mirror of
https://github.com/zitadel/zitadel.git
synced 2025-10-24 08:50:33 +00:00

# Which Problems Are Solved The client ID for OIDC applications has an `@` in it, which is not allowed in some 3rd-party systems (such as AWS). # How the Problems Are Solved Per @fforootd and @hifabienne in #6222, remove the project suffix and the `@` from the client ID and just use the generated ID. # Additional Changes N/A # Additional Context - Closes #6222 --------- Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> Co-authored-by: Livio Spring <livio.a@gmail.com>
35 lines
740 B
Go
35 lines
740 B
Go
package domain
|
|
|
|
import (
|
|
"github.com/zitadel/zitadel/internal/id"
|
|
)
|
|
|
|
type oAuthApplication interface {
|
|
setClientID(clientID string)
|
|
setClientSecret(encodedHash string)
|
|
requiresClientSecret() bool
|
|
}
|
|
|
|
// ClientID random_number (eg. 495894098234)
|
|
func SetNewClientID(a oAuthApplication, idGenerator id.Generator) error {
|
|
clientID, err := idGenerator.Next()
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
a.setClientID(clientID)
|
|
return nil
|
|
}
|
|
|
|
func SetNewClientSecretIfNeeded(a oAuthApplication, generate func() (encodedHash, plain string, err error)) (string, error) {
|
|
if !a.requiresClientSecret() {
|
|
return "", nil
|
|
}
|
|
encodedHash, plain, err := generate()
|
|
if err != nil {
|
|
return "", err
|
|
}
|
|
a.setClientSecret(encodedHash)
|
|
return plain, nil
|
|
}
|