Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

jwt: do not concatenate duplicated headers #32248

Merged
merged 7 commits into from
Feb 12, 2024
Merged

jwt: do not concatenate duplicated headers #32248

merged 7 commits into from
Feb 12, 2024

Conversation

jewertow
Copy link
Contributor

@jewertow jewertow commented Feb 7, 2024
edited
Loading

Commit Message: jwt: do not concatenate duplicated headers
Additional Description:
Duplicated headers should not be concatenated with a comma, because comma is not allowed in a JWT token, so concatenation invalidates tokens.
This PR fixes #31468.

Risk Level:
Testing: unit tests
Docs Changes: none
Release Notes:
Platform Specific Features: none

@jewertow jewertow requested a review from lizan as a code owner February 7, 2024 10:00
lizan
lizan reviewed Feb 9, 2024
View reviewed changes
Copy link
Member

@lizan lizan left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The change looks good, can you add a release note?

@jewertow
jwt: do not concatenate duplicated headers
4f56e05 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow
Do not use getAllOfHeaderAsString to extract JWT
d471406 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow
Refactor test cases
e1db753 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow
Fix code format
379f07a 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow
Fix code format
fc27d43 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow
Refactoring
eff9348 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow
Add a release note
28a78a6 
Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
@jewertow jewertow force-pushed the jwt-dont-concatenate-headers branch from da7382f to 28a78a6 Compare February 9, 2024 22:50
@jewertow
Copy link
Contributor Author

jewertow commented Feb 9, 2024

Sure, done.

@lizan lizan merged commit 2f9901e into envoyproxy:main Feb 12, 2024
53 checks passed
jewertow added a commit to jewertow/envoy that referenced this pull request Feb 13, 2024
@jewertow
jwt: do not concatenate duplicated headers (envoyproxy#32248)
c04357f 
Duplicated headers should not be concatenated with a comma, because comma is not allowed in a JWT token, so concatenation invalidates tokens.
This PR fixes envoyproxy#31468.

Risk Level:
Testing: unit tests
Docs Changes: none
Release Notes:
Platform Specific Features: none

Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
jewertow added a commit to jewertow/envoy that referenced this pull request Feb 13, 2024
@jewertow
jwt: do not concatenate duplicated headers (envoyproxy#32248)
486d5fa 
Duplicated headers should not be concatenated with a comma, because comma is not allowed in a JWT token, so concatenation invalidates tokens.
This PR fixes envoyproxy#31468.

Risk Level:
Testing: unit tests
Docs Changes: none
Release Notes:
Platform Specific Features: none

Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
phlax pushed a commit that referenced this pull request Feb 13, 2024
@jewertow @phlax
jwt: do not concatenate duplicated headers (#32248)
f074b51 
Duplicated headers should not be concatenated with a comma, because comma is not allowed in a JWT token, so concatenation invalidates tokens.
This PR fixes #31468.

Risk Level:
Testing: unit tests
Docs Changes: none
Release Notes:
Platform Specific Features: none

Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
phlax pushed a commit that referenced this pull request Feb 13, 2024
@jewertow @phlax
jwt: do not concatenate duplicated headers (#32248)
2c41cbb 
Duplicated headers should not be concatenated with a comma, because comma is not allowed in a JWT token, so concatenation invalidates tokens.
This PR fixes #31468.

Risk Level:
Testing: unit tests
Docs Changes: none
Release Notes:
Platform Specific Features: none

Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
SeanKilleen pushed a commit to SeanKilleen/envoy that referenced this pull request Apr 3, 2024
@jewertow @SeanKilleen
jwt: do not concatenate duplicated headers (envoyproxy#32248)
ee55599 
Duplicated headers should not be concatenated with a comma, because comma is not allowed in a JWT token, so concatenation invalidates tokens.
This PR fixes envoyproxy#31468.

Risk Level:
Testing: unit tests
Docs Changes: none
Release Notes:
Platform Specific Features: none

Signed-off-by: Jacek Ewertowski <jewertow@redhat.com>
Signed-off-by: Sean Killeen <SeanKilleen@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lizan lizan lizan approved these changes

Assignees

@lizan lizan

@TAOXUY TAOXUY

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Can't use JWT and basic authorization in 1.28
3 participants
@jewertow @lizan @TAOXUY