Skip to content

fix: conceal sensitive domain information in auth error messages #17132

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
merged 5 commits into from
Mar 27, 2025
Merged

fix: conceal sensitive domain information in auth error messages #17132

Changes from 1 commit
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
0fcce5f
fix: conceal sensitive domain information in auth error messages
ericpaulsen Mar 27, 2025
949ca4d
add unit tests for unauth'd email domains
ericpaulsen Mar 27, 2025
75bb4cd
make fmt
ericpaulsen Mar 27, 2025
bbdd048
test: add test cases for domain concealment in auth error messages
ericpaulsen Mar 27, 2025
4fe7e66
move tests to userauth_test.go & reduce comments
ericpaulsen Mar 27, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
test: add test cases for domain concealment in auth error messages 
- Verifies the error message no longer shows domain list - Adds tests for both invalid domain and malformed email cases - Includes test for successful login with allowed domain - Fixes response body closing in test
  • Loading branch information
@ericpaulsen
ericpaulsen committed Mar 27, 2025
commit bbdd048969bb5c609566f7b77ab83789256a1a05
3 changes: 2 additions & 1 deletion coderd/domain_error_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -111,7 +111,8 @@ func TestOIDCDomainErrorMessage(t *testing.T) {
}

// Attempt login and expect success
client, _ := fake.Login(t, server, claims)
client, resp := fake.Login(t, server, claims)
defer resp.Body.Close()

// Verify the user was created correctly
user, err := client.User(context.Background(), "me")
Expand Down
Loading
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy