Skip to content

OIDC Token Verification#27

Merged
ianlewis merged 26 commits into
slsa-framework:mainfrom
ianlewis:audience
Apr 18, 2022
Merged

OIDC Token Verification#27
ianlewis merged 26 commits into
slsa-framework:mainfrom
ianlewis:audience

Conversation

@ianlewis
Copy link
Copy Markdown
Member

@ianlewis ianlewis commented Apr 14, 2022
edited
Loading

Fixes #7 #9

  • Add verification of tokens returned by the OIDC server using go-oidc
  • Update how audience is set to generate it using the buildType
  • Update API for the OIDC client to allow greater flexibility in testing.

ianlewis
ianlewis commented Apr 14, 2022
View reviewed changes
Comment thread slsa/provenance.go
Comment thread slsa/provenance.go
Comment thread github/oidc_test.go
Comment thread internal/errors/wrappable.go
Comment thread github/oidc.go Outdated
ianlewis
ianlewis commented Apr 14, 2022
View reviewed changes
Comment thread github/oidctest.go
laurentsimon
laurentsimon approved these changes Apr 14, 2022
View reviewed changes
Comment thread github/oidc.go
Comment thread github/oidc.go Outdated
Comment thread slsa/provenance.go
Comment thread slsa/provenance.go
@ianlewis ianlewis merged commit 6847f81 into slsa-framework:main Apr 18, 2022
@ianlewis ianlewis deleted the audience branch July 27, 2022 01:23
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@laurentsimon laurentsimon laurentsimon approved these changes

@MarkLodato MarkLodato Awaiting requested review from MarkLodato

@asraa asraa Awaiting requested review from asraa

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

Update audience scope for OIDC token to be more specific

2 participants

@ianlewis @laurentsimon