TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
2731099db3
zitadel/internal/api/oidc
History
Tim Möhlmann df57a64ed7
fix(oidc): ignore public key expiry for ID Token hints (#7293) 
* fix(oidc): ignore public key expiry for ID Token hints

This splits the key sets used for access token and ID token hints.
ID Token hints should be able to be verified by with public keys that are already expired.
However, we do not want to change this behavior for Access Tokens,
where an error for an expired public key is still returned.

The public key cache is modified to purge public keys based on last use,
instead of expiry.
The cache is shared between both verifiers.

* resolve review comments

* pin oidc 3.11
2024-01-29 15:11:52 +00:00
..
access_token.go fix(oidc): ignore public key expiry for ID Token hints (#7293) 2024-01-29 15:11:52 +00:00
amr_test.go feat(api): add and remove OTP (SMS and email) (#6295) 2023-08-02 18:57:53 +02:00
amr.go feat(api): add and remove OTP (SMS and email) (#6295) 2023-08-02 18:57:53 +02:00
auth_request_converter_v2.go merge main into next 2023-10-19 12:34:00 +02:00
auth_request_converter.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
auth_request_integration_test.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
auth_request.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
client_converter.go feat: allow glob redirects (#7091) 2023-12-28 11:25:18 +02:00
client_credentials.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
client_integration_test.go fix(oidc): ignore public key expiry for ID Token hints (#7293) 2024-01-29 15:11:52 +00:00
client.go feat(actions): add org metadata in complement token and saml response flows (#7263) 2024-01-26 08:56:10 +00:00
device_auth.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
error_test.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
error.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
introspect.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
jwt-profile.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
key_test.go fix(oidc): ignore public key expiry for ID Token hints (#7293) 2024-01-29 15:11:52 +00:00
key.go fix(oidc): ignore public key expiry for ID Token hints (#7293) 2024-01-29 15:11:52 +00:00
oidc_integration_test.go fix: uniform oidc errors (#7237) 2024-01-18 07:10:49 +01:00
op.go fix(oidc): ignore public key expiry for ID Token hints (#7293) 2024-01-29 15:11:52 +00:00
server_test.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
server.go fix(oidc): ignore public key expiry for ID Token hints (#7293) 2024-01-29 15:11:52 +00:00
userinfo_test.go perf(oidc): optimize the introspection endpoint (#6909) 2023-11-21 13:11:38 +01:00
userinfo.go feat(actions): add org metadata in complement token and saml response flows (#7263) 2024-01-26 08:56:10 +00:00