Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merging to release-5.7: [TT-13535/TT-13566] make upstream oauth password client secret not required (#6701) #6706

Conversation

buger
Copy link
Member

@buger buger commented Nov 15, 2024

User description

TT-13566
Summary Make upstream auth oauth password client secret not required in oas schema
Type Sub-task Sub-task
Status Ready for Testing
Points N/A
Labels -

[TT-13535/TT-13566] make upstream oauth password client secret not required (#6701)

Description

make upstream oauth password client secret not required

Related Issue

Parent: https://tyktech.atlassian.net/browse/TT-13535
Subtask: https://tyktech.atlassian.net/browse/TT-13566

Motivation and Context

How This Has Been Tested

Screenshots (if appropriate)

Types of changes

  • Bug fix (non-breaking change which fixes an issue)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would cause existing
    functionality to change)
  • Refactoring or add test (improvements in base code or adds test
    coverage to functionality)

Checklist

  • I ensured that the documentation is up to date
  • I explained why this PR updates go.mod in detail with reasoning
    why it's required
  • I would like a code coverage CI quality gate exception and have
    explained why

PR Type

Enhancement


Description

  • Removed the requirement for clientSecret in the OAuth password flow schema, making it optional.
  • This change allows for more flexible configurations where a client secret is not necessary.

Changes walkthrough 📝

Relevant files
Enhancement
x-tyk-api-gateway.json
Make `clientSecret` optional in OAuth password schema       

apidef/oas/schema/x-tyk-api-gateway.json

  • Removed clientSecret from the list of required fields.
  • Updated the schema to make clientSecret optional for OAuth password
    flows.
  • +0/-1     

    💡 PR-Agent usage: Comment /help "your question" on any pull request to receive relevant information

    …quired (#6701)
    
    <!-- Provide a general summary of your changes in the Title above -->
    
    ## Description
    
    make upstream oauth password client secret not required
    
    ## Related Issue
    Parent: https://tyktech.atlassian.net/browse/TT-13535
    Subtask: https://tyktech.atlassian.net/browse/TT-13566
    ## Motivation and Context
    
    <!-- Why is this change required? What problem does it solve? -->
    
    ## How This Has Been Tested
    
    <!-- Please describe in detail how you tested your changes -->
    <!-- Include details of your testing environment, and the tests -->
    <!-- you ran to see how your change affects other areas of the code,
    etc. -->
    <!-- This information is helpful for reviewers and QA. -->
    
    ## Screenshots (if appropriate)
    
    ## Types of changes
    
    <!-- What types of changes does your code introduce? Put an `x` in all
    the boxes that apply: -->
    
    - [ ] Bug fix (non-breaking change which fixes an issue)
    - [ ] New feature (non-breaking change which adds functionality)
    - [ ] Breaking change (fix or feature that would cause existing
    functionality to change)
    - [ ] Refactoring or add test (improvements in base code or adds test
    coverage to functionality)
    
    ## Checklist
    
    <!-- Go over all the following points, and put an `x` in all the boxes
    that apply -->
    <!-- If there are no documentation updates required, mark the item as
    checked. -->
    <!-- Raise up any additional concerns not covered by the checklist. -->
    
    - [ ] I ensured that the documentation is up to date
    - [ ] I explained why this PR updates go.mod in detail with reasoning
    why it's required
    - [ ] I would like a code coverage CI quality gate exception and have
    explained why
    
    (cherry picked from commit 43ac641)
    @buger
    Copy link
    Member Author

    buger commented Nov 15, 2024

    I'm a bot and I 👍 this PR title. 🤖

    Copy link
    Contributor

    PR Reviewer Guide 🔍

    Here are some key observations to aid the review process:

    🎫 Ticket compliance analysis ✅

    6701 - Fully compliant

    Fully compliant requirements:

    • Made clientSecret optional in the OAuth password flow schema.
    ⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪
    🧪 No relevant tests
    🔒 No security concerns identified
    ⚡ No major issues detected

    Copy link
    Contributor

    PR Code Suggestions ✨

    No code suggestions found for the PR.

    Copy link
    Contributor

    API Changes

    no api changes detected

    @jeffy-mathew jeffy-mathew merged commit eb67fee into release-5.7 Nov 15, 2024
    7 checks passed
    @jeffy-mathew jeffy-mathew deleted the merge/release-5.7/43ac6418647b61b29514352707f1ad06fbdcdc05 branch November 15, 2024 09:17
    Copy link

    sonarcloud bot commented Nov 15, 2024

    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Projects
    None yet
    Development

    Successfully merging this pull request may close these issues.

    2 participants