cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
zitadel-oidc/NEXT_RELEASE.md
David Sharnoff cdf2af6c2c
feat: add CanRefreshTokenInfo to support non-JWT refresh tokens (#244) 
* Add an additional, optional, op.Storage interface so that refresh tokens
that are not JWTs do not cause failures when they randomly, sometimes, decrypt
without error

```go
// CanRefreshTokenInfo is an optional additional interface that Storage can support.
// Supporting CanRefreshTokenInfo is required to be able to revoke a refresh token that
// does not happen to also be a JWTs work properly.
type CanRefreshTokenInfo interface {
        // GetRefreshTokenInfo must return oidc.ErrInvalidRefreshToken when presented
	// with a token that is not a refresh token.
	GetRefreshTokenInfo(ctx context.Context, clientID string, token string) (userID string, tokenID string, err error)
}
```

* add comment suggested in code review

* review feedback: return an error defined in op rather than adding a new error to oidc

* move ErrInvalidRefresToken to op/storage.go
2023-02-06 08:27:57 +01:00

270 B
Raw Blame History

Backwards-incompatible changes to be made in the next major release

  • Add rp/RelyingParty.GetRevokeEndpoint
  • Rename op/OpStorage.GetKeyByIDAndUserID to op/OpStorage.GetKeyByIDAndClientID
  • Add CanRefreshTokenInfo (GetRefreshTokenInfo()) to op.Storage