TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 23:57:31 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore(oidc): remove legacy storage methods (#10061)

Browse Source 
# Which Problems Are Solved

Stabilize the optimized introspection code and cleanup unused code.

# How the Problems Are Solved

- `oidc_legacy_introspection` feature flag is removed and reserved.
- `OPStorage` which are no longer needed have their bodies removed.
- The method definitions need to remain in place so the interface
remains implemented.
  - A panic is thrown in case any such method is still called

# Additional Changes

- A number of `OPStorage` methods related to token creation were already
unused. These are also cleaned up.

# Additional Context

- Closes #10027 
- #7822

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
This commit is contained in:
Tim Möhlmann
2025-06-26 11:08:37 +03:00
committed by GitHub
parent 27f88a6390
commit 1ebbe275b9
71 changed files with 143 additions and 1884 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
internal/api/oidc/jwt-profile.go
View File

@@ -3,38 +3,9 @@ package oidc
import (
"context"
"github.com/zitadel/oidc/v3/pkg/oidc"
"github.com/zitadel/oidc/v3/pkg/op"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
"github.com/zitadel/zitadel/internal/zerrors"
)
func (o *OPStorage) JWTProfileTokenType(ctx context.Context, request op.TokenRequest) (_ op.AccessTokenType, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() {
err = oidcError(err)
span.EndWithError(err)
}()
mapJWTProfileScopesToAudience(ctx, request)
user, err := o.query.GetUserByID(ctx, false, request.GetSubject())
if err != nil {
return 0, err
}
// the user should always be a machine, but let's just be sure
if user.Machine == nil {
return 0, zerrors.ThrowInvalidArgument(nil, "OIDC-jk26S", "invalid client type")
}
return accessTokenTypeToOIDC(user.Machine.AccessTokenType), nil
}
func mapJWTProfileScopesToAudience(ctx context.Context, request op.TokenRequest) {
// the request should always be a JWTTokenRequest, but let's make sure
jwt, ok := request.(*oidc.JWTTokenRequest)
if !ok {
return
}
jwt.Audience = domain.AddAudScopeToAudience(ctx, jwt.Audience, jwt.Scopes)
func (o *OPStorage) JWTProfileTokenType(context.Context, op.TokenRequest) (op.AccessTokenType, error) {
panic(o.panicErr("JWTProfileTokenType"))
}