Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

docs: update openid-connect attributes description and sync CN doc attributes. #7371

Merged
merged 7 commits into from
Jul 5, 2022
Merged

docs: update openid-connect attributes description and sync CN doc attributes. #7371

merged 7 commits into from
Jul 5, 2022

Conversation

guitu168
Copy link
Contributor

@guitu168 guitu168 commented Jul 2, 2022
edited
Loading

Description

update openid-connect attributes description and add CN doc attributes.
add token_endpoint_auth_method attributes.

Fixes # (issue)

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change
  • I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

juzhiyuan
juzhiyuan reviewed Jul 4, 2022
View reviewed changes
docs/zh/latest/plugins/openid-connect.md Outdated Show resolved Hide resolved
docs/en/latest/plugins/openid-connect.md Outdated
| timeout | integer | False | 3 | [1,...] | Request timeout time in seconds. |
| ssl_verify | boolean | False | false | | When set to true, verifies the identity provider's SSL certificates. |
| introspection_endpoint | string | False | | | URL of the token verification endpoint of the identity server. |
| introspection_endpoint_auth_method | string | False | | | Authentication method name for token introspection, If not specified, the default will use the first value in well_know. |
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm not clear, cc @starsz to have a check 🙏

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ok.Let me have a check.

Copy link
Contributor

@starsz starsz Jul 4, 2022
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

After digging it into.I found that:

  1. The default value of introspection_endpoint_auth_method is "client_secret_basic", sorry to @hf400159 .
  2. And the lua-resty-openidc will use another conf called "token_endpoint_auth_method".It doesn't introduce in the docs, but it can work well in "openid-connection" plugin.

The default value of "token_endpoint_auth_method" will fetch the first supported method specified by the OP.
refer https://github.com/zmartzone/lua-resty-openidc/blob/master/lib/resty/openidc.lua#L677

So in conclusion, I think we should keep the original doc, and add the new field of "token_endpoint_auth_method" to the docs.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@starsz fixed. PTAL 😄

@juzhiyuan juzhiyuan merged commit 2f7833e into apache:master Jul 5, 2022
Liu-Junlin pushed a commit to Liu-Junlin/apisix that referenced this pull request Nov 4, 2022
@guitu168 @Liu-Junlin
docs: update openid-connect attributes description and sync CN doc at…
3f2b0e7 
…tributes. (apache#7371)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@juzhiyuan juzhiyuan juzhiyuan approved these changes

@starsz starsz starsz approved these changes

@SylviaBABY SylviaBABY SylviaBABY approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@guitu168 @juzhiyuan @starsz @SylviaBABY