3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 08:19:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

prototype: k8s jwt auth support

Browse source
This commit is contained in:
Joe Kralicky 2024-10-16 18:14:11 -04:00
parent 298a5a94a5
commit 6629170eb3
No known key found for this signature in database
GPG key ID: 75C4875F34A9FB79
3 changed files with 20 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
authorize/evaluator/opa/policy/headers.rego
View file

@ -77,7 +77,7 @@ jwt_payload_aud := v if {
v := input.issuer
} else := ""
jwt_payload_iss := v if {
jwt_payload_iss := concat("", ["https://", v, "/"]) if {
v := input.issuer
} else := ""
@ -201,6 +201,7 @@ set_request_headers := h if {
"pomerium.id_token": session_id_token,
"pomerium.access_token": session_access_token,
"pomerium.client_cert_fingerprint": client_cert_fingerprint,
"pomerium.jwt": signed_jwt,
}
h := [[header_name, header_value] |
some header_name