You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Triggered by the merge of #564 (refactor(test): use go-jose jwt subpackage for OIDC token construction), which updated handler/oidc_test.go to use the idiomatic go-jose/v4/jwt builder API.
Changes
CONTRIBUTING.md — expands the "OIDC debugging tools" section with a new ### Constructing JWTs in tests subsection that:
Explains that OIDC tests use go-jose/v4/jwt (imported as josejwt) to build signed id_token values for fake providers
Updates the existing note to distinguish production token verification (handled by coreos/go-oidc/v3 and golang-jwt/jwt/v5) from test token construction (handled by go-jose/v4 and its jwt subpackage)
Why
Without this documentation, contributors adding new OIDC test cases might revert to the old manual json.Marshal → signer.Sign → CompactSerialize pattern instead of using the idiomatic builder. Documenting the approved pattern in CONTRIBUTING.md closes that gap and keeps the test codebase consistent.
Testing
Documentation-only change. No production or test logic was modified.
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
CONTRIBUTING.md
The push was rejected because GitHub Actions does not have workflows permission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.
Create the pull request manually
# Download the patch from the workflow run
gh run download 27784135684 -n agent -D /tmp/agent-27784135684
# Create a new branch
git checkout -b docs/oidc-test-jwt-construction-pattern-71aeb404d5b6fbd2 main
# Apply the patch (--3way handles cross-repo patches)
git am --3way /tmp/agent-27784135684/aw-docs-oidc-test-jwt-construction-pattern.patch
# Push the branch and create the pull request
git push origin docs/oidc-test-jwt-construction-pattern-71aeb404d5b6fbd2
gh pr create --title 'docs(contributing): document go-jose jwt builder pattern for OIDC tests' --base main --head docs/oidc-test-jwt-construction-pattern-71aeb404d5b6fbd2 --repo amalgamated-tools/goauth
Summary
Triggered by the merge of #564 (
refactor(test): use go-jose jwt subpackage for OIDC token construction), which updatedhandler/oidc_test.goto use the idiomaticgo-jose/v4/jwtbuilder API.Changes
CONTRIBUTING.md— expands the "OIDC debugging tools" section with a new### Constructing JWTs in testssubsection that:go-jose/v4/jwt(imported asjosejwt) to build signedid_tokenvalues for fake providersjosejwt.Signed(signer).Claims(claimsMap).Serialize()) that was introduced in refactor(test): use go-jose jwt subpackage for OIDC token construction #564coreos/go-oidc/v3andgolang-jwt/jwt/v5) from test token construction (handled bygo-jose/v4and itsjwtsubpackage)Why
Without this documentation, contributors adding new OIDC test cases might revert to the old manual
json.Marshal → signer.Sign → CompactSerializepattern instead of using the idiomatic builder. Documenting the approved pattern in CONTRIBUTING.md closes that gap and keeps the test codebase consistent.Testing
Documentation-only change. No production or test logic was modified.
Warning
Protected Files — Push Permission Denied
This was originally intended as a pull request, but the patch modifies protected files. A human must create the pull request manually.
Protected files
CONTRIBUTING.mdThe push was rejected because GitHub Actions does not have
workflowspermission to push these changes, and is never allowed to make such changes, or other authorization being used does not have this permission.Create the pull request manually
Add this agentic workflows to your repo
To install this agentic workflow, run