chore(oidc): graduate webkey to stable (#10122)

# Which Problems Are Solved Stabilize the usage of webkeys. # How the Problems Are Solved - Remove all legacy signing key code from the OIDC API - Remove the webkey feature flag from proto - Remove the webkey feature flag from console - Cleanup documentation # Additional Changes - Resolved some canonical header linter errors in OIDC - Use the constant for `projections.lock` in the saml package. # Additional Context - Closes #10029 - After #10105 - After #10061
2025-08-11 17:57:33 +00:00 · 2025-06-26 19:17:45 +03:00
parent 1ebbe275b9
commit 016676e1dc
59 changed files with 203 additions and 1614 deletions
--- a/console/src/app/components/features/features.component.ts
+++ b/console/src/app/components/features/features.component.ts
@@ -38,7 +38,6 @@ const FEATURE_KEYS = [
  'oidcTriggerIntrospectionProjections',
  'permissionCheckV2',
  'userSchema',
-  'webKey',
 ] as const;

 export type ToggleState = { source: Source; enabled: boolean };
--- a/console/src/assets/i18n/bg.json
+++ b/console/src/assets/i18n/bg.json
@@ -1641,8 +1641,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel Logout имплементира OpenID Connect Back-Channel Logout 1.0 и може да се използва за уведомяване на клиентите за прекратяване на сесията при OpenID доставчика.",
      "PERMISSIONCHECKV2": "Проверка на разрешения V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Ако флагът е активиран, ще можете да използвате новия API и неговите функции.",
-      "WEBKEY": "Уеб ключ",
-      "WEBKEY_DESCRIPTION": "Ако флагът е активиран, ще можете да използвате новия API и неговите функции.",
      "STATES": {
        "INHERITED": "Наследено",
        "ENABLED": "Активирано",
--- a/console/src/assets/i18n/cs.json
+++ b/console/src/assets/i18n/cs.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel Logout implementuje OpenID Connect Back-Channel Logout 1.0 a může být použit k informování klientů o ukončení relace u poskytovatele OpenID.",
      "PERMISSIONCHECKV2": "Kontrola oprávnění V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Pokud je příznak povolen, budete moci používat nový API a jeho funkce.",
-      "WEBKEY": "Webový klíč",
-      "WEBKEY_DESCRIPTION": "Pokud je příznak povolen, budete moci používat nový API a jeho funkce.",
      "STATES": {
        "INHERITED": "Děděno",
        "ENABLED": "Povoleno",
--- a/console/src/assets/i18n/de.json
+++ b/console/src/assets/i18n/de.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Der Back-Channel-Logout implementiert OpenID Connect Back-Channel Logout 1.0 und kann verwendet werden, um Clients über die Beendigung der Sitzung beim OpenID-Provider zu benachrichtigen.",
      "PERMISSIONCHECKV2": "Berechtigungsprüfung V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Wenn die Flagge aktiviert ist, können Sie die neue API und ihre Funktionen verwenden.",
-      "WEBKEY": "Web-Schlüssel",
-      "WEBKEY_DESCRIPTION": "Wenn die Flagge aktiviert ist, können Sie die neue API und ihre Funktionen verwenden.",
      "STATES": {
        "INHERITED": "Erben",
        "ENABLED": "Aktiviert",
--- a/console/src/assets/i18n/en.json
+++ b/console/src/assets/i18n/en.json
@@ -1645,8 +1645,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "The Back-Channel Logout implements OpenID Connect Back-Channel Logout 1.0 and can be used to notify clients about session termination at the OpenID Provider.",
      "PERMISSIONCHECKV2": "Permission Check V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "If the flag is enabled, you'll be able to use the new API and its features.",
-      "WEBKEY": "Web Key",
-      "WEBKEY_DESCRIPTION": "If the flag is enabled, you'll be able to use the new API and its features.",
      "STATES": {
        "INHERITED": "Inherit",
        "ENABLED": "Enabled",
--- a/console/src/assets/i18n/es.json
+++ b/console/src/assets/i18n/es.json
@@ -1643,8 +1643,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "El Back-Channel Logout implementa OpenID Connect Back-Channel Logout 1.0 y se puede usar para notificar a los clientes sobre la terminación de la sesión en el proveedor de OpenID.",
      "PERMISSIONCHECKV2": "Verificación de permisos V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Si la bandera está habilitada, podrá usar la nueva API y sus funciones.",
-      "WEBKEY": "Clave web",
-      "WEBKEY_DESCRIPTION": "Si la bandera está habilitada, podrá usar la nueva API y sus funciones.",
      "STATES": {
        "INHERITED": "Heredado",
        "ENABLED": "Habilitado",
--- a/console/src/assets/i18n/fr.json
+++ b/console/src/assets/i18n/fr.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Le Back-Channel Logout implémente OpenID Connect Back-Channel Logout 1.0 et peut être utilisé pour notifier les clients de la fin de session chez le fournisseur OpenID.",
      "PERMISSIONCHECKV2": "Vérification des permissions V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Si le drapeau est activé, vous pourrez utiliser la nouvelle API et ses fonctionnalités.",
-      "WEBKEY": "Clé web",
-      "WEBKEY_DESCRIPTION": "Si le drapeau est activé, vous pourrez utiliser la nouvelle API et ses fonctionnalités.",
      "STATES": {
        "INHERITED": "Hérité",
        "ENABLED": "Activé",
--- a/console/src/assets/i18n/hu.json
+++ b/console/src/assets/i18n/hu.json
@@ -1640,8 +1640,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "A Back-Channel Logout megvalósítja az OpenID Connect Back-Channel Logout 1.0-t, és használható az ügyfelek értesítésére a munkamenet befejezéséről az OpenID szolgáltatónál.",
      "PERMISSIONCHECKV2": "Engedély ellenőrzés V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Ha a zászló engedélyezve van, használhatja az új API-t és annak funkcióit.",
-      "WEBKEY": "Webkulcs",
-      "WEBKEY_DESCRIPTION": "Ha a zászló engedélyezve van, használhatja az új API-t és annak funkcióit.",
      "STATES": {
        "INHERITED": "Örököl",
        "ENABLED": "Engedélyezve",
--- a/console/src/assets/i18n/id.json
+++ b/console/src/assets/i18n/id.json
@@ -1513,8 +1513,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "The Back-Channel Logout implements OpenID Connect Back-Channel Logout 1.0 and can be used to notify clients about session termination at the OpenID Provider.",
      "PERMISSIONCHECKV2": "Permission Check V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "If the flag is enabled, you'll be able to use the new API and its features.",
-      "WEBKEY": "Web Key",
-      "WEBKEY_DESCRIPTION": "If the flag is enabled, you'll be able to use the new API and its features.",
      "STATES": { "INHERITED": "Mewarisi", "ENABLED": "Diaktifkan", "DISABLED": "Dengan disabilitas" },
      "INHERITED_DESCRIPTION": "Ini menetapkan nilai ke nilai default sistem.",
      "INHERITEDINDICATOR_DESCRIPTION": {
--- a/console/src/assets/i18n/it.json
+++ b/console/src/assets/i18n/it.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Il Back-Channel Logout implementa OpenID Connect Back-Channel Logout 1.0 e può essere utilizzato per notificare ai client la terminazione della sessione presso il provider OpenID.",
      "PERMISSIONCHECKV2": "Controllo permessi V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Se il flag è abilitato, potrai utilizzare la nuova API e le sue funzionalità.",
-      "WEBKEY": "Chiave Web",
-      "WEBKEY_DESCRIPTION": "Se il flag è abilitato, potrai utilizzare la nuova API e le sue funzionalità.",
      "STATES": {
        "INHERITED": "Predefinito",
        "ENABLED": "Abilitato",
--- a/console/src/assets/i18n/ja.json
+++ b/console/src/assets/i18n/ja.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "バックチャネルログアウトは OpenID Connect バックチャネルログアウト 1.0 を実装し、OpenID プロバイダーでのセッション終了についてクライアントに通知するために使用できます。",
      "PERMISSIONCHECKV2": "権限チェック V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "フラグが有効になっている場合、新しい API とその機能を使用できます。",
-      "WEBKEY": "ウェブキー",
-      "WEBKEY_DESCRIPTION": "フラグが有効になっている場合、新しい API とその機能を使用できます。",
      "STATES": {
        "INHERITED": "継承",
        "ENABLED": "有効",
--- a/console/src/assets/i18n/ko.json
+++ b/console/src/assets/i18n/ko.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "백채널 로그아웃은 OpenID Connect 백채널 로그아웃 1.0을 구현하며, OpenID 제공자에서 세션 종료에 대해 클라이언트에게 알리는 데 사용할 수 있습니다.",
      "PERMISSIONCHECKV2": "권한 확인 V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "플래그가 활성화되면 새로운 API와 그 기능을 사용할 수 있습니다.",
-      "WEBKEY": "웹 키",
-      "WEBKEY_DESCRIPTION": "플래그가 활성화되면 새로운 API와 그 기능을 사용할 수 있습니다.",
      "STATES": {
        "INHERITED": "상속",
        "ENABLED": "활성화됨",
--- a/console/src/assets/i18n/mk.json
+++ b/console/src/assets/i18n/mk.json
@@ -1643,8 +1643,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel Logout имплементира OpenID Connect Back-Channel Logout 1.0 и може да се користи за известување на клиентите за завршување на сесијата кај OpenID провајдерот.",
      "PERMISSIONCHECKV2": "Проверка на дозволи V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Ако знамето е овозможено, ќе можете да ја користите новата API и нејзините функции.",
-      "WEBKEY": "Веб клуч",
-      "WEBKEY_DESCRIPTION": "Ако знамето е овозможено, ќе можете да ја користите новата API и нејзините функции.",
      "STATES": {
        "INHERITED": "Наследи",
        "ENABLED": "Овозможено",
--- a/console/src/assets/i18n/nl.json
+++ b/console/src/assets/i18n/nl.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "De Back-Channel Logout implementeert OpenID Connect Back-Channel Logout 1.0 en kan worden gebruikt om clients te informeren over het beëindigen van de sessie bij de OpenID-provider.",
      "PERMISSIONCHECKV2": "Permissiecontrole V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Als de vlag is ingeschakeld, kunt u de nieuwe API en de bijbehorende functies gebruiken.",
-      "WEBKEY": "Websleutel",
-      "WEBKEY_DESCRIPTION": "Als de vlag is ingeschakeld, kunt u de nieuwe API en de bijbehorende functies gebruiken.",
      "STATES": {
        "INHERITED": "Overgenomen",
        "ENABLED": "Ingeschakeld",
--- a/console/src/assets/i18n/pl.json
+++ b/console/src/assets/i18n/pl.json
@@ -1641,8 +1641,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel Logout implementuje OpenID Connect Back-Channel Logout 1.0 i może być używany do powiadamiania klientów o zakończeniu sesji u dostawcy OpenID.",
      "PERMISSIONCHECKV2": "Sprawdzanie uprawnień V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Jeśli flaga jest włączona, będziesz mógł korzystać z nowego API i jego funkcji.",
-      "WEBKEY": "Klucz Web",
-      "WEBKEY_DESCRIPTION": "Jeśli flaga jest włączona, będziesz mógł korzystać z nowego API i jego funkcji.",
      "STATES": {
        "INHERITED": "Dziedziczony",
        "ENABLED": "Włączony",
--- a/console/src/assets/i18n/pt.json
+++ b/console/src/assets/i18n/pt.json
@@ -1643,8 +1643,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "O Logout de Back-Channel implementa o OpenID Connect Back-Channel Logout 1.0 e pode ser usado para notificar os clientes sobre a terminação da sessão no Provedor de OpenID.",
      "PERMISSIONCHECKV2": "Verificação de Permissão V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Se a bandeira estiver ativada, você poderá usar a nova API e seus recursos.",
-      "WEBKEY": "Chave Web",
-      "WEBKEY_DESCRIPTION": "Se a bandeira estiver ativada, você poderá usar a nova API e seus recursos.",
      "STATES": {
        "INHERITED": "Herdade",
        "ENABLED": "Habilitado",
--- a/console/src/assets/i18n/ro.json
+++ b/console/src/assets/i18n/ro.json
@@ -1640,8 +1640,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Logout-ul Back-Channel implementează OpenID Connect Back-Channel Logout 1.0 și poate fi folosit pentru a notifica clienții despre terminarea sesiunii la Producătorul OpenID.",
      "PERMISSIONCHECKV2": "Verificare Permisiuni V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Dacă steagul este activat, veți putea folosi noua API și funcțiile sale.",
-      "WEBKEY": "Cheie Web",
-      "WEBKEY_DESCRIPTION": "Dacă steagul este activat, veți putea folosi noua API și funcțiile sale.",
      "STATES": {
        "INHERITED": "Moșteniți",
        "ENABLED": "Activat",
--- a/console/src/assets/i18n/ru.json
+++ b/console/src/assets/i18n/ru.json
@@ -1695,8 +1695,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel Logout реализует OpenID Connect Back-Channel Logout 1.0 и может использоваться для уведомления клиентов о завершении сеанса у поставщика OpenID.",
      "PERMISSIONCHECKV2": "Проверка Разрешений V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Если флаг включен, вы сможете использовать новый API и его функции.",
-      "WEBKEY": "Веб-ключ",
-      "WEBKEY_DESCRIPTION": "Если флаг включен, вы сможете использовать новый API и его функции.",
      "STATES": {
        "INHERITED": "Наследовать",
        "ENABLED": "Включено",
--- a/console/src/assets/i18n/sv.json
+++ b/console/src/assets/i18n/sv.json
@@ -1646,8 +1646,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel Logout implementerar OpenID Connect Back-Channel Logout 1.0 och kan användas för att meddela klienter om sessionens avslutning hos OpenID-leverantören.",
      "PERMISSIONCHECKV2": "Behörighetskontroll V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "Om flaggan är aktiverad kan du använda den nya API:n och dess funktioner.",
-      "WEBKEY": "Webbnyckel",
-      "WEBKEY_DESCRIPTION": "Om flaggan är aktiverad kan du använda den nya API:n och dess funktioner.",
      "STATES": {
        "INHERITED": "Ärv",
        "ENABLED": "Aktiverad",
--- a/console/src/assets/i18n/zh.json
+++ b/console/src/assets/i18n/zh.json
@@ -1642,8 +1642,6 @@
      "ENABLEBACKCHANNELLOGOUT_DESCRIPTION": "Back-Channel 注销实现了 OpenID Connect Back-Channel Logout 1.0，可用于通知客户端在 OpenID 提供商处终止会话。",
      "PERMISSIONCHECKV2": "权限检查 V2",
      "PERMISSIONCHECKV2_DESCRIPTION": "如果启用该标志，您将能够使用新的 API 及其功能。",
-      "WEBKEY": "Web 密钥",
-      "WEBKEY_DESCRIPTION": "如果启用该标志，您将能够使用新的 API 及其功能。",
      "STATES": {
        "INHERITED": "继承",
        "ENABLED": "已启用",