ATO-2575: remove new v2 key feature flags#8371
Open
Louisasa wants to merge 3 commits into
Open
Conversation
Louisasa
commented
May 21, 2026
| if (JWSAlgorithm.RS256 == jwt.getHeader().getAlgorithm() | ||
| && configuration.isRsaSigningAvailable()) { | ||
| if (configuration.isPublishNextExternalTokenSigningKeysEnabledV2()) { | ||
| var oldPublicKey = jwksService.getPublicTokenRsaJwkWithOpaqueId(); |
Contributor
Author
There was a problem hiding this comment.
I made this change because I suddenly panicked about removing the old keys from the JWKs endpoint would break fetching them, but this actually gets it straight from KMS so wouldn't break, but it isn't needed anymore. Happy to remove from this PR tho as it isn't entirely related
Contributor
There was a problem hiding this comment.
Yeah, I lean toward thinking that's better done as BAU or with a fresh ticket.
Contributor
Author
There was a problem hiding this comment.
I'm kind of tempted to leave it in though so it doesn't get missed. It's not entirely unrelated but I can update the commit to at least be BAU?
Louisasa
force-pushed
the
ATO-2575-remove-feature-flag
branch
4 times, most recently
from
7a0f5c8 to
a502231
Compare
…enabled in all environments
…ewExternalTokenSigningKeysV2 feature flags as they are enabled in all environments
Louisasa
force-pushed
the
ATO-2575-remove-feature-flag
branch
from
a502231 to
2e62470
Compare
|
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Wider context of change
As part of the key rotation, the new V2 keys have been successfully rotated and no longer need to be behind a feature flag.
What’s changed
Remove UseV2Key, PublishV2Key, and ProvisionV2Key feature flags, as well as tidy up fetching the old public key for non-reauth journeys.
Manual testing
Tested in dev
Checklist
LocalOrchestrationApi.java) or not required. N/A