honeymoose
/
OpenSearch
mirror of https://github.com/honeymoose/OpenSearch.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
OpenSearch/x-pack
History
Ioannis Kakavas 7cabe8acc9 Fix refresh remote JWKS logic (#42662) 
This change ensures that:

- We only attempt to refresh the remote JWKS when there is a
signature related error only ( BadJWSException instead of the
geric BadJOSEException )
- We do call OpenIDConnectAuthenticator#getUserClaims upon
successful refresh.
- We test this in OpenIdConnectAuthenticatorTests.

Without this fix, when using the OpenID Connect realm with a remote
JWKSet configured in `op.jwks_path`, the refresh would be triggered
for most configuration errors ( i.e. wrong value for `op.issuer` )
and the kibana wouldn't get a response and timeout since
`getUserClaims` wouldn't be called because
`ReloadableJWKSource#reloadAsync` wouldn't call `onResponse` on the
future.
 		2019-05-30 18:08:30 +03:00
..
dev-tools Build: Merge xpack checkstyle config into core (#33399) 2018-09-05 09:17:02 -04:00
docs TestClusters: Convert docs (#42100) 2019-05-22 14:44:08 +03:00
license-tools Switch mapping/aggregations over to java time (#36363) 2019-01-23 10:40:05 +01:00
plugin Fix refresh remote JWKS logic (#42662) 2019-05-30 18:08:30 +03:00
qa Re-mute all ml_datafeed_crud rolling upgrade tests 2019-05-23 09:50:27 -04:00
test Add an OpenID Connect authentication realm (#40674) (#41178) 2019-04-15 12:41:16 +03:00
transport-client Upgrade hamcrest to 2.1 (#41464) 2019-04-24 23:40:03 -07:00
NOTICE.txt
README.md Reorganize license files 2018-04-20 15:33:59 -07:00
build.gradle Remove Migration Upgrade and Assistance APIs (#40075) 2019-03-18 13:46:56 -06:00

README.md

Elastic License Functionality

This directory tree contains files subject to the Elastic License. The files subject to the Elastic License are grouped in this directory to clearly separate them from files licensed under the Apache License 2.0.