Skip to content

Support tokens without kid when using multiple oauth providers and/or resource servers (backport #11965) (backport #12171) #12173

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 4 commits into from
Aug 29, 2024
Merged

Support tokens without kid when using multiple oauth providers and/or resource servers (backport #11965) (backport #12171) #12173

merged 4 commits into from
Aug 29, 2024

Conversation

@mergify
Copy link

@mergify mergify bot commented Aug 29, 2024

Proposed Changes

  • Support configuration of signing_keys, default_key and algorithms on each oauth provider under oauth2.oauth_providers
  • Do not delete statically configured signing keys when signing keys are loaded from a jwks endpoint. Instead, static signing keys are merged with those dynamically loaded, either via jwks endpoint or via rabbitmqctl. In case of a matching kid, the dynamic key overrides the static key
  • Support tokens without kid when using multiple resource_server(s) and/or when using multiple oauth_provider(s) (This addresses a known issue)
  • Add more test coverage

There is a doc PR accompanying this PR.

This is an automatic backport of pull request #11965 done by [Mergify](https://mergify.com).
This is an automatic backport of pull request #12171 done by [Mergify](https://mergify.com).

@MarcialRosales @mergify
Support tokens without kid when using multiple resources
a88b6e2 
(cherry picked from commit 77e8172)
(cherry picked from commit 94aa019)
@MarcialRosales @mergify
Add more test cases
91a16b7 
(cherry picked from commit 72b6bbd)
(cherry picked from commit b1be096)
@MarcialRosales @mergify
Improve formatting and add misisng test case
4d6a19d 
(cherry picked from commit 18bd43a)
(cherry picked from commit ad47188)
@MarcialRosales @mergify
Test merge signing keys when using oauth_providers
6d7236f 
(cherry picked from commit 17ca51d)
(cherry picked from commit fe4cf43)
@mergify mergify bot added the bazel label Aug 29, 2024
@michaelklishin michaelklishin added this to the 3.13.8 milestone Aug 29, 2024
@michaelklishin michaelklishin merged commit 504de57 into v3.13.x Aug 29, 2024
@michaelklishin michaelklishin deleted the mergify/bp/v3.13.x/pr-12171 branch August 29, 2024 21:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

3.13.8

Development

Successfully merging this pull request may close these issues.

3 participants

@michaelklishin @MarcialRosales