Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Optimize Cache and IDP Management #1147

Merged
merged 22 commits into from
Oct 3, 2023
Merged

Optimize Cache and IDP Management #1147

merged 22 commits into from
Oct 3, 2023

Conversation

bcmmbaga
Copy link
Contributor

@bcmmbaga bcmmbaga commented Sep 14, 2023
edited by mlsmaycon
Loading

Describe your changes

This pull request modifies the IdP and cache manager(s) to prevent the sending of app metadata to the upstream IDP on self-hosted instances. As a result, the IdP will now load all users from the IdP without filtering based on accountID.

We disable user invites as the administrator's own IDP system manages them.

Issue ticket number and link

  • Netbird and Keycloak connect to LDAP don't work - #1126
  • Google Workspace IdP not setting email addresses properly - #1115
  • Fix bug with updating Keycloak user attributes - #1095

Checklist

  • Is it a bug fix
  • Is a typo/documentation fix
  • Is a feature enhancement
  • It is a refactor
  • Created tests that fail without the change (if possible)
  • Extended the README / documentation, if necessary

@bcmmbaga bcmmbaga marked this pull request as ready for review September 26, 2023 12:28
pappz
pappz requested changes Sep 26, 2023
View reviewed changes
management/server/account.go Outdated Show resolved Hide resolved
@bcmmbaga bcmmbaga requested a review from pappz September 27, 2023 07:48
pappz
pappz requested changes Sep 27, 2023
View reviewed changes
management/server/account.go Show resolved Hide resolved
@bcmmbaga bcmmbaga requested a review from pappz September 27, 2023 09:03
pappz
pappz previously approved these changes Sep 27, 2023
View reviewed changes
@bcmmbaga bcmmbaga marked this pull request as draft September 29, 2023 07:21
@mlsmaycon mlsmaycon mentioned this pull request Oct 2, 2023
Merged
6 tasks
@bcmmbaga
Change Google Workspace API permissions to read-only
df0f12e 
The commit modifies the Google Workspace API's scope permissions from AdminDirectoryUserScope to AdminDirectoryUserReadonlyScope. This change reduces access level, allowing the API to read the user directory data without giving full control.
@bcmmbaga bcmmbaga marked this pull request as ready for review October 2, 2023 11:03
@mlsmaycon mlsmaycon merged commit e26ec0b into main Oct 3, 2023
8 checks passed
@mlsmaycon mlsmaycon deleted the idp-user-cache branch October 3, 2023 14:40
@mlsmaycon mlsmaycon mentioned this pull request Oct 7, 2023
Closed
6 tasks
pulsastrix pushed a commit to pulsastrix/netbird that referenced this pull request Dec 24, 2023
@bcmmbaga
Optimize Cache and IDP Management (netbirdio#1147)
09477ce 
This pull request modifies the IdP and cache manager(s) to prevent the sending of app metadata
 to the upstream IDP on self-hosted instances. 
As a result, the IdP will now load all users from the IdP without filtering based on accountID.

We disable user invites as the administrator's own IDP system manages them.
Foosec pushed a commit to Foosec/netbird that referenced this pull request May 8, 2024
@bcmmbaga
Optimize Cache and IDP Management (netbirdio#1147)
a1715bf 
This pull request modifies the IdP and cache manager(s) to prevent the sending of app metadata
 to the upstream IDP on self-hosted instances. 
As a result, the IdP will now load all users from the IdP without filtering based on accountID.

We disable user invites as the administrator's own IDP system manages them.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mlsmaycon mlsmaycon mlsmaycon approved these changes

@pappz pappz pappz left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@bcmmbaga @mlsmaycon @pappz