cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: remove comments

Browse source
This commit is contained in:
Fabiennne 2020-11-02 10:25:57 +01:00
parent e0a44cacd0
commit 9c58deded3
3 changed files with 1 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

2
pkg/op/client.go
View file

@ -34,8 +34,6 @@ type Client interface {
AccessTokenType() AccessTokenType AccessTokenType() AccessTokenType
IDTokenLifetime() time.Duration IDTokenLifetime() time.Duration
DevMode() bool DevMode() bool
//AssertAdditionalIdTokenScopes() bool
//AssertAdditionalAccessTokenScopes() bool
RestrictAdditionalIdTokenScopes() func(scopes []string) []string RestrictAdditionalIdTokenScopes() func(scopes []string) []string
RestrictAdditionalAccessTokenScopes() func(scopes []string) []string RestrictAdditionalAccessTokenScopes() func(scopes []string) []string
IsScopeAllowed(scope string) bool IsScopeAllowed(scope string) bool

7
pkg/op/mock/storage.mock.impl.go
View file

@ -171,13 +171,6 @@ func (c *ConfClient) DevMode() bool {
func (c *ConfClient) AllowedScopes() []string { func (c *ConfClient) AllowedScopes() []string {
return nil return nil
} }
//func (c *ConfClient) AssertAdditionalIdTokenScopes() bool {
// return false
//}
//func (c *ConfClient) AssertAdditionalAccessTokenScopes() bool {
// return false
//}
func (c *ConfClient) RestrictAdditionalIdTokenScopes() func(scopes []string) []string { func (c *ConfClient) RestrictAdditionalIdTokenScopes() func(scopes []string) []string {
return func(scopes []string) []string { return func(scopes []string) []string {
return scopes return scopes

4
pkg/op/token.go
View file

@ -98,8 +98,7 @@ func CreateJWT(ctx context.Context, issuer string, tokenRequest TokenRequest, ex
func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, restictAdditionalScopesFunc func([]string) []string) (string, error) { func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, restictAdditionalScopesFunc func([]string) []string) (string, error) {
exp := time.Now().UTC().Add(validity) exp := time.Now().UTC().Add(validity)
claims := oidc.NewIDTokenClaims(issuer, authReq.GetSubject(), authReq.GetAudience(), exp, authReq.GetAuthTime(), authReq.GetNonce(), authReq.GetACR(), authReq.GetAMR(), authReq.GetClientID()) claims := oidc.NewIDTokenClaims(issuer, authReq.GetSubject(), authReq.GetAudience(), exp, authReq.GetAuthTime(), authReq.GetNonce(), authReq.GetACR(), authReq.GetAMR(), authReq.GetClientID())
scopes := authReq.GetScopes() scopes := restictAdditionalScopesFunc(authReq.GetScopes())
if accessToken != "" { if accessToken != "" {
atHash, err := oidc.ClaimHash(accessToken, signer.SignatureAlgorithm()) atHash, err := oidc.ClaimHash(accessToken, signer.SignatureAlgorithm())
if err != nil { if err != nil {
@ -108,7 +107,6 @@ func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, vali
claims.SetAccessTokenHash(atHash) claims.SetAccessTokenHash(atHash)
scopes = removeUserinfoScopes(scopes) scopes = removeUserinfoScopes(scopes)
} }
scopes = restictAdditionalScopesFunc(scopes)
if len(scopes) > 0 { if len(scopes) > 0 {
userInfo, err := storage.GetUserinfoFromScopes(ctx, authReq.GetSubject(), authReq.GetClientID(), scopes) userInfo, err := storage.GetUserinfoFromScopes(ctx, authReq.GetSubject(), authReq.GetClientID(), scopes)
if err != nil { if err != nil {