Omit detailedMessage from login errors #3136
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jinapurapu
requested review from
pjuarezd,
reivaj05,
cesnietor,
allanrogerr,
prakashsvmx,
bexsoft and
adriangitvitz
|
@jinapurapu , could you check the |
jinapurapu
force-pushed
the
login_error_message_obfuscation
branch
from
f2ddbb2 to
f3987ec
Compare
|
@jinapurapu there are some test failures , may be related to the messages |
jinapurapu
force-pushed
the
login_error_message_obfuscation
branch
from
763a205 to
aa054bc
Compare
jinapurapu
changed the title
|
@jinapurapu Please change only the messages in Login APIs, the errors from Object browser are required as there are required to handle a specific corner case |
jinapurapu
force-pushed
the
login_error_message_obfuscation
branch
from
ac47011 to
5dca280
Compare
…stinguishable between valid and invalid accessKeys Cleanup Cleanup Gofumpt Removed detailed errors Debugging sso test Remove detailedMessage from login related errors passed to Console Replaced user_loin with master Updated tests to reflect removal of detailedMessage for login errors Removed detailedMessage check from SSO badLogin test Replaced detailed messsage for LoginNotAllowed Replaced detailed message for accessdenied error removed commented lines
jinapurapu
force-pushed
the
login_error_message_obfuscation
branch
from
8244644 to
41bd4b5
Compare
cesnietor
approved these changes
Dec 13, 2023
cesnietor
pushed a commit
to cesnietor/console
that referenced
this pull request
Jan 12, 2024
cesnietor
pushed a commit
to cesnietor/console
that referenced
this pull request
Jan 12, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Avoids passing detailed error to frontend login errors, no longer differentiable between existing/non-existing Users.
Existing user, wrong password:
User doesn't exist:
Part of https://github.com/miniohq/engineering/issues/1306