Support OIDC auth backends #398
Conversation
ghost
added
|
Any feedback on this PR? |
|
Do you plan to add bound_claims to the roles too? |
|
Our use case does not expect |
|
I will need that feature but do not want to force anyone to code it. |
|
Actually, not only As for |
|
awesome! |
| Type: schema.TypeString, | ||
| }, | ||
| }, | ||
| "bound_claims": { |
There was a problem hiding this comment.
wondering if that should be plural or singular
There was a problem hiding this comment.
Using plurals to be in line with Vault's documentation - https://www.vaultproject.io/api/auth/jwt/index.html
There was a problem hiding this comment.
Hi @sergeytrasko ! I noticed this isn't compiling for me when I try to run the tests:
# github.com/terraform-providers/terraform-provider-vault/vault [github.com/terraform-providers/terraform-provider-vault/vault.test]
./resource_jwt_auth_backend.go:27:19: undefined: jwtAuthType
| @@ -29,6 +28,15 @@ func jwtAuthBackendResource() *schema.Resource { | |||
| ValidateFunc: validateNoTrailingSlash, | |||
| }, | |||
|
|
|||
| "type": { | |||
There was a problem hiding this comment.
Should this be role_type to correspond with this?
There was a problem hiding this comment.
Not sure... This type belongs to auth backend not to a role.
Co-Authored-By: sergeytrasko <[email protected]>
|
Fixed compilation issue - it was result of incorrect merge from master. |
|
Awesome |
|
@tyrannosaurus-becks Does it seem ready from your side? Or is there something missing still? |
There was a problem hiding this comment.
@sergeytrasko this looks great! Thanks for all your work on this!
Support OIDC auth backends
Adding support for OIDC auth backends.
The implementation is an extension of JWT auth backend (reusing most of the logics) + adding some required attributes.
Documentation updated with examples and description of new attributes.
Tested with local Vault 1.1.1