Skip to content
This repository was archived by the owner on Dec 27, 2024. It is now read-only.

Domained audiences do not assume the same issuer #42

Closed
candleshine opened this issue Aug 22, 2018 · 2 comments
Closed

Domained audiences do not assume the same issuer #42

candleshine opened this issue Aug 22, 2018 · 2 comments
Assignees
@candleshine
Labels
enhancement
Milestone
0.6.0

Comments

@candleshine
Copy link
Collaborator

candleshine commented Aug 22, 2018
edited
Loading

the previous domained audience config looked like this

      "jwt": {
      "key": "Zz%TaLM0IM^Ub%I8evp&jdo#cqpBcoKa",
      "issuer": "domained-test-issuer",
      "domainedAudiences": {
        "domain1": {
          "audience1": "132jwS6xavXHKXFwNe2396GmO!6XIF&1",
          "audience2": "232jwS6xavXHKXFwNe2396GmO!6XIF&2",
          "audience3": "332jwS6xavXHKXFwNe2396GmO!6XIF&3"
        },
        "domain2": {
          "audience3": "332jwS6xavXHKXFwNe2396GmO!6XIF&3"
        }
      }

auth-audience now looks like this

"jwt": {
      "domainedAudiences": {
        "domain1": {
          "audience1": "132jwS6xavXHKXFwNe2396GmO!6XIF&1",
          "audience2": "232jwS6xavXHKXFwNe2396GmO!6XIF&2",
          "audience3": "332jwS6xavXHKXFwNe2396GmO!6XIF&3",
          "issuer": "domained-test-issuer",
          "key": "Zz%TaLM0IM^Ub%I8evp&jdo#cqpBcoKa",
        },
        "domain2": {
          "audience3": "332jwS6xavXHKXFwNe2396GmO!6XIF&3",
          "issuer": "domained-test-issuer",
          "key": "vdEP5D-G_1vb~6i/hA)uVU$X|m{P00[{9"
        }
      }
@candleshine candleshine self-assigned this Aug 22, 2018
@candleshine
Copy link
Collaborator Author

In the scenario above, when a user requests tokens for domain1, the dictionary of tokens will be 4 tokens in length.
Token 1 will be the reflexive token = {domain: domain1, iss: domained-test-issuer, aud: domained-test-issuer, key: "Zz%TaLM0IM^Ub%I8evp&jdo#cqpBcoKa"
Token 2 = {domain: domain1, iss: domained-test-issuer, aud: audiene1, key: "132jwS6xavXHKXFwNe2396GmO!6XIF&1"
Token 3 = {domain: domain1, iss: domained-test-issuer, aud: audiene2, key: "232jwS6xavXHKXFwNe2396GmO!6XIF&2"
Token 4 = {domain: domain1, iss: domained-test-issuer, aud: audiene3, key: "332jwS6xavXHKXFwNe2396GmO!6XIF&3"

candleshine pushed a commit to candleshine/auth-native-authority that referenced this issue Aug 23, 2018
Resolves issue sakuraapi#42 new domained audience configuration
81f5d44
@etsuo etsuo added this to the 0.6.0 milestone Aug 23, 2018
etsuo added a commit that referenced this issue Aug 24, 2018
@etsuo
Merge pull request #43 from candleshine/develop
214b5db 
Resolves issue #42
@etsuo
Copy link
Member

etsuo commented Aug 24, 2018

released on 0.6.0

@etsuo etsuo closed this as completed Aug 24, 2018
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees

@candleshine candleshine

Labels
enhancement
Projects
None yet
Milestone
0.6.0
Development

No branches or pull requests
2 participants
@etsuo @candleshine