Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Fix/id token issuer #2

Open
wants to merge 4 commits into
base: master
Choose a base branch
from
Open

Fix/id token issuer #2

wants to merge 4 commits into from

Conversation

SayazhanBos
Copy link
Collaborator

Checklist

  • I read the Contribution Guidelines
  • I signed the CLA and WG Agreements
  • I ran, updated and added unit tests as necessary.
  • I verified the contribution matches existing coding style.
  • I updated the documentation if necessary.

Motivation and Context

Description

Copy link

@mcurtis-stratus mcurtis-stratus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed and approved.
Because of issues with this repository (& how it's been used previously), this branch will not be merged, but will be used directly by Stratus_Video_Android.

@SayazhanBos SayazhanBos force-pushed the fix/id_token_issuer branch from 074a4f3 to b3036eb Compare April 8, 2024 22:05
@SayazhanBos SayazhanBos force-pushed the fix/id_token_issuer branch from b3036eb to 4674134 Compare April 8, 2024 22:38
Copy link

@mcurtis-stratus mcurtis-stratus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please update the comments as described. We're making a pretty significant change from the source project and we need to describe why those changes are being made. Especially since we've had to make numerous changes to this code already, so it seems likely that we may need to return to again some time.

@@ -160,15 +160,15 @@ private static JSONObject parseJwtSection(String section) throws JSONException {
return new JSONObject(jsonString);
}

static IdToken from(String token) throws JSONException, IdTokenException {
public static IdToken from(String token) throws JSONException, IdTokenException {
String[] sections = token.split("\\.");

if (sections.length <= 1) {
throw new IdTokenException("ID token must have both header and claims section");
}

// We ignore header contents, but parse it to check that it is structurally valid JSON

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add an annotation to this comment that notes it is the original project comment, but that you've changed the code so that it is no longer valid. Then add a comment explaining that we are now getting the header contents and why (Azure sends the nonce through the header).

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

changed the comment

final String nonce = JsonUtil.getStringIfDefined(claims, KEY_NONCE);
String tempNonce = JsonUtil.getStringIfDefined(claims, KEY_NONCE);
if (tempNonce == null) {
tempNonce = JsonUtil.getStringIfDefined(headers, KEY_NONCE);

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please add a comment that we observe the nonce coming from Azure in the header and not the claim.

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

added the comment

String[] sections = token.split("\\.");

if (sections.length <= 1) {
throw new IdTokenException("ID token must have both header and claims section");
}

// We ignore header contents, but parse it to check that it is structurally valid JSON
parseJwtSection(sections[0]);
// We are using headers to get nonce field from it and also parse it to check that it is

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I'm sorry, I really think it's important to preserve the original comment (because it's coming from the source project) so that it's easier to "work backwards" if we need to in the future.
Something like:
// (AMN code changes invalidated this comment, 04-2024) <original comment>
Then:
// Get header contents because we have observed Azure sending the nonce in the header

Copy link
Collaborator Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done!

Copy link

@mcurtis-stratus mcurtis-stratus left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Reviewed and approved.
Because of issues with this repository (& how it's been used previously), this branch will not be merged, but will be used directly by Stratus_Video_Android.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants