fix: read OIDC Prompt from the Prompt key, not the Ports key (#12557)#12559
fix: read OIDC Prompt from the Prompt key, not the Ports key (#12557)#12559DeepDiver1975 wants to merge 3 commits into
Conversation
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
AppConfig::loadOpenIdConfigFromSystemConfig() read the OpenID Connect Prompt value from OidcPortsKey instead of OidcPromptKey. As a result an administrator-provided Prompt in the system configuration was ignored and prompt was instead populated with the raw Ports string (e.g. "8080,8443"), which is not a valid OIDC prompt parameter. Since a valid system OIDC config fully replaces the theme config, the configured prompt was unreachable. Read prompt from OidcPromptKey, and add a regression test that exercises loadOpenIdConfigFromSystemConfig() and asserts prompt, ports and scopes are each sourced from their own key. The method is made public (mirroring configPath) so it is reachable from the test. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
DeepDiver1975
force-pushed
the
fix/oidc-prompt-key-master
branch
from
4c072f8 to
8c92873
Compare
| * Load the OpenID Connect configuration from a system QSettings instance. | ||
| * @param system the system configuration settings | ||
| * @return An OpenIdConfig object populated from the [OpenIDConnect] section. | ||
| * @internal kept public for testing purposes |
There was a problem hiding this comment.
the tests should rely on the original public interfaces only - I do not agree to making any of the internal "helper" functions public as they should never be called by any impl - that is why they are private. This is basic encapsulation.
please refactor your new test to use the appconfig instance only, as that is what is and should continue to be used in real life.
you should be able to essentially do the same thing wrt setting up the test values in a fake system config, then check the values on a resulting appConfig instance.
There was a problem hiding this comment.
Refactored: reverted making loadOpenIdConfigFromSystemConfig() public — the internal helpers stay private. Added a public AppConfig(const QSettings &) constructor that injects the system config source, and the test now builds a fake system config and asserts the values through a real AppConfig instance via openIdConfig(), matching how production code consumes it.
Verified the test fails before the one-line fix (prompt == "8080,8443") and passes after, all through the public interface. AppConfigTest: 4 passed, 0 failed.
Address review feedback (#12559): do not widen the visibility of the private loadOpenIdConfigFromSystemConfig() helper for testing. Instead add a public AppConfig(const QSettings &) constructor that injects the system configuration source, keeping the internal helpers private. The regression test now constructs a real AppConfig from a fake system config and asserts the resulting values through openIdConfig(), exactly as production code consumes them. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
"select_account consent" already differs from the Ports value, so the regression test catches the #12557 bug without changing it. Revert the unnecessary value change and the misleading comment. Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com> Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
2 participants
Summary
Fixes #12557.
AppConfig::loadOpenIdConfigFromSystemConfig()read the OpenID ConnectPromptvalue fromOidcPortsKeyinstead ofOidcPromptKey. As a result, an administrator-providedPromptin the system configuration ([OpenIDConnect]section / Windows registry) was ignored, andpromptwas instead populated with the rawPortsstring (e.g."8080,8443"), which is not a valid OIDCpromptparameter. Since a valid system OIDC config fully replaces the theme config, the configured prompt was unreachable.Changes
promptfromOidcPromptKey.testLoadOpenIdConfig) that exercisesloadOpenIdConfigFromSystemConfig()and assertsprompt,ports, andscopesare each sourced from their own key.loadOpenIdConfigFromSystemConfig()public (mirroring the existingconfigPathtesting convention) so it is reachable from the test.Testing
AppConfigTestpasses locally (4 passed, 0 failed). The new test fails before the fix (prompt would equal"8080,8443") and passes after.Note
#12560 backports the same fix to the
7.1branch.🤖 Generated with Claude Code