gsh-digital-services/seaweedFS
5
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
23c25379ca8731b5d5560982baa8065d17a2439c
seaweedFS/weed/iam/oidc
History
Chris Lu 23c25379ca iam: add ECDSA support for OIDC token validation (#8166) 
* iam: add ECDSA support for OIDC token validation

Fixes seaweedfs/seaweedfs#8148

* iam: refactor OIDC ECDSA tests and add failure cases

- Refactored TestOIDCProviderJWTValidationECDSA to use t.Run
- Added sub-tests for expired token, wrong key, invalid issuer, and invalid audience

* Update weed/iam/oidc/oidc_provider_test.go

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>

* iam: improve error type assertions for OIDC invalid signature tests

- Updated both RSA and ECDSA tests to specifically check for ErrProviderInvalidToken

* iam: pad EC coordinates in OIDC tests to comply with RFC 7518

- Coordinates are now zero-padded to the full field size (e.g., 32 bytes for P-256)
- Ensures interoperability with strict OIDC providers

---------

Co-authored-by: gemini-code-assist[bot] <176961590+gemini-code-assist[bot]@users.noreply.github.com>
2026-01-29 20:03:43 -08:00
..
mock_provider_test.go
S3 API: Advanced IAM System (#7160)
2025-08-30 11:15:48 -07:00
mock_provider.go
S3 API: Advanced IAM System (#7160)
2025-08-30 11:15:48 -07:00
oidc_provider_test.go
iam: add ECDSA support for OIDC token validation (#8166)
2026-01-29 20:03:43 -08:00
oidc_provider.go
iam: add ECDSA support for OIDC token validation (#8166)
2026-01-29 20:03:43 -08:00