Skip to content
This repository has been archived by the owner on Dec 13, 2022. It is now read-only.

Centreon 22.04.1: Contact groups cannot be set when user logs in using OpenID #11555

Open
2 of 4 tasks
j-insan3 opened this issue Aug 10, 2022 · 3 comments
Open
2 of 4 tasks

Centreon 22.04.1: Contact groups cannot be set when user logs in using OpenID #11555

j-insan3 opened this issue Aug 10, 2022 · 3 comments

Comments

@j-insan3
Copy link

j-insan3 commented Aug 10, 2022
edited

BUG REPORT INFORMATION

Prerequisites

Versions
centreon-22.04.1-8.el7.centos.noarch

Operating System

*CentOS 7 *

Browser used

  • Google Chrome
  • Firefox
  • Internet Explorer IE11
  • Safari

Version: latest

Additional environment details (AWS, VirtualBox, physical, etc.):
VMware

Description

When using openID in 22.04 you are unable to add users to contact groups. As soon as they login using openID there contact group membership will reset back to the openID default group.

Steps to Reproduce

Please describe precisely the steps to reproduce the encountered issue.

  1. Add user to a contact group
  2. Configure OpenID
  3. Let user login using OpenID
  4. Check user contact group memberships, they will be gone.

Describe the received result

User contact groups get set to the openID defaults

Describe the expected result

Let users keep all there other memberships

Additional relevant information (e.g. frequency, ...)

Every time an user logs in using OpenID
@ParadoxGuitarist
Copy link

I'm also having this issue, but I realized something else that may or may not be related:

In our instance the OpenID payload has no groups object. I'm not sure if the null object from claim_name is causing it to blank out the group listing (like it's replacing the objects instead of adding to them).

@ParadoxGuitarist
Copy link

Actually I went back to add a known object from the payload that could be used for claim_name and setting it didn't change the behavior. It still removes the user from all assigned groups.

@vwbusguy
Copy link

As a workaround for now, comment out line 98 of /usr/share/centreon/src/Core/Security/Application/UseCase/LoginOpenIdSession/LoginOpenIdSession.php :

            $this->provider->setConfiguration($openIdProviderConfiguration);
            $this->provider->authenticateOrFail($request->authorizationCode, $request->clientIp);
            $user = $this->findUserOrFail();
            #$this->updateUserACL($user);
            $sessionUserInfos = [
                'contact_id' => $user->getId(),
                'contact_name' => $user->getName(),
                'contact_alias' => $user->getAlias(),
                'contact_email' => $user->getEmail(),

Note that this change likely won't persist next time you update Centreon, so this is just a temporary workaround.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@vwbusguy @ParadoxGuitarist @j-insan3