-
Notifications
You must be signed in to change notification settings - Fork 599
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
fix(jwt): state what happens when multiple JWTs are provided #6353
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
✅ Deploy Preview for kongdocs ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
This looks great, thank you! |
nowNick
added
review:general
Review for general accuracy and presentation. Does the doc work? Does it output correctly?
review:copyedit
Request for writer review.
labels
Oct 24, 2023
Kong rejects request when multiple JWTs were provided that differ from each other. Fix: #11796
nowNick
force-pushed
the
fix/clarify-varying-jwts-response
branch
from
October 24, 2023 10:41
b842c85
to
634e181
Compare
There's in fact a mention of this behaviour but it's in the plugin changelog: https://docs.konghq.com/hub/kong-inc/jwt/changelog/#changelog |
mheap
approved these changes
Oct 24, 2023
Guaris
added a commit
that referenced
this pull request
Nov 2, 2023
* DOCU-3435: Find in page counts hidden elements in the result This was caused due to the way the sidebar items (accordion items) expanded and collapsed. When an accordion item was "collapsed", its: max-height was set to 0 opacity was set to 1 so technically even though they were "hidden" to the naked eye, they were still "visible". This caused Chrome's and Firefox's find in page to count the supposedly "hidden" occurrences of the searched text as part of the results. Setting the visibility to hidden when the item is collapsed, and to visible when it is expanded fixed the issue. * fix: Kong for Kubernetes Enterprise (#6247) --------- Co-authored-by: Michael Heap <[email protected]> * fix: Kong for Kubernetes Enterprise (DB Mode) (#6279) --------- Co-authored-by: Michael Heap <[email protected]> * fix: Using multiple backend Services (#6332) * rewrite of the guide * Merge KIC 3.0 prerequisites in to KIC 2.x --------- Co-authored-by: Michael Heap <[email protected]> * Add Overlays for tag description [skip-ci] (#6271) * overlays * add descriptions overlays * update docs * Apply suggestions from code review Co-authored-by: lena-larionova <[email protected]> * update docs * one more update --------- Co-authored-by: lena-larionova <[email protected]> * Feat: Noname plugins for Kong (#6097) * updated _metadata to only select the security category * iryanb index examples schmeas 92523 * 92923 iryanb created 2 different _index.md documents for each plugin * 101223 noname kong plugin documentation edits * removed comma * reformat to use latest templates for third-party plugins * Formatting & grammar edits * clean up more formatting, align both plugins, turn examples into tabs * add Noname to linter dictionary * make linter happy --------- Co-authored-by: lena-larionova <[email protected]> * kgo: update docs with 1.0.2 (#6334) * add a note to FIPS index page (#6330) * add a note to FIPS index page KAG-2803 * format the note and use product name variable --------- Co-authored-by: lena-larionova <[email protected]> * Chore: Add search aliases for plugins (#6328) add search aliases for plugins * Update: SSH access note for instances deployed using Konnect Tech Preview install platforms (#6305) * Update: Add note about SSH access for instances deployed in AWS, Azure, or GCP Add a note about SSH access to Konnect data plane nodes when using the AWS, Azure, or GCP deployment styles and how it's not allowed directly but need to use the cloud provider tools. Raised in Slack: https://kongstrong.slack.com/archives/C03NRECFJPM/p1691689181346589 * apply small copy edits --------- Co-authored-by: Diana <[email protected]> * kgo: add 1.0.2 manifests (#6338) * feat(multiple-metrics): updated latency section and images (#6319) * feat(multiple-metrics): updated latency section and images * copy edits * shot-scraper * vale * update image --------- Co-authored-by: sichvoge <[email protected]> Co-authored-by: Angel <[email protected]> * noname security plugin metadata.yml fix (#6339) * noname metadata.yml fix * adjust phrasing for enterprise key in template --------- Co-authored-by: lena-larionova <[email protected]> * fix(deps): update non-major dependencies * fix: Enable Admission webhook (#6342) --------- Co-authored-by: Michael Heap <[email protected]> * Guide to migrate Zone CP from On-Prem Global CP to Konnect (#6320) * add guide to migrate Zone CP from on-prem Global to Konnect * Make copyedits and fix a few links and formatting issues Signed-off-by: Diana <[email protected]> * update the title in the sidebar, change zone to global in prerequisites * Add yq to Vale dictionary Signed-off-by: Diana <[email protected]> * Apply copyedits * add limitation and 2 diagrams * Add branded images and figure text for the images Signed-off-by: Diana <[email protected]> * Make copyedits, add a command for KDS TLS Signed-off-by: Diana <[email protected]> * Change KIC name to variable to appease Vale * Apply edits based on feedback Signed-off-by: Diana <[email protected]> * Remove mockup diagrams Signed-off-by: Diana <[email protected]> * Fix broken links Signed-off-by: Diana <[email protected]> --------- Signed-off-by: Diana <[email protected]> Co-authored-by: Diana <[email protected]> * chore(deps): bump kumahq/kuma-website from 4250ff55 to 8a35288f (#6312) Signed-off-by: kong-docs[bot] <[email protected]> Co-authored-by: kong-docs[bot] <[email protected]> * fix(jwt): state what happens when multiple JWTs are provided (#6353) fix(jwt): state what happens with many JWTs Kong rejects request when multiple JWTs were provided that differ from each other. Fix: #11796 * Automated Changelog update [skip ci] (#6351) * Automated changelog update * Add skip changelog tags and remove entries that should be skipped --------- Co-authored-by: kong-docs[bot] <[email protected]> Co-authored-by: Angel <[email protected]> * Update: reflect latest FIPS support status (#6286) * Update: reflect latest FIPS support status * Fix table conditional rendering Signed-off-by: Diana <[email protected]> --------- Signed-off-by: Diana <[email protected]> Co-authored-by: Diana <[email protected]> * Fix API URL in Konnect Custom Plugin docs (#6357) * Automated OAS Update (#6354) * Automated OAS update: api-specs/Konnect/v2/yaml/analytics-reports.yaml, api-specs/Konnect/v2/yaml/analytics-requests.yaml, api-specs/Konnect/v2/yaml/api-products.yaml, api-specs/Konnect/v2/yaml/audit-logs.yaml, api-specs/Konnect/control-planes-config/control-planes-config.yaml, api-specs/Konnect/v2/yaml/control-planes.yaml, api-specs/Konnect/v3/yaml/identity.yaml, api-specs/Konnect/v0/yaml/mesh-control-planes.yaml, apps/konnect-api/openapi/v2/portal-management/openapi.yaml * remove portal management api --------- Co-authored-by: lena.larionova <[email protected]> * fix(portal) remove examples with path in portal gui host (#6358) * fix: Using mtls-auth plugin (#6355) --------- Co-authored-by: Michael Heap <[email protected]> * Update cert-manager guide to use Kuma labels (#6371) Update cert-manager.md Kuma uses labels now instead of annotations. * Fix: Use placeholder token in TBAC examples instead of hashed value (#6365) Update enable-rbac.md As per SalesForce case: 00038584 the changed examples try to use the token value returned in Step 3 here: https://docs.konghq.com/gateway/latest/production/access-control/enable-rbac/#super-admin-creates-one-admin-for-each-team However this is a hashed value: https://docs.konghq.com/gateway/latest/admin-api/rbac/reference/ and not the actual user token which was set for adminA in Step 1 here: https://docs.konghq.com/gateway/latest/production/access-control/enable-rbac/#super-admin-creates-one-admin-for-each-team * noname description update (#6375) * Feat: Insomnia buttons for API catalog landing page (#6329) * add insomnia links to api catalog landing page * add insomnia buttons for konnect specs * upload missing specs and add insomnia buttons * styling adjustments * Chore: Update plugin submodule (#6378) update plugin submodule to fix 3.4 examples and introduce 3.5 * [Sitemap] Only include `latest` version for gateway-operator (#6376) * chore(deps): update docs from repo source Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com> * chore(deps): bump kumahq/kuma-website from 8a35288f to b95c7b8b Signed-off-by: kong-docs[bot] <[email protected]> * doc(kic) add GWAPI redirect instructions (#6335) * doc(kic) add GWAPI redirect instructions * feat(kic) modularize TLS config * fix(kic) formatting fixes * chore(kic) move test into TLS include * formatting and rewrite * fix a typo * Apply suggestions from code review --------- Co-authored-by: Rajakavitha Kodhandapani <[email protected]> Co-authored-by: Michael Heap <[email protected]> * chore(deps): update tj-actions/changed-files action to v40 * chore(deps): update actions/setup-node action to v4 * fix(deps): update non-major dependencies * Fix KIC prerequisites (#6399) * fix: fix changelog entry for openssl version bump (#6404) * fix: fix changelog entry for openssl version bump * remove duplicate openssl bumping in 3.4 * Fix: Add missing docker image options to Gateway install overview (#6380) add missing docker image options to install overview * fix(opentelemetry): address invalid request to set up plugin (#6406) The request documented to configure the Opentelemetry plugin is invalid because it uses a dot `.` in the name of the attribute, which is interpreted as a field separator in the curl form data. This updates the documentation without changing the example, using JSON instead of form data to allow passing a name that includes a dot. * fix: Rewriting hosts and paths (#6405) --------- Co-authored-by: Michael Heap <[email protected]> * WIP: Deprecated fields * WIP: Render the `shorthand_fields` in a different section * adjust deprecated params section formatting * fix: Integrate the Kong Ingress Controller with Prometheus/Grafana (#6409) --------- Co-authored-by: Michael Heap <[email protected]> * chore(deps): bump kumahq/kuma-website from b95c7b8b to a3c1ea24 (#6390) Signed-off-by: kong-docs[bot] <[email protected]> Co-authored-by: kong-docs[bot] <[email protected]> * docs(mesh): update docs and changelog (#6382) chore(deps): update docs from repo source Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com> Co-authored-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com> * fix(mesh): correct back link These pages are no longer in use in newer versions but the link was dead in 2.0.x and 2.1.x Signed-off-by: Charly Molter <[email protected]> * Automated OAS Update (#6359) Automated OAS update: api-specs/Konnect/v2/yaml/api-products.yaml, api-specs/Konnect/v2/yaml/portal-management.yaml * Fix mistake in auth0 markdown (#6417) Fix description for the `konnect_org_id` field. * fix: Using OIDC plugin (#6427) --------- Co-authored-by: Michael Heap <[email protected]> * Topnav tweaks (#6429) * Remove "We are hiring" button from top nav * Move "API Specs" to the "Docs" dropdown * Center left-side item on "Docs" and "Plugin Hub" dropdowns * Add "API Specs" to mobile sidebar * Add Kong Mesh specific policies to the migration script (#6414) add Kong Mesh specific policies to the migration script * Automated OAS Update (#6430) Automated OAS update: api-specs/Konnect/v2/yaml/portal-management.yaml * Update resource limit language (#6431) Update resource limit language * Automated Changelog update [skip ci] (#6394) * Automated changelog update * remove Kuma auto updates --------- Co-authored-by: kong-docs[bot] <[email protected]> Co-authored-by: Angel <[email protected]> --------- Signed-off-by: Diana <[email protected]> Signed-off-by: kong-docs[bot] <[email protected]> Signed-off-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com> Signed-off-by: Charly Molter <[email protected]> Co-authored-by: Fabian Rodriguez <[email protected]> Co-authored-by: Rajakavitha Kodhandapani <[email protected]> Co-authored-by: Michael Heap <[email protected]> Co-authored-by: lena-larionova <[email protected]> Co-authored-by: nn iryanb <[email protected]> Co-authored-by: Patryk Małek <[email protected]> Co-authored-by: Niklaus Schen <[email protected]> Co-authored-by: Dustin Dauncey <[email protected]> Co-authored-by: Diana <[email protected]> Co-authored-by: Christian Heidenreich <[email protected]> Co-authored-by: sichvoge <[email protected]> Co-authored-by: Daniella Freese <[email protected]> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Ilya Lobkov <[email protected]> Co-authored-by: kong-docs <[email protected]> Co-authored-by: kong-docs[bot] <[email protected]> Co-authored-by: Mikołaj Nowak <[email protected]> Co-authored-by: Wangchong Zhou <[email protected]> Co-authored-by: kong-apiops <[email protected]> Co-authored-by: lena.larionova <[email protected]> Co-authored-by: Nathan Bailey <[email protected]> Co-authored-by: Viktor Gamov <[email protected]> Co-authored-by: jamesgkong <[email protected]> Co-authored-by: kumahq[bot] <110050114+kumahq[bot]@users.noreply.github.com> Co-authored-by: Travis Raines <[email protected]> Co-authored-by: Qirui(Keery) Nie <[email protected]> Co-authored-by: Samuele <[email protected]> Co-authored-by: kong[bot] <123129154+kong[bot]@users.noreply.github.com> Co-authored-by: Charly Molter <[email protected]> Co-authored-by: Ross Kukulinski <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
review:copyedit
Request for writer review.
review:general
Review for general accuracy and presentation. Does the doc work? Does it output correctly?
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
A user asked to clarify the docs in scenario when multiple JWTs tokens are provided: Kong/kong#11796. With the change from some time ago: Kong/kong#9946 - kong rejects request when multiple JWTs were provided that differ from each other.
This PR explicitly states that the request will be rejected.
Testing instructions
Preview link: https://deploy-preview-6353--kongdocs.netlify.app/
A shortcut to the change: https://deploy-preview-6353--kongdocs.netlify.app/hub/kong-inc/jwt/
Checklist
main
for immediate publishing, or a release branch: e.g.release/gateway-3.2
,release/deck-1.17
)