Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

App access JWT improvements #12567

Merged
merged 2 commits into from
May 11, 2022
Merged

App access JWT improvements #12567

merged 2 commits into from
May 11, 2022

Conversation

r0mant
Copy link
Collaborator

@r0mant r0mant commented May 11, 2022

Couple improvements/fixes for app access' JWT integration. Specifically:

  • Include iat (IssuedAt) claim which wasn't present before. Some apps that support JWT auth require it.
  • Add ability to inject JWT in any header via {{internal.jwt}} template variable. With this change, you can for example have the following app configuration to pass JWT in Authorization header:
apps:
- name: "example"
  uri: http://localhost:9200
  rewrite:
    headers:
    - "Authorization: Bearer {{internal.jwt}}"

These changes are required to support JWT authentication in more applications. For example, with these changes I was able to successfully configure JWT authentication/authorization with ElasticSearch:

https://www.elastic.co/guide/en/elasticsearch/reference/current/jwt-realm.html

@r0mant r0mant requested a review from smallinsky May 11, 2022 00:11
smallinsky
smallinsky approved these changes May 11, 2022
View reviewed changes
constants.go Outdated Show resolved Hide resolved
docs/pages/application-access/guides/jwt.mdx Outdated Show resolved Hide resolved
ptgott
ptgott approved these changes May 11, 2022
View reviewed changes
docs/pages/application-access/guides/connecting-apps.mdx Outdated Show resolved Hide resolved
docs/pages/application-access/guides/jwt.mdx Outdated Show resolved Hide resolved
docs/pages/application-access/guides/jwt.mdx Outdated Show resolved Hide resolved
zmb3
zmb3 approved these changes May 11, 2022
View reviewed changes
Copy link
Collaborator

@zmb3 zmb3 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

bot.

@r0mant r0mant enabled auto-merge (squash) May 11, 2022 21:54
@r0mant r0mant merged commit 0b6fe72 into master May 11, 2022
@github-actions
Copy link

@r0mant See the table below for backport results.

Branch Result
branch/v9 Create PR

@r0mant r0mant mentioned this pull request May 11, 2022
Merged
@r0mant r0mant deleted the roman/esjwt branch May 11, 2022 22:22
@r0mant r0mant mentioned this pull request May 12, 2022
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ptgott ptgott ptgott approved these changes

@smallinsky smallinsky smallinsky approved these changes

@zmb3 zmb3 zmb3 approved these changes

@strideynet strideynet Awaiting requested review from strideynet

@xinding33 xinding33 Awaiting requested review from xinding33

Assignees
No one assigned
Labels
application-access documentation
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@r0mant @zmb3 @smallinsky @ptgott