feat: JWT IdP intent (#9966)

Browse Source

# Which Problems Are Solved

The login v1 allowed to use JWTs as IdP using the JWT IDP. The login V2
uses idp intents for such cases, which were not yet able to handle JWT
IdPs.

# How the Problems Are Solved

- Added handling of JWT IdPs in `StartIdPIntent` and `RetrieveIdPIntent`
- The redirect returned by the start, uses the existing `authRequestID`
and `userAgentID` parameter names for compatibility reasons.
- Added `/idps/jwt` endpoint to handle the proxied (callback) endpoint ,
which extracts and validates the JWT against the configured endpoint.

# Additional Changes

None

# Additional Context

- closes #9758

...

This commit is contained in:

Livio Spring

2025-05-27 16:26:46 +02:00

committed by GitHub

parent 833f6279e1

commit 4d66a786c8

10 changed files with 319 additions and 16 deletions

Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL

Download Patch File Download Diff File Expand all files Collapse all files

BIN

docs/static/img/guides/jwt_idp.png vendored

Binary file not shown.

Side by Side Swipe Overlay Before Width:  |  Height:  |  Size: 269 KiB After Width:  |  Height:  |  Size: 38 KiB