zitadel-oidc

cim/zitadel-oidc

Fork 0

Commit graph

Author	SHA1	Message	Date
ORZ (Paul Orzel)	653b807f5d	replace github url	2025-06-20 09:45:28 +02:00
Tim Möhlmann	6708ef4c24	feat(rp): return oidc.Tokens on token refresh (#423 ) BREAKING CHANGE: - rename RefreshAccessToken to RefreshToken - RefreshToken returns oidc.Tokens instead of oauth2.Token This change allows the return of the id_token in an explicit manner, as part of the oidc.Tokens struct. The return type is now consistent with the CodeExchange function. When an id_token is returned, it is verified. In case no id_token was received, RefreshTokens will not return an error. As per specifictation: https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse Upon successful validation of the Refresh Token, the response body is the Token Response of Section 3.1.3.3 except that it might not contain an id_token. Closes #364	2023-08-18 14:36:39 +02:00

Author

SHA1

Message

Date

ORZ (Paul Orzel)

653b807f5d

replace github url

2025-06-20 09:45:28 +02:00

Tim Möhlmann

6708ef4c24

feat(rp): return oidc.Tokens on token refresh (#423 )

BREAKING CHANGE:
- rename RefreshAccessToken to RefreshToken
- RefreshToken returns *oidc.Tokens instead of *oauth2.Token

This change allows the return of the id_token in an explicit manner,
as part of the oidc.Tokens struct.
The return type is now consistent with the CodeExchange function.

When an id_token is returned, it is verified.
In case no id_token was received,
RefreshTokens will not return an error.

As per specifictation:
https://openid.net/specs/openid-connect-core-1_0.html#RefreshTokenResponse

Upon successful validation of the Refresh Token,
the response body is the Token Response of Section 3.1.3.3
except that it might not contain an id_token.

Closes #364

2023-08-18 14:36:39 +02:00

2 commits