Skip to content

KNOX-3355 - Add OIDCDiscoveryHelper, JdbcTrustedOidcIssuerService, and TrustedOidcIssuerServiceFactory#1294

Closed
hsheinblatt wants to merge 2 commits into
apache:masterfrom
hsheinblatt:ds-t1.2
Closed

KNOX-3355 - Add OIDCDiscoveryHelper, JdbcTrustedOidcIssuerService, and TrustedOidcIssuerServiceFactory#1294
hsheinblatt wants to merge 2 commits into
apache:masterfrom
hsheinblatt:ds-t1.2

Conversation

@hsheinblatt

@hsheinblatt hsheinblatt commented Jul 2, 2026

Copy link
Copy Markdown

Note that this change depends upon #1270
It will not compile without the previous PR.

What changes were proposed in this pull request?

This change implements OIDC discovery from a trusted issuer.

How was this patch tested?

New unit tests were added.

Integration Tests

No integration tests were added. Once the OIDC discovery flow is complete, integration
tests are planned.

UI changes

smolnar82 and others added 2 commits May 20, 2026 22:31
* KnoxIDF - Initial commit
* KnoxIDF - multi OP support
* KnoxIDF - make token endpoint configurable during discovery
* KnoxIDF - Code cleanup and bug fixes
* KnoxIDF - Multi OP enablement improvements and code adoption to Larry's recent changes
* KnoxIDF - Add REFRESH_TOKEN support
* KnoxIDF - Automatically enable JdbcFederatedIdentityService when KnoxIDF is present in any topology
* KnoxIDF - Added Docker-based integration tests
* KnoxIDF: configurable user params provider (only LDAP for now)
* KnoxIDF: add support for auth code flow with PKCE
* KnoxIDF: fix an issue with the empty user params provider implementation
* KnoxIDF: Refactor Docker build to use local Maven artifacts and unify CI/Dev workflows
@hsheinblatt hsheinblatt closed this Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants