DJCrabhat
DJCrabhat
I'm sorry for all the dumb commits and merge conflicts, I shoulda rebased off master, realized the PR I based this off of was outdated. I'm still learning the finer...
Saw your remediation of the the jwt library, so I'm not too worried about the WhiteSource CVE. PS: I'm deep in OIDC/OAuth specs nowadays, and the "audience can be a...
This is probably horribly out of date now
We designed a custom OIDC system where that's all UserInfo is giving back (and checking token's validity). Per https://openid.net/specs/openid-connect-core-1_0.html#UserInfoResponse > The sub (subject) Claim MUST always be returned in the...
@bnfinet will compile and test locally tomorrow (hopefully). Once I get that going I'd be happy to take a whack at getting it well exercised in the tests.
Talked in contributor call this week, we're gonna really make it happen!
That sounds great, count me in. Sorry I couldn't be at contributors meeting today, but I also digested the Google doc and have a prototype helm chart that I'll cleanup...
Was surprised by this today, too. In my dreams, "@AuthenticationPrincipal" could work just like it does on a controller, giving me access to the JWT that the Spring Security stack...