Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat: check access token for group attribute as well; fix #43 #46

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

hahahannes
Copy link

This will add the feature of checking the access token for the OIDC_GROUPS_ATTRIBUTE. This is useful for cases where the needed value is stored in the access token and not in the user info token

@hahahannes hahahannes changed the title check access token for group attribute as well; fix #43 feat: check access token for group attribute as well; fix #43 Oct 24, 2024
@kharkevich
Copy link
Member

@hahahannes thanks for your PR, could you please check #54 probably it will work for you. Otherwise, please update your PR in accordance with the new project structure

@NeroBlackstone
Copy link

This problem still exists in the latest 3.0 version, maybe you need to re-fork and fix it on the latest branch?
(This is a useful fix, great job

@hahahannes
Copy link
Author

Yeah, I will rebase! @NeroBlackstone

Copy link

Quality Gate Failed Quality Gate failed

Failed conditions
C Maintainability Rating on New Code (required ≥ A)
D Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

@@ -724,14 +726,21 @@
is_admin = False
user_groups = []

decoded_access_token = jwt.decode(access_token, audience=AppConfig.get_property("OIDC_AUDIENCE"), options={"verify_signature": False})

Check failure

Code scanning / SonarCloud

JWT should be signed and verified High

Don't use a JWT token without verifying its signature. See more on SonarQube Cloud
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

3 participants