search

octo-sts / app

A GitHub App that acts like a Security Token Service (STS) for the Github API
Apache License 2.0
101 stars 12 forks source link

Add support for customizing acceptable `aud` #259

Open mattmoor opened 2 months ago

mattmoor commented 2 months ago

Today you can't really customize the aud from most SSO flows.

Today this is checked here: https://github.com/octo-sts/app/blob/1fc549c0973c27a9aba0257626d1903486dee2d9/pkg/octosts/octosts.go#L116-L118

We could check this here (and default to octo-sts.dev): https://github.com/octo-sts/app/blob/1fc549c0973c27a9aba0257626d1903486dee2d9/pkg/octosts/trust_policy.go#L131-L134

pdeslaur commented 1 week ago

+1 - I could really use this for integration with Google's AppScript!