zitadel-oidc

Author	SHA1	Message	Date
Ayato	5ef597b1db	feat(op): Add response_mode: form_post (#551 ) * feat(op): Add response_mode: form_post * Fix to parse the template ahead of time * Fix to render the template in a buffer * Remove unnecessary import * Fix test * Fix example client setting * Make sure the client not to reuse the content of the response * Fix error handling * Add the response_mode param * Allow implicit flow in the example app * feat(rp): allow form_post in code exchange callback handler --------- Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>	2024-03-05 15:04:43 +02:00
Tim Möhlmann	972b8981e5	feat: go 1.22 and slog migration (#557 ) This change adds Go 1.22 as a build target and drops support for Go 1.20 and older. The golang.org/x/exp/slog import is migrated to log/slog. Slog has been part of the Go standard library since Go 1.21. Therefore we are dropping support for older Go versions. This is in line of our support policy of "the latest two Go versions".	2024-02-28 10:44:14 +01:00
Tim Möhlmann	d9487ef77d	Merge branch 'next' into next-main	2023-10-12 16:07:49 +03:00
Tim Möhlmann	0879c88399	feat: add slog logging (#432 ) * feat(op): user slog for logging integrate with golang.org/x/exp/slog for logging. provide a middleware for request scoped logging. BREAKING CHANGES: 1. OpenIDProvider and sub-interfaces get a Logger() method to return the configured logger; 2. AuthRequestError now takes the complete Authorizer, instead of only the encoder. So that it may use its Logger() method. 3. RequestError now takes a Logger as argument. * use zitadel/logging * finish op and testing without middleware for now * minimum go version 1.19 * update go mod * log value testing only on go 1.20 or later * finish the RP and example * ping logging release	2023-08-29 14:07:45 +02:00
David Sharnoff	157bc6ceb0	feat: coverage prompt=none, response_mode=fragment (#385 )	2023-05-03 12:56:47 +02:00
Giulio Ruggeri	e43ac6dfdf	fix: modify ACRValues parameter type to space separated strings (#388 ) Co-authored-by: Giulio Ruggeri <giulio.ruggeri@posteitaliane.it>	2023-05-03 10:27:28 +00:00
David Sharnoff	b5da6ec29b	chore(linting): apply gofumpt & goimports to all .go files (#225 )	2022-10-05 09:33:10 +02:00
Livio Amstutz	eb10752e48	feat: Token Revocation, Request Object and OP Certification (#130 ) FEATURES (and FIXES): - support OAuth 2.0 Token Revocation [RFC 7009](https://datatracker.ietf.org/doc/html/rfc7009) - handle request object using `request` parameter [OIDC Core 1.0 Request Object](https://openid.net/specs/openid-connect-core-1_0.html#RequestObject) - handle response mode - added some information to the discovery endpoint: - revocation_endpoint (added with token revocation) - revocation_endpoint_auth_methods_supported (added with token revocation) - revocation_endpoint_auth_signing_alg_values_supported (added with token revocation) - token_endpoint_auth_signing_alg_values_supported (was missing) - introspection_endpoint_auth_signing_alg_values_supported (was missing) - request_object_signing_alg_values_supported (added with request object) - request_parameter_supported (added with request object) - fixed `removeUserinfoScopes ` now returns the scopes without "userinfo" scopes (profile, email, phone, addedd) [source diff](https://github.com/caos/oidc/pull/130/files#diff-fad50c8c0f065d4dbc49d6c6a38f09c992c8f5d651a479ba00e31b500543559eL170-R171) - improved error handling (pkg/oidc/error.go) and fixed some wrong OAuth errors (e.g. `invalid_grant` instead of `invalid_request`) - improved MarshalJSON and added MarshalJSONWithStatus - removed deprecated PEM decryption from `BytesToPrivateKey` [source diff](https://github.com/caos/oidc/pull/130/files#diff-fe246e428e399ccff599627c71764de51387b60b4df84c67de3febd0954e859bL11-L19) - NewAccessTokenVerifier now uses correct (internal) `accessTokenVerifier` [source diff](https://github.com/caos/oidc/pull/130/files#diff-3a01c7500ead8f35448456ef231c7c22f8d291710936cac91de5edeef52ffc72L52-R52) BREAKING CHANGE: - move functions from `utils` package into separate packages - added various methods to the (OP) `Configuration` interface [source diff](https://github.com/caos/oidc/pull/130/files#diff-2538e0dfc772fdc37f057aecd6fcc2943f516c24e8be794cce0e368a26d20a82R19-R32) - added revocationEndpoint to `WithCustomEndpoints ` [source diff](https://github.com/caos/oidc/pull/130/files#diff-19ae13a743eb7cebbb96492798b1bec556673eb6236b1387e38d722900bae1c3L355-R391) - remove unnecessary context parameter from JWTProfileExchange [source diff](https://github.com/caos/oidc/pull/130/files#diff-4ed8f6affa4a9631fa8a034b3d5752fbb6a819107141aae00029014e950f7b4cL14)	2021-11-02 13:21:35 +01:00
Livio Amstutz	400f5c4de4	fix: parse max_age and prompt correctly (and change scope type) (#105 ) * fix: parse max_age and prompt correctly (and change scope type) * remove unnecessary omitempty	2021-06-16 08:34:01 +02:00
Livio Amstutz	542ec6ed7b	refactoring	2020-09-25 16:41:25 +02:00
adlerhurst	a731a46ccf	fix: aud	2020-09-10 16:24:48 +02:00
adlerhurst	7700cb3539	fix: implement storage	2020-09-10 15:43:21 +02:00
Livio Amstutz	a37a8461a5	lot of unfinished changes	2020-09-08 16:07:49 +02:00
Livio Amstutz	6a0dd7c270	Merge branch 'master' into service-accounts # Conflicts: # pkg/oidc/authorization.go	2020-09-07 12:36:10 +02:00
Livio Amstutz	abd3b6f521	fix: handle single `aud` string claim, extract en/decoder interface, comments (#51 ) * en/decoding abstraction * some comments * fix token validation and error messages * fix: audience mapping (single aud string) * fix tests with VerifyIdToken * reformat imports * go mod tidy * Update pkg/oidc/authorization.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update pkg/oidc/authorization.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update pkg/op/authrequest_test.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix capitalization Co-authored-by: Silvan <silvan.reusser@gmail.com>	2020-09-07 12:32:35 +02:00
adlerhurst	7a109a763d	feat: service account token exchange	2020-09-02 17:52:22 +02:00
Livio Amstutz	6d0890e280	initial commit	2020-01-31 15:22:16 +01:00

17 commits