crypt/step-ca-cli
1
0
Fork 0
mirror of https://github.com/smallstep/cli.git synced 2025-08-09 03:22:43 +03:00
Code Activity

Clarify comment for OIDC tokens.

Browse Source
This commit is contained in:
Mariano Cano
2021-04-29 12:23:51 -07:00
parent 6ba999be68
commit dd2d656a5b
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
command/ssh/login.go
View File

@@ -198,9 +198,9 @@ func loginAction(ctx *cli.Context) error {
identityKey = key
}
// NOTE: For OIDC token the principals should be completely empty. The OIDC
// provisioner is responsible for setting default principals by using an
// identity function.
// NOTE: For OIDC tokens the subject should be always the email. The
// provisioner is responsible to setting the principals by using an identity
// function.
if email, ok := tokenHasEmail(token); ok {
subject = email
}

6
command/ssh/proxycommand.go
View File

@@ -143,9 +143,9 @@ func doLoginIfNeeded(ctx *cli.Context, subject string) error {
return err
}
// NOTE: For OIDC token the principals should be completely empty. The OIDC
// provisioner is responsible for setting default principals by using an
// identity function.
// NOTE: For OIDC tokens the subject should be always the email. The
// provisioner is responsible to setting the principals by using an identity
// function.
if email, ok := tokenHasEmail(token); ok {
subject = email
}