Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add typ:JWT header to tokens #435

Merged
merged 1 commit into from
Aug 31, 2023
Merged

feat: add typ:JWT header to tokens #435

merged 1 commit into from
Aug 31, 2023

Conversation

muir
Copy link
Contributor

@muir muir commented Aug 29, 2023
edited
Loading

This tiny change adds a "typ":"JWT" header to the tokens created.

Alternatively, the Storage interface could be enhanced to allow user control over JWT headers.

Resolves #434

@codecov
Copy link

codecov bot commented Aug 29, 2023

Codecov Report

Merging #435 (e4a2a4f) into main (d7e8806) will not change coverage.
The diff coverage is 50.00%.

@@           Coverage Diff           @@
##             main     #435   +/-   ##
=======================================
  Coverage   53.29%   53.29%           
=======================================
  Files          74       74           
  Lines        5727     5727           
=======================================
  Hits         3052     3052           
  Misses       2415     2415           
  Partials      260      260
Files Changed Coverage Δ
pkg/op/signer.go 75.00% <50.00%> (ø)

mgiannakopoulos
mgiannakopoulos approved these changes Aug 29, 2023
View reviewed changes
Copy link

@mgiannakopoulos mgiannakopoulos left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚢 Ship IT!

@muhlemmer muhlemmer self-requested a review August 30, 2023 06:08
muhlemmer
muhlemmer approved these changes Aug 31, 2023
View reviewed changes
Copy link
Collaborator

@muhlemmer muhlemmer left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Alternatively, the Storage interface could be enhanced to allow user control over JWT headers.

For now this solution is fine. As RFC 7519, section-5.1 mentions, if provided it must be set to JWT. Allowing users to change this is asking for trouble. (And oidc doesn't support anything else than JWT anyway).

@muhlemmer muhlemmer merged commit 5ade1cd into zitadel:main Aug 31, 2023
7 of 8 checks passed
@github-actions
Copy link

🎉 This PR is included in version 2.9.0 🎉

The release is available on GitHub release

Your semantic-release bot 📦🚀

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mgiannakopoulos mgiannakopoulos mgiannakopoulos approved these changes

@muhlemmer muhlemmer muhlemmer approved these changes

Assignees
No one assigned
Labels
released
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Need to add a "typ":"JWT" header to my tokens
3 participants
@muir @muhlemmer @mgiannakopoulos