Title: The audience argument for @endpoints.api should be optional · Issue #133 · cloudendpoints/endpoints-python · GitHub
Open Graph Title: The audience argument for @endpoints.api should be optional · Issue #133 · cloudendpoints/endpoints-python
X Title: The audience argument for @endpoints.api should be optional · Issue #133 · cloudendpoints/endpoints-python
Description: The documentation states the following: If the "aud" (audience) claim in a JWT token matches the Cloud Endpoints service name, then Endpoints Frameworks validates the audience and ignores the values set in the audiences argument in the @...
Open Graph Description: The documentation states the following: If the "aud" (audience) claim in a JWT token matches the Cloud Endpoints service name, then Endpoints Frameworks validates the audience and ignores the value...
X Description: The documentation states the following: If the "aud" (audience) claim in a JWT token matches the Cloud Endpoints service name, then Endpoints Frameworks validates the audience and ignores...
Opengraph URL: https://github.com/cloudendpoints/endpoints-python/issues/133
X: @github
Domain: github.com
{"@context":"https://schema.org","@type":"DiscussionForumPosting","headline":"The audience argument for @endpoints.api should be optional","articleBody":"The [documentation](https://cloud.google.com/endpoints/docs/frameworks/python/troubleshoot-jwt) states the following:\r\n\r\n\u003e If the `\"aud\"` (audience) claim in a JWT token matches the Cloud Endpoints service name, then Endpoints Frameworks validates the audience and ignores the values set in the `audiences` argument in the `@endpoints.api` decorator. For example, if your service name is `\"myservice.appspot.com\"`, then a JWT with `\"aud\"` set to `\"myservice.appspot.com\"` or `\"https://myservice.appspot.com\"` is a valid audience.\r\n\r\nThat doesn't seem to work.\r\nFollowing an example described on [this](https://cloud.google.com/endpoints/docs/openapi/service-account-authentication) page, I generate a Google ID token and set `TARGET_AUD` with `https://[SERVICE_NAME]`, where `[SERVICE_NAME]` is the value of the `host` entry in the API configuration file. Then I expect the `audience` argument to be ignored as it's stated in the docs but it's actually still required.\r\nThe interesting thing is that it's optional and works as expected when authentication arguments are configured in `@endpoints.method`. That could be related to another bug (#64) that exposes differences between `@endpoints.api` and `@endpoints.method`.","author":{"url":"https://github.com/bigunyak","@type":"Person","name":"bigunyak"},"datePublished":"2018-01-29T14:47:37.000Z","interactionStatistic":{"@type":"InteractionCounter","interactionType":"https://schema.org/CommentAction","userInteractionCount":0},"url":"https://github.com/133/endpoints-python/issues/133"}
| route-pattern | /_view_fragments/issues/show/:user_id/:repository/:id/issue_layout(.:format) |
| route-controller | voltron_issues_fragments |
| route-action | issue_layout |
| fetch-nonce | v2:9ba91b0c-bca8-d59e-5ec1-2ee13245156c |
| current-catalog-service-hash | 81bb79d38c15960b92d99bca9288a9108c7a47b18f2423d0f6438c5b7bcd2114 |
| request-id | 8978:38A7FD:133BAC5:1AB63DE:6A4DE97B |
| html-safe-nonce | e745d4f5fef643b563a727fc6d116a10f194a9d9b3ee66fe27035602053ae682 |
| visitor-payload | eyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiI4OTc4OjM4QTdGRDoxMzNCQUM1OjFBQjYzREU6NkE0REU5N0IiLCJ2aXNpdG9yX2lkIjoiNjQxODAzNDMwMTUxODg2NjgxMSIsInJlZ2lvbl9lZGdlIjoiaWFkIiwicmVnaW9uX3JlbmRlciI6ImlhZCJ9 |
| visitor-hmac | c98408299e7c837c9e56103e2eff7824921ce13a2cae484e6698e099b13d8eea |
| hovercard-subject-tag | issue:292433402 |
| github-keyboard-shortcuts | repository,issues,copilot |
| google-site-verification | Apib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I |
| octolytics-url | https://collector.github.com/github/collect |
| analytics-location | / |
| fb:app_id | 1401488693436528 |
| apple-itunes-app | app-id=1477376905, app-argument=https://github.com/_view_fragments/issues/show/cloudendpoints/endpoints-python/133/issue_layout |
| twitter:image | https://opengraph.githubassets.com/f60a481f5e386b13f4e257c95acbea4a2d60be6a84f74cafbde102a0079f8342/cloudendpoints/endpoints-python/issues/133 |
| twitter:card | summary_large_image |
| og:image | https://opengraph.githubassets.com/f60a481f5e386b13f4e257c95acbea4a2d60be6a84f74cafbde102a0079f8342/cloudendpoints/endpoints-python/issues/133 |
| og:image:alt | The documentation states the following: If the "aud" (audience) claim in a JWT token matches the Cloud Endpoints service name, then Endpoints Frameworks validates the audience and ignores the value... |
| og:image:width | 1200 |
| og:image:height | 600 |
| og:site_name | GitHub |
| og:type | object |
| og:author:username | bigunyak |
| hostname | github.com |
| expected-hostname | github.com |
| None | 06b8a6144231bf3a234f1c2e9993861e07ce98a905912b114aa386c2d7e84b33 |
| turbo-cache-control | no-preview |
| go-import | github.com/cloudendpoints/endpoints-python git https://github.com/cloudendpoints/endpoints-python.git |
| octolytics-dimension-user_id | 19231370 |
| octolytics-dimension-user_login | cloudendpoints |
| octolytics-dimension-repository_id | 65349604 |
| octolytics-dimension-repository_nwo | cloudendpoints/endpoints-python |
| octolytics-dimension-repository_public | true |
| octolytics-dimension-repository_is_fork | false |
| octolytics-dimension-repository_network_root_id | 65349604 |
| octolytics-dimension-repository_network_root_nwo | cloudendpoints/endpoints-python |
| turbo-body-classes | logged-out env-production page-responsive |
| disable-turbo | false |
| browser-stats-url | https://api.github.com/_private/browser/stats |
| browser-errors-url | https://api.github.com/_private/browser/errors |
| release | 1d344bdb7547fe6bca17a59bb2b8aac3dc9532a0 |
| ui-target | full |
| theme-color | #1e2327 |
| color-scheme | light dark |
Links:
Viewport: width=device-width