Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Optmise IDX10503 #2436

Merged
merged 4 commits into from
Jan 10, 2024
Merged

Optmise IDX10503 #2436

merged 4 commits into from
Jan 10, 2024

Conversation

ciaozhang
Copy link
Contributor

What?
The keys tried during token validation are public keys used to validate the tokens and are listed on a public endpoint. They should be logged without PII to enable partner debugging more easily.

The text of the error should read instead "The token's kid is either missing or doesn't match any of the keys in the configuration" or similar to better reflect the flow as it's possible the token does have a kid, it just doesn't match the keys in config.

WI:
https://identitydivision.visualstudio.com/Engineering/_boards/board/t/Auth%20Client%20-%20AuthNZ%20-%20Customer%20trust/Backlog%20items/?workitem=2723627

@ciaozhang ciaozhang requested a review from TimHannMSFT January 4, 2024 22:01
Copy link
Contributor

@sruke sruke left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM!

Copy link
Member

@brentschmaltz brentschmaltz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

separate id's between JsonWebTokenHandler and JwtSecurityTokenHandler, have messages indicate that kid is found (and log) or empty.

Copy link
Collaborator

@jennyf19 jennyf19 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

:shipit:

@jennyf19 jennyf19 merged commit 54face8 into dev Jan 10, 2024
5 checks passed
@jennyf19 jennyf19 deleted the Xiao/IDX10503 branch January 10, 2024 17:59
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

5 participants