Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Refreshed OAuth2 tokens should preserve the user's identity #12598

Open
MarcialRosales opened this issue Oct 28, 2024 · 0 comments
Open

Refreshed OAuth2 tokens should preserve the user's identity #12598

MarcialRosales opened this issue Oct 28, 2024 · 0 comments
Assignees
@MarcialRosales
Labels
enhancement rabbitmq-auth-backend-oauth2

Comments

@MarcialRosales
Copy link
Contributor

MarcialRosales commented Oct 28, 2024
edited
Loading

Is your feature request related to a problem? Please describe.

It can be confusing for a management user to see his/her name changed in the management UI since the first time s/he logged in. This situation may occur if an OAuth 2 token changes the user's identity after the initial token is refreshed.
The Identity Provider is who decides what information is carried in a token and whether the user's identity may change after the token has refreshed. However, as stated earlier, it can be confusing for end-users and therefore, it sounds reasonable to ensure that the identity does not change in the refreshed tokens.

Describe the solution you'd like

The solution is to ensure that the OAuth 2 plugin validates that the user's identity remain intact prior to replacing the current token for a new one.

Describe alternatives you've considered

No response

Additional context

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@MarcialRosales MarcialRosales

Labels
enhancement rabbitmq-auth-backend-oauth2
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@MarcialRosales