract a buncha stuff from cmd/frontend that was used outside of frontend (#52570) 2023-06-01 14:20:11 +01:00
forbid_all.go debt: extract a buncha stuff from cmd/frontend that was used outside of frontend (#52570) 2023-06-01 14:20:11 +01:00
orgs.go allow site admins to list org members & view user/org settings on dotcom (#63963) 2024-07-19 21:01:49 -07:00
site_admin_test.go Separate database package mocks to dbmocks package (#55778) 2023-08-14 10:48:45 +02:00
site_admin.go allow site admins to list org members & view user/org settings on dotcom (#63963) 2024-07-19 21:01:49 -07:00
visitor.go fetch NamespaceSelector namespaces from GraphQL (viewer { affiliatedNamespaces }) (#63592) 2024-07-04 01:50:50 -05:00