proper verification of Token audiences when CF Access JWT has more than one audience
and the following project improvements:
adding plugin packaging for preview in pull requests, publishing as Github Actions Artifacts
adding semantic release when merging changes to master branch
Multiple audiences support
The plugin so far handled when the configuration had multiple audiences set but it was not expecting that the inbound CF Access JWT could have multiple audiences set.
The change now checks that the intersection of the config and the JWT has at least one match.
The scenario this happens is when Access is configured using wildcard URLs.
Project improvements
Having the plugin packages generate as part of the PR build will allow for easy testing of the changes in a product instance.
The same way automating the release creation in Github will allow to simplify the work to publish the plugin.
This changes introduces the follow feature:
and the following project improvements:
master
branchMultiple audiences support
The plugin so far handled when the configuration had multiple audiences set but it was not expecting that the inbound CF Access JWT could have multiple audiences set. The change now checks that the intersection of the config and the JWT has at least one match.
The scenario this happens is when Access is configured using wildcard URLs.
Project improvements
Having the plugin packages generate as part of the PR build will allow for easy testing of the changes in a product instance. The same way automating the release creation in Github will allow to simplify the work to publish the plugin.