Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(oidc): add expected fields #1156

Merged
merged 1 commit into from
Jul 10, 2024
Merged

fix(oidc): add expected fields #1156

merged 1 commit into from
Jul 10, 2024

Conversation

JordanSussman
Copy link
Collaborator

@JordanSussman JordanSussman commented Jul 8, 2024
edited

I spent some time over this weekend experimenting with the new OIDC feature and noticed that the /_services/token/.well-known/openid-configuration endpoint doesn't align with AWS's expected format for openid. AWS's documentation specifies the required fields, which you can find at https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_oidc.html#manage-oidc-provider-prerequisites. After updating the API response to include all of these fields, the issue was resolved.

openid documents the discovery endpoint schema within https://openid.net/specs/openid-connect-discovery-1_0.html.

@codecov Codecov
Copy link

codecov bot commented Jul 8, 2024

Codecov Report

Attention: Patch coverage is 0% with 7 lines in your changes missing coverage. Please review.

Project coverage is 52.15%. Comparing base (b24411e) to head (fcb364e).

Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##             main    #1156      +/-   ##
==========================================
- Coverage   52.16%   52.15%   -0.02%     
==========================================
  Files         550      550              
  Lines       18833    18839       +6     
==========================================
  Hits         9825     9825              
- Misses       8446     8452       +6     
  Partials      562      562
Files Coverage Δ
api/oi_config.go 0.00% <0.00%> (ø)

@JordanSussman JordanSussman marked this pull request as ready for review July 8, 2024 12:59
@JordanSussman JordanSussman requested a review from a team as a code owner July 8, 2024 12:59
wass3r
wass3r approved these changes Jul 10, 2024
View reviewed changes
Copy link
Collaborator

@wass3r wass3r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

thanks. lgtm. fwiw, also seems to align with what github itself uses: https://token.actions.githubusercontent.com/.well-known/openid-configuration

ecrupper
ecrupper approved these changes Jul 10, 2024
View reviewed changes
Copy link
Contributor

@ecrupper ecrupper left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thanks lgtm

@ecrupper ecrupper merged commit 02047db into main Jul 10, 2024
12 of 15 checks passed
@ecrupper ecrupper deleted the oidc-update branch July 10, 2024 14:00
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wass3r wass3r wass3r approved these changes

@ecrupper ecrupper ecrupper approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@JordanSussman @wass3r @ecrupper