cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

fix: remove comments

Browse source
This commit is contained in:
Fabiennne 2020-11-02 10:23:19 +01:00
parent f48d6f8361
commit e0a44cacd0
2 changed files with 0 additions and 31 deletions
Download patch file Download diff file Expand all files Collapse all files

8
example/internal/mock/storage.go
View file

@ -284,14 +284,6 @@ func (c *ConfClient) AllowedScopes() []string {
return nil
}
//
//func (c *ConfClient) AssertAdditionalIdTokenScopes() bool {
// return false
//}
//func (c *ConfClient) AssertAdditionalAccessTokenScopes() bool {
// return false
//}
func (c *ConfClient) RestrictAdditionalIdTokenScopes() func(scopes []string) []string {
return func(scopes []string) []string {
return scopes

23
pkg/op/token.go
View file

@ -31,7 +31,6 @@ func CreateTokenResponse(ctx context.Context, authReq AuthRequest, client Client
return nil, err
}
}
//idToken, err := CreateIDToken(ctx, creator.Issuer(), authReq, client.IDTokenLifetime(), accessToken, code, creator.Storage(), creator.Signer(), client.AssertAdditionalIdTokenScopes())
idToken, err := CreateIDToken(ctx, creator.Issuer(), authReq, client.IDTokenLifetime(), accessToken, code, creator.Storage(), creator.Signer(), client.RestrictAdditionalIdTokenScopes())
if err != nil {
return nil, err
@ -88,8 +87,6 @@ func CreateJWT(ctx context.Context, issuer string, tokenRequest TokenRequest, ex
if client != nil {
restrictedScopes := client.RestrictAdditionalAccessTokenScopes()(tokenRequest.GetScopes())
privateClaims, err := storage.GetPrivateClaimsFromScopes(ctx, tokenRequest.GetSubject(), client.GetID(), removeUserinfoScopes(restrictedScopes))
//if client != nil && client.AssertAdditionalAccessTokenScopes() {
// privateClaims, err := storage.GetPrivateClaimsFromScopes(ctx, tokenRequest.GetSubject(), client.GetID(), removeUserinfoScopes(tokenRequest.GetScopes()))
if err != nil {
return "", err
}
@ -98,7 +95,6 @@ func CreateJWT(ctx context.Context, issuer string, tokenRequest TokenRequest, ex
return utils.Sign(claims, signer.Signer())
}
//func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, additonalScopes bool) (string, error) {
func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, validity time.Duration, accessToken, code string, storage Storage, signer Signer, restictAdditionalScopesFunc func([]string) []string) (string, error) {
exp := time.Now().UTC().Add(validity)
claims := oidc.NewIDTokenClaims(issuer, authReq.GetSubject(), authReq.GetAudience(), exp, authReq.GetAuthTime(), authReq.GetNonce(), authReq.GetACR(), authReq.GetAMR(), authReq.GetClientID())
@ -113,9 +109,6 @@ func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, vali
scopes = removeUserinfoScopes(scopes)
}
scopes = restictAdditionalScopesFunc(scopes)
//if !additonalScopes {
// scopes = removeAdditionalScopes(scopes)
//}
if len(scopes) > 0 {
userInfo, err := storage.GetUserinfoFromScopes(ctx, authReq.GetSubject(), authReq.GetClientID(), scopes)
if err != nil {
@ -148,19 +141,3 @@ func removeUserinfoScopes(scopes []string) []string {
}
return scopes
}
func removeAdditionalScopes(scopes []string) []string {
for i := len(scopes) - 1; i >= 0; i-- {
if !(scopes[i] == oidc.ScopeOpenID ||
scopes[i] == oidc.ScopeProfile ||
scopes[i] == oidc.ScopeEmail ||
scopes[i] == oidc.ScopeAddress ||
scopes[i] == oidc.ScopePhone) {
scopes[i] = scopes[len(scopes)-1]
scopes[len(scopes)-1] = ""
scopes = scopes[:len(scopes)-1]
}
}
return scopes
}