TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 03:57:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: add and verified projectID in audience (#957)

Browse Source 
* feat: new scope for project id in aud

* feat: add doc

* feat: projectid endpoint

* feat: remove handle Proejct id

* fix: remove go.mod replace

* fix: add project id to aud

* fix: update oidc version

* fix: change project id scope

* update projectID scope to current usage

* typo: ZITADEL uppercase

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi
2020-11-16 10:54:48 +01:00
committed by GitHub
parent 42effd8702
commit 78c0cf2f57
8 changed files with 40 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
internal/authz/repository/eventsourcing/eventstore/token_verifier.go
View File

@@ -80,8 +80,12 @@ func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenStrin
return "", "", "", caos_errs.ThrowUnauthenticated(err, "APP-k9KS0", "invalid token")
}
projectID, _, err := repo.ProjectIDAndOriginsByClientID(ctx, clientID)
if err != nil {
return "", "", "", caos_errs.ThrowUnauthenticated(err, "APP-5M9so", "invalid token")
}
for _, aud := range token.Audience {
if clientID == aud {
if clientID == aud || projectID == aud {
return token.UserID, token.UserAgentID, token.PreferredLanguage, nil
}
}