mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-05 14:37:45 +00:00
1aa8c49e41
# Which Problems Are Solved Zitadel never stored or returned the requested `response_mode` in oidc Auth Requests. This caused the oidc library to fallback to the default based on the response_type. # How the Problems Are Solved - Store the `response_mode` in the Auth request repo - Store the `response_mode` in the Auth request v2 events - Return the `resonse_mode` from the Auth Request v1 and v2 `ResponseMode()` methods. (Was hard-coded to an empty string) # Additional Changes - Populate the `response_modes_supported` to the oidc Discovery Configuration. When it was empty, the standard specifies the default of `query` and `fragment`. However, our oidc library also supports `form_post` and by this fix, zitadel now also supports this. # Additional Context - Closes #6586 - Reported https://discord.com/channels/927474939156643850/1151508313717084220 --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
107 lines
2.0 KiB
Go
107 lines
2.0 KiB
Go
package oidc
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/zitadel/oidc/v3/pkg/oidc"
|
|
|
|
"github.com/zitadel/zitadel/internal/command"
|
|
)
|
|
|
|
type AuthRequestV2 struct {
|
|
*command.CurrentAuthRequest
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetID() string {
|
|
return a.ID
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetACR() string {
|
|
return "" //PLANNED: impl
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetAMR() []string {
|
|
return AuthMethodTypesToAMR(a.AuthMethods)
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetAudience() []string {
|
|
return a.Audience
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetAuthTime() time.Time {
|
|
return a.AuthTime
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetClientID() string {
|
|
return a.ClientID
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetCodeChallenge() *oidc.CodeChallenge {
|
|
return CodeChallengeToOIDC(a.CodeChallenge)
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetNonce() string {
|
|
return a.Nonce
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetRedirectURI() string {
|
|
return a.RedirectURI
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetResponseType() oidc.ResponseType {
|
|
return ResponseTypeToOIDC(a.ResponseType)
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetResponseMode() oidc.ResponseMode {
|
|
return ResponseModeToOIDC(a.ResponseMode)
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetScopes() []string {
|
|
return a.Scope
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetState() string {
|
|
return a.State
|
|
}
|
|
|
|
func (a *AuthRequestV2) GetSubject() string {
|
|
return a.UserID
|
|
}
|
|
|
|
func (a *AuthRequestV2) Done() bool {
|
|
return a.UserID != "" && a.SessionID != ""
|
|
}
|
|
|
|
type RefreshTokenRequestV2 struct {
|
|
*command.OIDCSessionWriteModel
|
|
RequestedScopes []string
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) GetAMR() []string {
|
|
return AuthMethodTypesToAMR(r.AuthMethods)
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) GetAudience() []string {
|
|
return r.Audience
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) GetAuthTime() time.Time {
|
|
return r.AuthTime
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) GetClientID() string {
|
|
return r.ClientID
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) GetScopes() []string {
|
|
return r.Scope
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) GetSubject() string {
|
|
return r.UserID
|
|
}
|
|
|
|
func (r *RefreshTokenRequestV2) SetCurrentScopes(scopes []string) {
|
|
r.RequestedScopes = scopes
|
|
}
|