[PR #4475] [MERGED] support multiple subjects in oidc ping #4983

New issue

Closed

opened 2026-05-05 14:52:27 -06:00 by gitea-mirror · 0 comments

gitea-mirror commented

2026-05-05 14:52:27 -06:00

Owner

📋 Pull Request Information

Original PR: https://github.com/fatedier/frp/pull/4475
Author: @RobKenis
Created: 10/8/2024
Status: ✅ Merged
Merged: 10/12/2024
Merged by: @blizard863

Base: dev ← Head: feature/support-multiple-oidc-clients

📝 Commits (1)

d082976 support multiple subjects in oidc ping

📊 Changes

3 files changed (+85 additions, -9 deletions)

View changed files

📝 pkg/auth/auth.go (+2 -1)
📝 pkg/auth/oidc.go (+19 -8)
➕ pkg/auth/oidc_test.go (+64 -0)

📄 Description

Validate the subject in an oidc ping against a list of logged in subjects.

This resolves the issue that multiple connected FRP clients with different OIDC clients result in a failing ping. The ping would fail because the subject in memory would be the value of the last logged in FRPC.

This change also changes the constructor of OidcAuthVerifier to take a TokenVerifier interface. This will not change production behavior, but makes testing easier because we can inject a mock verifier during testing.

Resolves: #4466

_{🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.}

## 📋 Pull Request Information **Original PR:** https://github.com/fatedier/frp/pull/4475 **Author:** [@RobKenis](https://github.com/RobKenis) **Created:** 10/8/2024 **Status:** ✅ Merged **Merged:** 10/12/2024 **Merged by:** [@blizard863](https://github.com/blizard863) **Base:** `dev` ← **Head:** `feature/support-multiple-oidc-clients` --- ### 📝 Commits (1) - [`d082976`](https://github.com/fatedier/frp/commit/d0829760c6f6ea7cd82b47f261cb718cac1a2693) support multiple subjects in oidc ping ### 📊 Changes **3 files changed** (+85 additions, -9 deletions) <details> <summary>View changed files</summary> 📝 `pkg/auth/auth.go` (+2 -1) 📝 `pkg/auth/oidc.go` (+19 -8) ➕ `pkg/auth/oidc_test.go` (+64 -0) </details> ### 📄 Description Validate the subject in an oidc ping against a list of logged in subjects. This resolves the issue that multiple connected FRP clients with different OIDC clients result in a failing ping. The ping would fail because the subject in memory would be the value of the last logged in FRPC. This change also changes the constructor of OidcAuthVerifier to take a TokenVerifier interface. This will not change production behavior, but makes testing easier because we can inject a mock verifier during testing. Resolves: #4466 --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>