Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refactor OidcTokenProvider to remove dependency on IdentityModel and improve token handling #1618

Draft
wants to merge 3 commits into
base: master
Choose a base branch
from
Draft

Refactor OidcTokenProvider to remove dependency on IdentityModel and improve token handling #1618

wants to merge 3 commits into from

Conversation

tg123
Copy link
Member

@tg123 tg123 commented Feb 21, 2025
edited
Loading

@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: tg123

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tg123 tg123 marked this pull request as draft February 21, 2025 09:27
@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Feb 21, 2025
@k8s-ci-robot k8s-ci-robot added cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/M Denotes a PR that changes 30-99 lines, ignoring generated files. labels Feb 21, 2025
tg123 added 2 commits February 21, 2025 01:48
@tg123
Improve OidcTokenProvider error handling and expiry setting
dffc59e 
The constructor `OidcTokenProvider` now always sets the `_expiry`
field by calling `GetExpiryFromToken()`, regardless of whether
`_idToken` is null or empty, removing the previous check for a
non-empty `_idToken`.

The `GetExpiryFromToken` method has been updated to handle invalid
JWT token formats more gracefully. Instead of throwing an
`ArgumentException` when the token format is invalid or when the
'exp' claim is missing, the method now returns a default value.

The logic for parsing the JWT token and extracting the 'exp' claim
has been wrapped in a try-catch block. If any exception occurs
during this process, it is caught, and the method returns a default
value instead of throwing an exception.
@tg123
Refactor parts initialization inside try block
c253b82 
Moved the initialization of the `parts` variable, which splits the `_idToken` string, inside the `try` block. Removed the previous check for exactly three elements in the `parts` array and the default return value if the check failed.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@brendandburns brendandburns Awaiting requested review from brendandburns

Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. size/M Denotes a PR that changes 30-99 lines, ignoring generated files.
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@tg123 @k8s-ci-robot