Tags: zhailuxu/tyk
Tags
[TT-4994] Middleware: ensure that session with applied policies is re… …turned. (TykTechnologies#3993) During `CheckSessionAndIdentityForValidKey`, we call `ApplyPolicies` on a copy of the session object, in the current implementation this modified session isn't returned, but a previous session is returned instead. Detail (with comments): ```go // 1. The session object is retrieved with SessionDetail: session, found = t.Spec.AuthManager.SessionDetail(t.Spec.OrgID, key, false) if found { key = session.KeyID // 2. The object is cloned, the "session" we're referring to in this block is a different one now... session := session.Clone() session.SetKeyHash(keyHash) t.Logger().Info("Recreating session for key: ", t.Gw.obfuscateKey(key)) if !t.Spec.GlobalConfig.LocalSessionCache.DisableCacheSessionState { go t.Gw.SessionCache.Set(cacheKey, session, cache.DefaultExpiration) } // 3. We apply policies to this cloned session object: if err := t.ApplyPolicies(&session); err != nil { t.Logger().Error(err) return session, false } t.Logger().Debug("Lifetime is: ", session.Lifetime(t.Spec.SessionLifetime, t.Gw.GetConfig().ForceGlobalSessionLifetime, t.Gw.GetConfig().GlobalSessionLifetime)) // 4. Session update is scheduled. ctxScheduleSessionUpdate(r) } else { // defaulting session.KeyID = key } // 5. The session that's returned here isn't the "cloned" session but the unmodified object from the first step. return session, found ``` ## Related Issue [TT-4994](https://tyktech.atlassian.net/browse/TT-4994?atlOrigin=eyJpIjoiYWM5ZDY0OTA4MTE1NDE5NmI1NzZkZGQzNDJhNGM2YTMiLCJwIjoiaiJ9) ## Motivation and Context To achieve expected behavior. ## How This Has Been Tested Manually tested with custom scenario provided by QA. ## Screenshots (if appropriate) - ## Types of changes <!-- What types of changes does your code introduce? Put an `x` in all the boxes that apply: --> - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to change) - [ ] Refactoring or add test (improvements in base code or adds test coverage to functionality) ## Checklist <!-- Go over all the following points, and put an `x` in all the boxes that apply --> <!-- If you're unsure about any of these, don't hesitate to ask; we're here to help! --> - [ ] Make sure you are requesting to **pull a topic/feature/bugfix branch** (right side). If pulling from your own fork, don't request your `master`! - [x] Make sure you are making a pull request against the **`master` branch** (left side). Also, you should start *your branch* off *our latest `master`*. - [ ] My change requires a change to the documentation. - [ ] If you've changed APIs, describe what needs to be updated in the documentation. - [ ] If new config option added, ensure that it can be set via ENV variable - [ ] I have updated the documentation accordingly. - [ ] Modules and vendor dependencies have been updated; run `go mod tidy && go mod vendor` - [ ] When updating library version must provide reason/explanation for this update. - [ ] I have added tests to cover my changes. - [ ] All new and existing tests passed. - [x] Check your code additions will not fail linting checks: - [ ] `go fmt -s` - [ ] `go vet` Co-authored-by: Tomas Buchaillot <[email protected]> (cherry picked from commit 6f1253c)
TT-5026 Initializing OrganizationMonitor with a valid gw pointer (Tyk… …Technologies#3987) * initializing OrganizationMonitor with a valid gw pointer * adding TestOrganizationMonitorEnabled test * linting (cherry picked from commit bf55ebe)
Disallow loading TCP services on main gateway port (TykTechnologies#3984 ) It will throw meaningful error (cherry picked from commit f5d1207)
PreviousNext