Wrong identity provider

[laurentsimon]

Description

I signed (using the API) with a Google account, and the OIDC token issuer shows https://oauth2.sigstore.dev/auth. I expected the value to be https://accounts.google.com.

Verification works when passing my email as identity and https://accounts.google.com as the identity provider.

Version

At main

[woodruffw]

I signed (using the API) with a Google account, and the OIDC token issuer shows https://oauth2.sigstore.dev/auth. I expected the value to be https://accounts.google.com.

Could you share the API calls you made? If you used Issuer.identity_token() and went through the interactive flow, that took you through Sigstore's Dex instance rather than directly through the Google OIDC IdP.

Edit: to be more precise: if you want to use the Google OIDC IdP directly, I believe you'll need to construct Issuer(base_url) where base_url is the OIDC base URL for Google (I think this might be https://accounts.google.com/, but I'm not sure). By default sigstore-python will always go through a Dex instance, to give people to opportunity to pick one of several supported IdPs.

[laurentsimon]

Gotcha. The main problem is that the CLI / API (for model signing) is generic and I don't know ahead of time which IdP users will be using. I think what I'm after is some UX improvement. Thinking more about that, I should be able to extract the IdP from the cert after signing occurred. That would resolve the problem. Feel free to close this issue and I'll fix it in our codebase. Thanks

[woodruffw]

Ah yeah, I think a variant of this has cropped up before (#567?) -- if you need to stop the user from signing using an OIDC issuer other than the one you expect but you can't stop them from performing the OIDC flow itself, you should be able to introspect on IdentityToken.expected_certificate_subject. Does that help address the case?

(cc @jku since he also hit this, IIRC)

[susperius]

I ran into the same issue. Is there something that contains the real issuer? (i.e. Google)

I'm using the issuer.identity_token call to retrieve the token with the issuer being the production instance.

[woodruffw]

I ran into the same issue. Is there something that contains the real issuer? (i.e. Google)

It's mentioned directly above: IdentityToken.expected_certificate_subject.

For example:

>>> from sigstore import oidc
>>> issuer = oidc.Issuer.production()
>>> token = issuer.identity_token()
Waiting for browser interaction...
>>> token
<sigstore.oidc.IdentityToken object at 0x102673230>
>>> token.expected_certificate_subject
'https://accounts.google.com'
>>> token.issuer
'https://oauth2.sigstore.dev/auth'

[woodruffw]

(I don't remember why it's called the "expected certificate subject" rather than "federated issuer" or similar. It might make sense to rename it.)

[woodruffw]

I believe this is fully addressed by pre-existing APIs on IdentityToken, so closing 🙂

[woodruffw]

I've opened #1016 to rename this API. That change will be included in the 3.x series.