Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: respect OIDC providers' supported token signing algorithms (#9433) #9761

Merged
merged 2 commits into from Jun 22, 2022
Merged

fix: respect OIDC providers' supported token signing algorithms (#9433) #9761

merged 2 commits into from Jun 22, 2022

Conversation

crenshaw-dev
Copy link
Collaborator

@crenshaw-dev crenshaw-dev commented Jun 22, 2022
edited

This upgrades our go-oidc version to 2.2.1, which allows us to support the token signing algorithm advertised by the OIDC provider. (See the pull request on go-oidc.)

Fixes #9433

@crenshaw-dev
fix: respect OIDC providers' supported token signing algorithms (argo…
8c1d7f1 
…proj#9433)

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>
@crenshaw-dev crenshaw-dev requested a review from leoluz June 22, 2022 18:24
@crenshaw-dev
go mod tidy
c719657 
Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>
@codecov
Copy link

codecov bot commented Jun 22, 2022

Codecov Report

Merging #9761 (c719657) into master (2b53716) will increase coverage by 0.04%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master    #9761      +/-   ##
==========================================
+ Coverage   45.85%   45.90%   +0.04%     
==========================================
  Files         227      227              
  Lines       26795    26795              
==========================================
+ Hits        12286    12299      +13     
+ Misses      12840    12820      -20     
- Partials     1669     1676       +7
Impacted Files Coverage Δ
util/session/sessionmanager.go 72.41% <0.00%> (+4.98%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 2b53716...c719657. Read the comment docs.

leoluz
leoluz approved these changes Jun 22, 2022
View reviewed changes
Copy link
Collaborator

@leoluz leoluz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@crenshaw-dev crenshaw-dev merged commit 19cfbfd into argoproj:master Jun 22, 2022
@crenshaw-dev crenshaw-dev deleted the respect-oidc-provider-token-algs branch June 22, 2022 19:30
@crenshaw-dev crenshaw-dev added cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch labels Jun 27, 2022
crenshaw-dev added a commit that referenced this pull request Jun 27, 2022
@crenshaw-dev
fix: respect OIDC providers' supported token signing algorithms (#9433)…
c089f9a 
… (#9761)

* fix: respect OIDC providers' supported token signing algorithms (#9433)

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>

* go mod tidy

Signed-off-by: Michael Crenshaw <michael@crenshaw.dev>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@leoluz leoluz leoluz approved these changes

@zachaller zachaller zachaller approved these changes

Assignees
No one assigned
Labels
cherry-pick/2.3 Candidate for cherry picking into the 2.3 release branch cherry-pick/2.4 Candidate for cherry picking into the 2.4 release branch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

oidc: id token signed with unsupported algorithm, expected ["RS256"] got "RS512"
3 participants
@crenshaw-dev @leoluz @zachaller