perf(oidc): optimize client verification (#6999)

* fix some spelling errors * client credential auth * implementation of client auth * improve error handling * unit test command package * unit test database package * unit test query package * cleanup unused tracing func * fix integration tests * errz to zerrors * fix linting and import issues * fix another linting error * integration test with client secret * Revert "integration test with client secret" This reverts commit 0814ba522f. * add integration tests * client credentials integration test * resolve comments * pin oidc v3.5.0
2025-08-12 00:17:32 +00:00 · 2023-12-05 19:01:03 +02:00
parent 51cfb9564a
commit ec03340b67
46 changed files with 1666 additions and 781 deletions
--- a/internal/api/oidc/server.go
+++ b/internal/api/oidc/server.go
@@ -27,6 +27,10 @@ type Server struct {
 	command *command.Commands
 	keySet  *keySetCache

+	defaultLoginURL    string
+	defaultLoginURLV2  string
+	defaultLogoutURLV2 string
+
 	fallbackLogger      *slog.Logger
 	hashAlg             crypto.HashAlgorithm
 	signingKeyAlgorithm string
@@ -143,13 +147,6 @@ func (s *Server) DeviceAuthorization(ctx context.Context, r *op.ClientRequest[oi
 	return s.LegacyServer.DeviceAuthorization(ctx, r)
 }

-func (s *Server) VerifyClient(ctx context.Context, r *op.Request[op.ClientCredentials]) (_ op.Client, err error) {
-	ctx, span := tracing.NewSpan(ctx)
-	defer func() { span.EndWithError(err) }()
-
-	return s.LegacyServer.VerifyClient(ctx, r)
-}
-
 func (s *Server) CodeExchange(ctx context.Context, r *op.ClientRequest[oidc.AccessTokenRequest]) (_ *op.Response, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()