Samin061 commented on PR #69948: URL: https://github.com/apache/airflow/pull/69948#issuecomment-4989317346
Closing this — my analysis was wrong and the change does not fix anything reachable. The id_token here comes from `authorize_access_token()`, a server-side exchange against the configured tenant's token endpoint authenticated with the client secret, so it is always minted by the configured tenant for the configured `client_id`. There is no path for an attacker to submit a foreign id_token into `_decode_and_validate_azure_jwt`, which means `aud` already matches in every real flow and pinning it is a no-op. In the one setup where a foreign-tenant token does legitimately arrive, a deployment configured against `/common/`, the audience is the deployment's own `client_id` anyway, so this check would pass it regardless; the relevant control there would be an issuer/tenant allowlist, which is a different change. Sorry for the noise. --- Drafted-by: Claude Code (Opus 4.8) (no human review before posting) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
