Samin061 commented on PR #69948:
URL: https://github.com/apache/airflow/pull/69948#issuecomment-4989317346

   Closing this — my analysis was wrong and the change does not fix anything 
reachable.
   
   The id_token here comes from `authorize_access_token()`, a server-side 
exchange against the configured tenant's token endpoint authenticated with the 
client secret, so it is always minted by the configured tenant for the 
configured `client_id`. There is no path for an attacker to submit a foreign 
id_token into `_decode_and_validate_azure_jwt`, which means `aud` already 
matches in every real flow and pinning it is a no-op. In the one setup where a 
foreign-tenant token does legitimately arrive, a deployment configured against 
`/common/`, the audience is the deployment's own `client_id` anyway, so this 
check would pass it regardless; the relevant control there would be an 
issuer/tenant allowlist, which is a different change. Sorry for the noise.
   
   ---
   Drafted-by: Claude Code (Opus 4.8) (no human review before posting)


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: [email protected]

For queries about this service, please contact Infrastructure at:
[email protected]

Reply via email to