Loading...

XML

Word

Printable

JSON

Type: Task
Resolution: Fixed
Priority: Major - P3
Fix Version/s: 8.0.0-rc0, 7.0.9, 7.3.2
Affects Version/s: None
Component/s: None
Labels:
None

Assigned Teams:

Server Security
Backwards Compatibility:
Fully Compatible
Backport Requested:

v7.3, v7.0
Sprint:
Security 2024-03-04, Security 2024-03-18

Since IDPConfiguration issuers are no longer guaranteed to be unique, selecting the correct IDPConfiguration registration that should apply to an OIDC authentication attempt is no longer as simple as matching the IDPConfiguration's issuer to the token's issuer claim. The server must now also match the IDPConfiguration's audience to the token's audience claim.

duplicates

SERVER-86821 Use single JWKManager for multiple IDP configurations with the same issuer

Closed

Assignee:: Erwin Pe

Reporter:: Erwin Pe

Participants:: Erwin Pe, Githook User

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Created:: Feb 14 2024 06:53:12 PM UTC

Updated:: Apr 10 2024 06:23:51 PM UTC

Resolved:: Mar 08 2024 03:04:16 PM UTC

Details

Description

Attachments

Issue Links

Activity

People

Dates