zitadel-oidc

Author	SHA1	Message	Date
Tim Möhlmann	54eb823637	chore: update securty policy to latest versions (#380 )	2023-05-02 11:35:15 +02:00
Tim Möhlmann	edf306219f	chore(rp): add a custom claims test for VerifyIDToken (#375 )	2023-05-02 11:31:30 +02:00
mffap	7997994be4	chore(docs): add oidc link to badge (#382 )	2023-04-26 12:29:35 +03:00
dependabot[bot]	d3359d7c72	chore(deps): bump codecov/codecov-action from 3.1.2 to 3.1.3 (#381 ) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.2 to 3.1.3. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3.1.2...v3.1.3) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-26 12:27:55 +03:00
dependabot[bot]	7aa96feb6a	chore(deps): bump codecov/codecov-action from 3.1.1 to 3.1.2 (#373 ) Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.1 to 3.1.2. - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/codecov/codecov-action/compare/v3.1.1...v3.1.2) --- updated-dependencies: - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-18 12:15:21 +03:00
dependabot[bot]	2c7ca3a305	chore(deps): bump github.com/rs/cors from 1.8.3 to 1.9.0 (#369 ) Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.3 to 1.9.0. - [Release notes](https://github.com/rs/cors/releases) - [Commits](https://github.com/rs/cors/compare/v1.8.3...v1.9.0) --- updated-dependencies: - dependency-name: github.com/rs/cors dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-14 15:32:02 +03:00
David Sharnoff	f0d46593e0	feat: rp.RefreshAccessToken() now may provide an updated IDToken (#365 )	2023-04-13 16:37:50 +03:00
Tim Möhlmann	8730a1685e	feat: custom endpoint for device authorization (#368 )	2023-04-13 11:25:49 +02:00
Tim Möhlmann	44f8403574	feat: get issuer from context for device auth (#363 ) * feat: get issuer from context for device auth * use distinct UserFormURL and UserFormPath - Properly deprecate UserFormURL and default to old behaviour, to prevent breaking change. - Refactor unit tests to test both cases. * update example	2023-04-11 20:29:17 +02:00
dependabot[bot]	97bc09583d	chore(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 (#362 ) Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.6.0 to 0.7.0. - [Release notes](https://github.com/golang/oauth2/releases) - [Commits](https://github.com/golang/oauth2/compare/v0.6.0...v0.7.0) --- updated-dependencies: - dependency-name: golang.org/x/oauth2 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-10 10:37:08 +03:00
dependabot[bot]	54c87ada6f	chore(deps): bump golang.org/x/text from 0.8.0 to 0.9.0 (#361 ) Bumps [golang.org/x/text](https://github.com/golang/text) from 0.8.0 to 0.9.0. - [Release notes](https://github.com/golang/text/releases) - [Commits](https://github.com/golang/text/compare/v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: golang.org/x/text dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-10 10:35:15 +03:00
Tim Möhlmann	057538d555	fix: resolve nil pointer panic in Authorize (#358 ) When ParseAuthorizeRequest received an invalid URL, for example containing a semi-colon `;`, AuthRequestError used to panic. This was because a typed nil was passed as a interface argument. The nil check inside AuthRequestError always resulted in false, allowing access through the nil pointer. Fixes #315	2023-04-05 10:02:37 +02:00
Livio Spring	c72aa8f9a1	fix: use Form instead of PostForm in ClientIDFromRequest (#360 )	2023-04-04 13:45:30 +02:00
Livio Spring	dc2bdc6202	fix: improve error handling when getting ClientIDFromRequest (#359 )	2023-04-04 12:48:18 +02:00
dependabot[bot]	211b17589e	chore(deps): bump actions/add-to-project from 0.4.1 to 0.5.0 (#357 ) Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.4.1 to 0.5.0. - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](https://github.com/actions/add-to-project/compare/v0.4.1...v0.5.0) --- updated-dependencies: - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-04-04 07:36:29 +02:00
Thomas Hipp	1a2db3683f	fix: Only set GrantType once (#353 ) This fixes an issue where, when using the device authorization flow, the grant type would be set twice. Some OPs don't accept this, and fail when polling. With this fix the grant type is only set once, which will make some OPs happy again. Fixes #352	2023-03-29 07:51:10 +00:00
Tim Möhlmann	b7d18bfd02	chore: document non-standard glob client (#328 ) * op: correct typo rename checkURIAginstRedirects to checkURIAgainstRedirects * chore: document standard deviation when using globs add example on how to toggle the underlying client implementation based on DevMode. --------- Co-authored-by: David Sharnoff <dsharnoff@singlestore.com>	2023-03-28 14:58:57 +03:00
David Sharnoff	e1d50faf9b	fix: do not modify userInfo when marshaling	2023-03-28 12:58:34 +03:00
Tim Möhlmann	be3cc13c27	fix: merge user info claims into id token claims (#349 ) oidc IDTokenClaims.SetUserInfo did not set the claims map from user info. This fix merges the claims map into the IDToken Claims map.	2023-03-27 16:41:09 +03:00
David Sharnoff	c9555c7f1b	feat: add CanSetUserinfoFromRequest interface (#347 )	2023-03-24 18:55:41 +02:00
dependabot[bot]	edc9a1f60d	Merge pull request #340 from zitadel/dependabot/github_actions/actions/setup-go-4	2023-03-23 12:25:50 +00:00
Tim Möhlmann	a08ce50091	fix: correct returned field for JWTTokenRequest JWTTokenRequest.GetIssuedAt() was returning the ExpiresAt field. This change corrects that by returning IssuedAt instead. This bug was introduced in #283	2023-03-21 11:46:42 +02:00
dependabot[bot]	3c1e81e6a6	chore(deps): bump actions/setup-go from 3 to 4 Bumps [actions/setup-go](https://github.com/actions/setup-go) from 3 to 4. - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](https://github.com/actions/setup-go/compare/v3...v4) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-20 19:59:14 +00:00
Tim Möhlmann	115813ee38	fix: handle the zero cases for oidc.Time	2023-03-20 17:18:11 +02:00
Tim Möhlmann	890a7f3ed4	feat: GetUserinfo helper method for IDTokenClaims (#337 )	2023-03-20 11:06:32 +02:00
dependabot[bot]	bb392314d8	chore(deps): bump google.golang.org/protobuf from 1.29.0 to 1.29.1 Bumps [google.golang.org/protobuf](https://github.com/protocolbuffers/protobuf-go) from 1.29.0 to 1.29.1. - [Release notes](https://github.com/protocolbuffers/protobuf-go/releases) - [Changelog](https://github.com/protocolbuffers/protobuf-go/blob/master/release.bash) - [Commits](https://github.com/protocolbuffers/protobuf-go/compare/v1.29.0...v1.29.1) --- updated-dependencies: - dependency-name: google.golang.org/protobuf dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com>	2023-03-17 09:52:16 +02:00
Tim Möhlmann	62caf5dafe	chore: update features in readme - rotated features table for better rendering - add links to specifications in feature table - remove redundant links from the resources section - changed "Token Exhange" feature to full yes (PR #255) - add "Device Authorization" with full yes (PR #285)	2023-03-16 18:44:02 +02:00
Tim Möhlmann	c3775aceaa	Merge pull request #330 from zitadel/main-next Merges the next branch into main, releasing V2.	2023-03-16 15:01:37 +02:00
Tim Möhlmann	0476b5946e	Merge branch 'next' into main-next prepare the merge of next into main by resolving merge conflicts.	2023-03-15 16:26:32 +02:00
Tim Möhlmann	c6820ba88a	fix: unmarshalling of scopes in access token (#327 ) The Scopes field in accessTokenClaims should be a SpaceDelimitedArray, in order to allow for correct unmarshalling. Fixes #318 * adjust test data	2023-03-15 14:44:49 +01:00
Tim Möhlmann	0f3d4f4828	chore: update all modules (#321 )	2023-03-15 15:37:02 +02:00
Tim Möhlmann	26d8e32636	chore: test all routes Co-authored-by: David Sharnoff <dsharnoff@singlestore.com>	2023-03-15 14:32:14 +01:00
Tim Möhlmann	711a194b50	fix: allow RFC3339 encoded time strings Fixes #292	2023-03-15 15:18:33 +02:00
Tim Möhlmann	dea8bc96ea	refactor: use struct types for claim related types (#283 ) * oidc: add regression tests for token claim json this helps to verify that the same JSON is produced, after these types are refactored. * refactor: use struct types for claim related types BREAKING CHANGE: The following types are changed from interface to struct type: - AccessTokenClaims - IDTokenClaims - IntrospectionResponse - UserInfo and related types. The following methods of OPStorage now take a pointer to a struct type, instead of an interface: - SetUserinfoFromScopes - SetUserinfoFromToken - SetIntrospectionFromToken The following functions are now generic, so that type-safe extension of Claims is now possible: - op.VerifyIDTokenHint - op.VerifyAccessToken - rp.VerifyTokens - rp.VerifyIDToken - Changed UserInfoAddress to pointer in UserInfo and IntrospectionResponse. This was needed to make omitempty work correctly. - Copy or merge maps in IntrospectionResponse and SetUserInfo * op: add example for VerifyAccessToken * fix: rp: wrong assignment in WithIssuedAtMaxAge WithIssuedAtMaxAge assigned its value to v.maxAge, which was wrong. This change fixes that by assiging the duration to v.maxAgeIAT. * rp: add VerifyTokens example * oidc: add standard references to: - IDTokenClaims - IntrospectionResponse - UserInfo * only count coverage for `./pkg/...`	2023-03-10 16:31:22 +02:00
Tim Möhlmann	eea2ed1a51	fix: unmarshalling of scopes in access token (#320 ) The Scopes field in accessTokenClaims should be a SpaceDelimitedArray, in order to allow for correct unmarshalling. Fixes #318	2023-03-10 09:46:25 +02:00
Tim Möhlmann	4bd2b742f9	chore: remove unused context in NewOpenIDProvider BREAKING CHANGE: - op.NewOpenIDProvider - op.NewDynamicOpenIDProvider The call chain of above functions did not use the context anywhere. This change removes the context from those fucntion arguments.	2023-03-08 16:49:12 +02:00
dependabot[bot]	62f2df7fa3	chore(deps): bump actions/add-to-project from 0.4.0 to 0.4.1 (#294 ) Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.4.0 to 0.4.1. - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](https://github.com/actions/add-to-project/compare/v0.4.0...v0.4.1) --- updated-dependencies: - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-06 14:34:12 +02:00
dependabot[bot]	fba465dc83	chore(deps): bump github.com/stretchr/testify from 1.8.1 to 1.8.2 (#290 ) Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.1 to 1.8.2. - [Release notes](https://github.com/stretchr/testify/releases) - [Commits](https://github.com/stretchr/testify/compare/v1.8.1...v1.8.2) --- updated-dependencies: - dependency-name: github.com/stretchr/testify dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2023-03-06 14:31:00 +02:00
David Sharnoff	7e5798569b	fix: glob support for RedirectURIs Fixes #293	2023-03-06 14:13:35 +02:00
Tim Möhlmann	4dca29f1f9	fix: use the same schema encoder everywhere (#299 ) properly register SpaceDelimitedArray for all instances of schema.Encoder inside the oidc framework. Closes #295	2023-03-02 14:24:44 +01:00
Tim Möhlmann	fc1a80d274	chore: enable github actions for next branch (#298 )	2023-03-02 14:24:13 +01:00
David Sharnoff	1eb4ee1c8e	auto install things for "go generate" and then clean up afterwards	2023-03-02 11:27:12 +02:00
David Sharnoff	2d4ce6fde3	go mod tidy	2023-03-02 11:24:46 +02:00
David Sharnoff	ad76a7cb07	remove empty NEXT_RELEASE.md	2023-03-02 11:24:46 +02:00
David Sharnoff	0c74bd51db	breaking change: rename GetKeyByIDAndUserID -> GetKeyByIDAndClientID	2023-03-02 11:24:46 +02:00
David Sharnoff	f447b9b6d4	breaking change: Add GetRefreshTokenInfo() to op.Storage	2023-03-02 11:24:46 +02:00
David Sharnoff	f3eae0f329	breaking change: add rp/RelyingParty.GetRevokeEndpoint	2023-03-02 11:24:46 +02:00
Tim Möhlmann	2342f208ef	implement RFC 8628: Device authorization grant	2023-03-01 08:59:17 +01:00
Tim Möhlmann	815ced424c	readme: update zitdal docs link Fixes #286	2023-02-24 11:04:37 +01:00
Tim Möhlmann	03f71a67c2	readme: update example commands	2023-02-24 10:47:01 +01:00

1 2 3 4 5 ...

411 commits