cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
280 commits 8 branches 227 tags 3.4 MiB
Commit graph

39 commits

Author SHA1 Message Date
Livio Amstutz
a27ba09872
feat(op): dynamic issuer depending on request / host 
BREAKING CHANGE: The OpenID Provider package is now able to handle multiple issuers with a single storage implementation. The issuer will be selected from the host of the request and passed into the context, where every function can read it from if necessary. This results in some fundamental changes:
 - `Configuration` interface:
   - `Issuer() string` has been changed to `IssuerFromRequest(r *http.Request) string`
   - `Insecure() bool` has been added
 - OpenIDProvider interface and dependants:
   - `Issuer` has been removed from Config struct
   - `NewOpenIDProvider` now takes an additional parameter `issuer` and returns a pointer to the public/default implementation and not an OpenIDProvider interface:
     `NewOpenIDProvider(ctx context.Context, config *Config, storage Storage, opOpts ...Option) (OpenIDProvider, error)` changed to `NewOpenIDProvider(ctx context.Context, issuer string, config *Config, storage Storage, opOpts ...Option) (*Provider, error)`
   - therefore the parameter type Option changed to the public type as well: `Option func(o *Provider) error`
   - `AuthCallbackURL(o OpenIDProvider) func(string) string` has been changed to `AuthCallbackURL(o OpenIDProvider) func(context.Context, string) string`
   - `IDTokenHintVerifier() IDTokenHintVerifier` (Authorizer, OpenIDProvider, SessionEnder interfaces), `AccessTokenVerifier() AccessTokenVerifier` (Introspector, OpenIDProvider, Revoker, UserinfoProvider interfaces) and `JWTProfileVerifier() JWTProfileVerifier` (IntrospectorJWTProfile, JWTAuthorizationGrantExchanger, OpenIDProvider, RevokerJWTProfile interfaces) now take a context.Context parameter `IDTokenHintVerifier(context.Context) IDTokenHintVerifier`, `AccessTokenVerifier(context.Context) AccessTokenVerifier` and `JWTProfileVerifier(context.Context) JWTProfileVerifier`
   - `OidcDevMode` (CAOS_OIDC_DEV) environment variable check has been removed, use `WithAllowInsecure()` Option
 - Signing: the signer is not kept in memory anymore, but created on request from the loaded key:
   - `Signer` interface and func `NewSigner` have been removed
   - `ReadySigner(s Signer) ProbesFn` has been removed
   - `CreateDiscoveryConfig(c Configuration, s Signer) *oidc.DiscoveryConfiguration` has been changed to `CreateDiscoveryConfig(r *http.Request, config Configuration, storage DiscoverStorage) *oidc.DiscoveryConfiguration`
   - `Storage` interface:
     - `GetSigningKey(context.Context, chan<- jose.SigningKey)` has been changed to `SigningKey(context.Context) (SigningKey, error)`
     - `KeySet(context.Context) ([]Key, error)` has been added
     - `GetKeySet(context.Context) (*jose.JSONWebKeySet, error)` has been changed to `KeySet(context.Context) ([]Key, error)`
   - `SigAlgorithms(s Signer) []string` has been changed to `SigAlgorithms(ctx context.Context, storage DiscoverStorage) []string`
   - KeyProvider interface: `GetKeySet(context.Context) (*jose.JSONWebKeySet, error)` has been changed to `KeySet(context.Context) ([]Key, error)`
   - `CreateIDToken`: the Signer parameter has been removed
 2022-04-22 14:23:29 +02:00
dependabot[bot]
d740fe1710
chore(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#163) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.7.0 to 1.7.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.7.0...v1.7.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-03-16 11:18:08 +01:00
dependabot[bot]
ab76b3518f
chore(deps): bump github.com/caos/logging from 0.0.2 to 0.3.1 (#159) 
* chore(deps): bump github.com/caos/logging from 0.0.2 to 0.3.1

Bumps [github.com/caos/logging](https://github.com/caos/logging) from 0.0.2 to 0.3.1.
- [Release notes](https://github.com/caos/logging/releases)
- [Changelog](https://github.com/caos/logging/blob/master/.releaserc.js)
- [Commits](https://github.com/caos/logging/compare/v0.0.2...v0.3.1)

---
updated-dependencies:
- dependency-name: github.com/caos/logging
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* update logging

* update logging

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-03-16 11:14:57 +01:00
dependabot[bot]
5c9565c035
chore(deps): bump golang.org/x/text from 0.3.6 to 0.3.7 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.6 to 0.3.7.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.6...v0.3.7)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
 2021-08-11 04:03:42 +00:00
dependabot[bot]
84b2ecc60e
chore(deps): bump github.com/google/uuid from 1.2.0 to 1.3.0 (#108) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.2.0 to 1.3.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.2.0...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-08-09 09:29:40 +02:00
dependabot[bot]
0591a0d1ef
chore(deps): bump github.com/golang/mock from 1.5.0 to 1.6.0 (#104) 
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/golang/mock
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-14 16:02:48 +02:00
dependabot[bot]
2b58427192
chore(deps): bump gopkg.in/square/go-jose.v2 from 2.5.1 to 2.6.0 (#101) 
Bumps [gopkg.in/square/go-jose.v2](https://github.com/square/go-jose) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/square/go-jose/releases)
- [Commits](https://github.com/square/go-jose/compare/v2.5.1...v2.6.0)

---
updated-dependencies:
- dependency-name: gopkg.in/square/go-jose.v2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-06-14 16:01:58 +02:00
dependabot[bot]
d6cc89819b
chore(deps): bump golang.org/x/text from 0.3.5 to 0.3.6 (#91) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.5 to 0.3.6.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.5...v0.3.6)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-04-23 08:43:24 +02:00
dependabot[bot]
2292d63f7b
chore(deps): bump github.com/sirupsen/logrus from 1.8.0 to 1.8.1 (#89) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.8.0...v1.8.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-03-18 13:20:07 +01:00
dependabot[bot]
01e5b74ba7
chore(deps): bump github.com/golang/mock from 1.4.4 to 1.5.0 (#86) 
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.4 to 1.5.0.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.4...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-02-22 10:30:27 +01:00
dependabot[bot]
0fabbc33cf
chore(deps): bump github.com/sirupsen/logrus from 1.7.0 to 1.8.0 (#85) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.7.0 to 1.8.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.7.0...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-02-22 10:28:14 +01:00
dependabot[bot]
ba01bdf1ef
chore(deps): bump github.com/google/uuid from 1.1.2 to 1.2.0 (#81) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.1.2 to 1.2.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.1.2...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-01-29 09:39:01 +01:00
dependabot[bot]
95cd01094a
chore(deps): bump github.com/stretchr/testify from 1.6.1 to 1.7.0 (#79) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.6.1 to 1.7.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.6.1...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-01-29 09:38:16 +01:00
dependabot[bot]
f47821584e
chore(deps): bump golang.org/x/text from 0.3.4 to 0.3.5 (#78) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.4 to 0.3.5.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.4...v0.3.5)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2021-01-29 09:37:46 +01:00
dependabot[bot]
ab9cef7605
chore(deps): bump golang.org/x/text from 0.3.3 to 0.3.4 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.3 to 0.3.4.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.3...v0.3.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-10-29 04:06:24 +00:00
dependabot[bot]
49324646d7
chore(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 (#61) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.6.0 to 1.7.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.6.0...v1.7.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-10-13 07:12:47 +02:00
adlerhurst
5b6175acfc fix: dependencies 2020-09-16 14:37:32 +02:00
adlerhurst
fd3daa2335 fix: jwt profile request in op 2020-09-16 14:12:41 +02:00
Florian Forster
30f60da90d
chore: use only go mod native version (#52) 
* chore: use only go mod native version

* chore: new go versions

* update go version in go.mod

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-09-10 15:53:17 +02:00
dependabot[bot]
822ffb581f
chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#45) 
Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases)
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 10:15:44 +02:00
dependabot[bot]
d642904c35
chore(deps): bump github.com/gorilla/handlers from 1.4.2 to 1.5.0 (#44) 
Bumps [github.com/gorilla/handlers](https://github.com/gorilla/handlers) from 1.4.2 to 1.5.0.
- [Release notes](https://github.com/gorilla/handlers/releases)
- [Commits](https://github.com/gorilla/handlers/compare/v1.4.2...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 10:15:29 +02:00
dependabot[bot]
2794ff12d5
chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#46) 
Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 07:40:34 +02:00
dependabot[bot]
c7a15ae970
chore(deps): bump github.com/google/uuid from 1.1.1 to 1.1.2 (#50) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.1.1 to 1.1.2.
- [Release notes](https://github.com/google/uuid/releases)
- [Commits](https://github.com/google/uuid/compare/v1.1.1...v1.1.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-09-07 07:40:22 +02:00
dependabot[bot]
576db48c11
chore(deps): bump github.com/golang/mock from 1.4.3 to 1.4.4 
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.4.3 to 1.4.4.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/v1.4.3...v1.4.4)

Signed-off-by: dependabot[bot] <support@github.com>
 2020-07-29 04:02:20 +00:00
dependabot[bot]
21dfd6c22e
chore(deps): bump golang.org/x/text from 0.3.2 to 0.3.3 (#34) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.2 to 0.3.3.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.2...v0.3.3)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-07-06 12:46:16 +02:00
dependabot[bot]
8ed8f4918c
chore(deps): bump github.com/stretchr/testify from 1.5.1 to 1.6.1 (#33) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.5.1 to 1.6.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.5.1...v1.6.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-07-06 12:45:55 +02:00
Stefan Benz
303fdfc421
fix(cli): added implementation for token to client for caching (#29) 2020-05-27 19:00:28 +02:00
dependabot-preview[bot]
9fa707c923
chore(deps): bump gopkg.in/square/go-jose.v2 from 2.5.0 to 2.5.1 (#27) 
Bumps [gopkg.in/square/go-jose.v2](https://github.com/square/go-jose) from 2.5.0 to 2.5.1.
- [Release notes](https://github.com/square/go-jose/releases)
- [Commits](https://github.com/square/go-jose/compare/v2.5.0...v2.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-05-04 09:45:38 +02:00
dependabot-preview[bot]
be95027398
chore(deps): bump github.com/sirupsen/logrus from 1.5.0 to 1.6.0 (#28) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-05-04 09:45:12 +02:00
Stefan Benz
b52fd090a7
feat(cli): added implementation for codeflow with a cli (#26) 2020-04-30 07:08:30 +02:00
dependabot-preview[bot]
f818b3461a
chore(deps): bump gopkg.in/square/go-jose.v2 from 2.4.0 to 2.5.0 (#25) 
Bumps [gopkg.in/square/go-jose.v2](https://github.com/square/go-jose) from 2.4.0 to 2.5.0.
- [Release notes](https://github.com/square/go-jose/releases)
- [Commits](https://github.com/square/go-jose/compare/v2.4.0...v2.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-04-15 06:49:52 +02:00
dependabot-preview[bot]
325a43e81e
chore(deps): bump github.com/sirupsen/logrus from 1.4.2 to 1.5.0 (#24) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.4.2 to 1.5.0.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.4.2...v1.5.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-04-15 06:49:22 +02:00
dependabot-preview[bot]
728001e357
chore(deps): bump github.com/gorilla/mux from 1.7.3 to 1.7.4 (#23) 
Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.3 to 1.7.4.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.3...v1.7.4)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-04-15 06:47:26 +02:00
dependabot-preview[bot]
f2d16c0dac
chore(deps): bump github.com/golang/mock from 1.3.1 to 1.4.3 (#22) 
Bumps [github.com/golang/mock](https://github.com/golang/mock) from 1.3.1 to 1.4.3.
- [Release notes](https://github.com/golang/mock/releases)
- [Changelog](https://github.com/golang/mock/blob/master/.goreleaser.yml)
- [Commits](https://github.com/golang/mock/compare/1.3.1...v1.4.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-04-15 06:47:13 +02:00
dependabot-preview[bot]
ccf824b08f
chore(deps): bump github.com/stretchr/testify from 1.4.0 to 1.5.1 (#21) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.4.0 to 1.5.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.4.0...v1.5.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>

Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
 2020-04-15 06:46:42 +02:00
Livio Amstutz
ddcf7076f8 go mod tidy 2020-02-27 13:00:45 +01:00
Livio Amstutz
3f97c5c3ed feat: add cors * to handler 2020-02-27 12:56:47 +01:00
Livio Amstutz
93709a18b6 add readiness and partial key rotation 2020-02-11 17:17:09 +01:00
Livio Amstutz
6d0890e280 initial commit 2020-01-31 15:22:16 +01:00