Bug 1684402
Summary: | No type validation for accessTokenMaxAgeSeconds in oauth | ||
---|---|---|---|
Product: | OpenShift Container Platform | Reporter: | Chuan Yu <chuyu> |
Component: | apiserver-auth | Assignee: | Standa Laznicka <slaznick> |
Status: | CLOSED ERRATA | QA Contact: | Chuan Yu <chuyu> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 4.1.0 | CC: | aos-bugs, eparis, evb, gblomqui, mkhan, nagrawal, vlaad |
Target Milestone: | --- | ||
Target Release: | 4.1.0 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | f this bug is not fixed by Friday, May 3, we will move this to 4.2. Update 5/2: All the changes for fix are done in PR, awaiting CI | ||
Fixed In Version: | Doc Type: | No Doc Update | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2019-06-04 10:44:51 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Chuan Yu
2019-03-01 07:58:22 UTC
Verified failed. The accessTokenMaxAgeSeconds could be configured with negative number, such as `accessTokenMaxAgeSeconds: -86400` $ oc get clusterversion NAME VERSION AVAILABLE PROGRESSING SINCE STATUS version 4.0.0-0.nightly-2019-03-18-223058 True False 9h Cluster version is 4.0.0-0.nightly-2019-03-18-223058 -86400 is a valid value: https://github.com/openshift/api/blob/master/config/v1/types_oauth.go#L55 Thanks for the clarification, it make sense, verified. I overlooked the fact that this is accessTokenMaxAgeSeconds and not accessTokenInactivityTimeout. This needs fixing, will be done as a part of https://github.com/openshift/origin/pull/21922 Verified on 4.1.0-0.nightly-2019-05-04-210601 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHBA-2019:0758 |