TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-02-28 21:27:22 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(amr): add pwd because password is wrong (#4284)

Browse Source 
* fix(amr): add pwd because password is wrong

* docs: deprecation notice

* docs: nicer wording

* Update docs/docs/apis/openidoauth/claims.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
This commit is contained in:
Silvan 2022-08-31 10:16:31 +02:00 committed by GitHub
parent 77b4fc5487
commit b9795b5c57
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/docs/apis/openidoauth/claims.md
View File

@ -43,7 +43,7 @@ Please check below the matrix for an overview where which scope is asserted.
|:-------------------|:-----------------------------------------|-----------------------------------------------------------------------------------------------| |:-------------------|:-----------------------------------------|-----------------------------------------------------------------------------------------------|
| acr | TBA | TBA | | acr | TBA | TBA |
| address | `Teufener Strasse 19, 9000 St. Gallen` | TBA | | address | `Teufener Strasse 19, 9000 St. Gallen` | TBA |
| amr | `pwd mfa` | Authentication Method References as defined in [RFC8176](https://tools.ietf.org/html/rfc8176) | | amr | `pwd mfa` | Authentication Method References as defined in [RFC8176](https://tools.ietf.org/html/rfc8176) <br/> `password` value is deprecated, please check `pwd` |
| aud | `69234237810729019` | The audience of the token, by default all client id's and the project id are included | | aud | `69234237810729019` | The audience of the token, by default all client id's and the project id are included |
| auth_time | `1311280969` | Unix time of the authentication | | auth_time | `1311280969` | Unix time of the authentication |
| azp | `69234237810729234` | Client id of the client who requested the token | | azp | `69234237810729234` | Client id of the client who requested the token |

4
internal/api/oidc/auth_request_converter.go
View File

@ -18,7 +18,9 @@ import (
) )
const ( const (
// DEPRECATED: use `amrPWD` instead
amrPassword = "password" amrPassword = "password"
amrPWD = "pwd"
amrMFA = "mfa" amrMFA = "mfa"
amrOTP = "otp" amrOTP = "otp"
amrUserPresence = "user" amrUserPresence = "user"
@ -40,7 +42,7 @@ func (a *AuthRequest) GetACR() string {
func (a *AuthRequest) GetAMR() []string { func (a *AuthRequest) GetAMR() []string {
amr := make([]string, 0) amr := make([]string, 0)
if a.PasswordVerified { if a.PasswordVerified {
amr = append(amr, amrPassword) amr = append(amr, amrPassword, amrPWD)
} }
if len(a.MFAsVerified) > 0 { if len(a.MFAsVerified) > 0 {
amr = append(amr, amrMFA) amr = append(amr, amrMFA)