+
Skip to content

Ensure regex policies work for multi-valued claims #33674

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Ensure regex policies work for multi-valued claims #33674

wants to merge 5 commits into from
+57 −10

Conversation

PaulBujor
Copy link

In RegexPolicyProvider, execute the regex match on a string containing all claims, separate by comma

Closes #33293

@PaulBujor
Ensure regex policies work for multi-valued claims
8944acc 
In RegexPolicyProvider, execute the regex match on a string containing all claims, separate by comma

Closes keycloak#33293

Signed-off-by: Paul-Andrei Bujor <bujor.paul2000@gmail.com>
@PaulBujor PaulBujor requested review from a team as code owners October 8, 2024 07:42
@ahus1 ahus1 self-assigned this May 14, 2025
ahus1
ahus1 requested changes May 14, 2025
View reviewed changes
Copy link
Contributor

@ahus1 ahus1 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I had a look and IMHO switching from match to find would break the existing logic. For multivalued attributes, I would expect it to apply the match logic on each element individually. I would avoid concatenating the string as it opens the door to a lot of confusion of delimiters.

@PaulBujor PaulBujor force-pushed the fix/regex-policy-multivalue-claim branch from 6ed3109 to f210bed Compare July 14, 2025 09:09
@PaulBujor PaulBujor requested a review from ahus1 July 14, 2025 09:11
@PaulBujor
Copy link
Author

@ahus1 thanks for the feedback - made some updates.

i guess I'll have to merge commits and rebase once it's ok?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ahus1 ahus1 Awaiting requested review from ahus1

Requested changes must be addressed to merge this pull request.

Assignees

@ahus1 ahus1

Labels
team/cloud-native team/core-clients team/core-iam
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Regex authorization policies only check the first value in a multi-valued claim
2 participants
@PaulBujor @ahus1
点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载