Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make check for audience claim in access token optional in OIDC provider #5860

Closed
m1h43l opened this issue Jan 13, 2023 · 1 comment · Fixed by #6959
Closed

Make check for audience claim in access token optional in OIDC provider #5860

m1h43l opened this issue Jan 13, 2023 · 1 comment · Fixed by #6959
Assignees
@Tomas-Kraus
Labels
enhancement New feature or request P3 security team-fix This issue is available for team members to be fixed. Should not require deep knowledge of Helidon

Comments

@m1h43l
Copy link

m1h43l commented Jan 13, 2023

It is not always possible to configure the Identity Provider to have compatible "aud" claim. It would be very nice to have the check for the "aud" claim optional (with default = true (do check claim) ).

Environment Details

This is not version or SE/MP specific or platform specific.
@m0mus m0mus added enhancement New feature or request security P3 labels Feb 6, 2023
@m0mus m0mus assigned Verdent and unassigned Verdent Feb 6, 2023
@m0mus m0mus added the help wanted Extra attention is needed label Feb 6, 2023
@tomas-langer tomas-langer added team-fix This issue is available for team members to be fixed. Should not require deep knowledge of Helidon and removed help wanted Extra attention is needed labels Feb 12, 2023
@Tomas-Kraus
Copy link
Member

According to https://datatracker.ietf.org/doc/html/rfc7519#section-4.1.3 this claim is optional so why not.

Tomas-Kraus added a commit to Tomas-Kraus/helidon that referenced this issue Jun 7, 2023
@Tomas-Kraus
Issue helidon-io#5860 - Make check for audience claim in access token…
3614c10 
… optional in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
@Tomas-Kraus Tomas-Kraus self-assigned this Jun 7, 2023
@Tomas-Kraus Tomas-Kraus linked a pull request Jun 7, 2023 that will close this issue
4.x: Make check for audience claim in access token optional in OIDC provider #6959
Merged
Tomas-Kraus added a commit to Tomas-Kraus/helidon that referenced this issue Jun 15, 2023
@Tomas-Kraus
Issue helidon-io#5860 - Make check for audience claim in access token…
7a630e3 
… optional in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Tomas-Kraus added a commit to Tomas-Kraus/helidon that referenced this issue Jul 21, 2023
@Tomas-Kraus
Issue helidon-io#5860 - Make check for audience claim in access token…
de61619 
… optional in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Tomas-Kraus added a commit to Tomas-Kraus/helidon that referenced this issue Aug 17, 2023
@Tomas-Kraus
Issue helidon-io#5860 - Make check for audience claim in access token…
56daa07 
… optional in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
@tomas-langer tomas-langer mentioned this issue Aug 17, 2023
Merged
Tomas-Kraus added a commit that referenced this issue Aug 22, 2023
@Tomas-Kraus
Issue #5860 - Make check for audience claim in access token optional …
332d336 
…in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
dalexandrov pushed a commit to dalexandrov/helidon that referenced this issue Aug 26, 2023
@Tomas-Kraus @dalexandrov
Issue helidon-io#5860 - Make check for audience claim in access token…
5f00c45 
… optional in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
@m0mus m0mus added this to Backlog Aug 12, 2024
@m0mus m0mus moved this to Closed in Backlog Aug 12, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Tomas-Kraus Tomas-Kraus

Labels
enhancement New feature or request P3 security team-fix This issue is available for team members to be fixed. Should not require deep knowledge of Helidon
Projects
Backlog
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

4.x: Make check for audience claim in access token optional in OIDC provider Tomas-Kraus/helidon
5 participants
@Verdent @m0mus @m1h43l @tomas-langer @Tomas-Kraus