Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Improve OIDC compliance [SDK-987] #225

Merged
merged 24 commits into from
Jun 10, 2020
Merged

Improve OIDC compliance [SDK-987] #225

merged 24 commits into from
Jun 10, 2020

Conversation

Widcket
Copy link
Contributor

@Widcket Widcket commented Jun 10, 2020

Changes

This update improves the SDK support for OpenID Connect. In particular, it modifies the sign in verification phase by substituting backchannel based checks with id_token validation.

This PR aggregates a series of previously reviewed and approved PRs:

Public surface area

Additions
  • A new public method in Auth0::Client called validate_id_token that performs ID Token validation.
  • Auth0::Algorithm::HS256 and Auth0::Algorithm::RS256, classes that represent the signing algorithms and encapsulate the logic to obtain the respective secret/public keys.
  • A new exception Auth0::InvalidIdToken.
Changes

None.

Testing

  • This change adds unit test coverage
  • This change adds integration test coverage
  • This change has been tested on the latest version of Ruby

Checklist

Widcket and others added 24 commits June 1, 2020 11:58
@Widcket
Implement signature verification
1cf795f
@Widcket
Add RS256 signature validation
bfdb243
@Widcket
Add remaining tests
edfd954
@Widcket
Remove comment
b21c07c
@Widcket
Add rubocop directives
5f4077b
@Widcket
Add doc comments
a2866c1
@Widcket
Remove extra whitespace
1bf5bd5
@Widcket @lbalmaceda
Update spec/lib/auth0/mixins/validation_spec.rb
053ffd6 
Co-authored-by: Luciano Balmaceda <[email protected]>
@Widcket
Address review feedback
efdf3fe
@Widcket
Address review feedback
64bc3aa
@Widcket
Use a simpler nil check
86d03e7
@Widcket
Add an aditional test case
50a80ea
@Widcket
Merge pull request #222 from auth0/idtv/signature-validation
2c8aa64 
Improve OIDC compliance: add signature validation support [SDK-987]
@Widcket
Implement claims validation
af0e198
@Widcket
Add additional test cases
a673132
@Widcket
Correct error message
ec06952
@Widcket
Merge pull request #223 from auth0/idtv/claims-validation
7addc63 
Improve OIDC compliance: add claims validation support [SDK-987]
@Widcket
Add IDTV documentation to the README
1b660d3
@Widcket
Update README.md
872bfad 
Co-authored-by: Steve Hobbs <[email protected]>
@Widcket
Update README.md
df7761e 
Co-authored-by: Steve Hobbs <[email protected]>
@Widcket
Address review comments
d51c42c
@Widcket
Update README.md
5c474cf
@Widcket
Add mention to JWKS
df41e57
@Widcket
Merge pull request #224 from auth0/idtv/documentation
f01252a 
Added IDTV documentation to the README [SDK-1670]
@Widcket Widcket added this to the v4.12.0 milestone Jun 10, 2020
@Widcket Widcket requested a review from a team June 10, 2020 21:17
@Widcket Widcket merged commit 240416c into master Jun 10, 2020
@Widcket Widcket deleted the feature/idtv branch June 10, 2020 23:23
@Widcket Widcket mentioned this pull request Jun 11, 2020
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lbalmaceda lbalmaceda lbalmaceda approved these changes

Assignees
No one assigned
Labels
CH: Added
Projects
None yet
Milestone
v4.12.0
Development

Successfully merging this pull request may close these issues.
2 participants
@Widcket @lbalmaceda