Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

[SecurityBundle] Remove deprecated OIDC token handler optionsalgorithm andkey#60929

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to ourterms of service andprivacy statement. We’ll occasionally send you account related emails.

Already on GitHub?Sign in to your account

Open
OskarStark wants to merge2 commits intosymfony:8.0
base:8.0
Choose a base branch
Loading
fromOskarStark:remove-oidc-deprecated-options

Conversation

OskarStark
Copy link
Contributor

QA
Branch?8.0
Bug fix?no
New feature?no
Deprecations?no
Issues--
LicenseMIT

Comment on lines +95 to +96
->ifTrue(staticfn ($v) => !isset($v['algorithms']))
->thenInvalid('You must set "algorithms".')
Copy link
ContributorAuthor

@OskarStarkOskarStarkJun 27, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I think this can be removed, right? Asalgorithms is marked withisRequired()

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

I think so yes
you might want to verify on a proto app of course

@OskarStarkOskarStarkforce-pushed theremove-oidc-deprecated-options branch fromd4eb6c2 to3b3362fCompareJune 27, 2025 21:30
…hm and keyRemove the deprecated algorithm and key options from the OIDC token handler configuration,use algorithms and keyset instead.- Add CHANGELOG entry- Add UPGRADE-8.0.md entry with before/after examples- Remove legacy test for deprecated options- No need to remove symfony/deprecation-contracts (not present)
@OskarStarkOskarStarkforce-pushed theremove-oidc-deprecated-options branch from3b3362f to3ae1f9fCompareJune 27, 2025 21:32
access_token:
token_handler:
oidc:
algorithms: ['RS256']

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

a diff instead of a before/after would be more appropriate I think

OskarStark reacted with heart emoji
Comment on lines +339 to +350
# config/packages/security.yaml
security:
firewalls:
main:
access_token:
token_handler:
oidc:
- algorithm: 'RS256'
- key: 'https://example.com/.well-known/jwks.json'
+ algorithms: ['RS256']
+ keyset: 'https://example.com/.well-known/jwks.json'
```

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others.Learn more.

in a diff, non modified lines must start with an extra space (instead if a + / - for changed lines):

Suggested change
#config/packages/security.yaml
security:
firewalls:
main:
access_token:
token_handler:
oidc:
- algorithm: 'RS256'
- key: 'https://example.com/.well-known/jwks.json'
+ algorithms: ['RS256']
+ keyset: 'https://example.com/.well-known/jwks.json'
```
# config/packages/security.yaml
security:
firewalls:
main:
access_token:
token_handler:
oidc:
- algorithm: 'RS256'
- key: 'https://example.com/.well-known/jwks.json'
+ algorithms: ['RS256']
+ keyset: 'https://example.com/.well-known/jwks.json'

Sign up for freeto join this conversation on GitHub. Already have an account?Sign in to comment
Reviewers

@nicolas-grekasnicolas-grekasnicolas-grekas left review comments

@chalasrchalasrAwaiting requested review from chalasrchalasr is a code owner

Assignees
No one assigned
Projects
None yet
Milestone
8.0
Development

Successfully merging this pull request may close these issues.

3 participants
@OskarStark@nicolas-grekas@carsonbot
[8]ページ先頭
©2009-2025 Movatter.jp