Merge commit from fork

* fix: prevent intent token reuse and add expiry * fix duplicate * fix expiration
2025-08-12 01:47:33 +00:00 · 2025-05-02 13:44:24 +02:00
parent bb56b362a7
commit b1e60e7398
48 changed files with 673 additions and 123 deletions
--- a/internal/idp/providers/jwt/session.go
+++ b/internal/idp/providers/jwt/session.go
@@ -57,6 +57,13 @@ func (s *Session) FetchUser(ctx context.Context) (user idp.User, err error) {
 	return &User{s.Tokens.IDTokenClaims}, nil
 }

+func (s *Session) ExpiresAt() time.Time {
+	if s.Tokens == nil || s.Tokens.IDTokenClaims == nil {
+		return time.Time{}
+	}
+	return s.Tokens.IDTokenClaims.GetExpiration()
+}
+
 func (s *Session) validateToken(ctx context.Context, token string) (*oidc.IDTokenClaims, error) {
 	logging.Debug("begin token validation")
 	// TODO: be able to specify them in the template: https://github.com/zitadel/zitadel/issues/5322