fix: uniform oidc errors (#7237)

* fix: uniform oidc errors sanitize oidc error reporting when passing package boundary towards oidc. * add should TriggerBulk in get audiences for auth request * upgrade to oidc 3.10.1 * provisional oidc upgrade to error branch * pin oidc 3.10.2
2025-08-12 03:37:34 +00:00 · 2024-01-18 08:10:49 +02:00
parent cdfcdec101
commit af4e0484d0
17 changed files with 267 additions and 61 deletions
--- a/internal/api/oidc/introspect.go
+++ b/internal/api/oidc/introspect.go
@@ -18,7 +18,10 @@ import (

 func (s *Server) Introspect(ctx context.Context, r *op.Request[op.IntrospectionRequest]) (resp *op.Response, err error) {
 	ctx, span := tracing.NewSpan(ctx)
-	defer func() { span.EndWithError(err) }()
+	defer func() {
+		err = oidcError(err)
+		span.EndWithError(err)
+	}()

 	if s.features.LegacyIntrospection {
 		return s.LegacyServer.Introspect(ctx, r)