Seth Heidkamp

PR Review of ext-auth changes: https://github.com/solo-io/ext-auth-service/pull/717#pullrequestreview-1909568347 `solo-projects` changes to get tests passing: https://github.com/solo-io/solo-projects/pull/5868 Will review with @inFocus7 and appropriate others on Monday.

In an Edge-team discussion this morning, we reviewed the current state of the ticket and plan on taking the following steps: Review of PRs linked on Friday: https://github.com/solo-io/gloo/issues/8673#issuecomment-1973924662 These contain...

Next steps from: https://solo-io-corp.slack.com/archives/C03CE4PJ6HW/p1709683179769449?thread_ts=1709651074.622189&cid=C03CE4PJ6HW - Introduce just the basic state already validated into 1.16 - ETA: March 8 - Introduce those changes, plus some more to prevent CSRF attacks, in...

Functionality validated in test release now available in `solo-projects` `1.16.x` branch and will be part of the next `1.16` release.

Update: * Updated state signing in approval process, should merge 3/13. * We are not moving forward with Keycloak e2e tests, more context here: https://github.com/solo-io/solo-projects/issues/5473#issuecomment-1992466090

JWT signed state code in main/1.17 of `solo-projects`, no tasks outstanding

Outcome of design review was that the ideal approach for handling the situtation where the auth service is updated with a non-responding JWKs URL is to keep the new AuthService...

@DuncanDoyle - The changes needed to implement this are the type of structural changes that we usually don't like to implement in backports. In this case we are making non-trivial...

First solo-projects PR merged (SP1 from https://github.com/solo-io/gloo/issues/7803#issuecomment-2059244877) merged, EXT1 in review

The Ext Auth changes have been merged, functional changes for the last PR are in place, spiffing up the e2e tests.