Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow third-party filters to set the state for oidcClaimsQuery #3139

Closed
haveo opened this issue Jul 2, 2024 · 1 comment · Fixed by #3311
Closed

Allow third-party filters to set the state for oidcClaimsQuery #3139

haveo opened this issue Jul 2, 2024 · 1 comment · Fixed by #3311

Comments

@haveo
Copy link
Contributor

haveo commented Jul 2, 2024

Is your feature request related to a problem? Please describe.
The oidcClaimsQuery filter allows for arbitrary queries on claims using GJSON. Besides being able to be used for OIDC, other filters in Skipper that handle different authentication schemes also set the OIDC claims cache key allowing the oidcClaimsQuery filter to be called.
However, when working with a third-party filter, it is not possible to create a tokenContainer value because this type is private to the filters/auth package. Therefore it is not possible to set the OIDC claims cache key to a value that would be accepted by oidcClaimsQuery, since the filter expects a value of type tokenContainer to be stored there.
This prevents the reuse of oidcClaimsQuery when the authentication is done in a third-party filter.

Describe the solution you would like
A function should be exported that sets the OIDC claims cache key (given a map[string]interface{} claims value).

Describe alternatives you've considered (optional)
An alternative would be to export the tokenContainer type.

Would you like to work on it?
Yes

@szuecs
Copy link
Member

szuecs commented Jul 4, 2024

Sounds great!
Please create a PR, thanks

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging a pull request may close this issue.

2 participants