-
Notifications
You must be signed in to change notification settings - Fork 22
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
scitokens_internal: catch matching exception type after jwt-cpp update #125
scitokens_internal: catch matching exception type after jwt-cpp update #125
Conversation
I suppose you can just add a kid test to start with? For example, create a token without a kid, then test getting the kid. |
5b5276a
to
a3280c9
Compare
a3280c9
to
d513fcf
Compare
In case the constructor default "none" is passed, the "kid" header claim is left out. This also drops the unused "std::error_code ec" in the serialize function.
This creates a token without kid header claim and runs an example at+jwt token verification test to ensure tokens without kid are accepted.
After updating the vendored jwt-cpp version in: a8c5977 the exception type if a claim is not found has changed, breaking the "no kid claim" use case. Adapt the code to catch the new exception type.
The vendored jwt-cpp version offers a convenience function to check whether the header claim is present, use that instead of accessing it and catching the exception.
d513fcf
to
66f8d67
Compare
did you accidently merge something else into this pull request? It's adding more than just the exception fix and test. |
Indeed, sorry, it should be fixed now — I have also taken the chance to rebase onto current The changes now are:
|
Quick question, are we using the exception stuff for any other parts? |
I think all other places either catch |
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
@djw8605 Many thanks for merging! |
@djw8605 Sorry for bumping this, but since this issue is biting us (and is a regression), would it be possible to get a new release within the next weeks= Many thanks in advance! |
Hi, yes I expect to see a release in epel in the next week. I’ll comment here when it’s in epel to let you know. |
This is great to hear, many thanks in advance, and have a nice weekend! 😄 |
Hi, I had some time tonight, so updates pushed out the door. They are in the bodhi update system, I expect them to be in epel-testing in ~24 hours, and in epel-release repos in ~7 days. Please test the 1.0.2 version! You can easily grab it from epel-testing when that hits. |
@djw8605 Many thanks, I tested the new packages on el7 and el8 (RockyLinux) together with XRootD and everything works as expected, so I provided some karma on the packages 👍 . |
After updating the vendored jwt-cpp version in:
a8c5977
the exception type if a claim is not found has changed, breaking the "no kid claim" use case.
Adapt the code to catch the new exception type.
This essentially broke:
#55
@djw8605 Can you think of a good test we could add to ensure this issue does not reappear?