elastic/kibana

Allow edit of `redirectURL` and `authResponseHeaders` on `AuthenticationResult` objects after creation

Open

#144,698 opened on Nov 7, 2022

View on GitHub
 (1 comment) (0 reactions) (0 assignees)TypeScript (19,065 stars) (8,021 forks)batch import
Feature:Security/AuthenticationTeam:Securitygood first issuetechnical debt

Description

In a few locations we've had the need to edit either the redirectURL or the authResponseHeaders of an already created AuthenticationResult object. These properties are read-only and so we currently resort to simply create a new AuthenticationResult object with the changes. This leads to fairly verbose code and can lead to errors if we forget to copy all fields. So it would be better to allow these fields to be edited post-creation.

Example of how this is done today:

https://github.com/elastic/kibana/blob/a7976e57aaf5d59cbf3cd8f017104155f42de832/x-pack/plugins/security/server/authentication/authenticator.ts#L428-L440

Contributor guide

Tech stack
typescript
Domain
backendauthentication
Issue type
feature
DifficultyEstimated implementation difficulty for a new contributor, from 1 for very small changes to 5 for expert-level work.
3
Estimated timeA rough time range for an experienced contributor to investigate, implement, test, and prepare a pull request.
1-3 hours
Activity statusHow available the issue appears right now: fresh, active, stale, blocked, or waiting on maintainer input.
stale
ClarityHow clearly the issue explains the expected change, acceptance criteria, and next step.
clear
Prerequisites
TypeScript basicsAuthenticationResult classKibana security plugin structure
Newbie friendlinessA 1-100 score estimating how approachable this issue is for first-time contributors.
65
Research direction
Examine the AuthenticationResult class in the Kibana security plugin (likely in x pack/plugins/security/server/authentication/). The linked code snippet in the issue shows the current workaround. Determine where the class is defined and investigate how to make redirectURL and authResponseHeaders mutable. Ensure no breaking changes to existing code and add tests if applicable.