feat(oidc): id token for device authorization (#7088)

* cleanup todo * pass id token details to oidc * feat(oidc): id token for device authorization This changes updates to the newest oidc version, so the Device Authorization grant can return ID tokens when the scope `openid` is set. There is also some refactoring done, so that the eventstore can be queried directly when polling for state. The projection is cleaned up to a minimum with only data required for the login UI. * try to be explicit wit hthe timezone to fix github * pin oidc v3.8.0 * remove TBD entry
2025-08-12 07:57:32 +00:00 · 2023-12-20 14:21:08 +02:00
parent e15f6229cd
commit e22689c125
25 changed files with 629 additions and 621 deletions
--- a/internal/domain/device_auth_test.go
+++ b/internal/domain/device_auth_test.go
@@ -30,7 +30,7 @@ func TestDeviceAuthState_Exists(t *testing.T) {
 			want: true,
 		},
 		{
-			s:    DeviceAuthStateRemoved,
+			s:    deviceAuthStateCount,
 			want: false,
 		},
 	}
@@ -68,10 +68,6 @@ func TestDeviceAuthState_Done(t *testing.T) {
 			s:    DeviceAuthStateExpired,
 			want: false,
 		},
-		{
-			s:    DeviceAuthStateRemoved,
-			want: false,
-		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.s.String(), func(t *testing.T) {
@@ -108,10 +104,6 @@ func TestDeviceAuthState_Denied(t *testing.T) {
 			s:    DeviceAuthStateExpired,
 			want: true,
 		},
-		{
-			s:    DeviceAuthStateRemoved,
-			want: true,
-		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {