airavata-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "ASF GitHub Bot (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (AIRAVATA-2477) For gateway request, store admin password in credential store
Date Tue, 04 Jul 2017 22:36:01 GMT

    [ https://issues.apache.org/jira/browse/AIRAVATA-2477?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16074101#comment-16074101
] 

ASF GitHub Bot commented on AIRAVATA-2477:
------------------------------------------

Github user machristie commented on a diff in the pull request:

    https://github.com/apache/airavata-php-gateway/pull/64#discussion_r125534137
  
    --- Diff: app/libraries/AdminUtilities.php ---
    @@ -28,7 +28,8 @@ public static function add_gateway($inputs)
             $gateway->gatewayAdminEmail = $inputs["admin-email"];
             $gateway->gatewayAdminLastName = $inputs["admin-lastname"];
             $gateway->identityServerUserName = $inputs["admin-username"];
    -        $gateway->identityServerPasswordToken  = $inputs["admin-password"];
    +        $token = create_pwd_token([Session::get('username'), $inputs["admin-password"]]);
    --- End diff --
    
    I think you have to call create_pwd_token like `AdminUtilities::create_pwd_token`. Also
the array passed should specify the keys.  Something like
    ```
    AdminUtilities::create_pwd_token([
      "username" => $inputs["admin-username"], 
      "password" => $inputs["admin-password"],
      "description" => "Admin user password for gateway " . $id
    ]);


> For gateway request, store admin password in credential store
> -------------------------------------------------------------
>
>                 Key: AIRAVATA-2477
>                 URL: https://issues.apache.org/jira/browse/AIRAVATA-2477
>             Project: Airavata
>          Issue Type: Bug
>          Components: PGA PHP Web Gateway
>            Reporter: Marcus Christie
>            Assignee: Sneha Tilak
>
> Looks like currently the code is storing the admin password provided by a gateway requester
in the identityServerPasswordToken field of the Gateway object.  Instead the code should store
the username and password in the credential store, get back a credential store token, and
save this token in the identityServerPasswordToken field of the Gateway object.
> See AdminUtilities::create_pwd_token for how to generate a password token.



--
This message was sent by Atlassian JIRA
(v6.4.14#64029)

Mime
View raw message