Properly propagate private key for azure app #48550

greedy52 · 2024-11-06T21:43:49Z

Logging in to Azure CLI access not working (application access) #48522

Azure middleware needs to use a private key to sign JWT and the server verifies the JWT using the App TLS cert. This is broken after the App TLS cert uses its own key instead of the core one.

aws-amplify-us-west-2 · 2024-11-06T21:45:42Z

This pull request is automatically being deployed by Amplify Hosting (learn more).

Access this pull request here: https://pr-48550.d3pp5qlev8mo18.amplifyapp.com

tool/tsh/common/app_azure.go

gabrielcorado

Just tested with my test plan setup and confirmed this fix the issue. Thanks!

greedy52 · 2024-11-11T22:20:59Z

Friendly ping @nklaassen and @fspmarshall

lib/srv/alpnproxy/azure_msi_middleware.go

fspmarshall

LGTM once existing feedback is addressed.

nklaassen

thanks for fixing this, my bad 😅

public-teleport-github-review-bot · 2024-11-12T19:57:41Z

@greedy52 See the table below for backport results.

Branch	Result
branch/v17	Create PR

greedy52 added the backport/branch/v17 label Nov 6, 2024

greedy52 self-assigned this Nov 6, 2024

Properly propagate new private key for azure app

b264cf7

greedy52 force-pushed the STeve/48522_fix_azure_cli_private_key branch from 9ee501b to b264cf7 Compare November 6, 2024 21:57

greedy52 changed the title ~~Properly propagate new private key for azure app~~ Properly propagate private key for azure app Nov 6, 2024

minor refactor

e19045a

greedy52 requested review from nklaassen, Tener and gabrielcorado November 7, 2024 17:16

greedy52 marked this pull request as ready for review November 7, 2024 17:16

github-actions bot added size/sm tsh tsh - Teleport's command line tool for logging into nodes running Teleport. labels Nov 7, 2024

github-actions bot requested review from fspmarshall and kopiczko November 7, 2024 17:17

Tener approved these changes Nov 8, 2024

View reviewed changes

tool/tsh/common/app_azure.go Show resolved Hide resolved

gabrielcorado approved these changes Nov 8, 2024

View reviewed changes

greedy52 added the no-changelog Indicates that a PR does not require a changelog entry label Nov 8, 2024

nklaassen reviewed Nov 12, 2024

View reviewed changes

lib/srv/alpnproxy/azure_msi_middleware.go Outdated Show resolved Hide resolved

fspmarshall approved these changes Nov 12, 2024

View reviewed changes

public-teleport-github-review-bot bot removed the request for review from kopiczko November 12, 2024 19:04

safety check

627e910

greedy52 requested a review from nklaassen November 12, 2024 19:19

nklaassen approved these changes Nov 12, 2024

View reviewed changes

greedy52 added this pull request to the merge queue Nov 12, 2024

Merged via the queue into master with commit 26cb848 Nov 12, 2024
40 checks passed

greedy52 deleted the STeve/48522_fix_azure_cli_private_key branch November 12, 2024 19:56

greedy52 mentioned this pull request Nov 12, 2024

[v17] Properly propagate private key for azure app #48841

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Properly propagate private key for azure app #48550

Properly propagate private key for azure app #48550

greedy52 commented Nov 6, 2024

aws-amplify-us-west-2 bot commented Nov 6, 2024

gabrielcorado left a comment

greedy52 commented Nov 11, 2024

fspmarshall left a comment

nklaassen left a comment

public-teleport-github-review-bot bot commented Nov 12, 2024

Properly propagate private key for azure app #48550

Properly propagate private key for azure app #48550

Conversation

greedy52 commented Nov 6, 2024

aws-amplify-us-west-2 bot commented Nov 6, 2024

gabrielcorado left a comment

Choose a reason for hiding this comment

greedy52 commented Nov 11, 2024

fspmarshall left a comment

Choose a reason for hiding this comment

nklaassen left a comment

Choose a reason for hiding this comment

public-teleport-github-review-bot bot commented Nov 12, 2024