Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat: add IAP and additional claims support #268

Merged
merged 5 commits into from
Jan 30, 2018
Merged

feat: add IAP and additional claims support #268

merged 5 commits into from
Jan 30, 2018

Conversation

JustinBeckwith
Copy link
Contributor

@JustinBeckwith JustinBeckwith commented Jan 25, 2018
edited
Loading

Adds support for additionalClaims to JWT, and an example of using it to work with the Identity Aware Proxy (IAP). Resolves #134 🤘

@JustinBeckwith JustinBeckwith requested review from ofrobots and a team January 25, 2018 17:43
@googlebot googlebot added the cla: yes This human has signed the Contributor License Agreement. label Jan 25, 2018
kjin
kjin approved these changes Jan 25, 2018
View reviewed changes
Copy link
Contributor

@kjin kjin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM w/ question.

src/auth/jwtclient.ts Outdated
// TODO: There is some duplication between the code in google/node-gtoken
// and the code in JWTAccess. This particular code path needs to be
// further rationalized.
if (!this.access) {

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

ofrobots
ofrobots reviewed Jan 26, 2018
View reviewed changes
src/auth/jwtaccess.ts Outdated
};
const payload = Object.assign(
{iss: this.email, sub: this.email, aud: authURI, exp, iat},
additionalClaims);

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

@codecov-io
Copy link

codecov-io commented Jan 26, 2018
edited
Loading

Codecov Report

Merging #268 into master will increase coverage by 0.16%.
The diff coverage is 100%.

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #268      +/-   ##
==========================================
+ Coverage   93.91%   94.08%   +0.16%     
==========================================
  Files          13       13              
  Lines         838      845       +7     
  Branches      182      186       +4     
==========================================
+ Hits          787      795       +8     
+ Misses         51       50       -1
Impacted Files Coverage Δ
src/auth/jwtaccess.ts 96.36% <100%> (+0.36%) ⬆️
src/auth/oauth2client.ts 93.47% <100%> (+0.36%) ⬆️
src/auth/jwtclient.ts 95.45% <100%> (+0.1%) ⬆️

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 730d4b7...86e8f63. Read the comment docs.

ofrobots
ofrobots reviewed Jan 27, 2018
View reviewed changes
src/auth/jwtaccess.ts Outdated
secret: this.key
};
// NOTE: Users can also override the values for iss / sub / aud / etc
// with additionalClaims.

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

@JustinBeckwith
Copy link
Contributor Author

FYI @matthewg

@JustinBeckwith
Copy link
Contributor Author

@ofrobots ping :)

ofrobots
ofrobots approved these changes Jan 30, 2018
View reviewed changes
Copy link
Contributor

@ofrobots ofrobots left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM w/ nit.

src/auth/jwtaccess.ts Outdated
// if additionalClaims are provided, ensure they do not collide with
// other required claims.
if (additionalClaims) {
['iss', 'sub', 'aud', 'exp', 'iat'].forEach(claim => {

This comment was marked as spam.

Sign in to view

This comment was marked as spam.

Sign in to view

@JustinBeckwith JustinBeckwith merged commit 0803242 into googleapis:master Jan 30, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kjin kjin kjin approved these changes

@ofrobots ofrobots ofrobots approved these changes

Assignees
No one assigned
Labels
cla: yes This human has signed the Contributor License Agreement.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@JustinBeckwith @codecov-io @ofrobots @kjin @googlebot