Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve OIDC named tenant-specific configuration exceptions and make sure userinfo/token verification is enforced for named tenants #39486

Merged
merged 1 commit into from
Mar 15, 2024
Merged

Improve OIDC named tenant-specific configuration exceptions and make sure userinfo/token verification is enforced for named tenants #39486

merged 1 commit into from
Mar 15, 2024

Conversation

michalvavrik
Copy link
Member

@michalvavrik michalvavrik commented Mar 15, 2024
edited
Loading

#39458 follow up

  • ensures the enforcement works for named tenants
  • improves reporting of tenant config properties for it is very hard to determine what tenant the exception is about in multitenant project (if you have no other clue); I can tell you investigations in OIDC Wiremock can be hell without this. In addition, I think it can be confusing to users that we report default tenant property but other must be changed.

@quarkus-bot quarkus-bot

This comment has been minimized.

Sign in to view
@michalvavrik
Copy link
Member Author

CodeFlowTest will need investigation, it's not a bug, but the way we wrote tests. I'll fix it.

@michalvavrik michalvavrik force-pushed the feature/tweak-user-info-enforcement branch from 0e3232b to 0e80675 Compare March 15, 2024 17:53
@quarkus-bot quarkus-bot
Copy link

quarkus-bot bot commented Mar 15, 2024
edited by github-actions bot
Loading

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit 0e80675.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

@sberyozkin sberyozkin merged commit 0a09340 into quarkusio:main Mar 15, 2024
22 checks passed
@quarkus-bot quarkus-bot bot added this to the 3.10 - main milestone Mar 15, 2024
@michalvavrik michalvavrik deleted the feature/tweak-user-info-enforcement branch March 16, 2024 08:17
@michalvavrik michalvavrik mentioned this pull request May 4, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sberyozkin sberyozkin sberyozkin approved these changes

Assignees
No one assigned
Labels
area/oidc release/breaking-change
Projects
None yet
Milestone
3.10.0.CR1
Development

Successfully merging this pull request may close these issues.
2 participants
@michalvavrik @sberyozkin