From 401890d0c73a33e0e861e8a1f8769b04fa44fe36 Mon Sep 17 00:00:00 2001 From: soloio-bot Date: Fri, 6 Dec 2024 17:10:35 +0000 Subject: [PATCH] Sync Gloo APIs. Destination Branch: gloo-v1.18.x --- api/gloo/enterprise.gloo/v1/auth_config.proto | 12 ++++++++++-- .../options/extauth/v1/extauth-internal.proto | 2 ++ pkg/api/enterprise.gloo.solo.io/v1/auth_config.pb.go | 12 ++++++++++-- .../v1/extauth-internal.pb.go | 2 ++ 4 files changed, 24 insertions(+), 4 deletions(-) diff --git a/api/gloo/enterprise.gloo/v1/auth_config.proto b/api/gloo/enterprise.gloo/v1/auth_config.proto index d722231e..24d43cfa 100644 --- a/api/gloo/enterprise.gloo/v1/auth_config.proto +++ b/api/gloo/enterprise.gloo/v1/auth_config.proto @@ -484,8 +484,12 @@ message UserSession { // Cookies are not sent on normal cross-site subrequests, but are sent when // navigating to the origin site. LaxMode = 1; - // Only be sent in a first-party context and not be sent along with requests - // initiated by third party websites. + // Cookies are sent only in first-party contexts and are not sent along with requests + // initiated by third-party websites. + // + // **Warning**: Do not use this mode if the app and the IdP have different domains. + // In this case, some browsers incorrectly detect the redirect from `/callback` to `/login` + // as a cross-site request. StrictMode = 2; // Cookies are sent in all contexts. Cookie NotSecure must be unset. NoneMode = 3; @@ -1145,6 +1149,8 @@ message ApiKeyAuth { oneof storage_backend { K8sSecretApiKeyStorage k8s_secret_apikey_storage = 6; + // Deprecated: Support for Aerospike is deprecated and will be removed in a future release. + // Use of this feature is not recommended. AerospikeApiKeyStorage aerospike_apikey_storage = 7; } @@ -1186,6 +1192,8 @@ message K8sSecretApiKeyStorage { repeated core.solo.io.ResourceRef api_key_secret_refs = 2; } +// Deprecated: Support for Aerospike is deprecated and will be removed in a future release. +// Use of this feature is not recommended. message AerospikeApiKeyStorage { // The IP address or hostname of one of the cluster members of your Aerospike database. The address must be reachable from Gloo Edge, such as in a virtual machine with a public IP address or in a pod in the cluster. // The client automatically discovers other members of the cluster after establishing a connection. diff --git a/api/gloo/gloo/v1/enterprise/options/extauth/v1/extauth-internal.proto b/api/gloo/gloo/v1/enterprise/options/extauth/v1/extauth-internal.proto index 40847767..19b0e8ae 100644 --- a/api/gloo/gloo/v1/enterprise/options/extauth/v1/extauth-internal.proto +++ b/api/gloo/gloo/v1/enterprise/options/extauth/v1/extauth-internal.proto @@ -580,6 +580,8 @@ message ExtAuthConfig { oneof storage_backend { K8sSecretApiKeyStorage k8s_secret_apikey_storage = 4; + // Deprecated: Support for Aerospike is deprecated and will be removed in a future release. + // Use of this feature is not recommended. AerospikeApiKeyStorage aerospike_apikey_storage = 5; ServerDefaultApiKeyStorage server_default_apikey_storage = 7; } diff --git a/pkg/api/enterprise.gloo.solo.io/v1/auth_config.pb.go b/pkg/api/enterprise.gloo.solo.io/v1/auth_config.pb.go index 212c7499..2ec0281e 100644 --- a/pkg/api/enterprise.gloo.solo.io/v1/auth_config.pb.go +++ b/pkg/api/enterprise.gloo.solo.io/v1/auth_config.pb.go @@ -132,8 +132,12 @@ const ( // Cookies are not sent on normal cross-site subrequests, but are sent when // navigating to the origin site. UserSession_CookieOptions_LaxMode UserSession_CookieOptions_SameSite = 1 - // Only be sent in a first-party context and not be sent along with requests - // initiated by third party websites. + // Cookies are sent only in first-party contexts and are not sent along with requests + // initiated by third-party websites. + // + // **Warning**: Do not use this mode if the app and the IdP have different domains. + // In this case, some browsers incorrectly detect the redirect from `/callback` to `/login` + // as a cross-site request. UserSession_CookieOptions_StrictMode UserSession_CookieOptions_SameSite = 2 // Cookies are sent in all contexts. Cookie NotSecure must be unset. UserSession_CookieOptions_NoneMode UserSession_CookieOptions_SameSite = 3 @@ -3531,6 +3535,8 @@ type ApiKeyAuth_K8SSecretApikeyStorage struct { } type ApiKeyAuth_AerospikeApikeyStorage struct { + // Deprecated: Support for Aerospike is deprecated and will be removed in a future release. + // Use of this feature is not recommended. AerospikeApikeyStorage *AerospikeApiKeyStorage `protobuf:"bytes,7,opt,name=aerospike_apikey_storage,json=aerospikeApikeyStorage,proto3,oneof"` } @@ -3597,6 +3603,8 @@ func (x *K8SSecretApiKeyStorage) GetApiKeySecretRefs() []*core.ResourceRef { return nil } +// Deprecated: Support for Aerospike is deprecated and will be removed in a future release. +// Use of this feature is not recommended. type AerospikeApiKeyStorage struct { state protoimpl.MessageState sizeCache protoimpl.SizeCache diff --git a/pkg/api/enterprise.gloo.solo.io/v1/extauth-internal.pb.go b/pkg/api/enterprise.gloo.solo.io/v1/extauth-internal.pb.go index 2620222f..f4f97425 100644 --- a/pkg/api/enterprise.gloo.solo.io/v1/extauth-internal.pb.go +++ b/pkg/api/enterprise.gloo.solo.io/v1/extauth-internal.pb.go @@ -2035,6 +2035,8 @@ type ExtAuthConfig_ApiKeyAuthConfig_K8SSecretApikeyStorage struct { } type ExtAuthConfig_ApiKeyAuthConfig_AerospikeApikeyStorage struct { + // Deprecated: Support for Aerospike is deprecated and will be removed in a future release. + // Use of this feature is not recommended. AerospikeApikeyStorage *AerospikeApiKeyStorage `protobuf:"bytes,5,opt,name=aerospike_apikey_storage,json=aerospikeApikeyStorage,proto3,oneof"` }