Skip to content

[Security] Update web-token/jwt-library version and adjust checker parameters #57796

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jul 26, 2024
Merged

[Security] Update web-token/jwt-library version and adjust checker parameters #57796

merged 1 commit into from
Jul 26, 2024
+6 −6

Conversation

thibaut22200
Copy link
Contributor

@thibaut22200 thibaut22200 commented Jul 22, 2024
edited
Loading

Q A
Branch? 7.1
Bug fix? no
License MIT

Test failed on my Ubuntu, and on my Windows is OK. Differences between order in construct of Jose/Component/Checker/...

@thibaut22200 thibaut22200 requested a review from chalasr as a code owner July 22, 2024 09:31
@carsonbot carsonbot added this to the 7.1 milestone Jul 22, 2024
@carsonbot
Copy link

Hey!

Thanks for your PR. You are targeting branch "7.1" but it seems your PR description refers to branch "7.1 for bug fixes".
Could you update the PR description or change target branch? This helps core maintainers a lot.

Cheers!

Carsonbot

@carsonbot carsonbot changed the title Strange behavior for OidcTokenHandler [Security] Strange behavior for OidcTokenHandler Jul 22, 2024
@xabbuh
Copy link
Member

xabbuh commented Jul 22, 2024

Maybe we should backport #57694. In tests we don't use version 4 of web-token/jwt-library, but since we don't have a conflict rule for it consumers of symfony/security-http can use it and run into the issue this PR is going to fix.

@OskarStark OskarStark changed the title [Security] Strange behavior for OidcTokenHandler [Security] Strange behavior for OidcTokenHandler Jul 22, 2024
@nicolas-grekas
Copy link
Member

Better back port than conflict to me also.

@thibaut22200
Copy link
Contributor Author

Backport commit done @xabbuh @nicolas-grekas

@thibaut22200 thibaut22200 changed the title [Security] Strange behavior for OidcTokenHandler [SecurityBundle] Update web-token/jwt-library version and adjust checker parameters Jul 24, 2024
@carsonbot carsonbot changed the title [SecurityBundle] Update web-token/jwt-library version and adjust checker parameters [Security] Update web-token/jwt-library version and adjust checker parameters Jul 24, 2024
@thibaut22200 thibaut22200 force-pushed the oidc-token-handler-diff-for-checkers branch from f1e656d to e8ea16b Compare July 24, 2024 13:58
xabbuh
xabbuh requested changes Jul 24, 2024
View reviewed changes
Copy link
Member

@xabbuh xabbuh left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

looks like changes from #57767 slipped into this PR

@thibaut22200 thibaut22200 force-pushed the oidc-token-handler-diff-for-checkers branch 2 times, most recently from b349c2e to 6009932 Compare July 25, 2024 08:52
@thibaut22200
Copy link
Contributor Author

Oops, fixed @xabbuh

@fabpot fabpot force-pushed the oidc-token-handler-diff-for-checkers branch from 6009932 to 536cd72 Compare July 26, 2024 07:24
@fabpot
Copy link
Member

fabpot commented Jul 26, 2024

Thank you @thibaut22200.

@fabpot fabpot merged commit c2bafcd into symfony:7.1 Jul 26, 2024
1 check was pending
@thibaut22200 thibaut22200 deleted the oidc-token-handler-diff-for-checkers branch July 26, 2024 12:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fabpot fabpot fabpot approved these changes

@nicolas-grekas nicolas-grekas nicolas-grekas approved these changes

@xabbuh xabbuh xabbuh approved these changes

@chalasr chalasr Awaiting requested review from chalasr chalasr is a code owner

Assignees
No one assigned
Labels
Bug Security Status: Reviewed
Projects
None yet
Milestone
7.1
Development

Successfully merging this pull request may close these issues.
5 participants
@thibaut22200 @carsonbot @xabbuh @nicolas-grekas @fabpot