[TT-11426/TT-13322]add deprecation notice for oidc middleware #6686
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
Knock Knock! 🔍 Just thought I'd let you know that your PR title and story title look quite different. PR titles that closely resemble the story title make it easier for reviewers to understand the context of the PR. An easy-to-understand PR title a day makes the reviewer review away! 😛⚡️
Check out this guide to learn more about PR best-practices. |
PR Reviewer Guide 🔍Here are some key observations to aid the review process:
|
lghiur
approved these changes
Oct 31, 2024
|
API Changes --- prev.txt 2024-10-31 09:56:48.281799986 +0000
+++ current.txt 2024-10-31 09:56:42.233714314 +0000
@@ -2056,6 +2056,10 @@
Providers []OIDProviderConfig `bson:"providers" json:"providers"`
SegregateByClient bool `bson:"segregate_by_client" json:"segregate_by_client"`
}
+ OpenID Connect middleware support will be deprecated
+ starting from 5.7.0. To avoid any disruptions, we recommend
+ that you use JSON Web Token (JWT) instead, as explained in
+ https://tyk.io/docs/basic-config-and-security/security/authentication-authorization/openid-connect/.
type PasswordAuthentication struct {
ClientAuthData
@@ -4324,7 +4328,10 @@
// Scopes contains the defined scope claims.
Scopes *Scopes `bson:"scopes,omitempty" json:"scopes,omitempty"`
}
- OIDC contains configuration for the OIDC authentication mode.
+ OIDC contains configuration for the OIDC authentication mode. OIDC
+ support will be deprecated starting from 5.7.0. To avoid any disruptions,
+ we recommend that you use JSON Web Token (JWT) instead, as explained in
+ https://tyk.io/docs/basic-config-and-security/security/authentication-authorization/openid-connect/.
func (o *OIDC) ExtractTo(api *apidef.APIDefinition)
ExtractTo extracts *OIDC to *apidef.APIDefinition. |
PR Code Suggestions ✨No code suggestions found for the PR. |
|
jeffy-mathew
deleted the
chores/TT-11426/TT-13322/add-oidc-deprecation-notice
branch
|
/release to release-5.3 |
|
Working on it! Note that it can take a few minutes. |
tykbot bot
pushed a commit
that referenced
this pull request
Oct 31, 2024
### **User description** <details open> <summary><a href="https://tyktech.atlassian.net/browse/TT-13322" title="TT-13322" target="_blank">TT-13322</a></summary> <br /> <table> <tr> <th>Summary</th> <td>Add warning message in GW logs, schema and go docs</td> </tr> <tr> <th>Type</th> <td> <img alt="Sub-task" src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium" /> Sub-task </td> </tr> <tr> <th>Status</th> <td>In Dev</td> </tr> <tr> <th>Points</th> <td>N/A</td> </tr> <tr> <th>Labels</th> <td><a href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20QA_Fail%20ORDER%20BY%20created%20DESC" title="QA_Fail">QA_Fail</a></td> </tr> </table> </details> <!-- do not remove this marker as it will break jira-lint's functionality. added_by_jira_lint --> --- <!-- Provide a general summary of your changes in the Title above --> ## Description <!-- Describe your changes in detail --> ## Related Issue Parent: https://tyktech.atlassian.net/browse/TT-11426 Subtask: https://tyktech.atlassian.net/browse/TT-13322 ## Motivation and Context <!-- Why is this change required? What problem does it solve? --> ## How This Has Been Tested <!-- Please describe in detail how you tested your changes --> <!-- Include details of your testing environment, and the tests --> <!-- you ran to see how your change affects other areas of the code, etc. --> <!-- This information is helpful for reviewers and QA. --> ## Screenshots (if appropriate) ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply --> <!-- If there are no documentation updates required, mark the item as checked. --> <!-- Raise up any additional concerns not covered by the checklist. --> - [ ] I ensured that the documentation is up to date - [ ] I explained why this PR updates go.mod in detail with reasoning why it's required - [ ] I would like a code coverage CI quality gate exception and have explained why ___ ### **PR Type** documentation, enhancement ___ ### **Description** - Added deprecation notices for OpenID Connect middleware and OIDC authentication mode in code comments and documentation. - Introduced log warnings in the OpenID middleware to inform users of the deprecation. - Recommended using JSON Web Token (JWT) as an alternative to avoid disruptions. ___ ### **Changes walkthrough** 📝 <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Documentation</strong></td><td><table> <tr> <td> <details> <summary><strong>api_definitions.go</strong><dd><code>Add deprecation notice for OpenID Connect middleware</code> </dd></summary> <hr> apidef/api_definitions.go <li>Added deprecation notice for OpenID Connect middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+3/-0</a> </td> </tr> <tr> <td> <details> <summary><strong>authentication.go</strong><dd><code>Add deprecation notice for OIDC authentication mode</code> </dd></summary> <hr> apidef/oas/authentication.go <li>Added deprecation notice for OIDC authentication mode.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-e51c9d24d4235e7cc53048cc1d92967d177585ba5e073f14876308a97bef6326">+3/-0</a> </td> </tr> <tr> <td> <details> <summary><strong>x-tyk-api-gateway.json</strong><dd><code>Add deprecation notice for external OAuth Middleware</code> </dd></summary> <hr> apidef/oas/schema/x-tyk-api-gateway.json <li>Added deprecation notice for external OAuth Middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-78828969c0c04cc1a776dfc93a8bad3c499a8c83e6169f83e96d090bed3e7dd0">+1/-0</a> </td> </tr> </table></td></tr><tr><td><strong>Enhancement</strong></td><td><table> <tr> <td> <details> <summary><strong>mw_openid.go</strong><dd><code>Add log warning for deprecated OpenID Connect Middleware</code> </dd></summary> <hr> gateway/mw_openid.go <li>Added log warning for deprecated OpenID Connect Middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-a389c2a490b728d3bf6ed64f974b227117fb451aa2da8ce8df8c859e7cdc718a">+4/-0</a> </td> </tr> </table></td></tr></tr></tbody></table> ___ > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull request to receive relevant information (cherry picked from commit 3633678)
Merged
7 tasks
|
@jeffy-mathew Succesfully merged PR |
jeffy-mathew
added a commit
that referenced
this pull request
Oct 31, 2024
### **User description** <details open> <summary><a href="https://tyktech.atlassian.net/browse/TT-13322" title="TT-13322" target="_blank">TT-13322</a></summary> <br /> <table> <tr> <th>Summary</th> <td>Add warning message in GW logs, schema and go docs</td> </tr> <tr> <th>Type</th> <td> <img alt="Sub-task" src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium" /> Sub-task </td> </tr> <tr> <th>Status</th> <td>In Dev</td> </tr> <tr> <th>Points</th> <td>N/A</td> </tr> <tr> <th>Labels</th> <td><a href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20QA_Fail%20ORDER%20BY%20created%20DESC" title="QA_Fail">QA_Fail</a></td> </tr> </table> </details> <!-- do not remove this marker as it will break jira-lint's functionality. added_by_jira_lint --> --- <!-- Provide a general summary of your changes in the Title above --> ## Description <!-- Describe your changes in detail --> ## Related Issue Parent: https://tyktech.atlassian.net/browse/TT-11426 Subtask: https://tyktech.atlassian.net/browse/TT-13322 ## Motivation and Context <!-- Why is this change required? What problem does it solve? --> ## How This Has Been Tested <!-- Please describe in detail how you tested your changes --> <!-- Include details of your testing environment, and the tests --> <!-- you ran to see how your change affects other areas of the code, etc. --> <!-- This information is helpful for reviewers and QA. --> ## Screenshots (if appropriate) ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply --> <!-- If there are no documentation updates required, mark the item as checked. --> <!-- Raise up any additional concerns not covered by the checklist. --> - [ ] I ensured that the documentation is up to date - [ ] I explained why this PR updates go.mod in detail with reasoning why it's required - [ ] I would like a code coverage CI quality gate exception and have explained why ___ ### **PR Type** documentation, enhancement ___ ### **Description** - Added deprecation notices for OpenID Connect middleware and OIDC authentication mode in code comments and documentation. - Introduced log warnings in the OpenID middleware to inform users of the deprecation. - Recommended using JSON Web Token (JWT) as an alternative to avoid disruptions. ___ ### **Changes walkthrough** 📝 <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Documentation</strong></td><td><table> <tr> <td> <details> <summary><strong>api_definitions.go</strong><dd><code>Add deprecation notice for OpenID Connect middleware</code> </dd></summary> <hr> apidef/api_definitions.go <li>Added deprecation notice for OpenID Connect middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+3/-0</a> </td> </tr> <tr> <td> <details> <summary><strong>authentication.go</strong><dd><code>Add deprecation notice for OIDC authentication mode</code> </dd></summary> <hr> apidef/oas/authentication.go <li>Added deprecation notice for OIDC authentication mode.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-e51c9d24d4235e7cc53048cc1d92967d177585ba5e073f14876308a97bef6326">+3/-0</a> </td> </tr> <tr> <td> <details> <summary><strong>x-tyk-api-gateway.json</strong><dd><code>Add deprecation notice for external OAuth Middleware</code> </dd></summary> <hr> apidef/oas/schema/x-tyk-api-gateway.json <li>Added deprecation notice for external OAuth Middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-78828969c0c04cc1a776dfc93a8bad3c499a8c83e6169f83e96d090bed3e7dd0">+1/-0</a> </td> </tr> </table></td></tr><tr><td><strong>Enhancement</strong></td><td><table> <tr> <td> <details> <summary><strong>mw_openid.go</strong><dd><code>Add log warning for deprecated OpenID Connect Middleware</code> </dd></summary> <hr> gateway/mw_openid.go <li>Added log warning for deprecated OpenID Connect Middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-a389c2a490b728d3bf6ed64f974b227117fb451aa2da8ce8df8c859e7cdc718a">+4/-0</a> </td> </tr> </table></td></tr></tr></tbody></table> ___ > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull request to receive relevant information (cherry picked from commit 3633678)
buger
added a commit
that referenced
this pull request
Oct 31, 2024
… oidc middleware (#6686) [TT-11426/TT-13322]add deprecation notice for oidc middleware (#6686) ### **User description** <details open> <summary><a href="https://tyktech.atlassian.net/browse/TT-13322" title="TT-13322" target="_blank">TT-13322</a></summary> <br /> <table> <tr> <th>Summary</th> <td>Add warning message in GW logs, schema and go docs</td> </tr> <tr> <th>Type</th> <td> <img alt="Sub-task" src="https://tyktech.atlassian.net/rest/api/2/universal_avatar/view/type/issuetype/avatar/10316?size=medium" /> Sub-task </td> </tr> <tr> <th>Status</th> <td>In Dev</td> </tr> <tr> <th>Points</th> <td>N/A</td> </tr> <tr> <th>Labels</th> <td><a href="https://tyktech.atlassian.net/issues?jql=project%20%3D%20TT%20AND%20labels%20%3D%20QA_Fail%20ORDER%20BY%20created%20DESC" title="QA_Fail">QA_Fail</a></td> </tr> </table> </details> <!-- do not remove this marker as it will break jira-lint's functionality. added_by_jira_lint --> --- <!-- Provide a general summary of your changes in the Title above --> ## Description <!-- Describe your changes in detail --> ## Related Issue Parent: https://tyktech.atlassian.net/browse/TT-11426 Subtask: https://tyktech.atlassian.net/browse/TT-13322 ## Motivation and Context <!-- Why is this change required? What problem does it solve? --> ## How This Has Been Tested <!-- Please describe in detail how you tested your changes --> <!-- Include details of your testing environment, and the tests --> <!-- you ran to see how your change affects other areas of the code, etc. --> <!-- This information is helpful for reviewers and QA. --> ## Screenshots (if appropriate) ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply --> <!-- If there are no documentation updates required, mark the item as checked. --> <!-- Raise up any additional concerns not covered by the checklist. --> - [ ] I ensured that the documentation is up to date - [ ] I explained why this PR updates go.mod in detail with reasoning why it's required - [ ] I would like a code coverage CI quality gate exception and have explained why ___ ### **PR Type** documentation, enhancement ___ ### **Description** - Added deprecation notices for OpenID Connect middleware and OIDC authentication mode in code comments and documentation. - Introduced log warnings in the OpenID middleware to inform users of the deprecation. - Recommended using JSON Web Token (JWT) as an alternative to avoid disruptions. ___ ### **Changes walkthrough** 📝 <table><thead><tr><th></th><th align="left">Relevant files</th></tr></thead><tbody><tr><td><strong>Documentation</strong></td><td><table> <tr> <td> <details> <summary><strong>api_definitions.go</strong><dd><code>Add deprecation notice for OpenID Connect middleware</code> </dd></summary> <hr> apidef/api_definitions.go <li>Added deprecation notice for OpenID Connect middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-9961ccc89a48d32db5b47ba3006315ef52f6e5007fb4b09f8c5d6d299c669d67">+3/-0</a> </td> </tr> <tr> <td> <details> <summary><strong>authentication.go</strong><dd><code>Add deprecation notice for OIDC authentication mode</code> </dd></summary> <hr> apidef/oas/authentication.go <li>Added deprecation notice for OIDC authentication mode.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-e51c9d24d4235e7cc53048cc1d92967d177585ba5e073f14876308a97bef6326">+3/-0</a> </td> </tr> <tr> <td> <details> <summary><strong>x-tyk-api-gateway.json</strong><dd><code>Add deprecation notice for external OAuth Middleware</code> </dd></summary> <hr> apidef/oas/schema/x-tyk-api-gateway.json <li>Added deprecation notice for external OAuth Middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-78828969c0c04cc1a776dfc93a8bad3c499a8c83e6169f83e96d090bed3e7dd0">+1/-0</a> </td> </tr> </table></td></tr><tr><td><strong>Enhancement</strong></td><td><table> <tr> <td> <details> <summary><strong>mw_openid.go</strong><dd><code>Add log warning for deprecated OpenID Connect Middleware</code> </dd></summary> <hr> gateway/mw_openid.go <li>Added log warning for deprecated OpenID Connect Middleware.<br> <li> Recommended using JSON Web Token (JWT) instead.<br> </details> </td> <td><a href="https://github.com/TykTechnologies/tyk/pull/6686/files#diff-a389c2a490b728d3bf6ed64f974b227117fb451aa2da8ce8df8c859e7cdc718a">+4/-0</a> </td> </tr> </table></td></tr></tr></tbody></table> ___ > 💡 **PR-Agent usage**: Comment `/help "your question"` on any pull request to receive relevant information
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
User description
TT-13322
Description
Related Issue
Parent: https://tyktech.atlassian.net/browse/TT-11426
Subtask: https://tyktech.atlassian.net/browse/TT-13322
Motivation and Context
How This Has Been Tested
Screenshots (if appropriate)
Types of changes
Checklist
PR Type
documentation, enhancement
Description
Changes walkthrough 📝
api_definitions.go
Add deprecation notice for OpenID Connect middlewareapidef/api_definitions.go
authentication.go
Add deprecation notice for OIDC authentication modeapidef/oas/authentication.go
x-tyk-api-gateway.json
Add deprecation notice for external OAuth Middlewareapidef/oas/schema/x-tyk-api-gateway.json
mw_openid.go
Add log warning for deprecated OpenID Connect Middlewaregateway/mw_openid.go