mirror/oidc
1
0
Fork 0
mirror of https://github.com/zitadel/oidc.git synced 2026-04-27 05:31:31 -05:00
Code Issues Packages Projects Releases Wiki Activity
567 Commits 18 Branches 245 Tags
03f3bc693b04e2224515a112f866fd00ec2af4cc
Commit Graph

567 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
adlerhurst 03f3bc693b fix test 2024-03-14 07:50:29 +01:00
adlerhurst 1b94f796eb move tracer to client, 
add tracing in rs, client
 2024-03-13 15:45:03 +01:00
adlerhurst 0fe7c3307f fix parse 2024-03-07 15:25:23 +01:00
adlerhurst 7069813ec7 correct span names 2024-03-07 10:44:24 +01:00
adlerhurst 88209ac11d fix tests 2024-03-06 19:08:48 +01:00
adlerhurst bdcccc3303 feat(client): tracing in rp 2024-03-06 18:39:27 +01:00
adlerhurst d18aba8cb3 feat(rp): extend tracing 2024-03-06 18:38:37 +01:00
Tim Möhlmann e3e48882df chore: upgrade to v3 guide (#463) 
* chore: upgrade to v3 guide

first version with sed scripts.

* tidy up introduction info

* process feedback from @muir

* logging chapter

* server interface chapter

* update readme with v3 badges and link to update guide

* resolve comments
 2024-03-05 13:09:14 +00:00
Ayato 5ef597b1db feat(op): Add response_mode: form_post (#551) 
* feat(op): Add response_mode: form_post

* Fix to parse the template ahead of time

* Fix to render the template in a buffer

* Remove unnecessary import

* Fix test

* Fix example client setting

* Make sure the client not to reuse the content of the response

* Fix error handling

* Add the response_mode param

* Allow implicit flow in the example app

* feat(rp): allow form_post in code exchange callback handler

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
v3.14.0 		2024-03-05 15:04:43 +02:00
dependabot[bot] fc743a69c7 chore(deps): bump golang.org/x/oauth2 from 0.17.0 to 0.18.0 (#562) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.17.0 to 0.18.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.17.0...v0.18.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-05 11:07:48 +01:00
dependabot[bot] 7bac3c6f40 chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 (#560) 
Bumps [github.com/stretchr/testify](https://github.com/stretchr/testify) from 1.8.4 to 1.9.0.
- [Release notes](https://github.com/stretchr/testify/releases)
- [Commits](https://github.com/stretchr/testify/compare/v1.8.4...v1.9.0)

---
updated-dependencies:
- dependency-name: github.com/stretchr/testify
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-03-04 08:10:55 +01:00
Tim Möhlmann 972b8981e5 feat: go 1.22 and slog migration (#557) 
This change adds Go 1.22 as a build target and drops support for Go 1.20 and older. The golang.org/x/exp/slog import is migrated to log/slog.

Slog has been part of the Go standard library since Go 1.21. Therefore we are dropping support for older Go versions. This is in line of our support policy of "the latest two Go versions".
v3.13.0 		2024-02-28 10:44:14 +01:00
dependabot[bot] 38c025f7f8 chore(deps): bump codecov/codecov-action from 4.0.1 to 4.1.0 (#559) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 4.0.1 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v4.0.1...v4.1.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-27 10:09:14 +02:00
dependabot[bot] 385060930d chore(deps): bump actions/add-to-project from 0.5.0 to 0.6.0 (#558) 
Bumps [actions/add-to-project](https://github.com/actions/add-to-project) from 0.5.0 to 0.6.0.
- [Release notes](https://github.com/actions/add-to-project/releases)
- [Commits](https://github.com/actions/add-to-project/compare/v0.5.0...v0.6.0)

---
updated-dependencies:
- dependency-name: actions/add-to-project
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-27 10:05:38 +02:00
dependabot[bot] b93f625088 chore(deps): bump github.com/go-jose/go-jose/v3 from 3.0.1 to 3.0.2 (#554) 
Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.1 to 3.0.2.
- [Release notes](https://github.com/go-jose/go-jose/releases)
- [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md)
- [Commits](https://github.com/go-jose/go-jose/compare/v3.0.1...v3.0.2)

---
updated-dependencies:
- dependency-name: github.com/go-jose/go-jose/v3
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-26 10:47:11 +02:00
dependabot[bot] a6a206b021 chore(deps): bump go.opentelemetry.io/otel/trace from 1.23.1 to 1.24.0 (#556) 
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.23.1 to 1.24.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.1...v1.24.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-26 10:45:58 +02:00
Jan-Otto Kröpke f4bbffb51b feat: Add rp.WithAuthStyle as Option (#546) 
* feat: Add rp.WithAuthStyle as Option

* Update integration_test.go

* Update integration_test.go

* Update integration_test.go
v3.12.0 		2024-02-23 12:18:06 +02:00
Jan-Otto Kröpke b45072a4c0 fix: Set unauthorizedHandler, if not defined (#547) v3.11.2 2024-02-21 12:17:00 +02:00
dependabot[bot] 3e593474e9 chore(deps): bump github.com/go-chi/chi/v5 from 5.0.11 to 5.0.12 (#548) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.0.11 to 5.0.12.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.11...v5.0.12)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-19 12:14:41 +02:00
Fabi c5619ab4ff Merge pull request #544 from zitadel/livio-a-patch-1 
chore: ignore dependabot for board PRs
 2024-02-13 10:53:35 +01:00
dependabot[bot] da8b73f342 chore(deps): bump golang.org/x/oauth2 from 0.16.0 to 0.17.0 (#542) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-09 15:16:10 +00:00
dependabot[bot] 1eebaf8d6f chore(deps): bump go.opentelemetry.io/otel from 1.23.0 to 1.23.1 (#540) 
Bumps [go.opentelemetry.io/otel](https://github.com/open-telemetry/opentelemetry-go) from 1.23.0 to 1.23.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.0...v1.23.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-09 16:14:46 +01:00
dependabot[bot] 625a4e480d chore(deps): bump go.opentelemetry.io/otel/trace from 1.23.0 to 1.23.1 (#539) 
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.23.0 to 1.23.1.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.23.0...v1.23.1)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-09 16:14:24 +01:00
Livio Spring ee8152f19e chore: ignore dependabot for board PRs 2024-02-09 16:11:59 +01:00
dependabot[bot] 3ea6173860 chore(deps): bump actions-ecosystem/action-add-labels (#530) 
Bumps [actions-ecosystem/action-add-labels](https://github.com/actions-ecosystem/action-add-labels) from 1.1.0 to 1.1.3.
- [Release notes](https://github.com/actions-ecosystem/action-add-labels/releases)
- [Commits](https://github.com/actions-ecosystem/action-add-labels/compare/v1.1.0...v1.1.3)

---
updated-dependencies:
- dependency-name: actions-ecosystem/action-add-labels
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 18:30:44 +02:00
dependabot[bot] 34f44325b8 chore(deps): bump go.opentelemetry.io/otel/trace from 1.22.0 to 1.23.0 (#534) 
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.22.0 to 1.23.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.22.0...v1.23.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 18:29:38 +02:00
dependabot[bot] 7a45a86452 chore(deps): bump codecov/codecov-action from 3.1.5 to 4.0.1 (#531) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.5 to 4.0.1.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.5...v4.0.1)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-02-07 18:26:46 +02:00
Fabi 0992c5f3ce Merge pull request #536 from zitadel/livio-a-patch-1 
chore: ignore dependabot for board PRs
 2024-02-07 07:33:07 +01:00
Livio Spring 25e103b243 chore: ignore dependabot for board PRs 2024-02-07 07:30:04 +01:00
Fabi 984346f9ef chore: remove dependabot prs (#529) 2024-02-02 14:33:52 +01:00
Fabi 2aa8a327f6 chore: update pm board action (#528) 
* chore: update pm board action 

automatically ad prs of non engineers to board and label community prs

* Update issue.yml
 2024-02-02 12:57:41 +02:00
Tim Möhlmann 045b59e5a5 fix(op): allow expired id token hints in authorize (#527) 
Like https://github.com/zitadel/oidc/pull/522 for end session,
this change allows passing an expired ID token hint to the authorize endpoint.
v3.11.1 		2024-02-01 13:49:22 +01:00
dependabot[bot] 35d9540fd7 chore(deps): bump codecov/codecov-action from 3.1.4 to 3.1.5 (#526) 
Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.4 to 3.1.5.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.4...v3.1.5)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-30 11:56:16 +02:00
Tim Möhlmann e9bd7d7bac feat(op): split the access and ID token hint verifiers (#525) 
* feat(op): split the access and ID token hint verifiers

In zitadel we require different behaviors wrt public key expiry between access tokens and ID token hints.
This change splits the two verifiers in the OP.
The default is still based on Storage and passed to both verifier fields.

* add new options to tests
v3.11.0 		2024-01-26 16:44:50 +01:00
dependabot[bot] 437a0497ab chore(deps): bump github.com/google/uuid from 1.5.0 to 1.6.0 (#523) 
Bumps [github.com/google/uuid](https://github.com/google/uuid) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/google/uuid/releases)
- [Changelog](https://github.com/google/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/uuid/compare/v1.5.0...v1.6.0)

---
updated-dependencies:
- dependency-name: github.com/google/uuid
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-24 13:54:30 +02:00
Tim Möhlmann b8e520afd0 fix: allow expired ID token hint to end sessions (#522) 
* fix: allow expired ID token hint to end sessions

This change adds a specific error for expired ID Token hints, including too old "issued at" and "max auth age".
The error is returned VerifyIDTokenHint so that the end session handler can choose to ignore this error.

This fixes the behavior to be in line with [OpenID Connect RP-Initiated Logout 1.0, section 4](https://openid.net/specs/openid-connect-rpinitiated-1_0.html#ValidationAndErrorHandling).

* Tes IDTokenHintExpiredError
v3.10.3 		2024-01-19 11:30:51 +01:00
dependabot[bot] 3f26eb10ad chore(deps): bump go.opentelemetry.io/otel/trace from 1.21.0 to 1.22.0 (#520) 
Bumps [go.opentelemetry.io/otel/trace](https://github.com/open-telemetry/opentelemetry-go) from 1.21.0 to 1.22.0.
- [Release notes](https://github.com/open-telemetry/opentelemetry-go/releases)
- [Changelog](https://github.com/open-telemetry/opentelemetry-go/blob/main/CHANGELOG.md)
- [Commits](https://github.com/open-telemetry/opentelemetry-go/compare/v1.21.0...v1.22.0)

---
updated-dependencies:
- dependency-name: go.opentelemetry.io/otel/trace
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-18 12:26:18 +02:00
Tim Möhlmann 57d04e7465 fix: don't force server errors in legacy server (#517) 
* fix: don't force server errors in legacy server

* fix tests and be more consistent with the returned status code
v3.10.2 		2024-01-17 16:06:45 +01:00
Tim Möhlmann 844e2337bb fix(op): check redirect URI in code exchange (#516) 
This changes fixes a missing redirect check in the Legacy Server's Code Exchange handler.
v3.10.1 		2024-01-16 07:18:41 +01:00
Jan-Otto Kröpke 984e31a9e2 feat(rp): Add UnauthorizedHandler (#503) 
* RP: Add UnauthorizedHandler

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

* remove race condition

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

* Use optional interface

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>

---------

Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
v3.10.0 		2024-01-09 17:24:05 +02:00
dependabot[bot] 5dcf6de055 chore(deps): bump golang.org/x/oauth2 from 0.15.0 to 0.16.0 (#513) 
Bumps [golang.org/x/oauth2](https://github.com/golang/oauth2) from 0.15.0 to 0.16.0.
- [Commits](https://github.com/golang/oauth2/compare/v0.15.0...v0.16.0)

---
updated-dependencies:
- dependency-name: golang.org/x/oauth2
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2024-01-09 17:17:04 +02:00
Tim Möhlmann 4d85375702 chore(example): add device package level documentation (#510) 2024-01-08 10:21:28 +01:00
Tim Möhlmann 8923b82142 chore(deps): enable dependabot for the v2 branch (#512) 2024-01-08 10:18:33 +01:00
Jan-Otto Kröpke e23b1d4754 fix: Implement dedicated error for RevokeToken (#508) 
Signed-off-by: Jan-Otto Kröpke <mail@jkroepke.de>
v3.9.1 		2024-01-08 10:01:34 +02:00
Tim Möhlmann c37ca25220 feat(op): allow double star globs (#507) 
Related to https://github.com/zitadel/zitadel/issues/5110
v3.9.0 		2024-01-05 17:30:17 +02:00
Tim Möhlmann dce79a73fb fix(oidc): ignore unknown language tag in userinfo unmarshal (#505) 
* fix(oidc): ignore unknown language tag in userinfo unmarshal

Open system reported an issue where a generic OpenID provider might return language tags like "gb".
These tags are well-formed but unknown and Go returns an error for it.
We already ignored unknown tags is ui_locale arrays lik in AuthRequest.

This change ignores singular unknown tags, like used in the userinfo `locale` claim.

* do not set nil to Locale field
v3.8.1 		2023-12-22 10:25:58 +01:00
dependabot[bot] 6a8e144e8d chore(deps): bump github.com/go-chi/chi/v5 from 5.0.10 to 5.0.11 (#504) 
Bumps [github.com/go-chi/chi/v5](https://github.com/go-chi/chi) from 5.0.10 to 5.0.11.
- [Release notes](https://github.com/go-chi/chi/releases)
- [Changelog](https://github.com/go-chi/chi/blob/master/CHANGELOG.md)
- [Commits](https://github.com/go-chi/chi/compare/v5.0.10...v5.0.11)

---
updated-dependencies:
- dependency-name: github.com/go-chi/chi/v5
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-20 18:26:55 +02:00
dependabot[bot] 2b35eeb835 chore(deps): bump golang.org/x/crypto from 0.16.0 to 0.17.0 (#502) 
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from 0.16.0 to 0.17.0.
- [Commits](https://github.com/golang/crypto/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: golang.org/x/crypto
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 12:15:36 +02:00
dependabot[bot] e6d41bdd5d chore(deps): bump github/codeql-action from 2 to 3 (#501) 
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 2 to 3.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2023-12-19 11:54:35 +02:00
Tim Möhlmann b300027cd7 feat(op): ID token for device authorization grant (#500) v3.8.0 2023-12-18 08:39:39 +01:00