feat: app handling compliance (#527)

* feat: check oidc compliance * fix: add tests * fix: add oidc config tests * fix: add oidc config tests user agent * fix: test oidc config compliance * fix: test oidc config compliance * fix: useragent implicit authmethod none * fix: merge master * feat: translate compliance problems * feat: check native app for custom url * fix: better compliance handling * fix: better compliance handling * feat: add odidc dev mode * fix: remove deprecated request fro management api * fix: oidc package version * fix: migration * fix: tests * fix: remove unused functions * fix: generate proto files * fix: native implicit and code none compliant * fix: create project * Update internal/project/model/oidc_config_test.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: tests * Update internal/project/model/oidc_config.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/project/model/oidc_config.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: tests Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2025-08-12 05:17:33 +00:00 · 2020-08-10 09:34:56 +02:00
parent 64f0b191b5
commit 5699fe80d5
27 changed files with 15925 additions and 16502 deletions
--- a/internal/static/i18n/en.yaml
+++ b/internal/static/i18n/en.yaml
@@ -291,3 +291,24 @@ EventTypes:
      removed: ZITADEL member removed
  key_pair:
    added: Key pair added
+Application:
+  OIDC:
+    V1:
+      NotCompliant: Your configuration is not compliant and differs from OIDC 1.0 standard.
+      NotAllCombinationsAreAllowed: Configuration is compliant, but not all possible combinations are allowed.
+      Code:
+        RedirectUris:
+          HttpOnlyForWeb: Grant type code only allowed http redirect uris for apptype web.
+          CustomOnlyForNative: Grant type code only allowes custom redirect uris for apptype native  (e.g appname:// )
+      Implicit:
+        RedirectUris:
+          CustomNotAllowed: Grant type implicit doesn't allow custom redirect uris
+          HttpNotAllowed: Grant tpye implicit doesn't allow http redirect uris
+          NativeShouldBeHttpLocalhost: Grant tpye implicit only allowed http://localhost for native apptype
+          HttpLocalhostOnlyForNative: Http://localhost redirect uri is only allowed for native applications.
+      Native:
+        AuthMethodType:
+          NotNone: Native applications should have authmethodtype none.
+      UserAgent:
+        AuthMethodType:
+          NotNone: User agent app should have authmethodtype none.