-
Notifications
You must be signed in to change notification settings - Fork 566
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
4.x: Make check for audience claim in access token optional in OIDC provider #6959
Conversation
Fixed conflict after rebase. |
...oviders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/BaseBuilder.java
Outdated
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Right now you are mixing two approaches here. We have tenant and overall OIDC config. I think placing this switch to the BaseBuilder is correct (BaseBuilder is used for both), since audience can be set different for each tenant. But in that case we need to be able also to get it from config in BaseBuilder and not in overall OIDC config only.
...roviders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/OidcConfig.java
Outdated
Show resolved
Hide resolved
...oviders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/BaseBuilder.java
Outdated
Show resolved
Hide resolved
...roviders/oidc-common/src/main/java/io/helidon/security/providers/oidc/common/OidcConfig.java
Outdated
Show resolved
Hide resolved
… optional in OIDC provider Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Added
optional-audience
config option to make audience claim optional.Automatic audience claim generation is disabled when this option is set to true.
Resolves #5860