Make a unique nonce as optional check in jwtproxy #10090
Assignees
Labels
kind/enhancement
A feature request - must adhere to the feature request template.
status/open-for-dev
An issue has had its specification reviewed and confirmed. Waiting for an engineer to take it.
Comments
sleshchenko
added
kind/enhancement
9 tasks
20 tasks
8 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
There is a plan to secure tooling servers with authentication that are done by coreos/jwtproxy. But there is a thing that prevents us to use it: a requirement to use a unique nonce for each request.
While the main client of tooling servers is IDE in a browser, where is no a way to generate a token, because it is not secure to provide a client with a private key. So, we are not able to provide new token from server side for each client's request. It is why do we need to disable this check.
It is planned to create a fork and make these changes there, build custom image and use it.
For the same time, create a PR to coreos/jwtproxy and when it will be merged just configure it and use default
jwtproxyimageOS and version:
Diagnostics:
The text was updated successfully, but these errors were encountered: