[HOLD] [AAP-52033] Add Default JWT Algorithms from .well-known endpoint #821
+672
−4
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
20 tasks
zkayyali812
force-pushed
the
zk/AAP-50420-well-known
branch
from
ba959b1 to
6728570
Compare
zkayyali812
force-pushed
the
zk/AAP-50420-well-known
branch
from
6728570 to
75adf22
Compare
|
DVCS PR Check Results: PR appears valid (JIRA key(s) found) |
|
john-westcott-iv
changed the title
20 tasks
| on_delete=SET_NULL, | ||
| ) | ||
|
|
||
| def save_default_jwt_algorithms(self): |
There was a problem hiding this comment.
We should move this out of the model. It shouldn't know about specifics for requirements of any of the plugins.
john-westcott-iv
changed the title
john-westcott-iv
added a commit
that referenced
this pull request
Aug 25, 2025
## Description <!-- Mandatory: Provide a clear, concise description of the changes and their purpose --> - What is being changed? Updates the default for `JWT_ALGORITHMS`. If not specified, we will use the default from `OpenIdConnectAuth.JWT_ALGORITHMS` - Why is this change needed? This change is needed to ensure a sane default set of JWT_ALGORITHMS is applied, if none are specified. - How does this change address the issue? This change addresses the issue, by ensuring we apply a default, instead of specifying None. - This PR is an optional alternative to #821 ## Type of Change <!-- Mandatory: Check one or more boxes that apply --> - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] Documentation update - [ ] Test update - [ ] Refactoring (no functional changes) - [ ] Development environment change - [ ] Configuration change ## Self-Review Checklist <!-- These items help ensure quality - they complement our automated CI checks --> - [x] I have performed a self-review of my code - [x] I have added relevant comments to complex code sections - [x] I have updated documentation where needed - [x] I have considered the security impact of these changes - [x] I have considered performance implications - [x] I have thought about error handling and edge cases - [x] I have tested the changes in my local environment ## Testing Instructions <!-- Optional for test-only changes. Mandatory for all other changes --> <!-- Must be detailed enough for reviewers to reproduce --> ### Prerequisites <!-- List any specific setup required --> ### Steps to Test 1. Create a Generic OIDC authenticator without specifying any algorithms 2. Ensure default algorithm is populated upon save. 3. ### Expected Results <!-- Describe what should happen after following the steps --> ## Additional Context <!-- Optional but helpful information --> ### Required Actions <!-- Check if changes require work in other areas --> <!-- Remove section if no external actions needed --> - [ ] Requires documentation updates <!-- API docs, feature docs, deployment guides --> - [ ] Requires downstream repository changes <!-- Specify repos: django-ansible-base, eda-server, etc. --> - [ ] Requires infrastructure/deployment changes <!-- CI/CD, installer updates, new services --> - [ ] Requires coordination with other teams <!-- UI team, platform services, infrastructure --> - [ ] Blocked by PR/MR: #XXX <!-- Reference blocking PRs/MRs with brief context --> ### Screenshots/Logs <!-- Add if relevant to demonstrate the changes --> --------- Co-authored-by: John Westcott IV <[email protected]>
fosterseth
pushed a commit
to fosterseth/django-ansible-base
that referenced
this pull request
Sep 8, 2025
## Description <!-- Mandatory: Provide a clear, concise description of the changes and their purpose --> - What is being changed? Updates the default for `JWT_ALGORITHMS`. If not specified, we will use the default from `OpenIdConnectAuth.JWT_ALGORITHMS` - Why is this change needed? This change is needed to ensure a sane default set of JWT_ALGORITHMS is applied, if none are specified. - How does this change address the issue? This change addresses the issue, by ensuring we apply a default, instead of specifying None. - This PR is an optional alternative to ansible#821 ## Type of Change <!-- Mandatory: Check one or more boxes that apply --> - [x] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected) - [ ] Documentation update - [ ] Test update - [ ] Refactoring (no functional changes) - [ ] Development environment change - [ ] Configuration change ## Self-Review Checklist <!-- These items help ensure quality - they complement our automated CI checks --> - [x] I have performed a self-review of my code - [x] I have added relevant comments to complex code sections - [x] I have updated documentation where needed - [x] I have considered the security impact of these changes - [x] I have considered performance implications - [x] I have thought about error handling and edge cases - [x] I have tested the changes in my local environment ## Testing Instructions <!-- Optional for test-only changes. Mandatory for all other changes --> <!-- Must be detailed enough for reviewers to reproduce --> ### Prerequisites <!-- List any specific setup required --> ### Steps to Test 1. Create a Generic OIDC authenticator without specifying any algorithms 2. Ensure default algorithm is populated upon save. 3. ### Expected Results <!-- Describe what should happen after following the steps --> ## Additional Context <!-- Optional but helpful information --> ### Required Actions <!-- Check if changes require work in other areas --> <!-- Remove section if no external actions needed --> - [ ] Requires documentation updates <!-- API docs, feature docs, deployment guides --> - [ ] Requires downstream repository changes <!-- Specify repos: django-ansible-base, eda-server, etc. --> - [ ] Requires infrastructure/deployment changes <!-- CI/CD, installer updates, new services --> - [ ] Requires coordination with other teams <!-- UI team, platform services, infrastructure --> - [ ] Blocked by PR/MR: #XXX <!-- Reference blocking PRs/MRs with brief context --> ### Screenshots/Logs <!-- Add if relevant to demonstrate the changes --> --------- Co-authored-by: John Westcott IV <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Putting this PR on hold for now as it will be part of another JIRA eventually. JIRA# TBD.
Description
This PR is an optional alternative to #820
Type of Change
Self-Review Checklist
Testing Instructions
Prerequisites
Steps to Test
Expected Results
Additional Context
Required Actions
Screenshots/Logs