Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Ignore principals validations with OIDC #1206

Merged
merged 1 commit into from
Jan 10, 2023
Merged

Ignore principals validations with OIDC #1206

merged 1 commit into from
Jan 10, 2023

Conversation

maraino
Copy link
Contributor

@maraino maraino commented Dec 15, 2022

Description

This PR will ignore principals validation when an OIDC provisioner is used. When the principals in the server do not match the principals given, the validation was failing, even if templates or webhooks set the proper principals. With this change, OIDC will not validate the principals and will just set the default ones (name, name@example.org) plus the ones in the templates.

This PR also includes a change in the templates to allow setting the provisioner to the $(step path)/ssh/config template

Related to smallstep/cli#807, #900 cc @Janhouse

This commit will ignore principals validation when an OIDC provisioner
is used. When the principals in the server does not match the principals
given the validation was failing, even if the proper principals were set
by templates or webhooks. With this change OIDC will not validate the
principals and just set the default ones (name, name@example.org) plus
the ones in the templates.

This commit also includes a change in the templates to allow to pass
a provisioner to the $(step path)/ssh/config template

Related to #807
@maraino maraino requested a review from dopey December 15, 2022 01:59
@github-actions github-actions bot added the needs triage Waiting for discussion / prioritization by team label Dec 15, 2022
@maraino maraino merged commit ad8a95c into master Jan 10, 2023
@maraino maraino deleted the oidc-principals branch January 10, 2023 19:33
@maraino maraino added this to the v0.23.1 milestone Jan 10, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
needs triage Waiting for discussion / prioritization by team
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants