zitadel-oidc

Author	SHA1	Message	Date
Fabi	c3bed1d2ec	Update bug_report.yaml	2023-05-31 14:11:32 +02:00
Fabi	54a071f27b	Update bug_report.yaml	2023-05-31 14:11:14 +02:00
Fabi	96da29a6d1	docs: fix title	2023-05-31 14:09:47 +02:00
Fabi	af14335eb0	docs: remove title	2023-05-31 14:09:27 +02:00
Fabi	087a0eb0a9	docs: proposal issue template	2023-05-31 14:09:07 +02:00
Fabi	9d60a4b183	docs: add issue template for docs	2023-05-31 14:08:05 +02:00
Fabi	d693ed0e8c	docs: issue templates	2023-05-31 14:07:04 +02:00
Tim Möhlmann	a4dbe2a973	fix: enforce device authorization grant type (#400 )	2023-05-26 10:52:35 +02:00
Tim Möhlmann	e8262cbf1f	chore: cleanup unneeded device storage methods (#399 ) BREAKING CHANGE, removes methods from DeviceAuthorizationStorage: - GetDeviceAuthorizationByUserCode - CompleteDeviceAuthorization - DenyDeviceAuthorization The methods are now moved to examples as something similar can be userful for implementers.	2023-05-26 10:06:33 +02:00
Tim Möhlmann	09bdd1dca2	fix: token type from client for device auth (#398 )	2023-05-24 09:39:11 +02:00
dependabot[bot]	941ed10780	chore(deps): bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 (#394 ) Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.1 to 1.9.2. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.9.1...v1.9.2) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-24 10:38:47 +03:00
dependabot[bot]	268e72420f	chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#397 ) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-23 13:37:23 +03:00
Elio Bischof	6a891b3e03	Merge pull request #396 from zitadel/hifabienne-patch-1 chore: add dry to pr template	2023-05-22 09:36:45 +02:00
Fabi	d1dfb284e5	docs: add dry to pr template	2023-05-22 09:21:52 +02:00
dependabot[bot]	e9c1bec01e	chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#395 ) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-19 12:31:23 +03:00
dependabot[bot]	8d0819ee8a	chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 (#392 ) Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.0 to 1.9.1. - [Release notes](https://github.com/sirupsen/logrus/releases) - [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md) - [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.1) --- updated-dependencies: - dependency-name: github.com/sirupsen/logrus dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-17 08:12:21 +02:00
Fabi	0b916d9b69	docs: pull request template (#386 ) * docs: pull request template * Rename pull_request_template to pull_request_template.md	2023-05-12 06:57:41 +02:00
dependabot[bot]	50271a9c19	chore(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#391 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.7.0 to 0.8.0. - [Commits](https://github.com/golang/oauth2/compare/v0.7.0...v0.8.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-05-10 18:43:59 +02:00
Tim Möhlmann	d5a9bd6d0e	feat: generic Userinfo and Introspect functions (#389 ) BREAKING CHANGE: rp.Userinfo and rs.Introspect now require a type parameter.	2023-05-05 12:36:37 +00:00
David Sharnoff	157bc6ceb0	feat: coverage prompt=none, response_mode=fragment (#385 )	2023-05-03 12:56:47 +02:00
Giulio Ruggeri	e43ac6dfdf	fix: modify ACRValues parameter type to space separated strings (#388 ) Co-authored-by: Giulio Ruggeri <giulio.ruggeri@posteitaliane.it>	2023-05-03 10:27:28 +00:00
David Sharnoff	e62473ba71	chore: improve error message when issuer is invalid (#383 )	2023-05-03 12:09:19 +02:00
Tim Möhlmann	a446f4f9da	Merge pull request #374 from zitadel/main-to-next chore: merge main into next	2023-05-02 17:40:20 +03:00
Tim Möhlmann	54eb823637	chore: update securty policy to latest versions (#380 )	2023-05-02 11:35:15 +02:00
Tim Möhlmann	edf306219f	chore(rp): add a custom claims test for VerifyIDToken (#375 )	2023-05-02 11:31:30 +02:00
mffap	7997994be4	chore(docs): add oidc link to badge (#382 )	2023-04-26 12:29:35 +03:00
dependabot[bot]	d3359d7c72	chore(deps): bump codecov/codecov-action from 3.1.2 to 3.1.3 (#381 ) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3.1.2...v3.1.3) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-26 12:27:55 +03:00
Tim Möhlmann	8dff7ddee0	Merge branch 'main' into main-to-next	2023-04-18 12:32:04 +03:00
dependabot[bot]	7aa96feb6a	chore(deps): bump codecov/codecov-action from 3.1.1 to 3.1.2 (#373 ) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3.1.1...v3.1.2) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-18 12:15:21 +03:00
dependabot[bot]	2c7ca3a305	chore(deps): bump github.com/rs/cors from 1.8.3 to 1.9.0 (#369 ) Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.3 to 1.9.0. - [Release notes](https://github.com/rs/cors/releases) - [Commits](https://github.com/rs/cors/compare/v1.8.3...v1.9.0) --- updated-dependencies: - dependency-name: github.com/rs/cors dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-14 15:32:02 +03:00
David Sharnoff	f0d46593e0	feat: rp.RefreshAccessToken() now may provide an updated IDToken (#365 )	2023-04-13 16:37:50 +03:00
Thomas Hipp	312c2a07e2	fix: Only set GrantType once (#353 ) (#367 ) This fixes an issue where, when using the device authorization flow, the grant type would be set twice. Some OPs don't accept this, and fail when polling. With this fix the grant type is only set once, which will make some OPs happy again. Fixes #352	2023-04-13 16:04:58 +03:00
Tim Möhlmann	8730a1685e	feat: custom endpoint for device authorization (#368 )	2023-04-13 11:25:49 +02:00
Tim Möhlmann	44f8403574	feat: get issuer from context for device auth (#363 ) * feat: get issuer from context for device auth * use distinct UserFormURL and UserFormPath - Properly deprecate UserFormURL and default to old behaviour, to prevent breaking change. - Refactor unit tests to test both cases. * update example	2023-04-11 20:29:17 +02:00
dependabot[bot]	97bc09583d	chore(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 (#362 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/oauth2/releases) - [Commits](https://github.com/golang/oauth2/compare/v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-10 10:37:08 +03:00
dependabot[bot]	54c87ada6f	chore(deps): bump golang.org/x/text from 0.8.0 to 0.9.0 (#361 ) Bumps [golang.org/x/text](https://github.com/golang/text) from 0.8.0 to 0.9.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-10 10:35:15 +03:00
Tim Möhlmann	057538d555	fix: resolve nil pointer panic in Authorize (#358 ) When ParseAuthorizeRequest received an invalid URL, for example containing a semi-colon `;`, AuthRequestError used to panic. This was because a typed nil was passed as a interface argument. The nil check inside AuthRequestError always resulted in false, allowing access through the nil pointer. Fixes #315	2023-04-05 10:02:37 +02:00
Livio Spring	c72aa8f9a1	fix: use Form instead of PostForm in ClientIDFromRequest (#360 )	2023-04-04 13:45:30 +02:00
Livio Spring	dc2bdc6202	fix: improve error handling when getting ClientIDFromRequest (#359 )	2023-04-04 12:48:18 +02:00
dependabot[bot]	211b17589e	chore(deps): bump actions/add-to-project from 0.4.1 to 0.5.0 (#357 ) Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.4.1 to 0.5.0. - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](https://github.com/actions/add-to-project/compare/v0.4.1...v0.5.0) --- updated-dependencies: - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-04 07:36:29 +02:00
Thomas Hipp	c778e8329c	feat: Allow modifying request to device authorization endpoint (#356 ) * feat: Allow modifying request to device authorization endpoint This change enables the caller to set URL parameters when calling the device authorization endpoint. Fixes #354 * Update device authorization example	2023-04-03 14:40:29 +02:00
Thomas Hipp	1a2db3683f	fix: Only set GrantType once (#353 ) This fixes an issue where, when using the device authorization flow, the grant type would be set twice. Some OPs don't accept this, and fail when polling. With this fix the grant type is only set once, which will make some OPs happy again. Fixes #352	2023-03-29 07:51:10 +00:00
Tim Möhlmann	b7d18bfd02	chore: document non-standard glob client (#328 ) * op: correct typo rename checkURIAginstRedirects to checkURIAgainstRedirects * chore: document standard deviation when using globs add example on how to toggle the underlying client implementation based on DevMode. --------- Co-authored-by: David Sharnoff <dsharnoff@singlestore.com>	2023-03-28 14:58:57 +03:00
Tim Möhlmann	adebbe4c32	chore: replace gorilla/schema with zitadel/schema (#348 ) Fixes #302	2023-03-28 14:57:27 +03:00
David Sharnoff	e1d50faf9b	fix: do not modify userInfo when marshaling	2023-03-28 12:58:34 +03:00
Tim Möhlmann	be3cc13c27	fix: merge user info claims into id token claims (#349 ) oidc IDTokenClaims.SetUserInfo did not set the claims map from user info. This fix merges the claims map into the IDToken Claims map.	2023-03-27 16:41:09 +03:00
David Sharnoff	c9555c7f1b	feat: add CanSetUserinfoFromRequest interface (#347 )	2023-03-24 18:55:41 +02:00
Tim Möhlmann	6af94fded0	feat: add context to all client calls (#345 ) BREAKING CHANGE closes #309	2023-03-23 15:31:38 +01:00
dependabot[bot]	edc9a1f60d	Merge pull request #340 from zitadel/dependabot/github_actions/actions/setup-go-4	2023-03-23 12:25:50 +00:00
Tim Möhlmann	33c716ddcf	feat: merge the verifier types (#336 ) BREAKING CHANGE: - The various verifier types are merged into a oidc.Verifir. - oidc.Verfier became a struct with exported fields * use type aliases for oidc.Verifier this binds the correct contstructor to each verifier usecase. * fix: handle the zero cases for oidc.Time * add unit tests to oidc verifier * fix: correct returned field for JWTTokenRequest JWTTokenRequest.GetIssuedAt() was returning the ExpiresAt field. This change corrects that by returning IssuedAt instead.	2023-03-22 19:18:41 +02:00

... 2 3 4 5 6 ...

592 commits