Closed jasquat closed 3 weeks ago
The recent modifications streamline the GitHub workflow by removing specific branches from triggering actions and enhance security by bolstering JWT decoding and validation in the SpiffWorkflow backend. These changes include adding new configurations for Open ID verification and updating methods to utilize these configurations, ensuring more robust and flexible authentication handling.
File Path | Changes |
---|---|
.github/workflows/.../docker_image_for_main_builds.yml |
Removed branches spiffdemo , GSA-TTS-fix-path-routing-in-generated-openid-urls , and use-vite-to-build from triggering the workflow. |
spiffworkflow-backend/src/.../config/default.py |
Added configurations for Open ID verification: SPIFFWORKFLOW_BACKEND_OPEN_ID_VERIFY_IAT , SPIFFWORKFLOW_BACKEND_OPEN_ID_VERIFY_NBF , SPIFFWORKFLOW_BACKEND_OPEN_ID_LEEWAY . |
spiffworkflow-backend/src/.../services/authentication_service.py |
Introduced jwt_decode_options for JWT decoding settings and updated methods to utilize new configurations for token validation. |
Thank you for using CodeRabbit. We offer it for free to the OSS community and would appreciate your support in helping us grow. If you find it useful, would you consider giving us a shout-out on your favorite social media?
This allows a user to specify the desired jwt configs for certain options.
New options are:
Summary by CodeRabbit