ext_jwt: streamline expected aud in access tokens and id tokens (#87401)

2025-02-25 18:55:37 -06:00 · 2024-05-07 11:20:16 -07:00
parent 6c47968f6c
commit a9da6ce1d5
3 changed files with 16 additions and 22 deletions
--- a/pkg/setting/setting_jwt.go
+++ b/pkg/setting/setting_jwt.go
@@ -26,17 +26,15 @@ type AuthJWTSettings struct {
 }

 type ExtJWTSettings struct {
-	Enabled        bool
-	ExpectIssuer   string
-	ExpectAudience string
-	JWKSUrl        string
+	Enabled      bool
+	ExpectIssuer string
+	JWKSUrl      string
 }

 func (cfg *Cfg) readAuthExtJWTSettings() {
 	authExtendedJWT := cfg.SectionWithEnvOverrides("auth.extended_jwt")
 	jwtSettings := ExtJWTSettings{}
 	jwtSettings.Enabled = authExtendedJWT.Key("enabled").MustBool(false)
-	jwtSettings.ExpectAudience = authExtendedJWT.Key("expect_audience").MustString("")
 	jwtSettings.JWKSUrl = authExtendedJWT.Key("jwks_url").MustString("")
 	cfg.ExtJWTAuth = jwtSettings
 }