TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 19:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: remove oauth endpoints from oidc config proto (#2014)

Browse Source
This commit is contained in:
Fabi
2021-07-13 16:06:17 +02:00
committed by GitHub
parent 87ef8f454a
commit e630555a2a
11 changed files with 70 additions and 188 deletions
Download Patch File Download Diff File Expand all files Collapse all files

42
proto/zitadel/admin.proto
View File

@@ -2353,10 +2353,8 @@ message AddOIDCIDPRequest {
max_length: 200;
}
];
// Fill the issuer if the identity provider is oidc discovery compliant
// If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead
string issuer = 5 [
(validate.rules).string = {max_len: 200},
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com\"";
description: "the oidc issuer of the identity provider";
@@ -2381,24 +2379,6 @@ message AddOIDCIDPRequest {
description: "definition which field is mapped to the email of the user";
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string authorization_endpoint = 9 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com/o/oauth2/v2/auth\"";
description: "the oauth2 authorization endpoint of the identity provider";
max_length: 500;
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string token_endpoint = 10 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://oauth2.googleapis.com/token\"";
description: "the oauth2 token endpoint of the identity provider";
max_length: 500;
}
];
}
message AddOIDCIDPResponse {
@@ -2511,8 +2491,6 @@ message UpdateIDPOIDCConfigRequest {
max_length: 200;
}
];
// Fill the issuer if the identity provider is oidc discovery compliant
// If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead
string issuer = 2 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
@@ -2555,24 +2533,6 @@ message UpdateIDPOIDCConfigRequest {
description: "definition which field is mapped to the email of the user";
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string authorization_endpoint = 8 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com/o/oauth2/v2/auth\"";
description: "the oauth2 authorization endpoint of the identity provider";
max_length: 500;
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string token_endpoint = 9 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://oauth2.googleapis.com/token\"";
description: "the oauth2 token endpoint of the identity provider";
max_length: 500;
}
];
}
message UpdateIDPOIDCConfigResponse {

16
proto/zitadel/idp.proto
View File

@@ -153,22 +153,6 @@ message OIDCConfig {
description: "definition which field is mapped to the email of the user";
}
];
string authorization_endpoint = 6 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com/o/oauth2/v2/auth\"";
description: "the oauth2 authorization endpoint of the identity provider";
max_length: 500;
}
];
string token_endpoint = 7 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://oauth2.googleapis.com/token\"";
description: "the oauth2 token endpoint of the identity provider";
max_length: 500;
}
];
}
enum OIDCMappingField {

42
proto/zitadel/management.proto
View File

@@ -4603,10 +4603,8 @@ message AddOrgOIDCIDPRequest {
description: "client secret generated by the identity provider";
}
];
// Fill the issuer if the identity provider is oidc discovery compliant
// If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead
string issuer = 5 [
(validate.rules).string = {max_len: 200},
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com\"";
description: "the oidc issuer of the identity provider";
@@ -4630,24 +4628,6 @@ message AddOrgOIDCIDPRequest {
description: "definition which field is mapped to the email of the user";
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string authorization_endpoint = 9 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com/o/oauth2/v2/auth\"";
description: "the oauth2 authorization endpoint of the identity provider";
max_length: 500;
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string token_endpoint = 10 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://oauth2.googleapis.com/token\"";
description: "the oauth2 token endpoint of the identity provider";
max_length: 500;
}
];
}
message AddOrgOIDCIDPResponse {
@@ -4718,8 +4698,6 @@ message UpdateOrgIDPOIDCConfigRequest {
description: "client secret generated by the identity provider. If empty the secret is not overwritten";
}
];
// Fill the issuer if the identity provider is oidc discovery compliant
// If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead
string issuer = 4 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
@@ -4745,24 +4723,6 @@ message UpdateOrgIDPOIDCConfigRequest {
description: "definition which field is mapped to the email of the user";
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string authorization_endpoint = 8 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://accounts.google.com/o/oauth2/v2/auth\"";
description: "the oauth2 authorization endpoint of the identity provider";
max_length: 500;
}
];
// If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer
string token_endpoint = 9 [
(validate.rules).string = {max_len: 500},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
example: "\"https://oauth2.googleapis.com/token\"";
description: "the oauth2 token endpoint of the identity provider";
max_length: 500;
}
];
}
message UpdateOrgIDPOIDCConfigResponse {