Open tegefaulkes opened 3 months ago
Any old claims on an identity will break the processing of that identity. Updating the parsing of claims will fix this. Currently we take it as read that the format will be valid if it was a valid claim. But we can have missing fields that we need to verify and handle gracefully.
If we fail to parse a claim on an identity, we need to just skip it with a warning and move on rather than fail to process all the claims.
Discovery may work without GitHub token cause it's supposed to be public, but this provider specific. If we are not authenticated in some providers, there should be an error or feedback indicating that this is not possible. Which is why we need a discovery queue introspection commands (possibly related to operational logs or general task inspection).
Specification
Given recent changes to identity claims, we saw a first hand example of failing to process a claim. In this case the claim was missing a field that we were expecting leading to a failure to process the claims.
So we need to make the following changes to handle this.
The version number is a simple addition. However when processing a claim we need to do more validation rather than just trusting that it is correct.
Additional context
Tasks