cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: avoid potential race conditions (#220)

Browse source 
* fix potential race condition during signer update

* avoid potential race conditions with lazy-initializers in OpenIDProvider

* avoid potential race lazy initializers in RelyingParty

* review feedback -- additional potential races

* add pre-calls to NewRelyingPartyOIDC too
This commit is contained in:
David Sharnoff 2022-10-03 22:23:59 -07:00 committed by GitHub
parent 749c30491b
commit c4b7ef9160
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
3 changed files with 20 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

8
pkg/client/rp/relying_party.go
View file

@ -154,6 +154,10 @@ func NewRelyingPartyOAuth(config *oauth2.Config, options ...Option) (RelyingPart
}
}
// avoid races by calling these early
_ = rp.IDTokenVerifier() // sets idTokenVerifier
_ = rp.ErrorHandler() // sets errorHandler
return rp, nil
}
@ -186,6 +190,10 @@ func NewRelyingPartyOIDC(issuer, clientID, clientSecret, redirectURI string, sco
rp.oauthConfig.Endpoint = endpoints.Endpoint
rp.endpoints = endpoints
// avoid races by calling these early
_ = rp.IDTokenVerifier() // sets idTokenVerifier
_ = rp.ErrorHandler() // sets errorHandler
return rp, nil
}