Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

allow multiple audiences #426

Closed
wants to merge 1 commit into from
Closed

allow multiple audiences #426

wants to merge 1 commit into from

Conversation

gruberlu
Copy link

Hey there!

This change allows for multiple allowed audiences when verifying a JWT (see #342 ).

I did not implement the suggested function signature func WithAudiences(auds []string, matchAll bool) ParserOption {} as this would either cause breaking changes or lead to confusion and unnecessary complexity as a separate option.

@gruberlu
allow multiple audiences

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode
Loading
Loading status checks…
48c6492
@oxisto
Copy link
Collaborator

oxisto commented Dec 24, 2024

Hey there!

This change allows for multiple allowed audiences when verifying a JWT (see #342 ).

I did not implement the suggested function signature func WithAudiences(auds []string, matchAll bool) ParserOption {} as this would either cause breaking changes or lead to confusion and unnecessary complexity as a separate option.

Can you elaborate how this would be a breaking change?

@gruberlu
Copy link
Author

You would either have two functions then (WithAudience and WithAudiences) which does not cause a breaking change but is a little confusing in my opinion or just have the new function WithAudiences which does break existing code.

shubham1172
shubham1172 reviewed Jan 15, 2025
View reviewed changes
parser_option.go
// WithAudience configures the validator to require the specified audience in
// the `aud` claim. Validation will fail if the audience is not listed in the
// token or the `aud` claim is missing.
// WithAudience configures the validator to require ONE of the specified
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A matchAll option would be useful here for users who want to ensure ALL audiences are present.
#342 (comment)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe #427 does just that, likely the implementation we'll go with.

Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I just saw that, thanks!

oxisto added a commit that referenced this pull request Feb 10, 2025
@oxisto
Implementing validation of multiple audiences
Loading
Loading status checks…
5eb0440 
This PR implements a validation option to validate multiple audiences. It takes ideas from #426 and #427, but implements a sleaker and cleaner design.

Fixes #342
@oxisto oxisto mentioned this pull request Feb 10, 2025
Open
@gruberlu
Copy link
Author

closed in favour of #433

@gruberlu gruberlu closed this Feb 20, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mfridman mfridman

@shubham1172 shubham1172

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@gruberlu @oxisto @mfridman @shubham1172