fix: update continuation_token pattern restriction#216
Merged
Conversation
justincoh
changed the title
continuation_token pattern restriction
jpadilla
approved these changes
Dec 30, 2024
This was referenced Dec 30, 2024
aaguiarz
pushed a commit
that referenced
this pull request
Jan 13, 2026
* chore: remove lingering comment in proto defn * fix regex pattern to allow empty continuation token
aaguiarz
added a commit
that referenced
this pull request
Mar 19, 2026
* poc: support AuthZEN spec https://openid.net/specs/authorization-api-1_0-01.html * chore: changed authzen path and relaxed validation rules * feat: added Evaluations endpoint * docs: add documentation for using contextual tuples in Expand API (#209) Co-authored-by: Maria Ines Parnisari <maria.inesparnisari@okta.com> * chore: added error in context for request * fix: make CheckError types snake case (#213) make CheckError types snake case * chore(ci): changed the validate swagger ci tag (#214) The old one has been deprecated and is causing CI errors as can be seen here: https://github.com/openfga/api/actions/runs/12349913805/job/34484604530?pr=211 * feat: add name as a filter for ListStores (#211) * Add name as a filter for ListStores * Add validation and openapi annotations * Skip validation on empty name * Add description * chore: add pattern restriction on `continuation_token` (#215) * add pattern restriction on continuation_tokens * update continuation_token regex to be specific to url base64 * fix: update `continuation_token` pattern restriction (#216) * chore: remove lingering comment in proto defn * fix regex pattern to allow empty continuation token * chore(deps): bump google.golang.org/grpc from 1.64.0 to 1.64.1 in /proto (#178) Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.64.0 to 1.64.1. - [Release notes](https://github.com/grpc/grpc-go/releases) - [Commits](grpc/grpc-go@v1.64.0...v1.64.1) --- updated-dependencies: - dependency-name: google.golang.org/grpc dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump the dependencies group across 1 directory with 3 updates (#217) Bumps the dependencies group with 3 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) and [swaggerexpert/swagger-editor-validate](https://github.com/swaggerexpert/swagger-editor-validate). Updates `actions/checkout` from 4.1.3 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@1d96c77...11bd719) Updates `bufbuild/buf-setup-action` from 1.34.0 to 1.48.0 - [Release notes](https://github.com/bufbuild/buf-setup-action/releases) - [Commits](bufbuild/buf-setup-action@35c243d...1115d0a) Updates `swaggerexpert/swagger-editor-validate` from 1.4.1 to 1.4.2 - [Release notes](https://github.com/swaggerexpert/swagger-editor-validate/releases) - [Commits](swaggerexpert/swagger-editor-validate@db517d5...e8e51db) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: bufbuild/buf-setup-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: swaggerexpert/swagger-editor-validate dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * fix: add regex for read api user field (#218) Add regex to assert that read API's user field (if specified) must have both type and object. Close openfga/openfga#2189 * fix: mark tuple_key in BatchCheckItem as required in validation (#222) * fix(api): add max 50 batch check by default note (#227) * fix(api): add max 50 batch check by default note * comment fix * after daniel review * add spacing * chore(deps): bump golang.org/x/net from 0.26.0 to 0.36.0 in /proto (#224) Bumps [golang.org/x/net](https://github.com/golang/net) from 0.26.0 to 0.36.0. - [Commits](golang/net@v0.26.0...v0.36.0) --- updated-dependencies: - dependency-name: golang.org/x/net dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * Update SECURITY-INSIGHTS (#229) * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * "chore: updating SECURITY-INSIGHTS" * chore(deps): bump the dependencies group across 1 directory with 2 updates (#223) Bumps the dependencies group with 2 updates in the / directory: [bufbuild/buf-setup-action](https://github.com/bufbuild/buf-setup-action) and [swaggerexpert/swagger-editor-validate](https://github.com/swaggerexpert/swagger-editor-validate). Updates `bufbuild/buf-setup-action` from 1.48.0 to 1.50.0 - [Release notes](https://github.com/bufbuild/buf-setup-action/releases) - [Commits](bufbuild/buf-setup-action@1115d0a...a47c93e) Updates `swaggerexpert/swagger-editor-validate` from 1.4.2 to 1.5.1 - [Release notes](https://github.com/swaggerexpert/swagger-editor-validate/releases) - [Commits](swaggerexpert/swagger-editor-validate@e8e51db...264fd87) --- updated-dependencies: - dependency-name: bufbuild/buf-setup-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: swaggerexpert/swagger-editor-validate dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 4.2.2 to 4.3.0 in the dependencies group (#230) chore(deps): bump actions/checkout in the dependencies group Bumps the dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.2.2 to 4.3.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@11bd719...08eba0b) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * ci: update dependabot config (#231) * feat: add support for Write API with on_duplicate and on_missing options (#233) * OpenFGA API Protobuf for Idempotent Writes * Update openfga/v1/openfga_service.proto Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * CodeReview fixes * CodeReview fixes * changing on_missing and on_duplicate to string value instead of Enum for proper JSON values * Make sure on_duplicate, on_missing are optional params --------- Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> * chore(deps): bump actions/checkout from 4.3.0 to 5.0.0 in the dependencies group (#232) chore(deps): bump actions/checkout in the dependencies group Bumps the dependencies group with 1 update: [actions/checkout](https://github.com/actions/checkout). Updates `actions/checkout` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@08eba0b...08c6903) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(docs): update README (#236) * chore(docs): update README * chore: updated dependencies * feat: authzen 1.0 implementation * fix: addresed lint issues * fix: add store_id to metadata discovery endpoint * Improved Evaluations docs and changed EvaluationsSemantic definition * Moved authorization_model_id put of the request body * Moved authorization_model_id put of the request body * fix: make pages field optional in protobuf * fix: changed result body for search results * fix: added swagger * authzen: require strict store_id validation across endpoints * authzen: mark APIs as experimental in proto and docs * authzen: document short-circuit partial results and model header * chore: remove go.mod * chore: generated swagger file * fix: make configuration endpoint compatible to spec * fix: fixed SubjectFilter to not to include ID and added ResourceFilter so it's consisten. Fixed evaluations response format to return an object * Update authzen/v1/authzen_service.proto Make ResourceFilter required for ResourceSearch Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> * fix: run buf to apply latest protobuf changes, making RequestFilter required * fix: improved ID validations and specified min_items for Evaluations * fix: properly set required fields for GetConfigurationResponse and removed AuthZen tag for consistency in swaggere generation * fix: moved lint ignores from .proto to buf.yaml * fix: removed references to spec section numbers, reserved fields, and fixed field numbers in Action * fix: fixed more required/optional fields in protobuf definition * fix: moved store_id as the 1st field in protobuf and addressed resource id pattern regex * fix: regenerated pb.go for authzen --------- Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Raghd Hamzeh <raghd.hamzeh@openfga.dev> Co-authored-by: Sujitha A V <72297938+sujitha-av@users.noreply.github.com> Co-authored-by: Maria Ines Parnisari <maria.inesparnisari@okta.com> Co-authored-by: Justin Cohen <justincoh@gmail.com> Co-authored-by: Karl Persson <kalle.persson92@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Adrian Tam <adrian.tam@okta.com> Co-authored-by: Ewan Harris <ewan.harris@okta.com> Co-authored-by: Talent Zeng <talent.z@hotmail.com> Co-authored-by: Evan Sims <hello@evansims.com> Co-authored-by: Zilvinas Vilutis <cikasfm@users.noreply.github.com> Co-authored-by: coderabbitai[bot] <136622811+coderabbitai[bot]@users.noreply.github.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
In #215 we introduced a patten restriction on
continuation_tokenvalues. That pattern is correct if the value is present, but it did not account for requests where the token is not present.This PR updates the pattern to allow for empty strings also. I've tested locally on
openfgawith the updates here and it looks good.References
Review Checklist
main