Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

The OAuth2 IDToken doesn't respect the cookieDomain setting #37154

Open
zhaohuabing opened this issue Nov 14, 2024 · 0 comments · May be fixed by #37155
Open

The OAuth2 IDToken doesn't respect the cookieDomain setting #37154

zhaohuabing opened this issue Nov 14, 2024 · 0 comments · May be fixed by #37155
Labels
area/oauth bug

Comments

@zhaohuabing
Copy link
Member

Configuring OAuth2 with cookieDomain as example.com.

                       "typedConfig": {
                            "@type": "type.googleapis.com/envoy.extensions.filters.http.oauth2.v3.OAuth2",
                            "config": {
                              "authScopes": [
                                "openid"
                              ],
                              "authType": "BASIC_AUTH",
                              "authorizationEndpoint": "https://zhaohuabing.auth0.com/authorize",
                              "credentials": {
                                "clientId": "lapVoy7H2soD3lMwadjUxXD7gCXNbk0A",
                                "cookieDomain": "example.com",
                                "cookieNames": {
                                  "bearerToken": "AccessToken-ac3e64f",
                                  "idToken": "IdToken-ac3e64f",
                                  "oauthExpires": "OauthExpires-ac3e64f",
                                  "oauthHmac": "OauthHMAC-ac3e64f",
                                  "oauthNonce": "OauthNonce-ac3e64f",
                                  "refreshToken": "RefreshToken-ac3e64f"
                                },
                                "hmacSecret": {
                                  "name": "oauth2/hmac_secret/securitypolicy/default/oidc-example",
                                  "sdsConfig": {
                                    "ads": {},
                                    "resourceApiVersion": "V3"
                                  }
                                },
Screenshot 2024-11-14 at 15 10 31
@zhaohuabing zhaohuabing added bug triage Issue requires triage labels Nov 14, 2024
@zhaohuabing zhaohuabing linked a pull request Nov 14, 2024 that will close this issue
Draft
@yanavlasov yanavlasov added area/oauth and removed triage Issue requires triage labels Nov 15, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/oauth bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix id token domain zhaohuabing/envoy
2 participants
@zhaohuabing @yanavlasov