Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

4.x: Make check for audience claim in access token optional in OIDC provider #6959

Merged
merged 5 commits into from
Aug 22, 2023

Conversation

Tomas-Kraus
Copy link
Member

@Tomas-Kraus Tomas-Kraus commented Jun 7, 2023

Added optional-audience config option to make audience claim optional.
Automatic audience claim generation is disabled when this option is set to true.

Resolves #5860

@Tomas-Kraus Tomas-Kraus requested a review from Verdent June 7, 2023 11:30
@oracle-contributor-agreement oracle-contributor-agreement bot added the OCA Verified All contributors have signed the Oracle Contributor Agreement. label Jun 7, 2023
@Tomas-Kraus Tomas-Kraus self-assigned this Jun 7, 2023
@Tomas-Kraus
Copy link
Member Author

Fixed conflict after rebase.
@Verdent This PR is here more than month, please review it.

@Tomas-Kraus Tomas-Kraus requested a review from tomas-langer July 27, 2023 14:09
Copy link
Member

@Verdent Verdent left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Right now you are mixing two approaches here. We have tenant and overall OIDC config. I think placing this switch to the BaseBuilder is correct (BaseBuilder is used for both), since audience can be set different for each tenant. But in that case we need to be able also to get it from config in BaseBuilder and not in overall OIDC config only.

@tomas-langer tomas-langer requested a review from Verdent August 14, 2023 20:52
… optional in OIDC provider

Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
@tomas-langer tomas-langer changed the title Make check for audience claim in access token optional in OIDC provider 4.x: Make check for audience claim in access token optional in OIDC provider Aug 17, 2023
Signed-off-by: Tomáš Kraus <tomas.kraus@oracle.com>
@Tomas-Kraus Tomas-Kraus requested a review from Verdent August 18, 2023 11:54
@Tomas-Kraus Tomas-Kraus merged commit cf32b78 into helidon-io:main Aug 22, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
OCA Verified All contributors have signed the Oracle Contributor Agreement.
Projects
None yet
Development

Successfully merging this pull request may close these issues.

Make check for audience claim in access token optional in OIDC provider
3 participants