TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-03-01 09:27:24 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal/api/oidc
History
Tim Möhlmann db8d794794
fix(oidc): ignore algorithm for legacy signer (#9148) 
# Which Problems Are Solved

It was possible to set a diffent algorithm for the legacy signer. This
is not supported howerver and breaks the token endpoint.

# How the Problems Are Solved

Remove the OIDC.SigningKeyAlgorithm config option and hard-code RS256
for the legacy signer.

# Additional Changes

- none

# Additional Context

Only RS256 is supported by the legacy signer. It was mentioned in the
comment of the config not to use it and use the webkeys resource
instead.

- closes #9121
2025-01-08 08:40:33 +00:00
..
integration_test
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
access_token.go
feat(oidc): use web keys for token signing and verification (#8449)
2024-08-23 14:43:46 +02:00
amr_test.go
feat(oidc): token exchange impersonation (#7516)
2024-03-20 10:18:46 +00:00
amr.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
auth_request_converter_test.go
fix(oidc): prompts slice conversion function returns slice which contains unexpected empty strings (#8997)
2024-12-04 20:56:36 +00:00
auth_request_converter_v2.go
fix(oidc): store requested response_mode (#8145)
2024-06-17 09:50:12 +00:00
auth_request_converter.go
fix(oidc): prompts slice conversion function returns slice which contains unexpected empty strings (#8997)
2024-12-04 20:56:36 +00:00
auth_request.go
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
client_converter.go
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
client_credentials.go
perf(oidc): remove get user by ID from jwt profile grant (#8580)
2024-09-11 12:04:09 +03:00
client.go
fix: correctly check user state (#8631)
2024-09-17 13:21:49 +00:00
device_auth.go
fix: provide device auth config (#8419)
2024-08-12 12:55:07 +03:00
error_test.go
fix: uniform oidc errors (#7237)
2024-01-18 07:10:49 +01:00
error.go
fix(oidc): return bad request for base64 errors (#7730)
2024-04-09 08:42:59 +02:00
introspect.go
fix: correctly check app state on authentication (#8630)
2024-09-17 11:34:14 +00:00
jwt-profile.go
fix: uniform oidc errors (#7237)
2024-01-18 07:10:49 +01:00
key_test.go
feat(oidc): use web keys for token signing and verification (#8449)
2024-08-23 14:43:46 +02:00
key.go
fix(oidc): ignore algorithm for legacy signer (#9148)
2025-01-08 08:40:33 +00:00
op.go
fix(oidc): ignore algorithm for legacy signer (#9148)
2025-01-08 08:40:33 +00:00
server_test.go
chore(tests): use a coverage server binary (#8407)
2024-09-06 14:47:57 +02:00
server.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
token_client_credentials.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token_code.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token_device.go
feat(oidc): allow returning of parent errors to client (#8376)
2024-08-20 06:45:24 +00:00
token_exchange_converter.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
token_exchange.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token_jwt_profile.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token_refresh.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
userinfo_test.go
fix(oidc): always set sub claim (#8598)
2024-09-12 12:36:33 +00:00
userinfo.go
fix: correctly check user state (#8631)
2024-09-17 13:21:49 +00:00