cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
552 commits 8 branches 227 tags 3.4 MiB
Commit graph

552 commits

This branch
This branch
All branches
Author SHA1 Message Date
dependabot[bot]
e59b9259a7
chore(deps): bump golang.org/x/text from 0.5.0 to 0.6.0 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
 2023-02-06 18:35:36 +00:00
Tim Möhlmann
a34d7a1630
chore: add go 1.20 support (#275) 2023-02-06 11:11:11 +01:00
Tim Möhlmann
3a6c3543e7
chore: add go 1.20 support (#274) 2023-02-06 10:35:50 +01:00
Tim Möhlmann
df5a09f813
chore: switch from iouitil to io.ReadAll (#272) 
removed a TODO: switch to io.ReadAll and drop go1.15 support
 2023-02-06 08:29:25 +01:00
David Sharnoff
cdf2af6c2c
feat: add CanRefreshTokenInfo to support non-JWT refresh tokens (#244) 
* Add an additional, optional, op.Storage interface so that refresh tokens
that are not JWTs do not cause failures when they randomly, sometimes, decrypt
without error

```go
// CanRefreshTokenInfo is an optional additional interface that Storage can support.
// Supporting CanRefreshTokenInfo is required to be able to revoke a refresh token that
// does not happen to also be a JWTs work properly.
type CanRefreshTokenInfo interface {
        // GetRefreshTokenInfo must return oidc.ErrInvalidRefreshToken when presented
	// with a token that is not a refresh token.
	GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)
}
```

* add comment suggested in code review

* review feedback: return an error defined in op rather than adding a new error to oidc

* move ErrInvalidRefresToken to op/storage.go
 2023-02-06 08:27:57 +01:00
Tim Möhlmann
fa222c5efb
fix: nil pointer dereference on UserInfoAddress (#207) 
* oidc: add test case to reproduce #203

Running the tests will always result in a nil pointer
dereference on UserInfoAddress.

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix: nil pointer dereference on UserInfoAddress

userinfo.UnmarshalJSON now only sets the Address field
if it was present in the json.
userinfo.GetAddress will always return a non-nil value
of UserInfoAddress to allow for safe chaining of Get functions.

Fixes #203

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-02-03 11:14:04 +01:00
Livio Spring
1535ea4f6c
chore(examples): improve logging and how to use (#266) 2023-01-25 06:22:12 +01:00
Livio Spring
b031c1f297
fix: exchange cors library and add X-Requested-With to Access-Control-Request-Headers (#260) 2023-01-09 10:39:11 +01:00
Fabi
6289fae50d
Merge pull request #257 from zitadel/hifabienne-patch-1 
chore: Update issue.yml
 2022-12-29 16:19:11 +01:00
Fabi
b6eea1ddda
Update issue.yml 2022-12-29 16:03:40 +01:00
dependabot[bot]
205f2c4a30
chore(deps): bump cycjimmy/semantic-release-action from 2 to 3 (#248) 
* chore(deps): bump cycjimmy/semantic-release-action from 2 to 3

Bumps [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) from 2 to 3.
- [Release notes](https://github.com/cycjimmy/semantic-release-action/releases)
- [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/cycjimmy/semantic-release-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: cycjimmy/semantic-release-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* update sem rel to work with node 16

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-12-06 10:41:07 +00:00
dependabot[bot]
aa7cb56f69
chore(deps): bump golang.org/x/text from 0.4.0 to 0.5.0 (#250) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.4.0 to 0.5.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.4.0...v0.5.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-06 11:37:56 +01:00
dependabot[bot]
2fd92af1f8
chore(deps): bump actions/add-to-project from 0.3.0 to 0.4.0 (#249) 
Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.3.0 to 0.4.0.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/v0.3.0...v0.4.0)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-12-06 11:34:54 +01:00
Goran Kovacevic
87a545e60b
feat: add missing IntrospectionResponse getters (#251) 2022-12-06 11:34:19 +01:00
Fabi
1bed3e1f57
Merge pull request #247 from enercity/feature/readme 
chore(examples): fix path
 2022-12-06 09:42:01 +01:00
Fabi
a757c5d13a
Merge pull request #253 from zitadel/livio-a-patch-1 
chore(codeql): update branch name
 2022-12-06 09:36:29 +01:00
Livio Spring
46684fbe0d
chore(codeql): update branch name 2022-12-06 09:35:23 +01:00
Michael Holtermann
c0f3ef8a66 Add folders to Basic Overview 2022-11-24 15:30:54 +01:00
Florian Forster
356dd89ae4
chore: fix broken codecov default branch (#245) 
* chore: fix broken codecov default branch

* update codecov badge
 2022-11-21 17:41:56 +01:00
David Sharnoff
74e1823392
chore: add an RP/OP integration test (#238) 
* rp/op integration test
do not error if OP does not provide a redirect
working, but with debugging
clean up, remove debugging
support go1.15
attempt to fix coverage calculation

* Update pkg/client/rp/integration_test.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-11-18 07:29:25 +01:00
David Sharnoff
39852f6021
feat: add rp.RevokeToken (#231) 
* feat: add rp.RevokeToken

* add missing lines after conflict resolving

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-11-15 07:35:16 +01:00
dependabot[bot]
0847a5985a
chore(deps): bump github.com/stretchr/testify from 1.8.0 to 1.8.1 (#236) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.0 to 1.8.1.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.0...v1.8.1)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-14 17:02:43 +01:00
dependabot[bot]
0e30c38791
chore(deps): bump golang.org/x/text from 0.3.8 to 0.4.0 (#234) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.8 to 0.4.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.8...v0.4.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-11-14 17:02:22 +01:00
David Sharnoff
bd47b5ddc4
feat: support EndSession with RelyingParty client (#230) 
* feat: support EndSession with RelyingPart client

* do not error if OP does not provide a redirect

* undo that last change, but noice error returns from EndSession

* ioutil.ReadAll, for now
 2022-11-14 17:01:19 +01:00
David Sharnoff
4e302ca4da
bugfix: access token verifier opts was not used (#237) 2022-11-14 17:00:27 +01:00
Utku Özdemir
a314c1483f
fix: allow http schema for redirect url for native apps in dev mode (#242) 2022-11-14 16:59:56 +01:00
David Sharnoff
1aa75ec953
feat: allow id token hint verifier to specify algs (#229) 2022-11-14 16:59:33 +01:00
David Sharnoff
89d1c90bf2
fix: WithPath on NewCookieHandler set domain instead! (#240) 2022-11-14 16:58:36 +01:00
Anthony Quéré
0596d83b33
doc: fix zitadel doc uri in the README (#239) 2022-11-03 10:11:15 +00:00
Florian Forster
4ac692bfd8
chore: house cleaning of the caos name and update sec (#232) 
* chore: house cleaning of the caos name and update sec

* some typos

* make fix non breakable

* Update SECURITY.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update SECURITY.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2022-10-17 09:13:54 +02:00
David Sharnoff
4bc4bfffe8
add op.AllAuthMethods (#233) 2022-10-17 08:07:19 +02:00
Weny Xu
3a7b2e8eb5
docs(README.md): fix typos 2022-10-17 08:06:41 +02:00
dependabot[bot]
9f71e4c924
chore(deps): bump golang.org/x/text from 0.3.7 to 0.3.8 (#228) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.3.7 to 0.3.8.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.3.7...v0.3.8)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-10-14 22:38:10 +02:00
mv-kan
01021e71a0
chore(example): fix listener usage in app example (#224) 2022-10-05 09:36:06 +02:00
David Sharnoff
b5da6ec29b
chore(linting): apply gofumpt & goimports to all .go files (#225) 2022-10-05 09:33:10 +02:00
David Sharnoff
c4b7ef9160
fix: avoid potential race conditions (#220) 
* fix potential race condition during signer update

* avoid potential race conditions with lazy-initializers in OpenIDProvider

* avoid potential race lazy initializers in RelyingParty

* review feedback -- additional potential races

* add pre-calls to NewRelyingPartyOIDC too
 2022-10-04 07:23:59 +02:00
David Sharnoff
749c30491b
chore: Make example/server usable for tests (#205) 
* internal -> storage; split users into an interface

* move example/server/*.go to example/server/exampleop/

* export all User fields

* storage -> Storage

* example server now passes tests
 2022-09-30 07:44:10 +02:00
David Sharnoff
62daf4cc42
feat: add WithPath CookieHandlerOpt (#217) 2022-09-30 07:40:05 +02:00
David Sharnoff
328d0e1251
feat: add access token verifier ops to openidProvider (#221) 2022-09-30 07:39:40 +02:00
David Sharnoff
2d248b1a1a
fix: Change op.tokenHandler to follow the same pattern as the rest of the endpoint handlers (#210) 
inside op: provide a standard endpoint handler that uses injected data.
 2022-09-30 07:39:23 +02:00
Florian Forster
29904e9446
chore: add notice file to explicit state the copyright (#215) 2022-09-30 07:28:54 +02:00
David Sharnoff
88a98c03ea
fix: rp.RefreshAccessToken did not work (#216) 
* oidc.RefreshTokenRequest cannot be used to in a request to refresh tokens
because it does not explicitly include grant_types.

* fix merge issue

* undo accidental formatting changes
 2022-09-30 07:28:31 +02:00
David Sharnoff
4b4b0e49e0
chore: update jwtProfileKeySet to match actual use (#219) 2022-09-30 07:24:47 +02:00
David Sharnoff
c0badf2329
chore: additional errors and error improvements that catch problems earlier 2022-09-30 07:18:48 +02:00
David Sharnoff
0d721d937e
chore: adjustments to comments for things found while implementing Storage 2022-09-30 07:18:08 +02:00
Fabi
98851d4ca6
chore(workflows): add issues to project board (#213) 
* Create main.yml

* Rename main.yml to issue.yml
 2022-09-27 08:12:54 +02:00
dependabot[bot]
0719efa51a
chore(deps): bump codecov/codecov-action from 3.1.0 to 3.1.1 (#212) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.0 to 3.1.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/master/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.0...v3.1.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2022-09-27 08:12:02 +02:00
Igor Morozov
fca6cf9433
feat: get all claims (#209) 2022-08-30 16:09:56 +02:00
Livio Spring
0e7949b1a0
chore: add go 1.19 to matrix build (#202) 
* chore: add go 1.19 to matrix build

* try rc2

* use rc

* remove rc and update readme

* update ubuntu version
 2022-08-08 15:02:36 +02:00
David Sharnoff
94871afbcb
feat: add rp.RefreshAccessToken (#198) 
* chore: make tokenEndpointCaller public

* add RelyingParty function

* undo changes made by gofumpt

* undo more gofumpt changes

* undo more gofumpt changes
 2022-08-05 10:57:50 +02:00