Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

mfa: fix startup crash when SSO users with MFA expire #6779

Merged
merged 4 commits into from
May 12, 2021
Merged

mfa: fix startup crash when SSO users with MFA expire #6779

merged 4 commits into from
May 12, 2021

Conversation

awly
Copy link
Contributor

@awly awly commented May 7, 2021

The user loading code is kind of convoluted: it loads all the separate
backend items from the /web/users/ prefix into a struct. That struct
is then converted to a full types.User object.

For each user there are 3 kinds of backend items:

  • /params which is the main one, containing a marshalled types.User
    object
  • /pwd which contains the hashed password for local users
  • /mfa/... which contain registered MFA devices

When an SSO user expires, we delete the first two items but not
/mfa/.... This is intentional, to persist MFA devices across logins.
The user loading code would fail because the user was "found" (thanks to
MFA items), but didn't have the mandatory /params item.

This PR ignores any users that don't have /params instead of
hard-failing all GetUsers calls.

Updates #6695

@awly awly added this to the 6.2 "Buffalo" milestone May 7, 2021
@awly awly requested review from andrejtokarcik and Joerger May 7, 2021 18:51
mfa: fix startup crash when SSO users with MFA expire
c2379bb 
The user loading code is kind of convoluted: it loads all the separate
backend items from the `/web/users/` prefix into a struct. That struct
is then converted to a full `types.User` object.

For each user there are 3 kinds of backend items:
- `/params` which is the main one, containing a marshalled `types.User`
  object
- `/pwd` which contains the hashed password for local users
- `/mfa/...` which contain registered MFA devices

When an SSO user expires, we delete the first two items but not
`/mfa/...`. This is intentional, to persist MFA devices across logins.
The user loading code would fail because the user was "found" (thanks to
MFA items), but didn't have the mandatory `/params` item.

This PR ignores any users that don't have `/params` instead of
hard-failing all `GetUsers` calls.
@awly awly force-pushed the andrew/startup-crash-mfa branch from 8158b4e to c2379bb Compare May 7, 2021 18:52
russjones
russjones approved these changes May 11, 2021
View reviewed changes
Copy link
Contributor

@russjones russjones left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bot.

@awly awly enabled auto-merge (squash) May 11, 2021 23:43
@awly awly merged commit 3cfdc9b into master May 12, 2021
@awly awly deleted the andrew/startup-crash-mfa branch May 12, 2021 16:00
awly pushed a commit that referenced this pull request May 12, 2021
mfa: fix startup crash when SSO users with MFA expire (#6779)
f4024f3 
The user loading code is kind of convoluted: it loads all the separate
backend items from the `/web/users/` prefix into a struct. That struct
is then converted to a full `types.User` object.

For each user there are 3 kinds of backend items:
- `/params` which is the main one, containing a marshalled `types.User`
  object
- `/pwd` which contains the hashed password for local users
- `/mfa/...` which contain registered MFA devices

When an SSO user expires, we delete the first two items but not
`/mfa/...`. This is intentional, to persist MFA devices across logins.
The user loading code would fail because the user was "found" (thanks to
MFA items), but didn't have the mandatory `/params` item.

This PR ignores any users that don't have `/params` instead of
hard-failing all `GetUsers` calls.
@awly awly mentioned this pull request May 12, 2021
Merged
awly pushed a commit that referenced this pull request May 12, 2021
mfa: fix startup crash when SSO users with MFA expire (#6779) (#6833)
a2d20c0 
The user loading code is kind of convoluted: it loads all the separate
backend items from the `/web/users/` prefix into a struct. That struct
is then converted to a full `types.User` object.

For each user there are 3 kinds of backend items:
- `/params` which is the main one, containing a marshalled `types.User`
  object
- `/pwd` which contains the hashed password for local users
- `/mfa/...` which contain registered MFA devices

When an SSO user expires, we delete the first two items but not
`/mfa/...`. This is intentional, to persist MFA devices across logins.
The user loading code would fail because the user was "found" (thanks to
MFA items), but didn't have the mandatory `/params` item.

This PR ignores any users that don't have `/params` instead of
hard-failing all `GetUsers` calls.
@webvictim webvictim mentioned this pull request Feb 9, 2024
Closed
# for free to join this conversation on GitHub. Already have an account? # to comment
Reviewers

@andrejtokarcik andrejtokarcik andrejtokarcik approved these changes

@russjones russjones russjones approved these changes

@Joerger Joerger Joerger approved these changes

@klizhentas klizhentas Awaiting requested review from klizhentas

@r0mant r0mant Awaiting requested review from r0mant

Assignees

@awly awly

Labels
backport-required
Projects
None yet
Milestone
6.2 "Buffalo"
Development

Successfully merging this pull request may close these issues.
4 participants
@awly @andrejtokarcik @russjones @Joerger