info endpoint providers #3614
info endpoint providers #3614
Conversation
cf-foundation-community-automation
bot
moved this to Inbox
in Foundational Infrastructure Working Group
|
|
||
| if (jsonResponse && request.getRequestURI().endsWith("/info")) { | ||
| List<Map<String, String>> infoIdentityProviders = new java.util.ArrayList<>(); | ||
| providerProvisioning.retrieveAll(true, IdentityZoneHolder.get().getId()) |
There was a problem hiding this comment.
We have tweaked this endpoint the last years not to retrrieve always all IdP because we (SAP) have many IdPs in one zone and with cf login there is the situation, that /info is called before the login and with that we had DB issues
@torsten-sap correct or is my assumption no longer valid ?
There was a problem hiding this comment.
Sounds like a property to explicit enable this feature is needed, with the default being set to false
There was a problem hiding this comment.
problem is that we had many changes in this area, some because to fix DB performance, and later some to repair some regressions, we should discuss in meeting
| if (jsonResponse && request.getRequestURI().endsWith("/info")) { | ||
| List<Map<String, String>> infoIdentityProviders = new java.util.ArrayList<>(); | ||
| providerProvisioning.retrieveAll(true, IdentityZoneHolder.get().getId()) | ||
| .forEach(provider -> { |
There was a problem hiding this comment.
I think we have to filter , because SAML and OAUTH use a property to determine if visible or not
There was a problem hiding this comment.
Thetrue in retrieveAll(true is that property, isn't it? It means active providers only.
There was a problem hiding this comment.
not only acitve, but only provider with either
- showSamlLink
- showLinkText
fhanik
force-pushed
the
pr/info-endpoint-providers
branch
from
16ab7ce to
c257135
Compare
|
I am abandoning this effort. We're going a different route for the use case. No need to add more complexity to /login and /info |
github-project-automation
bot
moved this from Inbox
to Done
in Foundational Infrastructure Working Group
2 participants
We'd like a bit more public visibility into the federation of providers in the /info endpoint. This PR displays an JSON object named
providerswith three attributes (name, origin, type) on the /info endpoint when JSON is requested.You can today, go to the /login page, and extract origins for both SAML and OIDC providers, so we do believe it is ok to display this information.
To be discussed September 11, 2025 in UAA meeting