-
Notifications
You must be signed in to change notification settings - Fork 436
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Use auth to decrypt signature and use container name for audience #9775
Conversation
src/WebJobs.Script.WebHost/Security/Authentication/Jwt/ScriptJwtBearerExtensions.cs
Outdated
Show resolved
Hide resolved
The description of this PR should be updated so it describes the actual change being made. Also, it doesn't seem you're linking to the actual changes you're backporting from. I think you're trying to backport a portion of #9348? |
Updated the PR name and linked the PRs backporting from |
src/WebJobs.Script.WebHost/Security/Authentication/Jwt/ScriptJwtBearerExtensions.cs
Show resolved
Hide resolved
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Can you please make sure all PR details and information about the change are present?
Filled out the PR description with the changes in the PR |
@fabiocav could you have another look? |
e6a99f0
to
fc046a2
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Removing change request, but would like to make sure @mathewc approves as well
) * Update valid audience for legion applications during specialization * Update valid audience for legion applications during specialization P2 * fix inden * Use auth to decrypt signature * missed commit * Adding logger and audience/issuer validator back * fixing indentation * Revert indentation * Unit test to validate audience --------- Co-authored-by: Tony Choi <tonychoi@microsoft.com>
Backporting parts of #9325 and #9348
Issue describing the changes in this PR
Uses Container name as the valid audience for placeholders in Linux Consumption because sitename are not present when in placeholder mode. This PR also includes changes to accept signature as part of the token for container assignment.
Pull request checklist
release_notes.md