Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Suggested changes to AudienceValidation #2902

Merged
merged 2 commits into from
Oct 16, 2024
Merged

Suggested changes to AudienceValidation #2902

merged 2 commits into from
Oct 16, 2024

Conversation

brentschmaltz
Copy link
Member

Changes to AudienceValidation to help with consistency:

  1. Cache stack frames in AudienceValidationError to remove possibilitiy of use by other validators.
  2. Pass tokenAudience and validateAudiences to AudienceValidationError for increased fidelity.
  3. Attempt to resolve Exception in derived ValidationError first before calling base.
  4. Add ValidationFailureTypes to describe errors with increased fidelity.
  5. Use MessageDetail.NullParameter consistently for null parameter errors.

Some smaller items:
JsonWebTokenHandler set error to ValidationFailureType.SignatureAlgorithmValidationFailed, when algorithm is not valid.
LifetimeValidationError remove ctor that has inner validation error
Renamed IssuerValidationSource values to be more readable

@brentschmaltz brentschmaltz requested a review from a team as a code owner October 14, 2024 16:08
iNinja
iNinja requested changes Oct 15, 2024
View reviewed changes
Copy link
Contributor

@iNinja iNinja left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

For the most part this is great. There is one point that I can't agree with without having a proper discussion with @jmprieur and @jennyf19, mentioned in the review.

src/Microsoft.IdentityModel.JsonWebTokens/JsonWebTokenHandler.ValidateSignature.cs Show resolved Hide resolved
src/Microsoft.IdentityModel.Tokens/Validation/Results/Details/AudienceValidationError.cs Outdated Show resolved Hide resolved
.../Microsoft.IdentityModel.JsonWebTokens.Tests/JsonWebTokenHandlerValidationParametersTests.cs Show resolved Hide resolved
iNinja
iNinja approved these changes Oct 15, 2024
View reviewed changes
Copy link
Contributor

@iNinja iNinja left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

FuPingFranco
FuPingFranco approved these changes Oct 15, 2024
View reviewed changes
Copy link
Contributor

@FuPingFranco FuPingFranco left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, Thanks Brent!

@jennyf19
Copy link
Collaborator

For the most part this is great. There is one point that I can't agree with without having a proper discussion with @jmprieur and @jennyf19, mentioned in the review.

which is that?

FuPingFranco
FuPingFranco reviewed Oct 16, 2024
View reviewed changes
src/Microsoft.IdentityModel.Tokens/Validation/Validators.Issuer.cs
@@ -9,11 +9,12 @@
#nullable enable
namespace Microsoft.IdentityModel.Tokens
{
// TODO how do we extend this?
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Can we create a follow up issue to track this?

@HP712
Suggested changes to AudienceValidation
d466704 
Remove ISecurityTokenException
Some smaller cleanups
@brentschmaltz brentschmaltz force-pushed the brentsch/ValidationErrors branch from dd9c09a to 2312347 Compare October 16, 2024 16:12
@brentschmaltz brentschmaltz force-pushed the brentsch/ValidationErrors branch from 2312347 to b8ed842 Compare October 16, 2024 16:19
@brentschmaltz brentschmaltz merged commit abd7bd8 into dev Oct 16, 2024
6 checks passed
@brentschmaltz brentschmaltz deleted the brentsch/ValidationErrors branch October 23, 2024 21:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@FuPingFranco FuPingFranco FuPingFranco approved these changes

@iNinja iNinja iNinja approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@brentschmaltz @jennyf19 @iNinja @FuPingFranco @HP712