The GitHub Actions job "Tests" on airflow.git/backport-6b21ec0-v3-1-test has failed. Run started by GitHub user vincbeck (triggered by vincbeck).
Head commit for run: 2d4674c562380024b84d7920133b0e6b947146b9 / Yoann <[email protected]> [v3-1-test] fix: always include kid in JWT header for symmetric key tokens (#62883) When using symmetric (secret_key) signing, the JWTGenerator did not include the 'kid' field in the JWT header. However, JWTValidator always requires 'kid' in the token header, causing all symmetric-key tokens to be rejected with 'Missing kid in token header'. This affected the KeycloakAuthManager (and any auth manager using symmetric JWT signing), creating an infinite redirect loop after successful login. Two changes: 1. Always add 'kid' to the JWT header regardless of key type 2. Check configured jwt_kid before falling back to 'not-used' for symmetric keys, so operators can set a meaningful kid (cherry picked from commit 6b21ec09588c0f627253607de1889b8b79ae20da) Co-authored-by: Yoann <[email protected]> Closes: #62876 Report URL: https://github.com/apache/airflow/actions/runs/22724284836 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
