Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add a config to autofill the username with subject attribute while jit provisioning #6225

Open
wants to merge 3 commits into
base: master
Choose a base branch
from

Conversation

DilshanSenarath
Copy link
Contributor

Purpose

This pr will introduce the changes require to configure the auto populating username with subject attribute.

Since the auto-population of the username field with the subject attribute may already be in use by other customers, we plan to introduce a new configuration to maintain backward compatibility while providing the requested change.

We’ll add a boolean server level configuration option called AutofillUsernameFieldWithSubjectAttribute within the JITProvisioning configuration section. Before appending the username to the registration UI redirection URL, we will first verify if the prompt for username, password, and consent provisioning is enabled. If enabled, we will then check if this new configuration is set to true and, if so, add the username parameter to the registration UI redirection URL.

[authentication.jit_provisioning]
autofill_username_field_with_subject_attribute = false

Related Issue

Copy link

codecov bot commented Dec 19, 2024

Codecov Report

Attention: Patch coverage is 80.00000% with 1 line in your changes missing coverage. Please review.

Project coverage is 45.75%. Comparing base (b492a3d) to head (eda1110).
Report is 25 commits behind head on master.

Files with missing lines Patch % Lines
...impl/JITProvisioningPostAuthenticationHandler.java 66.66% 0 Missing and 1 partial ⚠️
Additional details and impacted files
@@             Coverage Diff              @@
##             master    #6225      +/-   ##
============================================
+ Coverage     45.66%   45.75%   +0.08%     
- Complexity    14040    14265     +225     
============================================
  Files          1632     1636       +4     
  Lines        100532   102406    +1874     
  Branches      17421    16824     -597     
============================================
+ Hits          45911    46852     +941     
- Misses        47931    48791     +860     
- Partials       6690     6763      +73     
Flag Coverage Δ
unit 28.33% <80.00%> (+0.03%) ⬆️

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/12412180506

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/12412180506
Status: failure

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/12412684012

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/12412684012
Status: failure

@jenkins-is-staging
Copy link

PR builder started
Link: https://github.com/wso2/product-is/actions/runs/12415024786

@jenkins-is-staging
Copy link

PR builder completed
Link: https://github.com/wso2/product-is/actions/runs/12415024786
Status: success

Copy link

@jenkins-is-staging jenkins-is-staging left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approving the pull request based on the successful pr build https://github.com/wso2/product-is/actions/runs/12415024786

@piraveena
Copy link
Contributor

DO we need this config for master?

@DilshanSenarath
Copy link
Contributor Author

DO we need this config for master?

Yes, this feature allows auto-populating the subject attribute value from the federated IDP during username and password provisioning. Therefore, we need to retain the existing behavior. However, a specific customer, who does not have a unique attribute other than the resource ID in their federated IDP, requested the ability to disable the auto-filling capability. As this could be a general requirement, the PR has been created to address it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants