diff --git a/.forgejo.bak/ISSUE_TEMPLATE/bug_report.yaml b/.github/ISSUE_TEMPLATE/bug_report.yaml similarity index 99% rename from .forgejo.bak/ISSUE_TEMPLATE/bug_report.yaml rename to .github/ISSUE_TEMPLATE/bug_report.yaml index d024341..92465f9 100644 --- a/.forgejo.bak/ISSUE_TEMPLATE/bug_report.yaml +++ b/.github/ISSUE_TEMPLATE/bug_report.yaml @@ -2,7 +2,6 @@ name: Bug Report description: "Create a bug report to help us improve ZITADEL. Click [here](https://github.com/zitadel/zitadel/blob/main/CONTRIBUTING.md#product-management) to see how we process your issue." title: "[Bug]: " labels: ["bug"] -type: Bug body: - type: markdown attributes: diff --git a/.forgejo.bak/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml similarity index 100% rename from .forgejo.bak/ISSUE_TEMPLATE/config.yml rename to .github/ISSUE_TEMPLATE/config.yml diff --git a/.forgejo.bak/ISSUE_TEMPLATE/docs.yaml b/.github/ISSUE_TEMPLATE/docs.yaml similarity index 98% rename from .forgejo.bak/ISSUE_TEMPLATE/docs.yaml rename to .github/ISSUE_TEMPLATE/docs.yaml index d3f82b9..04c1c0c 100644 --- a/.forgejo.bak/ISSUE_TEMPLATE/docs.yaml +++ b/.github/ISSUE_TEMPLATE/docs.yaml @@ -1,7 +1,6 @@ name: 📄 Documentation description: Create an issue for missing or wrong documentation. labels: ["docs"] -type: task body: - type: markdown attributes: diff --git a/.forgejo.bak/ISSUE_TEMPLATE/enhancement.yaml b/.github/ISSUE_TEMPLATE/improvement.yaml similarity index 92% rename from .forgejo.bak/ISSUE_TEMPLATE/enhancement.yaml rename to .github/ISSUE_TEMPLATE/improvement.yaml index ef2103e..2e2ddf4 100644 --- a/.forgejo.bak/ISSUE_TEMPLATE/enhancement.yaml +++ b/.github/ISSUE_TEMPLATE/improvement.yaml @@ -1,12 +1,11 @@ name: 🛠️ Improvement description: "Create an new issue for an improvment in ZITADEL" -labels: ["enhancement"] -type: enhancement +labels: ["improvement"] body: - type: markdown attributes: value: | - Thanks for taking the time to fill out this proposal / feature reqeust + Thanks for taking the time to fill out this improvement request - type: checkboxes id: preflight attributes: diff --git a/.github/ISSUE_TEMPLATE/proposal.yaml b/.github/ISSUE_TEMPLATE/proposal.yaml new file mode 100644 index 0000000..af7acd5 --- /dev/null +++ b/.github/ISSUE_TEMPLATE/proposal.yaml @@ -0,0 +1,44 @@ +name: 💡 Proposal / Feature request +description: "Create an issue for a feature request/proposal." +labels: ["enhancement"] +body: + - type: markdown + attributes: + value: | + Thanks for taking the time to fill out this proposal / feature reqeust + - type: checkboxes + id: preflight + attributes: + label: Preflight Checklist + options: + - label: + I could not find a solution in the existing issues, docs, nor discussions + required: true + - label: + I have joined the [ZITADEL chat](https://zitadel.com/chat) + - type: textarea + id: problem + attributes: + label: Describe your problem + description: Please describe your problem this proposal / feature is supposed to solve. + placeholder: Describe the problem you have. + validations: + required: true + - type: textarea + id: solution + attributes: + label: Describe your ideal solution + description: Which solution do you propose? + placeholder: As a [type of user], I want [some goal] so that [some reason]. + validations: + required: true + - type: input + id: version + attributes: + label: Version + description: Which version of the OIDC Library are you using. + - type: textarea + id: additional + attributes: + label: Additional Context + description: Please add any other infos that could be useful. diff --git a/.forgejo.bak/dependabot.yml b/.github/dependabot.yml similarity index 100% rename from .forgejo.bak/dependabot.yml rename to .github/dependabot.yml diff --git a/.forgejo.bak/pull_request_template.md b/.github/pull_request_template.md similarity index 100% rename from .forgejo.bak/pull_request_template.md rename to .github/pull_request_template.md diff --git a/.forgejo.bak/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml similarity index 100% rename from .forgejo.bak/workflows/codeql-analysis.yml rename to .github/workflows/codeql-analysis.yml diff --git a/.forgejo.bak/workflows/issue.yml b/.github/workflows/issue.yml similarity index 100% rename from .forgejo.bak/workflows/issue.yml rename to .github/workflows/issue.yml diff --git a/.forgejo.bak/workflows/release.yml b/.github/workflows/release.yml similarity index 96% rename from .forgejo.bak/workflows/release.yml rename to .github/workflows/release.yml index 00063e4..20cb6df 100644 --- a/.forgejo.bak/workflows/release.yml +++ b/.github/workflows/release.yml @@ -27,7 +27,7 @@ jobs: with: go-version: ${{ matrix.go }} - run: go test -race -v -coverprofile=profile.cov -coverpkg=./pkg/... ./pkg/... - - uses: codecov/codecov-action@v5.4.3 + - uses: codecov/codecov-action@v5.4.2 with: file: ./profile.cov name: codecov-go diff --git a/example/client/api/api.go b/example/client/api/api.go index 69f9466..2e61c21 100644 --- a/example/client/api/api.go +++ b/example/client/api/api.go @@ -13,8 +13,8 @@ import ( "github.com/go-chi/chi/v5" "github.com/sirupsen/logrus" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rs" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client/rs" + "github.com/zitadel/oidc/v3/pkg/oidc" ) const ( diff --git a/example/client/app/app.go b/example/client/app/app.go index 90b1969..5740591 100644 --- a/example/client/app/app.go +++ b/example/client/app/app.go @@ -7,6 +7,7 @@ import ( "log/slog" "net/http" "os" + "strconv" "strings" "sync/atomic" "time" @@ -14,10 +15,10 @@ import ( "github.com/google/uuid" "github.com/sirupsen/logrus" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/zitadel/logging" + "github.com/zitadel/oidc/v3/pkg/client/rp" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) var ( @@ -34,6 +35,14 @@ func main() { scopes := strings.Split(os.Getenv("SCOPES"), " ") responseMode := os.Getenv("RESPONSE_MODE") + var pkce bool + if pkceEnv, ok := os.LookupEnv("PKCE"); ok { + var err error + pkce, err = strconv.ParseBool(pkceEnv) + if err != nil { + logrus.Fatalf("error parsing PKCE %s", err.Error()) + } + } redirectURI := fmt.Sprintf("http://localhost:%v%v", port, callbackPath) cookieHandler := httphelper.NewCookieHandler(key, key, httphelper.WithUnsecure()) @@ -64,6 +73,9 @@ func main() { if keyPath != "" { options = append(options, rp.WithJWTProfile(rp.SignerFromKeyPath(keyPath))) } + if pkce { + options = append(options, rp.WithPKCE(cookieHandler)) + } // One can add a logger to the context, // pre-defining log attributes as required. diff --git a/example/client/device/device.go b/example/client/device/device.go index 33bc570..78ed2c8 100644 --- a/example/client/device/device.go +++ b/example/client/device/device.go @@ -45,8 +45,8 @@ import ( "github.com/sirupsen/logrus" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/client/rp" + httphelper "github.com/zitadel/oidc/v3/pkg/http" ) var ( diff --git a/example/client/github/github.go b/example/client/github/github.go index f6c536b..7d069d4 100644 --- a/example/client/github/github.go +++ b/example/client/github/github.go @@ -10,10 +10,10 @@ import ( "golang.org/x/oauth2" githubOAuth "golang.org/x/oauth2/github" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp/cli" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client/rp" + "github.com/zitadel/oidc/v3/pkg/client/rp/cli" + "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) var ( diff --git a/example/client/service/service.go b/example/client/service/service.go index a88ab2f..865a4e0 100644 --- a/example/client/service/service.go +++ b/example/client/service/service.go @@ -13,7 +13,7 @@ import ( "github.com/sirupsen/logrus" "golang.org/x/oauth2" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/profile" + "github.com/zitadel/oidc/v3/pkg/client/profile" ) var client = http.DefaultClient diff --git a/example/server/dynamic/login.go b/example/server/dynamic/login.go index 05f0e34..685b444 100644 --- a/example/server/dynamic/login.go +++ b/example/server/dynamic/login.go @@ -8,7 +8,7 @@ import ( "github.com/go-chi/chi/v5" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/op" ) const ( diff --git a/example/server/dynamic/op.go b/example/server/dynamic/op.go index 2c00e41..432a575 100644 --- a/example/server/dynamic/op.go +++ b/example/server/dynamic/op.go @@ -10,8 +10,8 @@ import ( "github.com/go-chi/chi/v5" "golang.org/x/text/language" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/storage" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/example/server/storage" + "github.com/zitadel/oidc/v3/pkg/op" ) const ( diff --git a/example/server/exampleop/device.go b/example/server/exampleop/device.go index 99505e4..2f9be52 100644 --- a/example/server/exampleop/device.go +++ b/example/server/exampleop/device.go @@ -8,10 +8,10 @@ import ( "net/http" "net/url" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/go-chi/chi/v5" "github.com/gorilla/securecookie" "github.com/sirupsen/logrus" + "github.com/zitadel/oidc/v3/pkg/op" ) type deviceAuthenticate interface { diff --git a/example/server/exampleop/login.go b/example/server/exampleop/login.go index 77a6189..4d2b478 100644 --- a/example/server/exampleop/login.go +++ b/example/server/exampleop/login.go @@ -5,8 +5,8 @@ import ( "fmt" "net/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/go-chi/chi/v5" + "github.com/zitadel/oidc/v3/pkg/op" ) type login struct { diff --git a/example/server/exampleop/op.go b/example/server/exampleop/op.go index e12c755..8f55b0a 100644 --- a/example/server/exampleop/op.go +++ b/example/server/exampleop/op.go @@ -12,7 +12,7 @@ import ( "github.com/zitadel/logging" "golang.org/x/text/language" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/op" ) const ( diff --git a/example/server/exampleop/templates/login.html b/example/server/exampleop/templates/login.html index b048211..d7f8f9a 100644 --- a/example/server/exampleop/templates/login.html +++ b/example/server/exampleop/templates/login.html @@ -25,5 +25,5 @@ -` -{{- end }} \ No newline at end of file + +{{- end }} diff --git a/example/server/main.go b/example/server/main.go index 5bdbb05..6d345e1 100644 --- a/example/server/main.go +++ b/example/server/main.go @@ -6,9 +6,9 @@ import ( "net/http" "os" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/config" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/exampleop" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/storage" + "github.com/zitadel/oidc/v3/example/server/config" + "github.com/zitadel/oidc/v3/example/server/exampleop" + "github.com/zitadel/oidc/v3/example/server/storage" ) func getUserStore(cfg *config.Config) (storage.UserStore, error) { diff --git a/example/server/storage/client.go b/example/server/storage/client.go index 2b836c0..010b9ce 100644 --- a/example/server/storage/client.go +++ b/example/server/storage/client.go @@ -3,8 +3,8 @@ package storage import ( "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) var ( diff --git a/example/server/storage/oidc.go b/example/server/storage/oidc.go index 9c7f544..3d5d86b 100644 --- a/example/server/storage/oidc.go +++ b/example/server/storage/oidc.go @@ -6,8 +6,8 @@ import ( "golang.org/x/text/language" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) const ( @@ -18,7 +18,7 @@ const ( // CustomClaim is an example for how to return custom claims with this library CustomClaim = "custom_claim" - // CustomScopeImpersonatePrefix is an example scope prefix for passing user id to impersonate using token exchage + // CustomScopeImpersonatePrefix is an example scope prefix for passing user id to impersonate using token exchange CustomScopeImpersonatePrefix = "custom_scope:impersonate:" ) @@ -143,6 +143,14 @@ func MaxAgeToInternal(maxAge *uint) *time.Duration { } func authRequestToInternal(authReq *oidc.AuthRequest, userID string) *AuthRequest { + var codeChallenge *OIDCCodeChallenge + if authReq.CodeChallenge != "" { + codeChallenge = &OIDCCodeChallenge{ + Challenge: authReq.CodeChallenge, + Method: string(authReq.CodeChallengeMethod), + } + } + return &AuthRequest{ CreationDate: time.Now(), ApplicationID: authReq.ClientID, @@ -157,10 +165,7 @@ func authRequestToInternal(authReq *oidc.AuthRequest, userID string) *AuthReques ResponseType: authReq.ResponseType, ResponseMode: authReq.ResponseMode, Nonce: authReq.Nonce, - CodeChallenge: &OIDCCodeChallenge{ - Challenge: authReq.CodeChallenge, - Method: string(authReq.CodeChallengeMethod), - }, + CodeChallenge: codeChallenge, } } diff --git a/example/server/storage/storage.go b/example/server/storage/storage.go index d4315c6..fee34c5 100644 --- a/example/server/storage/storage.go +++ b/example/server/storage/storage.go @@ -14,8 +14,8 @@ import ( jose "github.com/go-jose/go-jose/v4" "github.com/google/uuid" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) // serviceKey1 is a public key which will be used for the JWT Profile Authorization Grant diff --git a/example/server/storage/storage_dynamic.go b/example/server/storage/storage_dynamic.go index 765d29a..d112d71 100644 --- a/example/server/storage/storage_dynamic.go +++ b/example/server/storage/storage_dynamic.go @@ -6,8 +6,8 @@ import ( jose "github.com/go-jose/go-jose/v4" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) type multiStorage struct { diff --git a/go.mod b/go.mod index a0f42c4..f5ad96b 100644 --- a/go.mod +++ b/go.mod @@ -1,4 +1,4 @@ -module git.christmann.info/LARA/zitadel-oidc/v3 +module github.com/zitadel/oidc/v3 go 1.23.7 @@ -21,8 +21,8 @@ require ( github.com/zitadel/logging v0.6.2 github.com/zitadel/schema v1.3.1 go.opentelemetry.io/otel v1.29.0 - golang.org/x/oauth2 v0.30.0 - golang.org/x/text v0.26.0 + golang.org/x/oauth2 v0.29.0 + golang.org/x/text v0.24.0 ) require ( diff --git a/go.sum b/go.sum index 4835505..e0ac4f5 100644 --- a/go.sum +++ b/go.sum @@ -73,8 +73,8 @@ golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96b golang.org/x/net v0.38.0 h1:vRMAPTMaeGqVhG5QyLJHqNDwecKTomGeqbnfZyKlBI8= golang.org/x/net v0.38.0/go.mod h1:ivrbrMbzFq5J41QOQh0siUuly180yBYtLp+CKbEaFx8= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= -golang.org/x/oauth2 v0.30.0 h1:dnDm7JmhM45NNpd8FDDeLhK6FwqbOf4MLCM9zb1BOHI= -golang.org/x/oauth2 v0.30.0/go.mod h1:B++QgG3ZKulg6sRPGD/mqlHQs5rB3Ml9erfeDY7xKlU= +golang.org/x/oauth2 v0.29.0 h1:WdYw2tdTK1S8olAzWHdgeqfy+Mtm9XNhv/xJsY65d98= +golang.org/x/oauth2 v0.29.0/go.mod h1:onh5ek6nERTohokkhCD/y2cV4Do3fxFHFuAejCkRWT8= golang.org/x/sync v0.0.0-20190423024810-112230192c58/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sys v0.0.0-20190215142949-d0b11bdaac8a/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -88,8 +88,8 @@ golang.org/x/sys v0.31.0/go.mod h1:BJP2sWEmIv4KK5OTEluFJCKSidICx8ciO85XgH3Ak8k= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.26.0 h1:P42AVeLghgTYr4+xUnTRKDMqpar+PtX7KWuNQL21L8M= -golang.org/x/text v0.26.0/go.mod h1:QK15LZJUUQVJxhz7wXgxSy/CJaTFjd0G+YLonydOVQA= +golang.org/x/text v0.24.0 h1:dd5Bzh4yt5KYA8f9CJHCP4FB4D51c2c6JvN37xJJkJ0= +golang.org/x/text v0.24.0/go.mod h1:L8rBsPeo2pSS+xqN0d5u2ikmjtmoJbDBT1b7nHvFCdU= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20191119224855-298f0cb1881e/go.mod h1:b+2E5dAYhXwXZwtnZ6UAqBI28+e2cm9otk0dWdXHAEo= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= diff --git a/internal/testutil/gen/gen.go b/internal/testutil/gen/gen.go index 3e44b7d..e4a5718 100644 --- a/internal/testutil/gen/gen.go +++ b/internal/testutil/gen/gen.go @@ -8,8 +8,8 @@ import ( "fmt" "os" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" ) var custom = map[string]any{ diff --git a/internal/testutil/token.go b/internal/testutil/token.go index 72d08c5..7ad8893 100644 --- a/internal/testutil/token.go +++ b/internal/testutil/token.go @@ -8,9 +8,9 @@ import ( "errors" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" jose "github.com/go-jose/go-jose/v4" "github.com/muhlemmer/gu" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // KeySet implements oidc.Keys diff --git a/pkg/client/client.go b/pkg/client/client.go index 2e1f536..56417b5 100644 --- a/pkg/client/client.go +++ b/pkg/client/client.go @@ -15,9 +15,9 @@ import ( "go.opentelemetry.io/otel" "golang.org/x/oauth2" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/crypto" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/crypto" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) var ( diff --git a/pkg/client/client_test.go b/pkg/client/client_test.go index 9e21e8e..1046941 100644 --- a/pkg/client/client_test.go +++ b/pkg/client/client_test.go @@ -5,9 +5,9 @@ import ( "net/http" "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func TestDiscover(t *testing.T) { diff --git a/pkg/client/integration_test.go b/pkg/client/integration_test.go index 86a9ab7..98a9d3a 100644 --- a/pkg/client/integration_test.go +++ b/pkg/client/integration_test.go @@ -23,14 +23,14 @@ import ( "github.com/stretchr/testify/require" "golang.org/x/oauth2" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/exampleop" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/storage" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rs" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/tokenexchange" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/example/server/exampleop" + "github.com/zitadel/oidc/v3/example/server/storage" + "github.com/zitadel/oidc/v3/pkg/client/rp" + "github.com/zitadel/oidc/v3/pkg/client/rs" + "github.com/zitadel/oidc/v3/pkg/client/tokenexchange" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) var Logger = slog.New( diff --git a/pkg/client/jwt_profile.go b/pkg/client/jwt_profile.go index 98a54fd..0a5d9ec 100644 --- a/pkg/client/jwt_profile.go +++ b/pkg/client/jwt_profile.go @@ -6,8 +6,8 @@ import ( "golang.org/x/oauth2" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // JWTProfileExchange handles the oauth2 jwt profile exchange diff --git a/pkg/client/profile/jwt_profile.go b/pkg/client/profile/jwt_profile.go index fb351f0..060f390 100644 --- a/pkg/client/profile/jwt_profile.go +++ b/pkg/client/profile/jwt_profile.go @@ -8,8 +8,8 @@ import ( jose "github.com/go-jose/go-jose/v4" "golang.org/x/oauth2" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type TokenSource interface { diff --git a/pkg/client/rp/cli/cli.go b/pkg/client/rp/cli/cli.go index 10edaa7..eeb9011 100644 --- a/pkg/client/rp/cli/cli.go +++ b/pkg/client/rp/cli/cli.go @@ -4,9 +4,9 @@ import ( "context" "net/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client/rp" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) const ( diff --git a/pkg/client/rp/delegation.go b/pkg/client/rp/delegation.go index fb4fc63..23ecffd 100644 --- a/pkg/client/rp/delegation.go +++ b/pkg/client/rp/delegation.go @@ -1,7 +1,7 @@ package rp import ( - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc/grants/tokenexchange" + "github.com/zitadel/oidc/v3/pkg/oidc/grants/tokenexchange" ) // DelegationTokenRequest is an implementation of TokenExchangeRequest diff --git a/pkg/client/rp/device.go b/pkg/client/rp/device.go index 1fadd56..c2d1f8a 100644 --- a/pkg/client/rp/device.go +++ b/pkg/client/rp/device.go @@ -5,8 +5,8 @@ import ( "fmt" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func newDeviceClientCredentialsRequest(scopes []string, rp RelyingParty) (*oidc.ClientCredentialsRequest, error) { diff --git a/pkg/client/rp/jwks.go b/pkg/client/rp/jwks.go index 0ccbad2..c44a267 100644 --- a/pkg/client/rp/jwks.go +++ b/pkg/client/rp/jwks.go @@ -9,9 +9,9 @@ import ( jose "github.com/go-jose/go-jose/v4" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func NewRemoteKeySet(client *http.Client, jwksURL string, opts ...func(*remoteKeySet)) oidc.KeySet { diff --git a/pkg/client/rp/relying_party.go b/pkg/client/rp/relying_party.go index c2759a2..e6fa078 100644 --- a/pkg/client/rp/relying_party.go +++ b/pkg/client/rp/relying_party.go @@ -14,10 +14,10 @@ import ( "golang.org/x/oauth2" "golang.org/x/oauth2/clientcredentials" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/zitadel/logging" + "github.com/zitadel/oidc/v3/pkg/client" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) const ( diff --git a/pkg/client/rp/relying_party_test.go b/pkg/client/rp/relying_party_test.go index b3bb6ee..4c5a1b3 100644 --- a/pkg/client/rp/relying_party_test.go +++ b/pkg/client/rp/relying_party_test.go @@ -5,10 +5,10 @@ import ( "testing" "time" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" "golang.org/x/oauth2" ) diff --git a/pkg/client/rp/tockenexchange.go b/pkg/client/rp/tockenexchange.go index aa2cf99..c8ca048 100644 --- a/pkg/client/rp/tockenexchange.go +++ b/pkg/client/rp/tockenexchange.go @@ -5,7 +5,7 @@ import ( "golang.org/x/oauth2" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc/grants/tokenexchange" + "github.com/zitadel/oidc/v3/pkg/oidc/grants/tokenexchange" ) // TokenExchangeRP extends the `RelyingParty` interface for the *draft* oauth2 `Token Exchange` diff --git a/pkg/client/rp/userinfo_example_test.go b/pkg/client/rp/userinfo_example_test.go index 78e014e..2cc5222 100644 --- a/pkg/client/rp/userinfo_example_test.go +++ b/pkg/client/rp/userinfo_example_test.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client/rp" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type UserInfo struct { diff --git a/pkg/client/rp/verifier.go b/pkg/client/rp/verifier.go index 0088b81..ca59454 100644 --- a/pkg/client/rp/verifier.go +++ b/pkg/client/rp/verifier.go @@ -6,8 +6,8 @@ import ( jose "github.com/go-jose/go-jose/v4" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // VerifyTokens implement the Token Response Validation as defined in OIDC specification diff --git a/pkg/client/rp/verifier_test.go b/pkg/client/rp/verifier_test.go index 38f5a4a..24d35af 100644 --- a/pkg/client/rp/verifier_test.go +++ b/pkg/client/rp/verifier_test.go @@ -5,11 +5,11 @@ import ( "testing" "time" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" jose "github.com/go-jose/go-jose/v4" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func TestVerifyTokens(t *testing.T) { diff --git a/pkg/client/rp/verifier_tokens_example_test.go b/pkg/client/rp/verifier_tokens_example_test.go index 7ae68d6..892eb23 100644 --- a/pkg/client/rp/verifier_tokens_example_test.go +++ b/pkg/client/rp/verifier_tokens_example_test.go @@ -4,9 +4,9 @@ import ( "context" "fmt" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rp" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/client/rp" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // MyCustomClaims extends the TokenClaims base, diff --git a/pkg/client/rs/introspect_example_test.go b/pkg/client/rs/introspect_example_test.go index 1f67d11..eac8be2 100644 --- a/pkg/client/rs/introspect_example_test.go +++ b/pkg/client/rs/introspect_example_test.go @@ -4,8 +4,8 @@ import ( "context" "fmt" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client/rs" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client/rs" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type IntrospectionResponse struct { diff --git a/pkg/client/rs/resource_server.go b/pkg/client/rs/resource_server.go index 993796e..962af7e 100644 --- a/pkg/client/rs/resource_server.go +++ b/pkg/client/rs/resource_server.go @@ -6,9 +6,9 @@ import ( "net/http" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/client" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type ResourceServer interface { diff --git a/pkg/client/rs/resource_server_test.go b/pkg/client/rs/resource_server_test.go index afd7441..7a5ced9 100644 --- a/pkg/client/rs/resource_server_test.go +++ b/pkg/client/rs/resource_server_test.go @@ -4,9 +4,9 @@ import ( "context" "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func TestNewResourceServer(t *testing.T) { diff --git a/pkg/client/tokenexchange/tokenexchange.go b/pkg/client/tokenexchange/tokenexchange.go index 9cc1328..61975a4 100644 --- a/pkg/client/tokenexchange/tokenexchange.go +++ b/pkg/client/tokenexchange/tokenexchange.go @@ -6,10 +6,10 @@ import ( "net/http" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/go-jose/go-jose/v4" + "github.com/zitadel/oidc/v3/pkg/client" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type TokenExchanger interface { diff --git a/pkg/crypto/key_test.go b/pkg/crypto/key_test.go index a6fa493..8ed5cb5 100644 --- a/pkg/crypto/key_test.go +++ b/pkg/crypto/key_test.go @@ -10,7 +10,7 @@ import ( "github.com/go-jose/go-jose/v4" "github.com/stretchr/testify/assert" - zcrypto "git.christmann.info/LARA/zitadel-oidc/v3/pkg/crypto" + zcrypto "github.com/zitadel/oidc/v3/pkg/crypto" ) func TestBytesToPrivateKey(t *testing.T) { diff --git a/pkg/http/http.go b/pkg/http/http.go index aa0ff6f..33c5f15 100644 --- a/pkg/http/http.go +++ b/pkg/http/http.go @@ -11,7 +11,7 @@ import ( "strings" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/oidc" ) var DefaultHTTPClient = &http.Client{ diff --git a/pkg/oidc/code_challenge.go b/pkg/oidc/code_challenge.go index 0c593df..3296362 100644 --- a/pkg/oidc/code_challenge.go +++ b/pkg/oidc/code_challenge.go @@ -3,7 +3,7 @@ package oidc import ( "crypto/sha256" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/crypto" + "github.com/zitadel/oidc/v3/pkg/crypto" ) const ( diff --git a/pkg/oidc/session.go b/pkg/oidc/session.go index 39f9f08..b470d1e 100644 --- a/pkg/oidc/session.go +++ b/pkg/oidc/session.go @@ -1,12 +1,10 @@ package oidc // EndSessionRequest for the RP-Initiated Logout according to: -// https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout +//https://openid.net/specs/openid-connect-rpinitiated-1_0.html#RPLogout type EndSessionRequest struct { - IdTokenHint string `schema:"id_token_hint"` - LogoutHint string `schema:"logout_hint"` - ClientID string `schema:"client_id"` - PostLogoutRedirectURI string `schema:"post_logout_redirect_uri"` - State string `schema:"state"` - UILocales Locales `schema:"ui_locales"` + IdTokenHint string `schema:"id_token_hint"` + ClientID string `schema:"client_id"` + PostLogoutRedirectURI string `schema:"post_logout_redirect_uri"` + State string `schema:"state"` } diff --git a/pkg/oidc/token.go b/pkg/oidc/token.go index 4b43dcb..d2b6f6d 100644 --- a/pkg/oidc/token.go +++ b/pkg/oidc/token.go @@ -10,7 +10,7 @@ import ( "github.com/muhlemmer/gu" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/crypto" + "github.com/zitadel/oidc/v3/pkg/crypto" ) const ( diff --git a/pkg/oidc/types.go b/pkg/oidc/types.go index 5d063b1..9b307bc 100644 --- a/pkg/oidc/types.go +++ b/pkg/oidc/types.go @@ -35,17 +35,6 @@ func (a *Audience) UnmarshalJSON(text []byte) error { return nil } -func (a *Audience) MarshalJSON() ([]byte, error) { - len := len(*a) - if len > 1 { - return json.Marshal(*a) - } else if len == 1 { - return json.Marshal((*a)[0]) - } - - return nil, errors.New("aud is empty") -} - type Display string func (d *Display) UnmarshalText(text []byte) error { @@ -126,14 +115,6 @@ func ParseLocales(locales []string) Locales { return out } -func (l Locales) String() string { - tags := make([]string, len(l)) - for i, tag := range l { - tags[i] = tag.String() - } - return strings.Join(tags, " ") -} - // UnmarshalText implements the [encoding.TextUnmarshaler] interface. // It decodes an unquoted space seperated string into Locales. // Undefined language tags in the input are ignored and ommited from @@ -250,9 +231,6 @@ func NewEncoder() *schema.Encoder { e.RegisterEncoder(SpaceDelimitedArray{}, func(value reflect.Value) string { return value.Interface().(SpaceDelimitedArray).String() }) - e.RegisterEncoder(Locales{}, func(value reflect.Value) string { - return value.Interface().(Locales).String() - }) return e } diff --git a/pkg/oidc/verifier_parse_test.go b/pkg/oidc/verifier_parse_test.go index 9cf5c1e..105650f 100644 --- a/pkg/oidc/verifier_parse_test.go +++ b/pkg/oidc/verifier_parse_test.go @@ -5,10 +5,10 @@ import ( "encoding/json" "testing" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func TestParseToken(t *testing.T) { diff --git a/pkg/op/auth_request.go b/pkg/op/auth_request.go index b1434cc..2c013aa 100644 --- a/pkg/op/auth_request.go +++ b/pkg/op/auth_request.go @@ -15,9 +15,9 @@ import ( "strings" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/bmatcuk/doublestar/v4" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type AuthRequest interface { diff --git a/pkg/op/auth_request_test.go b/pkg/op/auth_request_test.go index d1ea965..f0c4ef1 100644 --- a/pkg/op/auth_request_test.go +++ b/pkg/op/auth_request_test.go @@ -11,15 +11,15 @@ import ( "reflect" "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/storage" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op/mock" "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/example/server/storage" + tu "github.com/zitadel/oidc/v3/internal/testutil" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/op/mock" "github.com/zitadel/schema" ) diff --git a/pkg/op/client.go b/pkg/op/client.go index a4f44d3..913944c 100644 --- a/pkg/op/client.go +++ b/pkg/op/client.go @@ -7,8 +7,8 @@ import ( "net/url" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) //go:generate go get github.com/dmarkham/enumer diff --git a/pkg/op/client_test.go b/pkg/op/client_test.go index b416630..b772ba5 100644 --- a/pkg/op/client_test.go +++ b/pkg/op/client_test.go @@ -10,13 +10,13 @@ import ( "strings" "testing" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op/mock" "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/op/mock" "github.com/zitadel/schema" ) diff --git a/pkg/op/crypto.go b/pkg/op/crypto.go index 01aaad3..6ab1e0a 100644 --- a/pkg/op/crypto.go +++ b/pkg/op/crypto.go @@ -1,7 +1,7 @@ package op import ( - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/crypto" + "github.com/zitadel/oidc/v3/pkg/crypto" ) type Crypto interface { diff --git a/pkg/op/device.go b/pkg/op/device.go index 866cbc4..b7290cd 100644 --- a/pkg/op/device.go +++ b/pkg/op/device.go @@ -13,8 +13,8 @@ import ( "strings" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type DeviceAuthorizationConfig struct { diff --git a/pkg/op/device_test.go b/pkg/op/device_test.go index a7b5c4e..5fd9c9b 100644 --- a/pkg/op/device_test.go +++ b/pkg/op/device_test.go @@ -13,12 +13,12 @@ import ( "testing" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/storage" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/muhlemmer/gu" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/example/server/storage" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func Test_deviceAuthorizationHandler(t *testing.T) { diff --git a/pkg/op/discovery.go b/pkg/op/discovery.go index 9b3ddb6..7aa7cf7 100644 --- a/pkg/op/discovery.go +++ b/pkg/op/discovery.go @@ -6,8 +6,8 @@ import ( jose "github.com/go-jose/go-jose/v4" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type DiscoverStorage interface { diff --git a/pkg/op/discovery_test.go b/pkg/op/discovery_test.go index 63f1b98..61afb62 100644 --- a/pkg/op/discovery_test.go +++ b/pkg/op/discovery_test.go @@ -11,9 +11,9 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op/mock" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/op/mock" ) func TestDiscover(t *testing.T) { diff --git a/pkg/op/endpoint_test.go b/pkg/op/endpoint_test.go index 5b98c6e..bf112ef 100644 --- a/pkg/op/endpoint_test.go +++ b/pkg/op/endpoint_test.go @@ -3,8 +3,8 @@ package op_test import ( "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/pkg/op" ) func TestEndpoint_Path(t *testing.T) { diff --git a/pkg/op/error.go b/pkg/op/error.go index 272f85e..d57da83 100644 --- a/pkg/op/error.go +++ b/pkg/op/error.go @@ -7,8 +7,8 @@ import ( "log/slog" "net/http" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type ErrAuthRequest interface { diff --git a/pkg/op/error_test.go b/pkg/op/error_test.go index 9271cf1..107f9d0 100644 --- a/pkg/op/error_test.go +++ b/pkg/op/error_test.go @@ -11,9 +11,9 @@ import ( "strings" "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/pkg/oidc" "github.com/zitadel/schema" ) diff --git a/pkg/op/keys.go b/pkg/op/keys.go index 97e400b..c96c456 100644 --- a/pkg/op/keys.go +++ b/pkg/op/keys.go @@ -6,7 +6,7 @@ import ( jose "github.com/go-jose/go-jose/v4" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" + httphelper "github.com/zitadel/oidc/v3/pkg/http" ) type KeyProvider interface { diff --git a/pkg/op/keys_test.go b/pkg/op/keys_test.go index 9c80878..3662739 100644 --- a/pkg/op/keys_test.go +++ b/pkg/op/keys_test.go @@ -11,9 +11,9 @@ import ( "github.com/golang/mock/gomock" "github.com/stretchr/testify/assert" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op/mock" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/op/mock" ) func TestKeys(t *testing.T) { diff --git a/pkg/op/mock/authorizer.mock.go b/pkg/op/mock/authorizer.mock.go index 56b28e0..c7703f1 100644 --- a/pkg/op/mock/authorizer.mock.go +++ b/pkg/op/mock/authorizer.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: Authorizer) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: Authorizer) // Package mock is a generated GoMock package. package mock @@ -9,9 +9,9 @@ import ( slog "log/slog" reflect "reflect" - http "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" gomock "github.com/golang/mock/gomock" + http "github.com/zitadel/oidc/v3/pkg/http" + op "github.com/zitadel/oidc/v3/pkg/op" ) // MockAuthorizer is a mock of Authorizer interface. diff --git a/pkg/op/mock/authorizer.mock.impl.go b/pkg/op/mock/authorizer.mock.impl.go index 73c4154..59e8fa3 100644 --- a/pkg/op/mock/authorizer.mock.impl.go +++ b/pkg/op/mock/authorizer.mock.impl.go @@ -8,8 +8,8 @@ import ( "github.com/golang/mock/gomock" "github.com/zitadel/schema" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func NewAuthorizer(t *testing.T) op.Authorizer { diff --git a/pkg/op/mock/client.go b/pkg/op/mock/client.go index e2a5e85..f01e3ec 100644 --- a/pkg/op/mock/client.go +++ b/pkg/op/mock/client.go @@ -5,8 +5,8 @@ import ( "github.com/golang/mock/gomock" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func NewClient(t *testing.T) op.Client { diff --git a/pkg/op/mock/client.mock.go b/pkg/op/mock/client.mock.go index 93eca67..9be0807 100644 --- a/pkg/op/mock/client.mock.go +++ b/pkg/op/mock/client.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: Client) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: Client) // Package mock is a generated GoMock package. package mock @@ -8,9 +8,9 @@ import ( reflect "reflect" time "time" - oidc "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" gomock "github.com/golang/mock/gomock" + oidc "github.com/zitadel/oidc/v3/pkg/oidc" + op "github.com/zitadel/oidc/v3/pkg/op" ) // MockClient is a mock of Client interface. diff --git a/pkg/op/mock/configuration.mock.go b/pkg/op/mock/configuration.mock.go index bf51035..0ef9d92 100644 --- a/pkg/op/mock/configuration.mock.go +++ b/pkg/op/mock/configuration.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: Configuration) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: Configuration) // Package mock is a generated GoMock package. package mock @@ -8,8 +8,8 @@ import ( http "net/http" reflect "reflect" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" gomock "github.com/golang/mock/gomock" + op "github.com/zitadel/oidc/v3/pkg/op" language "golang.org/x/text/language" ) diff --git a/pkg/op/mock/discovery.mock.go b/pkg/op/mock/discovery.mock.go index c85f91b..a27f8ef 100644 --- a/pkg/op/mock/discovery.mock.go +++ b/pkg/op/mock/discovery.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: DiscoverStorage) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: DiscoverStorage) // Package mock is a generated GoMock package. package mock diff --git a/pkg/op/mock/generate.go b/pkg/op/mock/generate.go index 3d58ab7..e5cab3e 100644 --- a/pkg/op/mock/generate.go +++ b/pkg/op/mock/generate.go @@ -1,11 +1,11 @@ package mock //go:generate go install github.com/golang/mock/mockgen@v1.6.0 -//go:generate mockgen -package mock -destination ./storage.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op Storage -//go:generate mockgen -package mock -destination ./authorizer.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op Authorizer -//go:generate mockgen -package mock -destination ./client.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op Client -//go:generate mockgen -package mock -destination ./glob.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op HasRedirectGlobs -//go:generate mockgen -package mock -destination ./configuration.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op Configuration -//go:generate mockgen -package mock -destination ./discovery.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op DiscoverStorage -//go:generate mockgen -package mock -destination ./signer.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op SigningKey,Key -//go:generate mockgen -package mock -destination ./key.mock.go git.christmann.info/LARA/zitadel-oidc/v3/pkg/op KeyProvider +//go:generate mockgen -package mock -destination ./storage.mock.go github.com/zitadel/oidc/v3/pkg/op Storage +//go:generate mockgen -package mock -destination ./authorizer.mock.go github.com/zitadel/oidc/v3/pkg/op Authorizer +//go:generate mockgen -package mock -destination ./client.mock.go github.com/zitadel/oidc/v3/pkg/op Client +//go:generate mockgen -package mock -destination ./glob.mock.go github.com/zitadel/oidc/v3/pkg/op HasRedirectGlobs +//go:generate mockgen -package mock -destination ./configuration.mock.go github.com/zitadel/oidc/v3/pkg/op Configuration +//go:generate mockgen -package mock -destination ./discovery.mock.go github.com/zitadel/oidc/v3/pkg/op DiscoverStorage +//go:generate mockgen -package mock -destination ./signer.mock.go github.com/zitadel/oidc/v3/pkg/op SigningKey,Key +//go:generate mockgen -package mock -destination ./key.mock.go github.com/zitadel/oidc/v3/pkg/op KeyProvider diff --git a/pkg/op/mock/glob.go b/pkg/op/mock/glob.go index 8149c8f..cade476 100644 --- a/pkg/op/mock/glob.go +++ b/pkg/op/mock/glob.go @@ -3,9 +3,9 @@ package mock import ( "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" gomock "github.com/golang/mock/gomock" + "github.com/zitadel/oidc/v3/pkg/oidc" + op "github.com/zitadel/oidc/v3/pkg/op" ) func NewHasRedirectGlobs(t *testing.T) op.HasRedirectGlobs { diff --git a/pkg/op/mock/glob.mock.go b/pkg/op/mock/glob.mock.go index ebdc333..cf9996e 100644 --- a/pkg/op/mock/glob.mock.go +++ b/pkg/op/mock/glob.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: HasRedirectGlobs) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: HasRedirectGlobs) // Package mock is a generated GoMock package. package mock @@ -8,9 +8,9 @@ import ( reflect "reflect" time "time" - oidc "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" gomock "github.com/golang/mock/gomock" + oidc "github.com/zitadel/oidc/v3/pkg/oidc" + op "github.com/zitadel/oidc/v3/pkg/op" ) // MockHasRedirectGlobs is a mock of HasRedirectGlobs interface. diff --git a/pkg/op/mock/key.mock.go b/pkg/op/mock/key.mock.go index d9ee857..122e852 100644 --- a/pkg/op/mock/key.mock.go +++ b/pkg/op/mock/key.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: KeyProvider) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: KeyProvider) // Package mock is a generated GoMock package. package mock @@ -8,8 +8,8 @@ import ( context "context" reflect "reflect" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" gomock "github.com/golang/mock/gomock" + op "github.com/zitadel/oidc/v3/pkg/op" ) // MockKeyProvider is a mock of KeyProvider interface. diff --git a/pkg/op/mock/signer.mock.go b/pkg/op/mock/signer.mock.go index 751ce60..e1bab91 100644 --- a/pkg/op/mock/signer.mock.go +++ b/pkg/op/mock/signer.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: SigningKey,Key) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: SigningKey,Key) // Package mock is a generated GoMock package. package mock diff --git a/pkg/op/mock/storage.mock.go b/pkg/op/mock/storage.mock.go index 0df9830..02a7c5c 100644 --- a/pkg/op/mock/storage.mock.go +++ b/pkg/op/mock/storage.mock.go @@ -1,5 +1,5 @@ // Code generated by MockGen. DO NOT EDIT. -// Source: git.christmann.info/LARA/zitadel-oidc/v3/pkg/op (interfaces: Storage) +// Source: github.com/zitadel/oidc/v3/pkg/op (interfaces: Storage) // Package mock is a generated GoMock package. package mock @@ -9,10 +9,10 @@ import ( reflect "reflect" time "time" - oidc "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - op "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" jose "github.com/go-jose/go-jose/v4" gomock "github.com/golang/mock/gomock" + oidc "github.com/zitadel/oidc/v3/pkg/oidc" + op "github.com/zitadel/oidc/v3/pkg/op" ) // MockStorage is a mock of Storage interface. diff --git a/pkg/op/mock/storage.mock.impl.go b/pkg/op/mock/storage.mock.impl.go index 96e08a9..002da7e 100644 --- a/pkg/op/mock/storage.mock.impl.go +++ b/pkg/op/mock/storage.mock.impl.go @@ -8,8 +8,8 @@ import ( "github.com/golang/mock/gomock" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func NewStorage(t *testing.T) op.Storage { diff --git a/pkg/op/op.go b/pkg/op/op.go index 76c2c89..58ae838 100644 --- a/pkg/op/op.go +++ b/pkg/op/op.go @@ -14,8 +14,8 @@ import ( "go.opentelemetry.io/otel" "golang.org/x/text/language" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) const ( diff --git a/pkg/op/op_test.go b/pkg/op/op_test.go index e1ac0bd..c1520e2 100644 --- a/pkg/op/op_test.go +++ b/pkg/op/op_test.go @@ -11,12 +11,12 @@ import ( "testing" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/example/server/storage" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/muhlemmer/gu" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + "github.com/zitadel/oidc/v3/example/server/storage" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" "golang.org/x/text/language" ) @@ -102,6 +102,7 @@ func TestRoutes(t *testing.T) { authReq, err := storage.CreateAuthRequest(ctx, oidcAuthReq, "id1") require.NoError(t, err) storage.AuthRequestDone(authReq.GetID()) + storage.SaveAuthCode(ctx, authReq.GetID(), "123") accessToken, refreshToken, _, err := op.CreateAccessToken(ctx, authReq, op.AccessTokenTypeBearer, testProvider, client, "") require.NoError(t, err) diff --git a/pkg/op/probes.go b/pkg/op/probes.go index fa713da..cb3853d 100644 --- a/pkg/op/probes.go +++ b/pkg/op/probes.go @@ -5,7 +5,7 @@ import ( "errors" "net/http" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" + httphelper "github.com/zitadel/oidc/v3/pkg/http" ) type ProbesFn func(context.Context) error diff --git a/pkg/op/server.go b/pkg/op/server.go index d45b734..b500e43 100644 --- a/pkg/op/server.go +++ b/pkg/op/server.go @@ -5,9 +5,9 @@ import ( "net/http" "net/url" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/muhlemmer/gu" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // Server describes the interface that needs to be implemented to serve diff --git a/pkg/op/server_http.go b/pkg/op/server_http.go index d71a354..725dd64 100644 --- a/pkg/op/server_http.go +++ b/pkg/op/server_http.go @@ -6,11 +6,11 @@ import ( "net/http" "net/url" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/go-chi/chi/v5" "github.com/rs/cors" "github.com/zitadel/logging" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" "github.com/zitadel/schema" ) diff --git a/pkg/op/server_http_routes_test.go b/pkg/op/server_http_routes_test.go index 02200ee..e0e4a97 100644 --- a/pkg/op/server_http_routes_test.go +++ b/pkg/op/server_http_routes_test.go @@ -14,9 +14,9 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/client" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + "github.com/zitadel/oidc/v3/pkg/client" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func jwtProfile() (string, error) { @@ -130,7 +130,7 @@ func TestServerRoutes(t *testing.T) { "client_id": client.GetID(), "client_secret": "secret", "redirect_uri": "https://example.com", - "code": "123", + "code": "abc", }, wantCode: http.StatusBadRequest, json: `{"error":"invalid_grant", "error_description":"invalid code"}`, diff --git a/pkg/op/server_http_test.go b/pkg/op/server_http_test.go index 75d02ca..9ff07bc 100644 --- a/pkg/op/server_http_test.go +++ b/pkg/op/server_http_test.go @@ -14,11 +14,11 @@ import ( "testing" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/muhlemmer/gu" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" "github.com/zitadel/schema" ) diff --git a/pkg/op/server_legacy.go b/pkg/op/server_legacy.go index 06e4e93..126fde1 100644 --- a/pkg/op/server_legacy.go +++ b/pkg/op/server_legacy.go @@ -6,8 +6,8 @@ import ( "net/http" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/go-chi/chi/v5" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // ExtendedLegacyServer allows embedding [LegacyServer] in a struct, diff --git a/pkg/op/session.go b/pkg/op/session.go index ac663c9..8ac530d 100644 --- a/pkg/op/session.go +++ b/pkg/op/session.go @@ -8,8 +8,8 @@ import ( "net/url" "path" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type SessionEnder interface { @@ -73,8 +73,6 @@ func ValidateEndSessionRequest(ctx context.Context, req *oidc.EndSessionRequest, session := &EndSessionRequest{ RedirectURI: ender.DefaultLogoutRedirectURI(), - LogoutHint: req.LogoutHint, - UILocales: req.UILocales, } if req.IdTokenHint != "" { claims, err := VerifyIDTokenHint[*oidc.IDTokenClaims](ctx, req.IdTokenHint, ender.IDTokenHintVerifier(ctx)) diff --git a/pkg/op/storage.go b/pkg/op/storage.go index 2dbd124..a579810 100644 --- a/pkg/op/storage.go +++ b/pkg/op/storage.go @@ -6,9 +6,8 @@ import ( "time" jose "github.com/go-jose/go-jose/v4" - "golang.org/x/text/language" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type AuthStorage interface { @@ -171,8 +170,6 @@ type EndSessionRequest struct { ClientID string IDTokenHintClaims *oidc.IDTokenClaims RedirectURI string - LogoutHint string - UILocales []language.Tag } var ErrDuplicateUserCode = errors.New("user code already exists") diff --git a/pkg/op/token.go b/pkg/op/token.go index 2e25d05..1df9cc2 100644 --- a/pkg/op/token.go +++ b/pkg/op/token.go @@ -5,8 +5,8 @@ import ( "slices" "time" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/crypto" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/crypto" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type TokenCreator interface { diff --git a/pkg/op/token_client_credentials.go b/pkg/op/token_client_credentials.go index ddb2fbf..63dcc79 100644 --- a/pkg/op/token_client_credentials.go +++ b/pkg/op/token_client_credentials.go @@ -5,8 +5,8 @@ import ( "net/http" "net/url" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // ClientCredentialsExchange handles the OAuth 2.0 client_credentials grant, including diff --git a/pkg/op/token_code.go b/pkg/op/token_code.go index 155aa43..fb636b4 100644 --- a/pkg/op/token_code.go +++ b/pkg/op/token_code.go @@ -4,8 +4,8 @@ import ( "context" "net/http" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // CodeExchange handles the OAuth 2.0 authorization_code grant, including @@ -74,6 +74,17 @@ func AuthorizeCodeClient(ctx context.Context, tokenReq *oidc.AccessTokenRequest, ctx, span := tracer.Start(ctx, "AuthorizeCodeClient") defer span.End() + request, err = AuthRequestByCode(ctx, exchanger.Storage(), tokenReq.Code) + if err != nil { + return nil, nil, err + } + + codeChallenge := request.GetCodeChallenge() + err = AuthorizeCodeChallenge(tokenReq.CodeVerifier, codeChallenge) + if err != nil { + return nil, nil, err + } + if tokenReq.ClientAssertionType == oidc.ClientAssertionTypeJWTAssertion { jwtExchanger, ok := exchanger.(JWTAuthorizationGrantExchanger) if !ok || !exchanger.AuthMethodPrivateKeyJWTSupported() { @@ -83,9 +94,9 @@ func AuthorizeCodeClient(ctx context.Context, tokenReq *oidc.AccessTokenRequest, if err != nil { return nil, nil, err } - request, err = AuthRequestByCode(ctx, exchanger.Storage(), tokenReq.Code) return request, client, err } + client, err = exchanger.Storage().GetClientByClientID(ctx, tokenReq.ClientID) if err != nil { return nil, nil, oidc.ErrInvalidClient().WithParent(err) @@ -94,12 +105,10 @@ func AuthorizeCodeClient(ctx context.Context, tokenReq *oidc.AccessTokenRequest, return nil, nil, oidc.ErrInvalidClient().WithDescription("private_key_jwt not allowed for this client") } if client.AuthMethod() == oidc.AuthMethodNone { - request, err = AuthRequestByCode(ctx, exchanger.Storage(), tokenReq.Code) - if err != nil { - return nil, nil, err + if codeChallenge == nil { + return nil, nil, oidc.ErrInvalidRequest().WithDescription("PKCE required") } - err = AuthorizeCodeChallenge(tokenReq.CodeVerifier, request.GetCodeChallenge()) - return request, client, err + return request, client, nil } if client.AuthMethod() == oidc.AuthMethodPost && !exchanger.AuthMethodPostSupported() { return nil, nil, oidc.ErrInvalidClient().WithDescription("auth_method post not supported") @@ -108,7 +117,7 @@ func AuthorizeCodeClient(ctx context.Context, tokenReq *oidc.AccessTokenRequest, if err != nil { return nil, nil, err } - request, err = AuthRequestByCode(ctx, exchanger.Storage(), tokenReq.Code) + return request, client, err } diff --git a/pkg/op/token_exchange.go b/pkg/op/token_exchange.go index 00af485..fcb4468 100644 --- a/pkg/op/token_exchange.go +++ b/pkg/op/token_exchange.go @@ -7,8 +7,8 @@ import ( "strings" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type TokenExchangeRequest interface { diff --git a/pkg/op/token_intospection.go b/pkg/op/token_intospection.go index bb6a5a0..29234e1 100644 --- a/pkg/op/token_intospection.go +++ b/pkg/op/token_intospection.go @@ -5,8 +5,8 @@ import ( "errors" "net/http" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type Introspector interface { diff --git a/pkg/op/token_jwt_profile.go b/pkg/op/token_jwt_profile.go index defb937..d1a7ff5 100644 --- a/pkg/op/token_jwt_profile.go +++ b/pkg/op/token_jwt_profile.go @@ -5,8 +5,8 @@ import ( "net/http" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type JWTAuthorizationGrantExchanger interface { diff --git a/pkg/op/token_refresh.go b/pkg/op/token_refresh.go index a87e883..7c8c1c0 100644 --- a/pkg/op/token_refresh.go +++ b/pkg/op/token_refresh.go @@ -7,8 +7,8 @@ import ( "slices" "time" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type RefreshTokenRequest interface { diff --git a/pkg/op/token_request.go b/pkg/op/token_request.go index 3f5af7a..66e4c83 100644 --- a/pkg/op/token_request.go +++ b/pkg/op/token_request.go @@ -6,8 +6,8 @@ import ( "net/http" "net/url" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type Exchanger interface { diff --git a/pkg/op/token_request_test.go b/pkg/op/token_request_test.go index d226af6..21cf20b 100644 --- a/pkg/op/token_request_test.go +++ b/pkg/op/token_request_test.go @@ -3,22 +3,22 @@ package op_test import ( "testing" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/stretchr/testify/assert" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func TestAuthorizeCodeChallenge(t *testing.T) { tests := []struct { - name string - codeVerifier string - codeChallenge *oidc.CodeChallenge - want func(t *testing.T, err error) + name string + codeVerifier string + codeChallenge *oidc.CodeChallenge + want func(t *testing.T, err error) }{ { - name: "missing both code_verifier and code_challenge", - codeVerifier: "", - codeChallenge: nil, + name: "missing both code_verifier and code_challenge", + codeVerifier: "", + codeChallenge: nil, want: func(t *testing.T, err error) { assert.Nil(t, err) }, @@ -46,9 +46,9 @@ func TestAuthorizeCodeChallenge(t *testing.T) { }, }, { - name: "code_verifier provided without code_challenge", - codeVerifier: "code_verifier", - codeChallenge: nil, + name: "code_verifier provided without code_challenge", + codeVerifier: "code_verifier", + codeChallenge: nil, want: func(t *testing.T, err error) { assert.ErrorContains(t, err, "code_verifier unexpectedly provided") }, diff --git a/pkg/op/token_revocation.go b/pkg/op/token_revocation.go index 049ee15..a86a481 100644 --- a/pkg/op/token_revocation.go +++ b/pkg/op/token_revocation.go @@ -7,8 +7,8 @@ import ( "net/url" "strings" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type Revoker interface { diff --git a/pkg/op/userinfo.go b/pkg/op/userinfo.go index ff75e72..839b139 100644 --- a/pkg/op/userinfo.go +++ b/pkg/op/userinfo.go @@ -6,8 +6,8 @@ import ( "net/http" "strings" - httphelper "git.christmann.info/LARA/zitadel-oidc/v3/pkg/http" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + httphelper "github.com/zitadel/oidc/v3/pkg/http" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type UserinfoProvider interface { diff --git a/pkg/op/verifier_access_token.go b/pkg/op/verifier_access_token.go index 585ca54..6ac29f2 100644 --- a/pkg/op/verifier_access_token.go +++ b/pkg/op/verifier_access_token.go @@ -3,7 +3,7 @@ package op import ( "context" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type AccessTokenVerifier oidc.Verifier diff --git a/pkg/op/verifier_access_token_example_test.go b/pkg/op/verifier_access_token_example_test.go index b97a7fd..397a2d3 100644 --- a/pkg/op/verifier_access_token_example_test.go +++ b/pkg/op/verifier_access_token_example_test.go @@ -4,9 +4,9 @@ import ( "context" "fmt" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) // MyCustomClaims extends the TokenClaims base, diff --git a/pkg/op/verifier_access_token_test.go b/pkg/op/verifier_access_token_test.go index 5845f9f..66e32ce 100644 --- a/pkg/op/verifier_access_token_test.go +++ b/pkg/op/verifier_access_token_test.go @@ -5,10 +5,10 @@ import ( "testing" "time" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func TestNewAccessTokenVerifier(t *testing.T) { diff --git a/pkg/op/verifier_id_token_hint.go b/pkg/op/verifier_id_token_hint.go index 02610aa..331c64c 100644 --- a/pkg/op/verifier_id_token_hint.go +++ b/pkg/op/verifier_id_token_hint.go @@ -4,7 +4,7 @@ import ( "context" "errors" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/oidc" ) type IDTokenHintVerifier oidc.Verifier diff --git a/pkg/op/verifier_id_token_hint_test.go b/pkg/op/verifier_id_token_hint_test.go index 347e33c..597e291 100644 --- a/pkg/op/verifier_id_token_hint_test.go +++ b/pkg/op/verifier_id_token_hint_test.go @@ -6,10 +6,10 @@ import ( "testing" "time" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" ) func TestNewIDTokenHintVerifier(t *testing.T) { diff --git a/pkg/op/verifier_jwt_profile.go b/pkg/op/verifier_jwt_profile.go index 85bfb14..06a7d34 100644 --- a/pkg/op/verifier_jwt_profile.go +++ b/pkg/op/verifier_jwt_profile.go @@ -8,7 +8,7 @@ import ( jose "github.com/go-jose/go-jose/v4" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/oidc" ) // JWTProfileVerfiier extends oidc.Verifier with diff --git a/pkg/op/verifier_jwt_profile_test.go b/pkg/op/verifier_jwt_profile_test.go index 2068678..d96cbb4 100644 --- a/pkg/op/verifier_jwt_profile_test.go +++ b/pkg/op/verifier_jwt_profile_test.go @@ -5,11 +5,11 @@ import ( "testing" "time" - tu "git.christmann.info/LARA/zitadel-oidc/v3/internal/testutil" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/oidc" - "git.christmann.info/LARA/zitadel-oidc/v3/pkg/op" "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" + tu "github.com/zitadel/oidc/v3/internal/testutil" + "github.com/zitadel/oidc/v3/pkg/oidc" + "github.com/zitadel/oidc/v3/pkg/op" ) func TestNewJWTProfileVerifier(t *testing.T) {