cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
zitadel-oidc/pkg/oidc
History
Tim Möhlmann b8e520afd0
fix: allow expired ID token hint to end sessions (#522) 
* fix: allow expired ID token hint to end sessions

This change adds a specific error for expired ID Token hints, including too old "issued at" and "max auth age".
The error is returned VerifyIDTokenHint so that the end session handler can choose to ignore this error.

This fixes the behavior to be in line with [OpenID Connect RP-Initiated Logout 1.0, section 4](https://openid.net/specs/openid-connect-rpinitiated-1_0.html#ValidationAndErrorHandling).

* Tes IDTokenHintExpiredError
2024-01-19 11:30:51 +01:00
..
grants chore(linting): apply gofumpt & goimports to all .go files (#225) 2022-10-05 09:33:10 +02:00
regression_data fix: unmarshalling of scopes in access token (#327) 2023-03-15 14:44:49 +01:00
authorization.go Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
authorization_test.go feat: add slog logging (#432) 2023-08-29 14:07:45 +02:00
code_challenge.go upgrade this module to v3 2023-03-20 13:38:21 +02:00
device_authorization.go implement RFC 8628: Device authorization grant 2023-03-01 08:59:17 +01:00
discovery.go fix: don't error on invalid i18n tags in discovery (#407) 2023-06-09 16:31:44 +02:00
error.go Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
error_go120_test.go feat: add slog logging (#432) 2023-08-29 14:07:45 +02:00
error_test.go feat: add slog logging (#432) 2023-08-29 14:07:45 +02:00
introspection.go refactor: use struct types for claim related types (#283) 2023-03-10 16:31:22 +02:00
introspection_test.go fix: do not modify userInfo when marshaling 2023-03-28 12:58:34 +03:00
jwt_profile.go chore(linting): apply gofumpt & goimports to all .go files (#225) 2022-10-05 09:33:10 +02:00
keyset.go Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
keyset_test.go chore(deps): migrage jose to go-jose/v3 (#433) 2023-09-01 14:33:16 +03:00
regression_assert_test.go fix: do not modify userInfo when marshaling 2023-03-28 12:58:34 +03:00
regression_create_test.go refactor: use struct types for claim related types (#283) 2023-03-10 16:31:22 +02:00
regression_test.go chore: replace interface{} with any (#448) 2023-10-12 12:41:04 +03:00
revocation.go feat: Token Revocation, Request Object and OP Certification (#130) 2021-11-02 13:21:35 +01:00
session.go chore(linting): apply gofumpt & goimports to all .go files (#225) 2022-10-05 09:33:10 +02:00
token.go Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
token_request.go Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
token_test.go Merge branch 'next' into next-main 2023-10-12 16:07:49 +03:00
types.go fix(oidc): ignore unknown language tag in userinfo unmarshal (#505) 2023-12-22 10:25:58 +01:00
types_test.go fix(oidc): ignore unknown language tag in userinfo unmarshal (#505) 2023-12-22 10:25:58 +01:00
userinfo.go feat: generic Userinfo and Introspect functions (#389) 2023-05-05 12:36:37 +00:00
userinfo_test.go fix: do not modify userInfo when marshaling 2023-03-28 12:58:34 +03:00
util.go fix: do not modify userInfo when marshaling 2023-03-28 12:58:34 +03:00
util_test.go refactor: use struct types for claim related types (#283) 2023-03-10 16:31:22 +02:00
verifier.go fix: allow expired ID token hint to end sessions (#522) 2024-01-19 11:30:51 +01:00
verifier_parse_test.go feat: merge the verifier types (#336) 2023-03-22 19:18:41 +02:00
verifier_test.go feat: merge the verifier types (#336) 2023-03-22 19:18:41 +02:00