conjur icon indicating copy to clipboard operation
conjur copied to clipboard

Published 20 hours ago verified publisher icon cyberark

Auth persist api

Open telday opened this issue 2 years ago • 2 comments

Desired Outcome

Adds a new API collection which allows users to configure a policy/secret values for an authentication webservice with one HTTP request.

Implemented Changes

Adds a new route to Conjur (POST /authenticators/:account/persist) which accepts a JSON object in the body:

{
    "authenticator": "<authenticator type>",
    "service-id": "<authenticator service  id>",
    <variables>
}

Connected Issue/Story

Resolves #[relevant GitHub issue(s), e.g. 76]

CyberArk internal issue link: insert issue ID

Changelog

  • [x] The CHANGELOG has been updated, or
  • [ ] This PR does not include user-facing changes and doesn't require a CHANGELOG update

Test coverage

  • [x] This PR includes new unit and integration tests to go with the code changes, or
  • [ ] The changes in this PR do not require tests

Documentation

  • [ ] Docs (e.g. READMEs) were updated in this PR
  • [ ] A follow-up issue to update official docs has been filed here: insert issue ID
  • [ ] This PR does not require updating any documentation

Behavior

  • [x] This PR changes product behavior and has been reviewed by a PO, or
  • [ ] These changes are part of a larger initiative that will be reviewed later, or
  • [ ] No behavior was changed with this PR

Security

  • [x] Security architect has reviewed the changes in this PR,
  • [ ] These changes are part of a larger initiative with a separate security review, or
  • [ ] There are no security aspects to these changes

telday avatar Mar 28 '22 14:03 telday

@telday, I was playing with this a bit on Friday and before we get this in, we need to standardize the URLs to conform both to our current authenticator standards, but also REST best practices. Can you please break each authenticator "create" into the following convention:

POST https://{Conjur-server-hostname}/authn-{type}/{service-id}/{account}

The JSON body should be updated to remove the service_id from the doc (as it's now in the URI).

jvanderhoof avatar Apr 11 '22 16:04 jvanderhoof

Code Climate has analyzed commit 704deab0 and detected 46 issues on this pull request.

Here's the issue category breakdown:

Category Count
Duplication 3
Style 6
Complexity 37

The test coverage on the diff in this pull request is 95.9% (50% is the threshold).

This pull request will bring the total coverage in the repository to 90.3% (-1.4% change).

View more on Code Climate.

codeclimate[bot] avatar Nov 15 '22 18:11 codeclimate[bot]