Skip to content

Added SNI support for JWT secrets retrieved from HTTPS URL #7500

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 6 commits into
base: main
Choose a base branch
from
Open

Added SNI support for JWT secrets retrieved from HTTPS URL #7500

wants to merge 6 commits into from

Conversation

fabriziofiorucci
Copy link
Contributor

Proposed changes

The current NGINX Ingress Controller implementation doesn't set the SNI field when fetching the JWT secret from an HTTPS URL. This breaks compatibility with idPs requiring SNI to be set.

This PR adds two directives to turn on SNI and set the hostname.

Checklist

Before creating a PR, run through this checklist and mark each as complete.

  • I have read the CONTRIBUTING doc
  • I have added tests that prove my fix is effective or that my feature works
  • I have checked that all unit tests pass after adding my changes
  • I have updated necessary documentation
  • I have rebased my branch onto main
  • I will ensure my PR is targeting the main branch and pulling from my branch from my own fork

@fabriziofiorucci fabriziofiorucci requested a review from a team as a code owner March 12, 2025 13:59
@github-actions github-actions bot added the documentation Pull requests/issues for documentation label Mar 12, 2025
@shaun-nx shaun-nx linked an issue Mar 12, 2025 that may be closed by this pull request
Add SNI for JWT policy #7427
Open
fabriziofiorucci
fabriziofiorucci commented Mar 13, 2025
View reviewed changes
Copy link
Contributor Author

@fabriziofiorucci fabriziofiorucci left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Changes reviewed

pdabelf5
pdabelf5 previously approved these changes Apr 3, 2025
View reviewed changes
AlexFenlon
AlexFenlon previously approved these changes Apr 3, 2025
View reviewed changes
@pdabelf5
Copy link
Collaborator

pdabelf5 commented May 1, 2025

@fabriziofiorucci can you remove the documentation updates unrelated to this change and we will try to get this merged. Thanks

@fabriziofiorucci fabriziofiorucci dismissed stale reviews from AlexFenlon and pdabelf5 via 83ab922 May 2, 2025 12:41
@github-actions github-actions bot removed the documentation Pull requests/issues for documentation label May 2, 2025
@AlexFenlon
Copy link
Contributor

@fabriziofiorucci can you plrease run make test-update-snaps to fix the unit tests

AlexFenlon
AlexFenlon approved these changes May 8, 2025
View reviewed changes
Copy link
Contributor

@AlexFenlon AlexFenlon left a comment
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Screenshot 2025-05-08 at 14 25 10

Other than fixing unit tests with that command mentioned above, it looks and works as expected 👍

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@AlexFenlon AlexFenlon AlexFenlon approved these changes

@pdabelf5 pdabelf5 pdabelf5 left review comments

At least 2 approving reviews are required to merge this pull request.

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Add SNI for JWT policy
3 participants
@fabriziofiorucci @pdabelf5 @AlexFenlon