fix: remove comments
This commit is contained in:
Fabiennne
parent
f48d6f8361
commit
e0a44cacd0
2 changed files with 0 additions and 31 deletions
|
|
@ -284,14 +284,6 @@ func (c *ConfClient) AllowedScopes() []string {
|
||||||
return nil
|
return nil
|
||||||
}
|
}
|
||||||
|
|
||||||
//
|
|
||||||
//func (c *ConfClient) AssertAdditionalIdTokenScopes() bool {
|
|
||||||
// return false
|
|
||||||
//}
|
|
||||||
//func (c *ConfClient) AssertAdditionalAccessTokenScopes() bool {
|
|
||||||
// return false
|
|
||||||
//}
|
|
||||||
|
|
||||||
func (c *ConfClient) RestrictAdditionalIdTokenScopes() func(scopes []string) []string {
|
func (c *ConfClient) RestrictAdditionalIdTokenScopes() func(scopes []string) []string {
|
||||||
return func(scopes []string) []string {
|
return func(scopes []string) []string {
|
||||||
return scopes
|
return scopes
|
||||||
|
|
|
||||||
|
|
@ -31,7 +31,6 @@ func CreateTokenResponse(ctx context.Context, authReq AuthRequest, client Client
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
//idToken, err := CreateIDToken(ctx, creator.Issuer(), authReq, client.IDTokenLifetime(), accessToken, code, creator.Storage(), creator.Signer(), client.AssertAdditionalIdTokenScopes())
|
|
||||||
idToken, err := CreateIDToken(ctx, creator.Issuer(), authReq, client.IDTokenLifetime(), accessToken, code, creator.Storage(), creator.Signer(), client.RestrictAdditionalIdTokenScopes())
|
idToken, err := CreateIDToken(ctx, creator.Issuer(), authReq, client.IDTokenLifetime(), accessToken, code, creator.Storage(), creator.Signer(), client.RestrictAdditionalIdTokenScopes())
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
|
|
@ -88,8 +87,6 @@ func CreateJWT(ctx context.Context, issuer string, tokenRequest TokenRequest, ex
|
||||||
if client != nil {
|
if client != nil {
|
||||||
restrictedScopes := client.RestrictAdditionalAccessTokenScopes()(tokenRequest.GetScopes())
|
restrictedScopes := client.RestrictAdditionalAccessTokenScopes()(tokenRequest.GetScopes())
|
||||||
privateClaims, err := storage.GetPrivateClaimsFromScopes(ctx, tokenRequest.GetSubject(), client.GetID(), removeUserinfoScopes(restrictedScopes))
|
privateClaims, err := storage.GetPrivateClaimsFromScopes(ctx, tokenRequest.GetSubject(), client.GetID(), removeUserinfoScopes(restrictedScopes))
|
||||||
//if client != nil && client.AssertAdditionalAccessTokenScopes() {
|
|
||||||
// privateClaims, err := storage.GetPrivateClaimsFromScopes(ctx, tokenRequest.GetSubject(), client.GetID(), removeUserinfoScopes(tokenRequest.GetScopes()))
|
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return "", err
|
return "", err
|
||||||
}
|
}
|
||||||
|
|
@ -98,7 +95,6 @@ func CreateJWT(ctx context.Context, issuer string, tokenRequest TokenRequest, ex
|
||||||
return utils.Sign(claims, signer.Signer())
|
return utils.Sign(claims, signer.Signer())
|
||||||
}
|
}
|
||||||
|
|
||||||
//func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, additonalScopes bool) (string, error) {
|
|
||||||
func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, restictAdditionalScopesFunc func([]string) []string) (string, error) {
|
func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, restictAdditionalScopesFunc func([]string) []string) (string, error) {
|
||||||
exp := time.Now().UTC().Add(validity)
|
exp := time.Now().UTC().Add(validity)
|
||||||
claims := oidc.NewIDTokenClaims(issuer, authReq.GetSubject(), authReq.GetAudience(), exp, authReq.GetAuthTime(), authReq.GetNonce(), authReq.GetACR(), authReq.GetAMR(), authReq.GetClientID())
|
claims := oidc.NewIDTokenClaims(issuer, authReq.GetSubject(), authReq.GetAudience(), exp, authReq.GetAuthTime(), authReq.GetNonce(), authReq.GetACR(), authReq.GetAMR(), authReq.GetClientID())
|
||||||
|
|
@ -113,9 +109,6 @@ func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, vali
|
||||||
scopes = removeUserinfoScopes(scopes)
|
scopes = removeUserinfoScopes(scopes)
|
||||||
}
|
}
|
||||||
scopes = restictAdditionalScopesFunc(scopes)
|
scopes = restictAdditionalScopesFunc(scopes)
|
||||||
//if !additonalScopes {
|
|
||||||
// scopes = removeAdditionalScopes(scopes)
|
|
||||||
//}
|
|
||||||
if len(scopes) > 0 {
|
if len(scopes) > 0 {
|
||||||
userInfo, err := storage.GetUserinfoFromScopes(ctx, authReq.GetSubject(), authReq.GetClientID(), scopes)
|
userInfo, err := storage.GetUserinfoFromScopes(ctx, authReq.GetSubject(), authReq.GetClientID(), scopes)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
|
@ -148,19 +141,3 @@ func removeUserinfoScopes(scopes []string) []string {
|
||||||
}
|
}
|
||||||
return scopes
|
return scopes
|
||||||
}
|
}
|
||||||
|
|
||||||
func removeAdditionalScopes(scopes []string) []string {
|
|
||||||
for i := len(scopes) - 1; i >= 0; i-- {
|
|
||||||
if !(scopes[i] == oidc.ScopeOpenID ||
|
|
||||||
scopes[i] == oidc.ScopeProfile ||
|
|
||||||
scopes[i] == oidc.ScopeEmail ||
|
|
||||||
scopes[i] == oidc.ScopeAddress ||
|
|
||||||
scopes[i] == oidc.ScopePhone) {
|
|
||||||
|
|
||||||
scopes[i] = scopes[len(scopes)-1]
|
|
||||||
scopes[len(scopes)-1] = ""
|
|
||||||
scopes = scopes[:len(scopes)-1]
|
|
||||||
}
|
|
||||||
}
|
|
||||||
return scopes
|
|
||||||
}
|
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue