cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
706 commits 8 branches 227 tags 3.4 MiB
Commit graph

706 commits

This branch
This branch
All branches
Author SHA1 Message Date
dependabot[bot]
9ecdd0cf9a
chore(deps): bump golang.org/x/oauth2 from 0.20.0 to 0.21.0 (#611) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.20.0 to 0.21.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.20.0...v0.21.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-07 08:16:06 +00:00
dependabot[bot]
7a8f8ade4d
chore(deps): bump golang.org/x/text from 0.15.0 to 0.16.0 (#612) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.15.0 to 0.16.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-06-07 10:14:04 +02:00
dependabot[bot]
7037344cf4
--- (#610) 
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-27 10:23:36 +02:00
dependabot[bot]
7714a3b113
--- (#609) 
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-21 12:56:32 +02:00
minami yoshihiko
8a47532a8e
feat: add default signature algorithms (#606) 2024-05-17 10:17:54 +00:00
dependabot[bot]
7437309a42
chore(deps): bump github.com/go-jose/go-jose/v4 from 4.0.1 to 4.0.2 (#608) 
Bumps [github.com/go-jose/go-jose/v4](https://github.com/go-jose/go-jose) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v4.0.1...v4.0.2)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-17 10:56:21 +02:00
dependabot[bot]
6d1231cb37
chore(deps): bump codecov/codecov-action from 4.3.0 to 4.3.1 (#604) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.3.0 to 4.3.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.3.0...v4.3.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-07 07:58:56 +02:00
dependabot[bot]
20d0f189a8
chore(deps): bump golang.org/x/oauth2 from 0.19.0 to 0.20.0 (#601) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.19.0 to 0.20.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.19.0...v0.20.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-05-06 06:44:21 +00:00
dependabot[bot]
30184ae054
chore(deps): bump golang.org/x/text from 0.14.0 to 0.15.0 (#600) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.14.0...v0.15.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2024-05-06 06:41:53 +00:00
Yuval Marcus
5a84d8c4bc
fix: Omit non-standard, empty fields in RefreshTokenRequest when performing a token refresh (#599) 
* Add omitempty tags

* Add omitempty to more fields
 2024-05-06 08:13:52 +02:00
Yuval Marcus
24d43f538e
fix: Handle case where verifier Nonce func is nil (#594) 
* Skip nonce check if verifier nonce func is nil

* add unit test
 2024-05-02 09:46:12 +02:00
Tim Möhlmann
37ca0e472a
feat(op): authorize callback handler as argument in legacy server registration (#598) 
This change requires an additional argument to the op.RegisterLegacyServer constructor which passes the Authorize Callback Handler.
This allows implementations to use their own handler instead of the one provided by the package.
The current handler is exported for legacy behavior.

This change is not considered breaking, as RegisterLegacyServer is flagged experimental.

Related to https://github.com/zitadel/zitadel/issues/6882
 2024-04-30 20:27:12 +03:00
dependabot[bot]
099081fc1e
chore(deps): bump github.com/rs/cors from 1.10.1 to 1.11.0 (#596) 
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.10.1 to 1.11.0.
- [Commits](https://github.com/rs/cors/compare/v1.10.1...v1.11.0)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-26 08:17:21 +00:00
dependabot[bot]
3e329dd049
chore(deps): bump go.opentelemetry.io/otel from 1.25.0 to 1.26.0 (#595) 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.25.0 to 1.26.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.25.0...v1.26.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-26 10:15:22 +02:00
Kotaro Otaka
3512c72f1c
fix: to propagate context (#593) 
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2024-04-22 11:40:21 +00:00
dependabot[bot]
79daaf1a7a
chore(deps): bump golang.org/x/net from 0.22.0 to 0.23.0 (#592) 
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.22.0 to 0.23.0.
- [Commits](https://github.com/golang/net/compare/v0.22.0...v0.23.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-19 20:27:12 +03:00
Kotaro Otaka
68d4e08f6d
feat: Added the ability to verify ID tokens using the value of id_token_signing_alg_values_supported retrieved from DiscoveryEndpoint (#579) 
* feat(rp): to use signing algorithms from discovery configuration (#574)

* feat: WithSigningAlgsFromDiscovery to verify IDTokenVerifier() behavior in RP with
 2024-04-16 08:41:31 +00:00
Ethan Heilman
959376bde7
Fixes typos in GoDoc and comments (#591) 2024-04-16 08:18:32 +00:00
dependabot[bot]
a77d773ca3
chore(deps): bump codecov/codecov-action from 4.2.0 to 4.3.0 (#590) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.2.0 to 4.3.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.2.0...v4.3.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-16 08:16:57 +00:00
dependabot[bot]
3fa4891f3e
chore(deps): bump actions/add-to-project from 1.0.0 to 1.0.1 (#589) 
Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 1.0.0 to 1.0.1.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/v1.0.0...v1.0.1)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-16 11:15:39 +03:00
Tim Möhlmann
33f8df7eb2
feat(deps): update go-jose to v4 (#588) 
This change updates to go-jose v4, which was a new major release.

jose.ParseSigned now expects the supported signing algorithms to be passed, on which we previously did our own check. As they use a dedicated type for this, the slice of string needs to be converted. The returned error also need to be handled in a non-standard way in order to stay compatible.

For OIDC v4 we should use the jose.SignatureAlgorithm  type directly and wrap errors, instead of returned static defined errors.

Closes #583
 2024-04-11 18:13:30 +03:00
Jan-Otto Kröpke
06f37f84c1
fix: Fail safe, if optional endpoints are not given (#582) 2024-04-09 13:02:31 +00:00
dependabot[bot]
8a21d38136
chore(deps): bump codecov/codecov-action from 4.1.1 to 4.2.0 (#585) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.1 to 4.2.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.1.1...v4.2.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-09 12:39:36 +03:00
Célian GARCIA
e75a061807
feat: support verification_url workaround for DeviceAuthorizationResponse unmarshal (#577) 2024-04-08 13:43:31 +00:00
dependabot[bot]
33485b82ba
chore(deps): bump go.opentelemetry.io/otel from 1.24.0 to 1.25.0 (#584) 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.24.0 to 1.25.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.24.0...v1.25.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 10:57:09 +03:00
dependabot[bot]
370738772a
chore(deps): bump golang.org/x/oauth2 from 0.18.0 to 0.19.0 (#580) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.18.0 to 0.19.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.18.0...v0.19.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-08 10:52:08 +03:00
Livio Spring
a3b73a6950
chore(workflow): fix action/add-to-project version (#578) 2024-04-03 19:32:50 +03:00
dependabot[bot]
5cdb65c30b
chore(deps): bump actions/add-to-project from 0.6.1 to 1.0.0 (#575) 
* chore(deps): bump actions/add-to-project from 0.6.1 to 1.0.0

Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.6.1 to 1.0.0.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/v0.6.1...v1.0.0)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* Update issue.yml

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2024-04-02 06:22:36 +00:00
dependabot[bot]
d729c22526
chore(deps): bump codecov/codecov-action from 4.1.0 to 4.1.1 (#576) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.1.0 to 4.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.1.0...v4.1.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-04-02 07:58:28 +02:00
Célian GARCIA
c89d0ed970
feat: return oidc.Error in case of call token failure (#571) 2024-04-01 13:55:22 +00:00
dependabot[bot]
910f55ea7b
chore(deps): bump actions/add-to-project from 0.6.0 to 0.6.1 (#572) 
Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.6.0 to 0.6.1.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/v0.6.0...v0.6.1)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-26 07:15:38 +01:00
Tim Möhlmann
56397f88d5
feat(oidc): add actor claim to introspection response (#570) 
With impersonation we assign an actor claim to our JWT/ID Tokens. This change adds the actor claim to the introspection response to follow suit.

This PR also adds the `auth_time` and `amr` claims for consistency.
 2024-03-18 11:36:16 +01:00
Tim Möhlmann
4d63d68c9e
feat(op): allow setting the actor to Token Requests (#569) 
For impersonation token exchange we need to persist the actor throughout token requests, including refresh token.
This PR adds the optional TokenActorRequest interface which allows to pass such actor.
 2024-03-14 06:57:44 +00:00
dependabot[bot]
9afc07c0cb
chore(deps): bump google.golang.org/protobuf from 1.31.0 to 1.33.0 (#568) 
Bumps google.golang.org/protobuf from 1.31.0 to 1.33.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-14 06:55:56 +00:00
Silvan
aae9c86f1a
Merge pull request #564 from zitadel/extend-tracing 
feat(op): extend tracing for more detailed spans
feat(client): add possibility of tracing client calls
 2024-03-14 07:53:57 +01:00
adlerhurst
565a022e91 Merge branch 'extend-tracing' of https://github.com/zitadel/oidc into extend-tracing 2024-03-14 07:51:35 +01:00
adlerhurst
03f3bc693b fix test 2024-03-14 07:50:29 +01:00
Silvan
0ffd13c780
Merge branch 'main' into extend-tracing 2024-03-13 15:45:19 +01:00
adlerhurst
1b94f796eb move tracer to client, 
add tracing in rs, client
 2024-03-13 15:45:03 +01:00
Tim Möhlmann
ad79802968
feat: extend token exchange response (#567) 
* feat: extend token exchange response

This change adds fields to the token exchange and token claims types.

The `act` claim has been added to describe the actor in case of impersonation or delegation. An actor can be nested in case an obtained token is used as actor token to obtain impersonation or delegation. This allows creating a chain of actors. See [RFC 8693, section 4.1](https://www.rfc-editor.org/rfc/rfc8693#name-act-actor-claim).

The `id_token` field has been added to the Token Exchange response  so an ID Token can be returned along with an access token. This is not specified in RFC 8693, but it allows us be consistent with OpenID responses when the scope `openid` is set, while the requested token type may remain access token.

* allow jwt profile for token exchange client

* add invalid target error
 2024-03-13 16:26:09 +02:00
dependabot[bot]
1532a5c78b
chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.2 to 3.0.3 (#566) 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.2 to 3.0.3.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/v3.0.3/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.2...v3.0.3)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-08 07:35:47 +01:00
adlerhurst
0fe7c3307f fix parse 2024-03-07 15:25:23 +01:00
adlerhurst
7069813ec7 correct span names 2024-03-07 10:44:24 +01:00
adlerhurst
88209ac11d fix tests 2024-03-06 19:08:48 +01:00
adlerhurst
bdcccc3303 feat(client): tracing in rp 2024-03-06 18:39:27 +01:00
adlerhurst
d18aba8cb3 feat(rp): extend tracing 2024-03-06 18:38:37 +01:00
Tim Möhlmann
e3e48882df
chore: upgrade to v3 guide (#463) 
* chore: upgrade to v3 guide

first version with sed scripts.

* tidy up introduction info

* process feedback from @muir

* logging chapter

* server interface chapter

* update readme with v3 badges and link to update guide

* resolve comments
 2024-03-05 13:09:14 +00:00
Ayato
5ef597b1db
feat(op): Add response_mode: form_post (#551) 
* feat(op): Add response_mode: form_post

* Fix to parse the template ahead of time

* Fix to render the template in a buffer

* Remove unnecessary import

* Fix test

* Fix example client setting

* Make sure the client not to reuse the content of the response

* Fix error handling

* Add the response_mode param

* Allow implicit flow in the example app

* feat(rp): allow form_post in code exchange callback handler

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
 2024-03-05 15:04:43 +02:00
dependabot[bot]
fc743a69c7
chore(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (#562) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 11:07:48 +01:00
dependabot[bot]
7bac3c6f40
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#560) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 08:10:55 +01:00