Skip to content

v0.13.205

Choose a tag to compare

View all tags
@zalando-robot zalando-robot released this 04 May 16:10
v0.13.205
d457473
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

Changes

resolve Aggregated and Distributed Claims (#1962)
fixes: #1955
This solution is scoped to Azure behaviour, taking into account the specs from
https://openid.net/specs/openid-connect-core-1_0.html#AggregatedDistributedClaims
There are some Azure related API calls included but trying to support other providers, which is though unknown at this time.
it transforms a distributed claim

{
    "_claim_names": {
        "groups": "src1"
    },
    "_claim_sources": {
        "src1": {
            "endpoint": "https://graph.windows.net/.../getMemberObjects"
        }
    }
}

into a full populated token, which is saved in statebag and in the cookie for follow up processing

{
    "_claim_names": {
        "groups": "src1"
    },
    "_claim_sources": {
        "src1": {
            "endpoint": "https://graph.windows.net/.../getMemberObjects"
        }
    },
    "groups": [
        "group1",
        "group2",
        ...
    ]
}

Docker image

Docker image is available in Zalando's Open Source registry:

docker run -it registry.opensource.zalan.do/teapot/skipper:v0.13.205 skipper --help
# arm64
docker run -it registry.opensource.zalan.do/teapot/skipper-arm64:v0.13.205 skipper --help
# arm v7 32bit
docker run -it registry.opensource.zalan.do/teapot/skipper-armv7:v0.13.205 skipper --help
Assets 8
Loading