mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 02:54:20 +00:00
fix: audience in create token (#985)
This commit is contained in:
parent
1e23292fc4
commit
a40ec1f25b
@ -109,8 +109,6 @@ func (repo *AuthRequestRepo) CreateAuthRequest(ctx context.Context, request *mod
|
||||
return nil, err
|
||||
}
|
||||
request.Audience = appIDs
|
||||
projectIDAud := request.GetScopeProjectIDsForAud()
|
||||
request.Audience = append(request.Audience, projectIDAud...)
|
||||
request.AppendAudIfNotExisting(app.ProjectID)
|
||||
if request.LoginHint != "" {
|
||||
err = repo.checkLoginName(ctx, request, request.LoginHint)
|
||||
|
@ -3,11 +3,13 @@ package eventstore
|
||||
import (
|
||||
"context"
|
||||
"github.com/caos/logging"
|
||||
auth_req_model "github.com/caos/zitadel/internal/auth_request/model"
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
usr_model "github.com/caos/zitadel/internal/user/model"
|
||||
user_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
|
||||
"github.com/caos/zitadel/internal/user/repository/view/model"
|
||||
"strings"
|
||||
"time"
|
||||
|
||||
"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
|
||||
@ -18,19 +20,26 @@ type TokenRepo struct {
|
||||
View *view.View
|
||||
}
|
||||
|
||||
func (repo *TokenRepo) CreateToken(ctx context.Context, agentID, applicationID, userID string, audience, scopes []string, lifetime time.Duration) (*usr_model.Token, error) {
|
||||
func (repo *TokenRepo) CreateToken(ctx context.Context, agentID, clientID, userID string, audience, scopes []string, lifetime time.Duration) (*usr_model.Token, error) {
|
||||
preferredLanguage := ""
|
||||
user, _ := repo.View.UserByID(userID)
|
||||
if user != nil {
|
||||
preferredLanguage = user.PreferredLanguage
|
||||
}
|
||||
|
||||
for _, scope := range scopes {
|
||||
if strings.HasPrefix(scope, auth_req_model.ProjectIDScope) && strings.HasSuffix(scope, auth_req_model.AudSuffix) {
|
||||
audience = append(audience, strings.TrimSuffix(strings.TrimPrefix(scope, auth_req_model.ProjectIDScope), auth_req_model.AudSuffix))
|
||||
}
|
||||
}
|
||||
|
||||
now := time.Now().UTC()
|
||||
token := &usr_model.Token{
|
||||
ObjectRoot: models.ObjectRoot{
|
||||
AggregateID: userID,
|
||||
},
|
||||
UserAgentID: agentID,
|
||||
ApplicationID: applicationID,
|
||||
ApplicationID: clientID,
|
||||
Audience: audience,
|
||||
Scopes: scopes,
|
||||
Expiration: now.Add(lifetime),
|
||||
@ -82,3 +91,12 @@ func (repo *TokenRepo) TokenByID(ctx context.Context, userID, tokenID string) (*
|
||||
}
|
||||
return model.TokenViewToModel(token), nil
|
||||
}
|
||||
|
||||
func AppendAudIfNotExisting(aud string, existingAud []string) []string {
|
||||
for _, a := range existingAud {
|
||||
if a == aud {
|
||||
return existingAud
|
||||
}
|
||||
}
|
||||
return append(existingAud, aud)
|
||||
}
|
||||
|
@ -7,7 +7,7 @@ import (
|
||||
)
|
||||
|
||||
type TokenRepository interface {
|
||||
CreateToken(ctx context.Context, agentID, applicationID, userID string, audience, scopes []string, lifetime time.Duration) (*usr_model.Token, error)
|
||||
CreateToken(ctx context.Context, agentID, clientID, userID string, audience, scopes []string, lifetime time.Duration) (*usr_model.Token, error)
|
||||
IsTokenValid(ctx context.Context, userID, tokenID string) (bool, error)
|
||||
TokenByID(ctx context.Context, userID, tokenID string) (*usr_model.TokenView, error)
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user