Uploaded image for project: 'OpenShift Bugs'
  1. OpenShift Bugs
  2. OCPBUGS-21836

When accessing API URL, jwks_uri endpoint returned is not correct.

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Undefined Undefined
    • 4.15.0
    • 4.11.0
    • kube-apiserver
    • Moderate
    • No
    • False
    • Hide

      None

      Show
      None

      Description of problem:

      When accessing the URL https://api.test.lab.domain.com:6443/.well-known/openid-configuration
      an jwks_uri endpoint containing an api-int URL is returned.
      We expect that this endpoint would be on api instead of api-int.

      Version-Release number of selected component (if applicable):

      4.11

      How reproducible:

      100%

      Steps to Reproduce:

      1. From web browser access https://api.test.lab.domain.com:6443/.well-known/openid-configuration
      2. From CLI try curl -kvv https://api.test.lab.domain.com:6443/.well-known/openid-configuration
      3. The output is as below. The jwks_uri returned is pointing to api-int but I think it should be api
      ~~~~~
      {"issuer":"https://kubernetes.default.svc","jwks_uri":"https://api-int.test.lab.domain.com:6443/openid/v1/jwks","response_types_supported":["id_token"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"]} 
      ~~~~~

      Actual results:

      "jwks_uri":"https://api-int.test.lab.domain.com:6443/openid/v1/jwks

      Expected results:

      "jwks_uri":"https://api.test.lab.domain.com:6443/openid/v1/jwks

      Additional info:

       

            Unassigned Unassigned
            rhn-support-pkhilare Pawan Khilare
            Rahul Gangwar Rahul Gangwar
            Votes:
            0 Vote for this issue
            Watchers:
            10 Start watching this issue

              Created:
              Updated:
              Resolved: