Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PDS - inspect bearer tokens #2688

Merged
merged 2 commits into from
Aug 5, 2024
Merged

PDS - inspect bearer tokens #2688

merged 2 commits into from
Aug 5, 2024

Conversation

dholms
Copy link
Collaborator

@dholms dholms commented Aug 5, 2024

Inspect bearer tokens to check if they are access tokens or service auth tokens so that we can report the correct error.

We use the presence of the lxm claim to determine if they are service auth tokens.

@dholms dholms merged commit 269cbc8 into main Aug 5, 2024
3 checks passed
@dholms dholms deleted the bearer-token-introspection branch August 5, 2024 23:05
@github-actions github-actions bot mentioned this pull request Aug 5, 2024
Merged
estrattonbailey added a commit that referenced this pull request Aug 15, 2024
@estrattonbailey
Merge remote-tracking branch 'origin/main' into reply-qp-moderation
2c0e730 
* origin/main:
  Provide a ponyfill for CustomEvent (#2710)
  Ensure presence of DPoP related response headers (#2711)
  prettier ignore changelogs, as changesets not resolving prettier config properly
  Version packages (#2709)
  Export `AtpAgentOptions` type from @atproto/api (#2708)
  tidy
  Version packages (#2706)
  Update changeset to better reflect changes (#2707)
  Client SDK rework (#2483)
  Allow aud of pds or entryway for service auth tokens on pds (#2694)
  Version packages (#2692)
  Lex-cli prettier changes changeset (#2691)
  Version packages (#2689)
  PDS - inspect bearer tokens (#2688)
  Version packages (#2685)
  Service auth method binding - PDS (#2668)
  minor typos in descriptions and comments (#2681)
  Fix run-dev-env-logged command (#2682)
  Version packages (#2677)
  Tweak some wording in `oauth-client-browser` readme (#2678)
haileyok pushed a commit that referenced this pull request Aug 16, 2024
@dholms @haileyok
PDS - inspect bearer tokens (#2688)
7bd6cc8 
* inspect bearer tokens to determine if theyre access tokens or service auth tokens

* changeset
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@devinivy devinivy devinivy approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@dholms @devinivy