The GitHub Actions job "npm_and_yarn in /airflow-core/src/airflow/ui for @chakra-ui/react, @codemirror/lang-json, @tanstack/react-query, @tanstack/react-virtual, @uiw/codemirror-themes-all, @uiw/react-codemirror, @xyflow/react, anser, axios, chakra-react-select, chart.js, dayjs, elkjs, i18next, i18next-browser-languagedetector, node-sql-parser, react, @types/react, react-chartjs-2, react-dom, @types/react-dom, react-hook-form, react-hotkeys-hook, react-i18next, react-markdown, react-resizable, react-resizable-panels, react-rout..." on airflow.git/v3-1-test has succeeded. Run started by GitHub user dependabot[bot] (triggered by dependabot[bot]).
Head commit for run: d12f014756f3145f5cb48765cd2bd505b98e4081 / github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> [v3-1-test] fix: always include kid in JWT header for symmetric key tokens (#62883) (#62943) When using symmetric (secret_key) signing, the JWTGenerator did not include the 'kid' field in the JWT header. However, JWTValidator always requires 'kid' in the token header, causing all symmetric-key tokens to be rejected with 'Missing kid in token header'. This affected the KeycloakAuthManager (and any auth manager using symmetric JWT signing), creating an infinite redirect loop after successful login. Two changes: 1. Always add 'kid' to the JWT header regardless of key type 2. Check configured jwt_kid before falling back to 'not-used' for symmetric keys, so operators can set a meaningful kid (cherry picked from commit 6b21ec09588c0f627253607de1889b8b79ae20da) Closes: #62876 Co-authored-by: Yoann <[email protected]> Report URL: https://github.com/apache/airflow/actions/runs/22727762993 With regards, GitHub Actions via GitBox --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
