Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix M2M authentication and add clock tolerance to JWT methods #130

Merged
merged 4 commits into from
Jul 24, 2024
Merged

Fix M2M authentication and add clock tolerance to JWT methods #130

merged 4 commits into from
Jul 24, 2024

Conversation

jennifer-stytch
Copy link
Contributor

This PR adds the following changes:

  • Fixes M2M token authentication by adding headers to get_request and specifying whether to use the B2B or B2C JWKS endpoint
  • Adds clock_tolerance_seconds as an optional parameter to authenticate_jwt, authenticate_jwt_local in the B2B and B2C sessions clients, and to authenticate_token and authenticate_token_local for M2M. This is used as the nbf_leeway value to JWT verification to help with clock drift issues.
  • Fixes various RBAC docs that had some unintended trailing markdoc characters
  • Codegen: SCIM groups, RBAC headers for revoke session, and various docs updates

@jennifer-stytch jennifer-stytch requested a review from a team as a code owner July 24, 2024 13:58
logan-stytch
logan-stytch approved these changes Jul 24, 2024
View reviewed changes
lib/stytch/b2b_sessions.rb Outdated
include Stytch::RequestHelper

def initialize(connection, project_id, policy_cache)
def initialize(connection, project_id, is_b2b_client, policy_cache)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This feels slightly weird to me since the is_b2b_client param is unused (I think we could've been smarter about deciding whether a given class wants this param and limited to "hybrid" classes like M2M), but it's not hurting anything, so I think it's fine.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Fixed in e1fb37b

@jennifer-stytch jennifer-stytch merged commit 27a7a50 into main Jul 24, 2024
6 checks passed
@jennifer-stytch jennifer-stytch deleted the jmccleary/m2m branch July 24, 2024 17:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@logan-stytch logan-stytch logan-stytch approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@jennifer-stytch @logan-stytch