TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(token exchange): properly return an error if membership is missing (#9468)

Browse Source 
# Which Problems Are Solved

When requesting a JWT (`urn:ietf:params:oauth:token-type:jwt`) to be
returned in a Token Exchange request, ZITADEL would panic if the `actor`
was not granted the necessary permission.

# How the Problems Are Solved

Properly check the error and return it.

# Additional Changes

None

# Additional Context

- closes #9436
This commit is contained in:
Livio Spring
2025-03-11 12:14:18 +01:00
committed by GitHub
parent bae45ee159
commit e6ce1af003
2 changed files with 14 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
internal/api/oidc/token_exchange.go
View File

@@ -349,6 +349,9 @@ func (s *Server) createExchangeJWT(
"",
domain.OIDCResponseTypeUnspecified,
)
if err != nil {
return "", "", 0, err
}
accessToken, err = s.createJWT(ctx, client, session, getUserInfo, roleAssertion, getSigner)
if err != nil {
return "", "", 0, err