Anders Båtstrand

icon company Anders Båtstrand AS icon location Tønsberg

Results 13 issues of Anders Båtstrand

Refresh JWK when token contains unknown kid

2 comment

**Is your feature request related to a problem? Please describe.** We have a problem using the JWT policy (https://docs.nginx.com/nginx-ingress-controller/configuration/policy-resource/#jwt-using-jwks-from-remote-location), when the IdP rotates the key, and starts to use the...

proposal
ready for refinement
area/security

More context in OIDC logs

2 comment

**Is your feature request related to a problem? Please describe.** The problem is log messages like this: ``` 2024/12/11 13:44:54 [error] 86#86: *3762 js: OIDC ID Token validation error: nonce...

proposal
ready for refinement
area/security

Add support for front-channel OIDC logout

10 comment

The current implementation relies on cookies for front-channel logout. As noted [in the spec](https://openid.net/specs/openid-connect-frontchannel-1_0.html#ThirdPartyContent), this is increasingly problematic, as modern browsers will not send cookies with content in an iframe....

enhancement