<!-- 
RSS generated by JIRA (9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66) at Thu Feb 08 08:25:58 UTC 2024

It is possible to restrict the fields that are returned in this document by specifying the 'field' parameter in your request.
For example, to request only the issue key and summary append 'field=key&field=summary' to the URL of your request.
-->
<rss version="0.92" >
<channel>
    <title>MongoDB Jira</title>
    <link>https://jira.mongodb.org</link>
    <description>This file is an XML representation of an issue</description>
    <language>en-us</language>    <build-info>
        <version>9.7.1</version>
        <build-number>970001</build-number>
        <build-date>13-04-2023</build-date>
    </build-info>


<item>
            <title>[DRIVERS-2601] OIDC: Automatic token acquisition for GCP Identity Provider</title>
                <link>https://jira.mongodb.org/browse/DRIVERS-2601</link>
                <project id="10980" key="DRIVERS">Drivers</project>
                    <description>&lt;div class=&quot;panel&quot; style=&quot;background-color: #fafbfc;border-color: #21313c;border-style: solid;border-width: 1px;&quot;&gt;&lt;div class=&quot;panelContent&quot; style=&quot;background-color: #fafbfc;&quot;&gt;
&lt;h3&gt;&lt;a name=&quot;Summary&quot;&gt;&lt;/a&gt;&lt;b&gt;Summary&lt;/b&gt;&lt;/h3&gt;
&lt;p&gt;This will come after OIDC implementation and the purpose of this followup work is to hook into GCP so that OIDC works on that platform.&lt;/p&gt;
&lt;/div&gt;&lt;/div&gt;</description>
                <environment></environment>
        <key id="2309055">DRIVERS-2601</key>
            <summary>OIDC: Automatic token acquisition for GCP Identity Provider</summary>
                <type id="4" iconUrl="https://jira.mongodb.org/secure/viewavatar?size=xsmall&amp;avatarId=14710&amp;avatarType=issuetype">Improvement</type>
                                            <priority id="10300" iconUrl="https://jira.mongodb.org/images/icons/priorities/medium.svg">Unknown</priority>
                        <status id="10033" iconUrl="https://jira.mongodb.org/images/icons/statuses/information.png" description="Status for tickets that need to be escalated and unblocked on our team.">Blocked</status>
                    <statusCategory id="4" key="indeterminate" colorName="inprogress"/>
                                    <resolution id="-1">Unresolved</resolution>
                                        <assignee username="matt.dale@mongodb.com">Matt Dale</assignee>
                                    <reporter username="steve.silvester@mongodb.com">Steve Silvester</reporter>
                        <labels>
                            <label>init-140-workload-ga</label>
                    </labels>
                <created>Thu, 6 Apr 2023 19:21:15 +0000</created>
                <updated>Mon, 11 Dec 2023 15:43:06 +0000</updated>
                                                                                    <votes>0</votes>
                                    <watches>4</watches>
                                                                                                                    <issuelinks>
                            <issuelinktype id="10011">
                    <name>Depends</name>
                                            <outwardlinks description="depends on">
                                        <issuelink>
            <issuekey id="2116020">DRIVERS-2415</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2362358">SERVER-77908</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2391288">DRIVERS-2672</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10620">
                    <name>Issue split</name>
                                            <outwardlinks description="split to">
                                        <issuelink>
            <issuekey id="2313106">CDRIVER-4611</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313108">CSHARP-4610</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313107">CXX-2672</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313109">GODRIVER-2806</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313110">JAVA-4932</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313112">MOTOR-1116</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313111">NODE-5193</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313114">PHPLIB-1108</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313113">PYTHON-3664</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313116">RUBY-3237</issuekey>
        </issuelink>
            <issuelink>
            <issuekey id="2313117">RUST-1627</issuekey>
        </issuelink>
                            </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10520">
                    <name>Problem/Incident</name>
                                            <outwardlinks description="causes">
                                                        </outwardlinks>
                                                        </issuelinktype>
                            <issuelinktype id="10012">
                    <name>Related</name>
                                                                <inwardlinks description="is related to">
                                        <issuelink>
            <issuekey id="2116227">DRIVERS-2416</issuekey>
        </issuelink>
                            </inwardlinks>
                                    </issuelinktype>
                    </issuelinks>
                <attachments>
                    </attachments>
                <subtasks>
                    </subtasks>
                <customfields>
                                                                                                                                                                                                                                                                                                            <customfield id="customfield_15850" key="com.atlassian.jira.plugins.jira-development-integration-plugin:devsummary">
                        <customfieldname>Development</customfieldname>
                        <customfieldvalues>
                            
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                    <customfield id="customfield_10951" key="com.atlassian.jira.plugin.system.customfieldtypes:radiobuttons">
                        <customfieldname>Driver Changes</customfieldname>
                        <customfieldvalues>
                                <customfieldvalue key="10748"><![CDATA[Needed]]></customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_23952" key="com.onresolve.jira.groovy.groovyrunner:scripted-field">
                        <customfieldname>Driver Compliance</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue><![CDATA[<style type='text/css'>
         #scriptField, #scriptField *{
                border: 1px solid black;
            }

            #scriptField{
                border-collapse: collapse;
            }

            #scriptField td {
                text-align: center; /* Center-align text in table cells */
            }

            #scriptField td.key {
                text-align: left; /* Left-align text in the Key column */
            }

            #scriptField a {
                text-decoration: none; /* Remove underlines from links */
                border: none; /* Remove border from links */
            }
            
            /* Add green background color to cells with FixVersion */
            #scriptField td.hasFixVersion {
                background-color: #00FF00; /* Green color code */
            }

            /* Center-align the first row headers */
            #scriptField th {
                text-align: center;
            }
        </style>
<table id='scriptField'>
  <tr>
    <th>Key</th>
    <th>Status/Resolution</th>
    <th>FixVersion</th>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/CDRIVER-4611'>CDRIVER-4611</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/CXX-2672'>CXX-2672</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/CSHARP-4610'>CSHARP-4610</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/GODRIVER-2806'>GODRIVER-2806</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/JAVA-4932'>JAVA-4932</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/NODE-5193'>NODE-5193</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/MOTOR-1116'>MOTOR-1116</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/PYTHON-3664'>PYTHON-3664</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/PHPLIB-1108'>PHPLIB-1108</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/RUBY-3237'>RUBY-3237</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
  <tr>
    <td class='key'>
      <a href='https://jira.mongodb.org/browse/RUST-1627'>RUST-1627</a>
    </td>
    <td>Blocked</td>
    <td class=''></td>
  </tr>
</table>]]></customfieldvalue>


                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_18362" key="com.atlassian.jira.plugin.system.customfieldtypes:userpicker">
                        <customfieldname>Engineering Lead</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>james.kovacs@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10857" key="com.pyxis.greenhopper.jira:gh-epic-link">
                        <customfieldname>Epic Link</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>DRIVERS-2415</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_18359" key="com.atlassian.jira.plugin.system.customfieldtypes:userpicker">
                        <customfieldname>Program Manager</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>jessica.sigafoos@mongodb.com</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_21553" key="com.atlassian.jira.plugin.system.customfieldtypes:labels">
                        <customfieldname>Quarter</customfieldname>
                        <customfieldvalues>
                                        <label>FY24Q3</label>
    
                        </customfieldvalues>
                    </customfield>
                                                                                            <customfield id="customfield_12550" key="com.pyxis.greenhopper.jira:gh-lexo-rank">
                        <customfieldname>Rank</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>2|i1m30o:</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                <customfield id="customfield_10558" key="com.pyxis.greenhopper.jira:gh-global-rank">
                        <customfieldname>Rank (Obsolete)</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>9223372036854775807</customfieldvalue>
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                        <customfield id="customfield_22279" key="com.atlassian.jira.plugin.system.customfieldtypes:labels">
                        <customfieldname>Server Compat</customfieldname>
                        <customfieldvalues>
                                        <label>7.2</label>
            <label>8.0</label>
    
                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                            <customfield id="customfield_21457" key="com.atlassian.jira.plugin.system.customfieldtypes:textarea">
                        <customfieldname>Upstream Changes Summary</customfieldname>
                        <customfieldvalues>
                            <customfieldvalue>&lt;p&gt;A new boolean field, useAuthorizationClaim, will be added to each element of the oidcIdentityProviders server parameter. The default value of this field will be true.&lt;br/&gt;
When useAuthorizationClaim is set to false, the authorizationClaim field of the oidcIdentityProviders server parameter is not expected to be provided as part of the configuration. This effectively enables internal authorization for all access tokens representing users from that identity provider.&lt;/p&gt;

&lt;p&gt;A new boolean field, supportsHumanFlows, will be added to each element of the oidcIdentityProviders server parameter. The default value of this field will be true.&lt;br/&gt;
When supportsHumanFlows is set to false, the clientId field of the oidcIdentityProviders is not expected to be provided as part of the configuration.&lt;br/&gt;
When supportsHumanFlows is set to false, the matchPattern field of the oidcIdentityProviders setParameter is optional. If there is just one IdP with supportsHumanFlows: true, then matchPattern is optional for that IdP, too, and any principal name hints will result in that human flow IdP&apos;s registration being returned to the driver. If there is more than one IdP with supportsHumanFlows: true, then matchPattern is mandatory for all of those IdPs.&lt;/p&gt;

&lt;p&gt;When authenticating to a server with MONGODB-OIDC, the server&apos;s first step SASL reply may omit `clientId` if the provided principal name hint matches an IdP with `supportsHumanFlows: false`. The server also will not consider any machine flow IdPs that have did not supply a `matchPattern` when selecting an IdP configuration to return for the first SASL reply.&lt;/p&gt;

&lt;p&gt;The exact-match usersInfo command will include an additional field called authorizationProvider that can resolve to one of &lt;/p&gt;
{OIDC, Internal, LDAP, X.509}
&lt;p&gt;. When provided, the server will attempt to resolve the user&apos;s roles using the requested authorization provider and return an error otherwise.&lt;/p&gt;</customfieldvalue>

                        </customfieldvalues>
                    </customfield>
                                                                                                                                                                                                                                                                                                                            </customfields>
    </item>
</channel>
</rss>