Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

identity/oidc: optional nonce parameter for authorize request #13231

Merged
merged 3 commits into from
Nov 22, 2021

Conversation

austingebauer
Copy link
Contributor

Overview

This PR makes the nonce parameter optional for the Authorization Endpoint published by Vault OIDC providers. It includes updates to documentation for this change.

Fixes #13204.

Additionally, this PR renames requiredClaims -> reservedClaims because it makes more sense as a variable name.

Testing

I've added test coverage to this PR. I also manually tested that the nonce isn't required and doesn't appear as an ID token claim when omitted.

@vercel vercel bot temporarily deployed to Preview – vault November 19, 2021 23:59 Inactive
@vercel vercel bot temporarily deployed to Preview – vault-storybook November 19, 2021 23:59 Inactive
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

OIDC provider: nonce should be optional in authorization code flow
3 participants