Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Show how to handle multiple OIDC token audiences #40683

Merged

Conversation

sberyozkin
Copy link
Member

Related to #40658

This PR updates a few OIDC wiremock tests to confirm that when code flow ID and access tokens have different audiences, then 2 options are available:

  • Set expected audience to any (with the expected follow up to use a custom Jose4JValidator - the test only checks that audience=any does not cause a failure and confirms that ID and access tokens do have different audiences)
  • Set expected audience to a list of all allowed audiences

@sberyozkin sberyozkin requested a review from gastaldi May 16, 2024 13:50
Copy link

quarkus-bot bot commented May 16, 2024

Status for workflow Quarkus CI

This is the status report for running Quarkus CI on commit a8ad8d9.

✅ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

You can consult the Develocity build scans.

@sberyozkin sberyozkin merged commit 2d4b470 into quarkusio:main May 16, 2024
19 checks passed
@quarkus-bot quarkus-bot bot added this to the 3.12 - main milestone May 16, 2024
@sberyozkin sberyozkin deleted the oidc_verify_id_and_access_token branch May 16, 2024 14:27
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants