-
Notifications
You must be signed in to change notification settings - Fork 2.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[extension/oidcauthextension] oidc ignore client/audience support #36569
base: main
Are you sure you want to change the base?
Conversation
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Besides the previous comments, this PR would also need user-facing documentation (README), and a changelog entry. Take a look at the contributing guidelines at the root of this repo for instructions on what to do.
f06b3fd
to
d388873
Compare
d388873
to
cf1aa2c
Compare
I have made my first attempt at those changes now. Hopefully they are close to correct. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Nice, it looks great, thank you! I think you still need to sign the CLA. I'll approve CI to run as well, there might be a failure or two (linters!), but from my side, this is LGTM.
cf1aa2c
to
4b67c0e
Compare
Cool! CLA is in progress. Fixed a lint failure. |
I started the build again. Ping me once the CI is green and I'll merge this. |
4b67c0e
to
e9cc216
Compare
@jpkrohling I think I have it now. There was another lint issue related to formatting, I believe, that should now be fixed. The error was confusing to me, and the linter is crashing locally. Hopefully I got it. Not super experienced with Go. Thanks for the help. |
CI started again. |
e9cc216
to
c2d1870
Compare
@jpkrohling Missed a lint error. Fixed now. I did get the linter running by temporarily locally bumping to golangci-lint v1.60.1 |
CI started 🤞🏽 |
Adds support for ignoring the audience/clientid in OIDC.
go-oidc has a config option for this, and the PR lets the collector use it.
Fixes 36568
I built a custom collector, and tested with a couple of aws cognito app id / client ids and JWTs from them with and without the option enabled. Also added a unit test.
Not sure what I should add to the readme, or if other documentation needs updated. Figured I would find out of the property names seemed ok first.