Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oidc: add code challenge supported methods to the discovery doc #1127

Merged
merged 1 commit into from
Apr 19, 2022
Merged

oidc: add code challenge supported methods to the discovery doc #1127

merged 1 commit into from
Apr 19, 2022

Conversation

hectorj2f
Copy link
Contributor

@hectorj2f hectorj2f commented Apr 17, 2022
edited
Loading

Signed-off-by: hectorj2f hectorf@vmware.com

This PR includes the code_challenge_methods_supported key, as specified by https://datatracker.ietf.org/doc/html/rfc8414#section-2. If this key is omitted in the document, that'll mean the authorization server does not support PKCE. However the Supervisor does actually support and require PKCE, therefore we should add that key in the discovery document.

Fixes #1107

Release note:

oidc: add code challenge supported methods to the discovery document.

@hectorj2f hectorj2f mentioned this pull request Apr 18, 2022
Closed
cfryanr
cfryanr requested changes Apr 18, 2022
View reviewed changes
Copy link
Member

@cfryanr cfryanr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks for the PR @hectorj2f! I added a comment with a couple of suggestions.

internal/oidc/discovery/discovery_handler.go Outdated Show resolved Hide resolved
@hectorj2f hectorj2f force-pushed the add_code_challenge_method_support branch from 367bae1 to 8cec382 Compare April 18, 2022 23:19
@hectorj2f hectorj2f requested a review from cfryanr April 18, 2022 23:20
oidc: add code challenge supported methods
a3f7afa 
Signed-off-by: hectorj2f <hectorf@vmware.com>
@hectorj2f hectorj2f force-pushed the add_code_challenge_method_support branch from 8cec382 to a3f7afa Compare April 18, 2022 23:21
cfryanr
cfryanr approved these changes Apr 19, 2022
View reviewed changes
Copy link
Member

@cfryanr cfryanr left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved to run through CI.

@codecov
Copy link

codecov bot commented Apr 19, 2022
edited
Loading

Codecov Report

Merging #1127 (a3f7afa) into main (f5cf327) will increase coverage by 0.00%.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##             main    #1127   +/-   ##
=======================================
  Coverage   79.71%   79.72%           
=======================================
  Files         136      136           
  Lines       10059    10060    +1     
=======================================
+ Hits         8019     8020    +1     
  Misses       1768     1768           
  Partials      272      272
Impacted Files Coverage Δ
internal/oidc/discovery/discovery_handler.go 81.81% <100.00%> (+0.56%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update f5cf327...a3f7afa. Read the comment docs.

@margocrawf margocrawf merged commit c40bca5 into vmware-tanzu:main Apr 19, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@cfryanr cfryanr cfryanr approved these changes

Assignees
No one assigned
Labels
cla-not-required
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

code_challenge_methods_supported is missing in the OIDC Provider metadata
4 participants
@hectorj2f @cfryanr @margocrawf @vmwclabot