fix: client secret verification (for introspection) (#2825)

* fix: client secret verification (for introspection) * revert change for ProjectIDAndOriginsByClientID
2025-08-12 10:49:25 +00:00 · 2021-12-10 10:25:17 +01:00
parent 43f15953c3
commit 2f7d8ca557
3 changed files with 33 additions and 4 deletions
--- a/internal/api/oidc/client.go
+++ b/internal/api/oidc/client.go
@@ -224,7 +224,7 @@ func (o *OPStorage) SetIntrospectionFromToken(ctx context.Context, introspection
 	if err != nil {
 		return errors.ThrowPermissionDenied(nil, "OIDC-Dsfb2", "token is not valid or has expired")
 	}
-	projectID, err := o.query.ProjectIDFromOIDCClientID(ctx, clientID)
+	projectID, err := o.query.ProjectIDFromClientID(ctx, clientID)
 	if err != nil {
 		return errors.ThrowPermissionDenied(nil, "OIDC-Adfg5", "client not found")
 	}
@@ -283,7 +283,7 @@ func (o *OPStorage) GetPrivateClaimsFromScopes(ctx context.Context, userID, clie
 }

 func (o *OPStorage) assertRoles(ctx context.Context, userID, applicationID string, requestedRoles []string) (map[string]map[string]string, error) {
-	projectID, err := o.query.ProjectIDFromOIDCClientID(ctx, applicationID)
+	projectID, err := o.query.ProjectIDFromClientID(ctx, applicationID)
 	if err != nil {
 		return nil, err
 	}