upstream/kubernetes
1
0
Fork 0
mirror of https://github.com/kubernetes/kubernetes.git synced 2026-03-08 00:20:39 -05:00
Code Issues Projects Releases Packages Wiki Activity Actions
kubernetes/plugin/pkg
History
Kubernetes Submit Queue 0341d3d358 Merge pull request #30944 from ericchiang/oidc-auth-provider-dont-trim-issuer 
Automatic merge from submit-queue

oidc auth provider: don't trim issuer URL

This mirrors a similar side fix for the API server authenticator.
Don't trim the issuer URL provided by the user since OpenID Connect
mandates that this URL exactly matches the URL returned by the
issuer during discovery.

This change only impacts clients attempting to connect to providers that
are non-spec compliant.

No test updates since this is already tested by the go-oidc client
package.

See: https://openid.net/specs/openid-connect-discovery-1_0.html#ProviderConfigurationValidation

Server side fix #29860
Updates #29749

cc @kubernetes/sig-auth @hanikesn
2016-08-19 15:48:46 -07:00
..
admission Add alpha annotations support to the PodSecurityPolicy provider 2016-08-17 10:14:36 -07:00
auth add subjectaccessreviews resource 2016-08-05 11:20:56 -04:00
client/auth oidc auth provider: don't trim issuer URL 2016-08-18 16:37:50 -07:00
scheduler Merge pull request #30609 from m1093782566/update-comment-info 2016-08-19 15:47:33 -07:00
webhook Func note not consistent with real fun name 2016-07-16 10:25:01 +08:00