cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

feat: Token Exchange (RFC 8693) (#255)

Browse source 
This change implements OAuth2 Token Exchange in OP according to RFC 8693 (and client code)

Some implementation details:

- OP parses and verifies subject/actor tokens natively if they were issued by OP
- Third-party tokens verification is also possible by implementing additional storage interface
- Token exchange can issue only OP's native tokens (id_token, access_token and refresh_token) with static issuer
This commit is contained in:
Emil Bektimirov 2023-02-19 14:57:46 +01:00 committed by GitHub
parent 9291ca9908
commit 8e298791d7
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
16 changed files with 961 additions and 59 deletions
Download patch file Download diff file Expand all files Collapse all files

3
pkg/op/op.go
View file

@ -267,7 +267,8 @@ func (o *Provider) GrantTypeRefreshTokenSupported() bool {
}
func (o *Provider) GrantTypeTokenExchangeSupported() bool {
return false
_, ok := o.storage.(TokenExchangeStorage)
return ok
}
func (o *Provider) GrantTypeJWTAuthorizationSupported() bool {