feat: Add support for capturing OIDC refresh tokens #7220
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
spacewander
reviewed
Jun 9, 2022
There was a problem hiding this comment.
Let's update the test in
apisix/t/plugin/openid-connect.t
Line 220 in 1b0c182
|
You can refer to the doc: https://github.com/apache/apisix/blob/master/docs/en/latest/internal/testing-framework.md |
|
Please update the test to make CI pass |
You need to update the order of the expected headers (they should be in alphabetic order) |
spacewander
approved these changes
Jun 14, 2022
tzssangglass
approved these changes
Jun 14, 2022
hongbinhsu
pushed a commit
to fitphp/apix
that referenced
this pull request
Jun 16, 2022
* upstream/master: (46 commits) docs: fix err in batch-processor (apache#7259) docs(deployment): sync design to online docs (apache#7256) feat(deployment): add structure of traditional role (apache#7249) fix(benchmark): write worker_processes into config.yaml (apache#7250) docs: correct the repo url (apache#7253) feat: Add support for capturing OIDC refresh tokens (apache#7220) feat(ssl): support get upstream cert from ssl object (apache#7221) chore: validate etcd conf strictly (apache#7245) fix(api-response): check response header format (apache#7238) fix: duplicate X-Forwarded-Proto will be sent as string (apache#7229) fix: distinguish different upstreams even they have the same addr (apache#7213) docs: make company on README more preciser (apache#7230) test: remove unused required etcd (apache#7225) fix: add debug yaml validation (apache#7201) change: remove upstream.enable_websocket which is deprecated since 2020 (apache#7222) docs: add re case on response-rewrite plugin (apache#7197) docs: add API Gateway keyword and AWS graviton3. (apache#7217) fix(response-rewrite): schema format error (apache#7212) docs(proxy-rewrite): remove empty space (apache#7210) chore: require http_stub_status_module exists (apache#7208) ...
spacewander
pushed a commit
that referenced
this pull request
Jun 30, 2022
Liu-Junlin
pushed a commit
to Liu-Junlin/apisix
that referenced
this pull request
Nov 4, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Add support for capturing OIDC refresh tokens in RP scenario. This is an important feature for people implementing BFF designs, especially considering refreshing the access token using previous techniques (such as hidden iframe) will, soon, not be available (Safari already blocks it).
This addition has been discussed in Slack and was implemented according to Zexuan Luo's recommendations:
https://the-asf.slack.com/archives/CUC5MN17A/p1654178597713989
The relevant English documentation is also updated.