Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1905

Header for X-Openid-Configuration should consider only necessary attributes to decrease the size for header values

    XMLWordPrintable

Details

    • Fix
    • Status: Released (View Workflow)
    • Major
    • Resolution: Fixed
    • 2.7.0
    • 2.7.2
    • JOC Cockpit GUI
    • None

    Description

      Current Situation

      When logging in with an OIDC Identity Service, the login endpoint is forwarded the X-Openid-Configuration header which holds the answer of the .well-known/openid-configuration endpoint. The header value is base64 encoded.

      The header is sent to avoid a second call to the .well-known/openid-configuration executed by the JOC Cockpit REST Web Service API.

      The value can exceed the 8 KB limit for individual header values imposed by some browser products. The overall limit for all headers is asssumed to be 256 KB.

      Desired Behavior

      The X-Openid-Configuration header should contain base64 encoded attributes from the answer of the .well-known/openid-configuration endpoint only as required by the login endpoint. Required attributes include "claims_supported" and "jwks_uri".

      If the size of the X-Openid-Configuration header is greater than 8KB, the header can be be omitted. In this case, the JOC Cockpit REST Web Service API would call the .well-known/openid-configuration endpoint again.

      Attachments

        Activity

          People

            ZtRahul193 Rahul Patidar
            ur Uwe Risse
            Pramokshi Narawariya Pramokshi Narawariya
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: