-
-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(oidc): jwt response for introspection #5840
Conversation
ArtifactsThese changes are published for testing on Buildkite, DockerHub and GitHub Container Registry. Docker Container
|
✅ Deploy Preview for authelia-staging ready!
To edit notification comments on pull requests, go to your Netlify site configuration. |
c2d624f
to
c289662
Compare
Codecov Report
Additional details and impacted files@@ Coverage Diff @@
## master #5840 +/- ##
==========================================
+ Coverage 73.03% 73.51% +0.47%
==========================================
Files 280 281 +1
Lines 23742 24056 +314
Branches 443 443
==========================================
+ Hits 17341 17685 +344
+ Misses 5657 5630 -27
+ Partials 744 741 -3
Flags with carried forward coverage won't be shown. Click here to find out more.
|
3e0a29c
to
b8b6168
Compare
b8b6168
to
52aa15e
Compare
de2f7b8
to
3f056d1
Compare
f0f098d
to
2f380e1
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Just a couple of nits and a question.
docs/content/en/configuration/identity-providers/openid-connect/clients.md
Outdated
Show resolved
Hide resolved
docs/content/en/configuration/identity-providers/openid-connect/clients.md
Outdated
Show resolved
Hide resolved
content: | ||
application/json: | ||
schema: | ||
$ref: '#/components/schemas/openid.spec.ErrorResponseGeneric' |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Does this cause a rendering issue with the OpenAPI spec?
This implements the standard for JWT encoded and signed responses from the introspection endpoint. This has been implemented as per the IETF draft https://www.ietf.org/archive/id/draft-ietf-oauth-jwt-introspection-response-12.html and as it is a draft and that draft is currently expired it should be noted that this implementation may be removed or changed without any regard for breaking changes. While these factors all point in the direction of this may never receive ratification the IANA has accepted registration of the metadata parameters for this specification. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
2f380e1
to
047a1ca
Compare
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
757c5d5
to
8c98fdd
Compare
This implements the standard for JWT encoded and signed responses from the introspection endpoint. This has been implemented as per the IETF draft https://datatracker.ietf.org/doc/html/draft-ietf-oauth-jwt-introspection-response and as it is a draft (it is also an expired draft) so it should be noted that this implementation may be removed or changed without any regard for breaking changes. While this factor points in the direction of this never receiving ratification the IANA has accepted registration of the metadata parameters for this specification which points to the fact that it probably will.