From 653209a23ceb64bb46ddd4572fa9af3cf03620a4 Mon Sep 17 00:00:00 2001
From: Livio Amstutz <livio.a@gmail.com>
Date: Thu, 21 Jul 2022 09:34:14 +0200
Subject: [PATCH 1/2] feat: add all optional claims of the introspection
 response

---
 pkg/oidc/introspection.go | 86 +++++++++++++++++++++++++++++++--------
 1 file changed, 70 insertions(+), 16 deletions(-)

diff --git a/pkg/oidc/introspection.go b/pkg/oidc/introspection.go
index 6ac2986..33ba2cb 100644
--- a/pkg/oidc/introspection.go
+++ b/pkg/oidc/introspection.go
@@ -19,10 +19,17 @@ type ClientAssertionParams struct {
 
 type IntrospectionResponse interface {
 	UserInfoSetter
-	SetActive(bool)
 	IsActive() bool
+	SetActive(bool)
 	SetScopes(scopes []string)
 	SetClientID(id string)
+	SetTokenType(tokenType string)
+	SetExpiration(exp time.Time)
+	SetIssuedAt(iat time.Time)
+	SetNotBefore(nbf time.Time)
+	SetAudience(audience []string)
+	SetIssuer(issuer string)
+	SetJWTID(id string)
 }
 
 func NewIntrospectionResponse() IntrospectionResponse {
@@ -30,10 +37,17 @@ func NewIntrospectionResponse() IntrospectionResponse {
 }
 
 type introspectionResponse struct {
-	Active   bool                `json:"active"`
-	Scope    SpaceDelimitedArray `json:"scope,omitempty"`
-	ClientID string              `json:"client_id,omitempty"`
-	Subject  string              `json:"sub,omitempty"`
+	Active     bool                `json:"active"`
+	Scope      SpaceDelimitedArray `json:"scope,omitempty"`
+	ClientID   string              `json:"client_id,omitempty"`
+	TokenType  string              `json:"token_type,omitempty"`
+	Expiration Time                `json:"exp,omitempty"`
+	IssuedAt   Time                `json:"iat,omitempty"`
+	NotBefore  Time                `json:"nbf,omitempty"`
+	Subject    string              `json:"sub,omitempty"`
+	Audience   Audience            `json:"aud,omitempty"`
+	Issuer     string              `json:"iss,omitempty"`
+	JWTID      string              `json:"jti,omitempty"`
 	userInfoProfile
 	userInfoEmail
 	userInfoPhone
@@ -46,14 +60,6 @@ func (i *introspectionResponse) IsActive() bool {
 	return i.Active
 }
 
-func (i *introspectionResponse) SetScopes(scope []string) {
-	i.Scope = scope
-}
-
-func (i *introspectionResponse) SetClientID(id string) {
-	i.ClientID = id
-}
-
 func (i *introspectionResponse) GetSubject() string {
 	return i.Subject
 }
@@ -138,6 +144,42 @@ func (i *introspectionResponse) SetActive(active bool) {
 	i.Active = active
 }
 
+func (i *introspectionResponse) SetScopes(scope []string) {
+	i.Scope = scope
+}
+
+func (i *introspectionResponse) SetClientID(id string) {
+	i.ClientID = id
+}
+
+func (i *introspectionResponse) SetTokenType(tokenType string) {
+	i.TokenType = tokenType
+}
+
+func (i *introspectionResponse) SetExpiration(exp time.Time) {
+	i.Expiration = Time(exp)
+}
+
+func (i *introspectionResponse) SetIssuedAt(iat time.Time) {
+	i.IssuedAt = Time(iat)
+}
+
+func (i *introspectionResponse) SetNotBefore(nbf time.Time) {
+	i.NotBefore = Time(nbf)
+}
+
+func (i *introspectionResponse) SetAudience(audience []string) {
+	i.Audience = audience
+}
+
+func (i *introspectionResponse) SetIssuer(issuer string) {
+	i.Issuer = issuer
+}
+
+func (i *introspectionResponse) SetJWTID(id string) {
+	i.JWTID = id
+}
+
 func (i *introspectionResponse) SetSubject(sub string) {
 	i.Subject = sub
 }
@@ -223,9 +265,12 @@ func (i *introspectionResponse) MarshalJSON() ([]byte, error) {
 	type Alias introspectionResponse
 	a := &struct {
 		*Alias
-		Locale    interface{} `json:"locale,omitempty"`
-		UpdatedAt int64       `json:"updated_at,omitempty"`
-		Username  string      `json:"username,omitempty"`
+		Expiration int64       `json:"exp,omitempty"`
+		IssuedAt   int64       `json:"iat,omitempty"`
+		NotBefore  int64       `json:"nbf,omitempty"`
+		Locale     interface{} `json:"locale,omitempty"`
+		UpdatedAt  int64       `json:"updated_at,omitempty"`
+		Username   string      `json:"username,omitempty"`
 	}{
 		Alias: (*Alias)(i),
 	}
@@ -235,6 +280,15 @@ func (i *introspectionResponse) MarshalJSON() ([]byte, error) {
 	if !time.Time(i.UpdatedAt).IsZero() {
 		a.UpdatedAt = time.Time(i.UpdatedAt).Unix()
 	}
+	if !time.Time(i.Expiration).IsZero() {
+		a.Expiration = time.Time(i.Expiration).Unix()
+	}
+	if !time.Time(i.IssuedAt).IsZero() {
+		a.IssuedAt = time.Time(i.IssuedAt).Unix()
+	}
+	if !time.Time(i.NotBefore).IsZero() {
+		a.NotBefore = time.Time(i.NotBefore).Unix()
+	}
 	a.Username = i.PreferredUsername
 
 	b, err := json.Marshal(a)

From 531caae613117eca7103bd30292567ffcc353bbf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Jul 2022 20:00:56 +0200
Subject: [PATCH 2/2] chore(deps): bump github.com/zitadel/logging from 0.3.3
 to 0.3.4 (#200)

Bumps [github.com/zitadel/logging](https://github.com/zitadel/logging) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/zitadel/logging/releases)
- [Changelog](https://github.com/zitadel/logging/blob/main/.releaserc.js)
- [Commits](https://github.com/zitadel/logging/compare/v0.3.3...v0.3.4)

---
updated-dependencies:
- dependency-name: github.com/zitadel/logging
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 go.mod | 2 +-
 go.sum | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/go.mod b/go.mod
index 0ed79a6..6b0db2b 100644
--- a/go.mod
+++ b/go.mod
@@ -14,7 +14,7 @@ require (
 	github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e // indirect
 	github.com/sirupsen/logrus v1.9.0
 	github.com/stretchr/testify v1.8.0
-	github.com/zitadel/logging v0.3.3
+	github.com/zitadel/logging v0.3.4
 	golang.org/x/oauth2 v0.0.0-20200902213428-5d25da1a8d43
 	golang.org/x/text v0.3.7
 	gopkg.in/check.v1 v1.0.0-20200902074654-038fdea0a05b // indirect
diff --git a/go.sum b/go.sum
index 87b2fc1..57260a4 100644
--- a/go.sum
+++ b/go.sum
@@ -146,8 +146,8 @@ github.com/yuin/goldmark v1.1.25/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9de
 github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.1.32/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74=
 github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k=
-github.com/zitadel/logging v0.3.3 h1:/nAoki9HFJK+qMLBVY5Jhbfp/6o3YLK49Tw5j2oRhjM=
-github.com/zitadel/logging v0.3.3/go.mod h1:aPpLQhE+v6ocNK0TWrBrd363hZ95KcI17Q1ixAQwZF0=
+github.com/zitadel/logging v0.3.4 h1:9hZsTjMMTE3X2LUi0xcF9Q9EdLo+FAezeu52ireBbHM=
+github.com/zitadel/logging v0.3.4/go.mod h1:aPpLQhE+v6ocNK0TWrBrd363hZ95KcI17Q1ixAQwZF0=
 go.opencensus.io v0.21.0/go.mod h1:mSImk1erAIZhrmZN+AvHh14ztQfjbGwt4TtuofqLduU=
 go.opencensus.io v0.22.0/go.mod h1:+kGneAE2xo2IficOXnaByMWTGM9T73dGwxeWcUqIpI8=
 go.opencensus.io v0.22.2/go.mod h1:yxeiOL68Rb0Xd1ddK5vPZ/oVn4vY4Ynel7k9FzqtOIw=