You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
fix(oidc): key credential cache on (cache_key, subject, extra_claims)
The credential cache keyed on `cache_key` alone (the role ARN). But the
backend's authorization gate — an AWS role trust policy, or the Azure/GCP
equivalent — conditions on the *minted assertion* (its `subject` and any
`extra_claims`) and is evaluated at mint time, inside the exchange. A cache hit
skips the mint, so it skips that gate: two subjects sharing a role would share a
cached credential, letting the second subject ride on credentials the trust
policy might have denied it.
`get_credentials` already receives `subject` and `extra_claims`, so fold them
into the effective key. Doing it here (not at the call site) closes the footgun
for every caller — none can forget to scope by identity. Length-prefixed framing
keeps the key unambiguous so no crafted subject/ARN can forge another tuple's
key.
Cache granularity becomes per-(backend, identity), which is the correct scope —
credentials already are per-subject — so hit rate is unaffected in practice.
Co-Authored-By: Claude Opus 4.8 <noreply@anthropic.com>
0 commit comments