cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
443 commits 8 branches 227 tags 3.4 MiB
Commit graph

443 commits

This branch
This branch
All branches
Author SHA1 Message Date
Fabi
fb891d8281
Merge pull request #402 from zitadel/issue_templates 
docs: issue templates
 2023-06-22 15:30:57 +02:00
Fabi
80c67e4127
Update .github/ISSUE_TEMPLATE/bug_report.yaml 2023-06-21 11:35:05 +02:00
dependabot[bot]
9e624986aa
chore(deps): bump golang.org/x/oauth2 from 0.8.0 to 0.9.0 (#411) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.8.0 to 0.9.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-14 13:55:31 +02:00
dependabot[bot]
148ed42cee
chore(deps): bump golang.org/x/text from 0.9.0 to 0.10.0 (#410) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.9.0 to 0.10.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.9.0...v0.10.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-13 09:26:49 +02:00
Tim Möhlmann
d01a5c8f91
fix: don't error on invalid i18n tags in discovery (#407) 
* reproduce #406

* fix: don't error on invalid i18n tags in discovery

This changes the use of `[]language.Tag` to
`oidc.Locales` in `DiscoveryConfig`.
This should be compatible with callers that use
the `[]language.Tag` .

Locales now implements the `json.Unmarshaler` interface.
With support for json arrays or space seperated strings.
The latter because `UnmarshalText` might have been implicetely called
by the json library before we added UnmarshalJSON.

Fixes: #406
 2023-06-09 16:31:44 +02:00
dependabot[bot]
77436a2ce7
chore(deps): bump github.com/stretchr/testify from 1.8.3 to 1.8.4 (#401) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.3 to 1.8.4.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.3...v1.8.4)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-06 12:09:18 +02:00
dependabot[bot]
e577bedd7f
chore(deps): bump github.com/sirupsen/logrus from 1.9.2 to 1.9.3 (#404) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.2 to 1.9.3.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.2...v1.9.3)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-06-06 12:06:53 +02:00
Fabi
e47f749325
Create improvement.yaml 2023-05-31 16:41:24 +02:00
Fabi
f838acb7c3
Update bug_report.yaml 2023-05-31 16:40:25 +02:00
Fabi
3f3429eede
Update proposal.yaml 2023-05-31 16:37:53 +02:00
Fabi
ae2d2f6256
Update proposal.yaml 2023-05-31 14:13:14 +02:00
Fabi
96ff038c67
Update proposal.yaml 2023-05-31 14:12:46 +02:00
Fabi
6607c5a690
Update docs.yaml 2023-05-31 14:12:13 +02:00
Fabi
c3bed1d2ec
Update bug_report.yaml 2023-05-31 14:11:32 +02:00
Fabi
54a071f27b
Update bug_report.yaml 2023-05-31 14:11:14 +02:00
Fabi
96da29a6d1
docs: fix title 2023-05-31 14:09:47 +02:00
Fabi
af14335eb0
docs: remove title 2023-05-31 14:09:27 +02:00
Fabi
087a0eb0a9
docs: proposal issue template 2023-05-31 14:09:07 +02:00
Fabi
9d60a4b183
docs: add issue template for docs 2023-05-31 14:08:05 +02:00
Fabi
d693ed0e8c
docs: issue templates 2023-05-31 14:07:04 +02:00
Tim Möhlmann
a4dbe2a973
fix: enforce device authorization grant type (#400) 2023-05-26 10:52:35 +02:00
Tim Möhlmann
09bdd1dca2
fix: token type from client for device auth (#398) 2023-05-24 09:39:11 +02:00
dependabot[bot]
941ed10780
chore(deps): bump github.com/sirupsen/logrus from 1.9.1 to 1.9.2 (#394) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.1 to 1.9.2.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.1...v1.9.2)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-24 10:38:47 +03:00
dependabot[bot]
268e72420f
chore(deps): bump codecov/codecov-action from 3.1.3 to 3.1.4 (#397) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.3 to 3.1.4.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.3...v3.1.4)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-23 13:37:23 +03:00
Elio Bischof
6a891b3e03
Merge pull request #396 from zitadel/hifabienne-patch-1 
chore: add dry to pr template
 2023-05-22 09:36:45 +02:00
Fabi
d1dfb284e5
docs: add dry to pr template 2023-05-22 09:21:52 +02:00
dependabot[bot]
e9c1bec01e
chore(deps): bump github.com/stretchr/testify from 1.8.2 to 1.8.3 (#395) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.2 to 1.8.3.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.2...v1.8.3)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-19 12:31:23 +03:00
dependabot[bot]
8d0819ee8a
chore(deps): bump github.com/sirupsen/logrus from 1.9.0 to 1.9.1 (#392) 
Bumps [github.com/sirupsen/logrus](https://github.com/sirupsen/logrus) from 1.9.0 to 1.9.1.
- [Release notes](https://github.com/sirupsen/logrus/releases)
- [Changelog](https://github.com/sirupsen/logrus/blob/master/CHANGELOG.md)
- [Commits](https://github.com/sirupsen/logrus/compare/v1.9.0...v1.9.1)

---
updated-dependencies:
- dependency-name: github.com/sirupsen/logrus
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-17 08:12:21 +02:00
Fabi
0b916d9b69
docs: pull request template (#386) 
* docs: pull request template

* Rename pull_request_template to pull_request_template.md
 2023-05-12 06:57:41 +02:00
dependabot[bot]
50271a9c19
chore(deps): bump golang.org/x/oauth2 from 0.7.0 to 0.8.0 (#391) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.7.0 to 0.8.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.7.0...v0.8.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-05-10 18:43:59 +02:00
David Sharnoff
157bc6ceb0
feat: coverage prompt=none, response_mode=fragment (#385) 2023-05-03 12:56:47 +02:00
David Sharnoff
e62473ba71
chore: improve error message when issuer is invalid (#383) 2023-05-03 12:09:19 +02:00
Tim Möhlmann
54eb823637
chore: update securty policy to latest versions (#380) 2023-05-02 11:35:15 +02:00
Tim Möhlmann
edf306219f
chore(rp): add a custom claims test for VerifyIDToken (#375) 2023-05-02 11:31:30 +02:00
mffap
7997994be4
chore(docs): add oidc link to badge (#382) 2023-04-26 12:29:35 +03:00
dependabot[bot]
d3359d7c72
chore(deps): bump codecov/codecov-action from 3.1.2 to 3.1.3 (#381) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.2 to 3.1.3.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.2...v3.1.3)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-26 12:27:55 +03:00
dependabot[bot]
7aa96feb6a
chore(deps): bump codecov/codecov-action from 3.1.1 to 3.1.2 (#373) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.1...v3.1.2)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-18 12:15:21 +03:00
dependabot[bot]
2c7ca3a305
chore(deps): bump github.com/rs/cors from 1.8.3 to 1.9.0 (#369) 
Bumps [github.com/rs/cors](https://github.com/rs/cors) from 1.8.3 to 1.9.0.
- [Release notes](https://github.com/rs/cors/releases)
- [Commits](https://github.com/rs/cors/compare/v1.8.3...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/rs/cors
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-14 15:32:02 +03:00
David Sharnoff
f0d46593e0
feat: rp.RefreshAccessToken() now may provide an updated IDToken (#365) 2023-04-13 16:37:50 +03:00
Tim Möhlmann
8730a1685e
feat: custom endpoint for device authorization (#368) 2023-04-13 11:25:49 +02:00
Tim Möhlmann
44f8403574
feat: get issuer from context for device auth (#363) 
* feat: get issuer from context for device auth

* use distinct UserFormURL and UserFormPath

- Properly deprecate UserFormURL and default to old behaviour,
to prevent breaking change.

- Refactor unit tests to test both cases.

* update example
 2023-04-11 20:29:17 +02:00
dependabot[bot]
97bc09583d
chore(deps): bump golang.org/x/oauth2 from 0.6.0 to 0.7.0 (#362) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.6.0 to 0.7.0.
- [Release notes](https://github.com/golang/oauth2/releases)
- [Commits](https://github.com/golang/oauth2/compare/v0.6.0...v0.7.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-10 10:37:08 +03:00
dependabot[bot]
54c87ada6f
chore(deps): bump golang.org/x/text from 0.8.0 to 0.9.0 (#361) 
Bumps [golang.org/x/text](https://github.com/golang/text) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/golang/text/releases)
- [Commits](https://github.com/golang/text/compare/v0.8.0...v0.9.0)

---
updated-dependencies:
- dependency-name: golang.org/x/text
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-10 10:35:15 +03:00
Tim Möhlmann
057538d555
fix: resolve nil pointer panic in Authorize (#358) 
When ParseAuthorizeRequest received an invalid URL,
for example containing a semi-colon `;`,
AuthRequestError used to panic.
This was because a typed nil was passed as a interface argument.
The nil check inside AuthRequestError always resulted in false,
allowing access through the nil pointer.

Fixes #315
 2023-04-05 10:02:37 +02:00
Livio Spring
c72aa8f9a1
fix: use Form instead of PostForm in ClientIDFromRequest (#360) 2023-04-04 13:45:30 +02:00
Livio Spring
dc2bdc6202
fix: improve error handling when getting ClientIDFromRequest (#359) 2023-04-04 12:48:18 +02:00
dependabot[bot]
211b17589e
chore(deps): bump actions/add-to-project from 0.4.1 to 0.5.0 (#357) 
Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.4.1 to 0.5.0.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/v0.4.1...v0.5.0)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-04-04 07:36:29 +02:00
Thomas Hipp
1a2db3683f
fix: Only set GrantType once (#353) 
This fixes an issue where, when using the device authorization flow, the
grant type would be set twice. Some OPs don't accept this, and fail when
polling.

With this fix the grant type is only set once, which will make some OPs
happy again.

Fixes #352
 2023-03-29 07:51:10 +00:00
Tim Möhlmann
b7d18bfd02
chore: document non-standard glob client (#328) 
* op: correct typo

rename checkURIAginstRedirects to checkURIAgainstRedirects

* chore: document standard deviation when using globs

add example on how to toggle the underlying
client implementation based on DevMode.

---------

Co-authored-by: David Sharnoff <dsharnoff@singlestore.com>
 2023-03-28 14:58:57 +03:00
David Sharnoff
e1d50faf9b fix: do not modify userInfo when marshaling 2023-03-28 12:58:34 +03:00