[18.0][IMP] auth_jwt drop audience required #755
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Because it allows validating with a list of audiences.
Make it work with pyjwt.
This method is useful for public endpoints that need to work for anonymous user, but can be enhanced when an authenticated user is know. A typical use case is a "add to cart" enpoint that can work for anonymous users, but can be enhanced by binding the cart to a known customer when the authenticated user is known.
The unit tests were broken for non-functional reasons (interaction with the mock) and is easier to implement as integration test.
Distinguish errors that lead to a 401 from internal configuration errors.
Extract _parse_bearer_authorization function for easier reuse by fastapi_auth_jwt
Currently translated at 100.0% (64 of 64 strings) Translation: server-auth-16.0/server-auth-16.0-auth_jwt Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_jwt/es/
Currently translated at 89.0% (57 of 64 strings) Translation: server-auth-16.0/server-auth-16.0-auth_jwt Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_jwt/it/
Currently translated at 100.0% (64 of 64 strings) Translation: server-auth-16.0/server-auth-16.0-auth_jwt Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_jwt/it/
Currently translated at 100.0% (64 of 64 strings) Translation: server-auth-16.0/server-auth-16.0-auth_jwt Translate-URL: https://translation.odoo-community.org/projects/server-auth-16-0/server-auth-16-0-auth_jwt/it/
dnplkndll
force-pushed
the
18.0-imp-auth_jwt-drop-audience-required
branch
from
3504fb6 to
27e9456
Compare
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
support simple jwt token issuer like AWS cognito using a pool_id in the certificate path to segment the resource group
ref: https://stackoverflow.com/questions/53148711/why-doesnt-amazon-cognito-return-an-audience-field-in-its-access-tokens