TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-23 11:37:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
56b8e52c746d12b17110d1f44eb0d43f9d6669a0
zitadel/internal/api/oidc
History
Livio Spring 2a7db64881 fix: check for 2fa even if not enforced 
# Which Problems Are Solved

Zitadel enforces MFA if required by the organization's policy, but did not ensure in all cases, if a user voluntarily set it up.

# How the Problems Are Solved

Ensure 2FA/MFA is required in any call to Zitadel if set up by user even if policy does not require.

# Additional Changes

None

# Additional Context

- requires backports

(cherry picked from commit b284f8474e)
(cherry picked from commit f7309f8295)
2025-10-29 10:38:10 +01:00
..
integration_test
fix: check for 2fa even if not enforced
2025-10-29 10:38:10 +01:00
access_token.go
feat(oidc): use web keys for token signing and verification (#8449)
2024-08-23 14:43:46 +02:00
amr_test.go
feat(oidc): token exchange impersonation (#7516)
2024-03-20 10:18:46 +00:00
amr.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
auth_request_converter_test.go
fix(oidc): prompts slice conversion function returns slice which contains unexpected empty strings (#8997)
2024-12-04 20:56:36 +00:00
auth_request_converter_v2.go
fix(oidc): store requested response_mode (#8145)
2024-06-17 09:50:12 +00:00
auth_request_converter.go
fix(oidc): prompts slice conversion function returns slice which contains unexpected empty strings (#8997)
2024-12-04 20:56:36 +00:00
auth_request.go
feat: federated logout for SAML IdPs (#9931)
2025-05-23 14:59:34 +02:00
client_converter.go
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
client_credentials.go
perf(oidc): remove get user by ID from jwt profile grant (#8580)
2024-09-11 12:04:09 +03:00
client.go
fix merge
2025-08-12 14:53:21 +02:00
device_auth.go
fix: provide device auth config (#8419)
2024-08-12 12:55:07 +03:00
error_test.go
fix: uniform oidc errors (#7237)
2024-01-18 07:10:49 +01:00
error.go
chore: update dependencies (#9784)
2025-05-21 13:52:42 +02:00
introspect.go
fix: correctly check app state on authentication (#8630)
2024-09-17 11:34:14 +00:00
jwt-profile.go
fix: uniform oidc errors (#7237)
2024-01-18 07:10:49 +01:00
key_test.go
feat(oidc): use web keys for token signing and verification (#8449)
2024-08-23 14:43:46 +02:00
key.go
fix(eventstore): use decimal, correct mirror (#9916)
2025-05-27 17:13:17 +02:00
op.go
perf(actionsv2): execution target router (#10564)
2025-09-10 07:53:53 +02:00
server_test.go
chore(tests): use a coverage server binary (#8407)
2024-09-06 14:47:57 +02:00
server.go
fix(oidc): ignore invalid id_token_hints (#10682)
2025-09-11 15:07:31 +02:00
token_client_credentials.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token_code.go
fix(OIDC): back channel logout work for custom UI (#9487)
2025-03-11 14:19:09 +00:00
token_device.go
fix(OIDC): back channel logout work for custom UI (#9487)
2025-03-11 14:19:09 +00:00
token_exchange_converter.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
token_exchange.go
fix(token exchange): properly return an error if membership is missing (#9468)
2025-03-11 11:14:18 +00:00
token_jwt_profile.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token_refresh.go
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
token.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
userinfo_test.go
fix(oidc): always set sub claim (#8598)
2024-09-12 12:36:33 +00:00
userinfo.go
perf(actionsv2): execution target router (#10564)
2025-09-10 07:53:53 +02:00