[GitHub] [apisix] starsz commented on pull request #5449: feat(oidc): make it possible to validate tokens against provider host…

[GitBox <gi...@apache.org>]

starsz commented on pull request #5449:
URL: https://github.com/apache/apisix/pull/5449#issuecomment-980540160


   > Hi @tzssangglass I'll check on this and get back tomorrow. However, I do recall that Auth0 had limitations when writing an extensive test suite (Eg- it was missing the introspection endpoint at the time of writing). This is one of the reasons why I used Keycloak as an IDP to write some test cases. And I can verify the token generated by Keycloak provides this KID, so if we cannot generate a token via Auth 0, then we can switch the test case to use Keycloak.
   > 
   > <img alt="Screenshot 2021-11-23 at 08 37 49" width="663" src="https://user-images.githubusercontent.com/13045528/142965745-838f3046-e8ca-45ae-b156-de6b7b31b226.png">
   
   Yes. I think we should use keycloak to test.`https://samples.auth0.com/` maybe not an official test website.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org