scitokens_internal: catch matching exception type after jwt-cpp update #125
Conversation
|
I suppose you can just add a kid test to start with? For example, create a token without a kid, then test getting the kid. |
olifre
force-pushed
the
fix-jwt-exception-compatibility
branch
from
5b5276a
to
a3280c9
Compare
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
olifre
force-pushed
the
fix-jwt-exception-compatibility
branch
from
a3280c9
to
d513fcf
Compare
In case the constructor default "none" is passed, the "kid" header claim is left out. This also drops the unused "std::error_code ec" in the serialize function.
This creates a token without kid header claim and runs an example at+jwt token verification test to ensure tokens without kid are accepted.
After updating the vendored jwt-cpp version in: a8c5977 the exception type if a claim is not found has changed, breaking the "no kid claim" use case. Adapt the code to catch the new exception type.
The vendored jwt-cpp version offers a convenience function to check whether the header claim is present, use that instead of accessing it and catching the exception.
olifre
force-pushed
the
fix-jwt-exception-compatibility
branch
from
d513fcf
to
66f8d67
Compare
|
did you accidently merge something else into this pull request? It's adding more than just the exception fix and test. |
Indeed, sorry, it should be fixed now — I have also taken the chance to rebase onto current The changes now are:
|
|
Quick question, are we using the exception stuff for any other parts? |
|
I think all other places either catch |
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
|
@djw8605 Many thanks for merging! |
|
@djw8605 Sorry for bumping this, but since this issue is biting us (and is a regression), would it be possible to get a new release within the next weeks= Many thanks in advance! |
|
Hi, yes I expect to see a release in epel in the next week. I’ll comment here when it’s in epel to let you know. |
|
This is great to hear, many thanks in advance, and have a nice weekend! 😄 |
|
Hi, I had some time tonight, so updates pushed out the door. They are in the bodhi update system, I expect them to be in epel-testing in ~24 hours, and in epel-release repos in ~7 days. Please test the 1.0.2 version! You can easily grab it from epel-testing when that hits. |
|
@djw8605 Many thanks, I tested the new packages on el7 and el8 (RockyLinux) together with XRootD and everything works as expected, so I provided some karma on the packages 👍 . |
After updating the vendored jwt-cpp version in:
a8c5977
the exception type if a claim is not found has changed, breaking the "no kid claim" use case.
Adapt the code to catch the new exception type.
This essentially broke:
#55
@djw8605 Can you think of a good test we could add to ensure this issue does not reappear?