TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-04-30 22:12:37 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: improve secret generation for apple idp (#7843)

Browse Source 
* fix: improve secret generation for apple idp

* remove accidental commit

* change exp time

* change exp time

* change exp time

* change exp time
This commit is contained in:
Livio Spring 2024-04-26 17:46:15 +02:00 committed by GitHub
parent 5811a7b6a5
commit 6ab06aa249
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
3 changed files with 5 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cmd/setup/config.go
View File

@ -18,7 +18,6 @@ import (
"github.com/zitadel/zitadel/internal/command" "github.com/zitadel/zitadel/internal/command"
"github.com/zitadel/zitadel/internal/config/hook" "github.com/zitadel/zitadel/internal/config/hook"
"github.com/zitadel/zitadel/internal/config/systemdefaults" "github.com/zitadel/zitadel/internal/config/systemdefaults"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/database" "github.com/zitadel/zitadel/internal/database"
"github.com/zitadel/zitadel/internal/eventstore" "github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/id" "github.com/zitadel/zitadel/internal/id"
@ -70,7 +69,6 @@ func MustNewConfig(v *viper.Viper) *Config {
hook.EnumHookFunc(authz.MemberTypeString), hook.EnumHookFunc(authz.MemberTypeString),
actions.HTTPConfigDecodeHook, actions.HTTPConfigDecodeHook,
hooks.MapTypeStringDecode[string, *authz.SystemAPIUser], hooks.MapTypeStringDecode[string, *authz.SystemAPIUser],
hooks.MapTypeStringDecode[string, crypto.HasherConfig],
hooks.SliceTypeStringDecode[authz.RoleMapping], hooks.SliceTypeStringDecode[authz.RoleMapping],
)), )),
) )

4
internal/api/ui/login/external_provider_handler.go
View File

@ -336,6 +336,10 @@ func (l *Login) handleExternalLoginCallback(w http.ResponseWriter, r *http.Reque
user, err := session.FetchUser(r.Context()) user, err := session.FetchUser(r.Context())
if err != nil { if err != nil {
logging.WithFields(
"instance", authz.GetInstance(r.Context()).InstanceID(),
"providerID", identityProvider.ID,
).WithError(err).Info("external authentication failed")
l.externalAuthFailed(w, r, authReq, tokens(session), user, err) l.externalAuthFailed(w, r, authReq, tokens(session), user, err)
return return
} }

2
internal/idp/providers/apple/apple.go
View File

@ -56,7 +56,7 @@ func clientSecretFromPrivateKey(key []byte, teamID, clientID, keyID string) (str
if err != nil { if err != nil {
return "", err return "", err
} }
iat := time.Now() iat := time.Now().Add(-2 * time.Second)
exp := iat.Add(time.Hour) exp := iat.Add(time.Hour)
return crypto.Sign(&openid.JWTTokenRequest{ return crypto.Sign(&openid.JWTTokenRequest{
Issuer: teamID, Issuer: teamID,