• Mike Danese's avatar
    serviceaccount: check token is issued by correct iss before verifying · 057b7af7
    Mike Danese authored
    Right now if a JWT for an unknown issuer, for any subject hits the
    serviceaccount token authenticator, we return a errors as if the token
    was meant for us but we couldn't find a key to verify it. We should
    instead return nil, false, nil.
    
    This change helps us support multiple service account token
    authenticators with different issuers.
    057b7af7
Name
Last commit
Last update
..
BUILD Loading commit data...
config.go Loading commit data...