Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Do not create session and PKCE encryption keys if only bearer tokens are expected #33476

Merged
merged 1 commit into from
May 19, 2023
Merged

Do not create session and PKCE encryption keys if only bearer tokens are expected #33476

merged 1 commit into from
May 19, 2023

Conversation

sberyozkin
Copy link
Member

Fixes #33475.

Session cookie and PKCE verifier encryption keys are only relevant when Users are authenticating into quarkus.oidc.application-type=web-app or quarkus.oidc.application-type=hybrid, when Quarkus itself manages authorization code flow.

This PR avoids creating such keys when only bearer tokens are expected - PKCE and session encryption will never be used in such cases.

@sberyozkin sberyozkin requested a review from gsmet May 18, 2023 15:00
@sberyozkin
Copy link
Member Author

Hi @gsmet, can you please have a look, minor update to avoid unexpected log warnings, and please backmerge to 2.13 as a follow up to #33414

Thanks

@quarkus-bot

This comment has been minimized.

Sign in to view
@sberyozkin sberyozkin requested a review from pedroigor May 19, 2023 13:08
@sberyozkin sberyozkin force-pushed the fix_secret_key_warning branch from bfdf445 to a5ae97e Compare May 19, 2023 14:40
@sberyozkin sberyozkin force-pushed the fix_secret_key_warning branch from a5ae97e to 77d1bb9 Compare May 19, 2023 14:45
@quarkus-bot
Copy link

quarkus-bot bot commented May 19, 2023

✔️ The latest workflow run for the pull request has completed successfully.

It should be safe to merge provided you have a look at the other checks in the summary.

@sberyozkin sberyozkin merged commit f7a6c85 into quarkusio:main May 19, 2023
@sberyozkin sberyozkin deleted the fix_secret_key_warning branch May 19, 2023 18:11
@quarkus-bot quarkus-bot bot added this to the 3.2 - main milestone May 19, 2023
@sberyozkin
Copy link
Member Author

Thanks @pedroigor,.
Hi @gsmet, this is now merged, it is a safe, the only goal is to avoid confusing log messages, please consider backporting to 2.13

@gsmet gsmet modified the milestones: 3.2 - main, 3.1.0.Final May 23, 2023
@gsmet gsmet modified the milestones: 3.1.0.Final, 2.13.8.Final May 23, 2023
@michalvavrik michalvavrik mentioned this pull request Jun 6, 2023
Merged
9 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@pedroigor pedroigor pedroigor approved these changes

@gsmet gsmet Awaiting requested review from gsmet

Assignees
No one assigned
Labels
area/oidc kind/bugfix
Projects
None yet
Milestone
2.13.8.Final
Development

Successfully merging this pull request may close these issues.

Warning message if quarkus.oidc.application-type=service
3 participants
@sberyozkin @pedroigor @gsmet