Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve OIDC compliance [SDK-976] #346

Merged
merged 7 commits into from
Feb 3, 2020
Merged

Improve OIDC compliance [SDK-976] #346

merged 7 commits into from
Feb 3, 2020

Conversation

Widcket
Copy link
Contributor

@Widcket Widcket commented Jan 31, 2020
edited by lbalmaceda
Loading

Changes

This update improves the SDK support for OpenID Connect. In particular, it modifies the sign in verification phase by substituting backchannel based checks with id_token validation

Public surface area

Additions
  • A public method in the Authentication API to retrieve the tenant’s JWKS data.
  • The JWKS and JWK models.
  • An extension to decode Base64URL data. This was made public as it’s the counterpart of the already-public a0_encodeBase64URLSafe().
  • A0SHA and A0RSA, ObjC classes from Guardian that implement a wrapper around some CommonCrypto functionality.
  • The leeway(_:) and maxAge(_:) methods in the WebAuth builder.
Changes

None.

Testing

  • This change adds unit test coverage
  • This change has been tested on the latest version of the platform/language or why not

Checklist

@Widcket Widcket added this to the vNext milestone Jan 31, 2020
@Widcket Widcket requested a review from a team January 31, 2020 17:48
@Widcket Widcket changed the title Improve OIDC compliance Improve OIDC compliance [SDK-976] Jan 31, 2020
cocojoe
cocojoe approved these changes Feb 3, 2020
View reviewed changes
Copy link
Member

@cocojoe cocojoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is a combination of previously approved PRs

@Widcket Widcket merged commit 934309b into master Feb 3, 2020
@Widcket Widcket deleted the feature/oidc-compliance branch February 3, 2020 13:08
@Widcket Widcket mentioned this pull request Feb 4, 2020
Merged
sam-w pushed a commit to LoungeBuddy/Auth0.swift that referenced this pull request Mar 11, 2020
@Widcket @sam-w
Improve OIDC compliance [SDK-976] (auth0#346)
9247691 
* Implement ID Token validation
sam-w added a commit to LoungeBuddy/Auth0.swift that referenced this pull request Mar 11, 2020
@sam-w
Revert "Improve OIDC compliance [SDK-976] (auth0#346)"
3b0ea45 
This reverts commit 9247691.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cocojoe cocojoe cocojoe approved these changes

Assignees
No one assigned
Labels
CH: Added P2: Very Important
Projects
None yet
Milestone
1.21.0
Development

Successfully merging this pull request may close these issues.

None yet
2 participants
@Widcket @cocojoe