cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
334 commits 8 branches 227 tags 3.4 MiB
Commit graph

334 commits

This branch
This branch
All branches
Author SHA1 Message Date
Florian Forster
356dd89ae4
chore: fix broken codecov default branch (#245) 
* chore: fix broken codecov default branch

* update codecov badge
 2022-11-21 17:41:56 +01:00
David Sharnoff
74e1823392
chore: add an RP/OP integration test (#238) 
* rp/op integration test
do not error if OP does not provide a redirect
working, but with debugging
clean up, remove debugging
support go1.15
attempt to fix coverage calculation

* Update pkg/client/rp/integration_test.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-11-18 07:29:25 +01:00
David Sharnoff
39852f6021
feat: add rp.RevokeToken (#231) 
* feat: add rp.RevokeToken

* add missing lines after conflict resolving

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-11-15 07:35:16 +01:00
dependabot[bot]
0847a5985a
chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#236) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-14 17:02:43 +01:00
dependabot[bot]
0e30c38791
chore(deps): bump golang.org/x/text from 0.3.8 to 0.4.0 (#234) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.8 to 0.4.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.8...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-14 17:02:22 +01:00
David Sharnoff
bd47b5ddc4
feat: support EndSession with RelyingParty client (#230) 
* feat: support EndSession with RelyingPart client

* do not error if OP does not provide a redirect

* undo that last change, but noice error returns from EndSession

* ioutil.ReadAll, for now
 2022-11-14 17:01:19 +01:00
David Sharnoff
4e302ca4da
bugfix: access token verifier opts was not used (#237) 2022-11-14 17:00:27 +01:00
Utku Özdemir
a314c1483f
fix: allow http schema for redirect url for native apps in dev mode (#242) 2022-11-14 16:59:56 +01:00
David Sharnoff
1aa75ec953
feat: allow id token hint verifier to specify algs (#229) 2022-11-14 16:59:33 +01:00
David Sharnoff
89d1c90bf2
fix: WithPath on NewCookieHandler set domain instead! (#240) 2022-11-14 16:58:36 +01:00
Anthony Quéré
0596d83b33
doc: fix zitadel doc uri in the README (#239) 2022-11-03 10:11:15 +00:00
Florian Forster
4ac692bfd8
chore: house cleaning of the caos name and update sec (#232) 
* chore: house cleaning of the caos name and update sec

* some typos

* make fix non breakable

* Update SECURITY.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update SECURITY.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-10-17 09:13:54 +02:00
David Sharnoff
4bc4bfffe8
add op.AllAuthMethods (#233) 2022-10-17 08:07:19 +02:00
Weny Xu
3a7b2e8eb5
docs(README.md): fix typos 2022-10-17 08:06:41 +02:00
dependabot[bot]
9f71e4c924
chore(deps): bump golang.org/x/text from 0.3.7 to 0.3.8 (#228) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.7...v0.3.8)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-14 22:38:10 +02:00
mv-kan
01021e71a0
chore(example): fix listener usage in app example (#224) 2022-10-05 09:36:06 +02:00
David Sharnoff
b5da6ec29b
chore(linting): apply gofumpt & goimports to all .go files (#225) 2022-10-05 09:33:10 +02:00
David Sharnoff
c4b7ef9160
fix: avoid potential race conditions (#220) 
* fix potential race condition during signer update

* avoid potential race conditions with lazy-initializers in OpenIDProvider

* avoid potential race lazy initializers in RelyingParty

* review feedback -- additional potential races

* add pre-calls to NewRelyingPartyOIDC too
 2022-10-04 07:23:59 +02:00
David Sharnoff
749c30491b
chore: Make example/server usable for tests (#205) 
* internal -> storage; split users into an interface

* move example/server/*.go to example/server/exampleop/

* export all User fields

* storage -> Storage

* example server now passes tests
 2022-09-30 07:44:10 +02:00
David Sharnoff
62daf4cc42
feat: add WithPath CookieHandlerOpt (#217) 2022-09-30 07:40:05 +02:00
David Sharnoff
328d0e1251
feat: add access token verifier ops to openidProvider (#221) 2022-09-30 07:39:40 +02:00
David Sharnoff
2d248b1a1a
fix: Change op.tokenHandler to follow the same pattern as the rest of the endpoint handlers (#210) 
inside op: provide a standard endpoint handler that uses injected data.
 2022-09-30 07:39:23 +02:00
Florian Forster
29904e9446
chore: add notice file to explicit state the copyright (#215) 2022-09-30 07:28:54 +02:00
David Sharnoff
88a98c03ea
fix: rp.RefreshAccessToken did not work (#216) 
* oidc.RefreshTokenRequest cannot be used to in a request to refresh tokens
because it does not explicitly include grant_types.

* fix merge issue

* undo accidental formatting changes
 2022-09-30 07:28:31 +02:00
David Sharnoff
4b4b0e49e0
chore: update jwtProfileKeySet to match actual use (#219) 2022-09-30 07:24:47 +02:00
David Sharnoff
c0badf2329
chore: additional errors and error improvements that catch problems earlier 2022-09-30 07:18:48 +02:00
David Sharnoff
0d721d937e
chore: adjustments to comments for things found while implementing Storage 2022-09-30 07:18:08 +02:00
Fabi
98851d4ca6
chore(workflows): add issues to project board (#213) 
* Create main.yml

* Rename main.yml to issue.yml
 2022-09-27 08:12:54 +02:00
dependabot[bot]
0719efa51a
chore(deps): bump codecov/codecov-action from 3.1.0 to 3.1.1 (#212) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-27 08:12:02 +02:00
Igor Morozov
fca6cf9433
feat: get all claims (#209) 2022-08-30 16:09:56 +02:00
Livio Spring
0e7949b1a0
chore: add go 1.19 to matrix build (#202) 
* chore: add go 1.19 to matrix build

* try rc2

* use rc

* remove rc and update readme

* update ubuntu version
 2022-08-08 15:02:36 +02:00
David Sharnoff
94871afbcb
feat: add rp.RefreshAccessToken (#198) 
* chore: make tokenEndpointCaller public

* add RelyingParty function

* undo changes made by gofumpt

* undo more gofumpt changes

* undo more gofumpt changes
 2022-08-05 10:57:50 +02:00
David Sharnoff
0b4d62c745
chore: add comments documenting Storage and AuthStorage (#193) 
* add comments documenting Storage and AuthStorage

* JWTTokenRequest is a pointer

* note that token strings are actually tokenIDs

* review feedback

* remove suggestion that CreateAccessToken could be called with retrun from AuthStorage.TokenRequestByRefreshToken
 2022-08-05 10:54:40 +02:00
Livio Spring
53ede2ee8c
fix: use default redirect uri when not passed on end_session endpoint (#201) 2022-07-27 08:36:43 +02:00
David Sharnoff
b84bcbed76
chore: add enumer for iota-defined types (#197) 
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-07-25 20:06:49 +02:00
dependabot[bot]
531caae613
chore(deps): bump github.com/zitadel/logging from 0.3.3 to 0.3.4 (#200) 
Bumps [github.com/zitadel/logging](https://github.com/zitadel/logging) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/zitadel/logging/releases)
- [Changelog](https://github.com/zitadel/logging/blob/main/.releaserc.js)
- [Commits](https://github.com/zitadel/logging/compare/v0.3.3...v0.3.4)

---
updated-dependencies:
- dependency-name: github.com/zitadel/logging
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-25 20:00:56 +02:00
Fabi
c1458d6392
Merge pull request #199 from zitadel/introspect 
feat: add all optional claims of the introspection response
 2022-07-21 15:18:36 +02:00
Livio Amstutz
653209a23c
feat: add all optional claims of the introspection response 2022-07-21 09:34:14 +02:00
David Sharnoff
5fb36bf4c2
fix: Add db scanner methods for SpaceDelimitedArray (#194) 2022-07-20 15:36:17 +02:00
dependabot[bot]
8dd5c87faa
chore(deps): bump github.com/sirupsen/logrus from 1.8.1 to 1.9.0 (#196) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.1 to 1.9.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.1...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-20 15:31:52 +02:00
mffap
292b0cc9f9
chore: update website (#195) 2022-07-20 15:31:30 +02:00
dependabot[bot]
aea3f43268
chore(deps): bump github.com/stretchr/testify from 1.7.5 to 1.8.0 (#192) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.5 to 1.8.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.5...v1.8.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-07-04 09:21:02 +02:00
David Sharnoff
498b70bae1
chore: add some docs to NewOpenIDProvider() (#191) 
* add some docs to NewOpenIDProvider()

* typo
 2022-07-04 09:20:29 +02:00
David Sharnoff
fb0c466839
chore: add doc links (#190) 2022-06-30 13:20:18 +02:00
David Sharnoff
385d5c15da
define GrantType constants in one place (#189) 2022-06-29 09:39:32 +00:00
dependabot[bot]
c4d951cad2
chore(deps): bump github.com/stretchr/testify from 1.7.4 to 1.7.5 (#187) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.4 to 1.7.5.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.4...v1.7.5)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-29 11:39:29 +02:00
David Sharnoff
9f36a5a3a9
fix typo in filename (#188) 2022-06-29 11:37:21 +02:00
Livio Spring
854e14b7c4
fix: state and auth code response encoding (#185) 
* fix: add state in access token response (implicit flow)

* fix: encode auth response correctly (when using query in redirect uri)

* fix query param handling
 2022-06-21 07:24:40 +02:00
dependabot[bot]
c4812dd8de
chore(deps): bump github.com/stretchr/testify from 1.7.1 to 1.7.4 (#186) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.1 to 1.7.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.1...v1.7.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-06-21 07:24:22 +02:00
Jederson Zuchi
9b0954f3d4
feat(rp): Adding end_session endpoint to relaying party interface (#179) 2022-05-13 09:17:20 +02:00