Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Add multiple audiences capability to JWT verification #57

Merged
merged 3 commits into from
Jul 12, 2018
Merged

Add multiple audiences capability to JWT verification #57

merged 3 commits into from
Jul 12, 2018

Conversation

joshcanhelp
Copy link
Contributor

  • Update Auth0Service to allow for array api_audience values
  • Add api_client_id config option to add the Client ID to the api_audience value
  • Add api_identifier_array config option to define an array of API audiences to allow

This is a non-breaking change that allows the original string definition for jwt_auth.api_identifier to continue working. If you just need to add the Client ID to the allowed audiences, add the new jwt_auth.api_client_id config option like so (using .env variables):

// app/config/config.yml
// ...
jwt_auth:
    domain: '%env(AUTH0_DOMAIN)%'
    authorized_issuer: "https://%env(AUTH0_DOMAIN)%/"
    api_identifier: '%env(AUTH0_AUDIENCE)%'
    api_client_id: '%env(AUTH0_CLIENT_ID)%'
// ...

If you instead want to define an array of audiences to use, do that like so:

// app/config/config.yml
// ...
jwt_auth:
    domain: '%env(AUTH0_DOMAIN)%'
    authorized_issuer: "https://%env(AUTH0_DOMAIN)%/"
    api_identifier_array:
      - '%env(AUTH0_AUDIENCE)%'
      - '%env(AUTH0_CLIENT_ID)%'
      - 'another-api-audience'
// ...

Closes #54

@joshcanhelp joshcanhelp added this to the v3-Next milestone Jul 11, 2018
cocojoe
cocojoe approved these changes Jul 12, 2018
View reviewed changes
Copy link
Member

@cocojoe cocojoe left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

👍

@joshcanhelp joshcanhelp merged commit aba4cfd into master Jul 12, 2018
@joshcanhelp joshcanhelp deleted the add-multiple-audience-support branch July 12, 2018 15:18
@github-actions github-actions bot locked as resolved and limited conversation to collaborators Sep 19, 2022
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Reviewers

@cocojoe cocojoe cocojoe approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
3.1.0
Development

Successfully merging this pull request may close these issues.

Allow multiple audiences in config
2 participants
@joshcanhelp @cocojoe