Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enable Proof-of-possession check #402

Closed
wolf4ood opened this issue Jul 17, 2024 · 0 comments · Fixed by #403
Closed

Enable Proof-of-possession check #402

wolf4ood opened this issue Jul 17, 2024 · 0 comments · Fixed by #403
Assignees
@wolf4ood
Labels
enhancement New feature or request

Comments

@wolf4ood
Copy link
Contributor

Feature Request

Currently in AccessTokenVerifierImpl we verify that si_token.sub == access_token.sub but we only issue a warning.

We should return a failure if a proof of possession check is failing
@wolf4ood wolf4ood added the enhancement New feature or request label Jul 17, 2024
@wolf4ood wolf4ood self-assigned this Jul 17, 2024
@github-actions github-actions bot added the triage all new issues awaiting classification label Jul 17, 2024
@wolf4ood wolf4ood mentioned this issue Jul 17, 2024
Merged
@wolf4ood wolf4ood removed the triage all new issues awaiting classification label Jul 17, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@wolf4ood wolf4ood

Labels
enhancement New feature or request
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

feat: enable proof of possession check on token validation wolf4ood/IdentityHub
1 participant
@wolf4ood