From bc52efc0a4f48313e5aaaa93a2eb12c33fc9dd12 Mon Sep 17 00:00:00 2001
From: Francesco Ilario <filario@redhat.com>
Date: Mon, 14 Oct 2024 15:46:42 +0200
Subject: [PATCH] workspaces: ensure validation of JWT's sub and exp (#4694)

Signed-off-by: Francesco Ilario <filario@redhat.com>
---
 .../base/server/config/server/proxy-config/dynamic/config.yaml | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/components/workspaces/base/server/config/server/proxy-config/dynamic/config.yaml b/components/workspaces/base/server/config/server/proxy-config/dynamic/config.yaml
index fab2b210388..043ec1cdc82 100644
--- a/components/workspaces/base/server/config/server/proxy-config/dynamic/config.yaml
+++ b/components/workspaces/base/server/config/server/proxy-config/dynamic/config.yaml
@@ -25,6 +25,9 @@ http:
     jwt-authorizer:
       plugin:
         jwt:
+          payloadFields:
+          - sub
+          - exp
           required: true
           keys: []
           jwtHeaders: