Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

PXP-2799 Access token hash #786

Merged
merged 6 commits into from
Jul 9, 2020
Merged

PXP-2799 Access token hash #786

merged 6 commits into from
Jul 9, 2020

Conversation

vpsx
Copy link
Contributor

@vpsx vpsx commented Jun 15, 2020
edited

New Features

  • Include at_hash claim in id tokens where an access token is issued alongside

Improvements

  • Refactor UnsignedIDToken class in order to use both CodeIDToken and ImplicitIDToken from Authlib
  • id token validation is now sensitive to present auth flow type (some claims like nonce and at_hash are validated differently in implicit vs code flow)

@github-actions
Copy link

github-actions bot commented Jun 15, 2020
edited

The style in this PR agrees with black. ✔️

This formatting comment was generated automatically by a script in uc-cdis/wool.

@vpsx vpsx force-pushed the feat/at-hash branch 2 times, most recently from da9c573 to aec1ac1 Compare June 15, 2020 14:39
@coveralls
Copy link

coveralls commented Jun 15, 2020
edited

Pull Request Test Coverage Report for Build 9215

  • 20 of 24 (83.33%) changed or added relevant lines in 3 files are covered.
  • 2 unchanged lines in 1 file lost coverage.
  • Overall coverage increased (+0.03%) to 69.555%
Changes Missing Coverage Covered Lines Changed/Added Lines %
fence/jwt/token.py 17 19 89.47%
fence/oidc/jwt_generator.py 2 4 50.0%
Files with Coverage Reduction New Missed Lines %
fence/oidc/jwt_generator.py 2 48.15%
Totals Coverage Status
Change from base Build 9212: 0.03%
Covered Lines: 5273
Relevant Lines: 7581
💛 - Coveralls

@vpsx vpsx force-pushed the feat/at-hash branch 2 times, most recently from 2bd726f to 2d3e446 Compare June 24, 2020 19:11
@vpsx vpsx added the test-google-googleDataAccessTest setting label to retry specific feature label Jun 25, 2020
@paulineribeyre paulineribeyre self-requested a review June 29, 2020 20:04
@vpsx vpsx removed the test-google-googleDataAccessTest setting label to retry specific feature label Jul 2, 2020
@vpsx vpsx added the test-google-googleDataAccessTest setting label to retry specific feature label Jul 6, 2020
@vpsx vpsx merged commit 401f400 into master Jul 9, 2020
@vpsx vpsx deleted the feat/at-hash branch July 9, 2020 19:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@paulineribeyre paulineribeyre paulineribeyre approved these changes

Assignees
No one assigned
Labels
test-google-googleDataAccessTest setting label to retry specific feature
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@vpsx @coveralls @paulineribeyre