TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-01-05 14:37:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal
History
Tim Möhlmann 778b4041ca
fix(oidc): do not return access token for response type id_token (#8777) 
# Which Problems Are Solved

Do not return an access token for implicit flow from v1 login, if the
`response_type` is `id_token`

# How the Problems Are Solved

Do not create the access token event if if the `response_type` is
`id_token`.

# Additional Changes

Token endpoint calls without auth request, such as machine users, token
exchange and refresh token, do not have a `response_type`. For such
calls the `OIDCResponseTypeUnspecified` enum is added at a `-1` offset,
in order not to break existing client configs.

# Additional Context

- https://discord.com/channels/927474939156643850/1294001717725237298
- Fixes https://github.com/zitadel/zitadel/issues/8776
2024-11-12 15:20:48 +00:00
..
actions
fix: correctly check denied domains and ips for actions (#8810)
2024-10-22 16:16:44 +02:00
activity
feat: trusted (instance) domains (#8369)
2024-07-31 18:00:38 +03:00
admin/repository/eventsourcing
feat(cmd): mirror (#7004)
2024-05-30 09:35:30 +00:00
api
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
auth/repository
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
auth_request/repository
fix(login): correctly reload policies on auth request (#7839)
2024-04-24 08:44:55 +00:00
authz
docs: standardize multi-factor spelling and related string updates (#8752)
2024-10-22 14:59:16 +00:00
cache
feat(cache): redis cache (#8822)
2024-11-04 10:44:51 +00:00
command
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
config
feat(v3alpha): read actions (#8357)
2024-08-12 22:32:01 +02:00
crypto
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
database
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
domain
fix(oidc): do not return access token for response type id_token (#8777)
2024-11-12 15:20:48 +00:00
eventstore
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
execution
feat: add schema user create and remove (#8494)
2024-08-28 19:46:45 +00:00
feature
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
form
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
i18n
fix(middleware): init translation messages (#7778)
2024-04-16 12:08:18 +00:00
iam
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
id
feat(cmd): Added machine ID mode to zitadel start up logs (#8251)
2024-07-16 09:53:57 +00:00
idp
fix(SAML): log underlying error if SAML response validation fails (#8721)
2024-10-11 07:04:15 +00:00
integration
feat(cache): redis cache (#8822)
2024-11-04 10:44:51 +00:00
logstore
perf: project quotas and usages (#6441)
2023-09-15 16:58:45 +02:00
migration
fix(setup): init projections (#7194)
2024-01-25 17:28:20 +01:00
net
perf: project quotas and usages (#6441)
2023-09-15 16:58:45 +02:00
notification
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
org
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
project
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
protoc
merge main into next
2023-10-19 12:34:00 +02:00
qrcode
docs(legal): Updated agreements and policies v2 (#3823)
2022-06-15 08:30:58 +02:00
query
fix(milestones): use previous spelling for milestone types (#8886)
2024-11-11 11:28:27 +00:00
renderer
fix(login): (re)allow HTML in custom login texts (#7575)
2024-03-15 16:29:10 +01:00
repository
fix(milestones): use previous spelling for milestone types (#8886)
2024-11-11 11:28:27 +00:00
static
docs: standardize multi-factor spelling and related string updates (#8752)
2024-10-22 14:59:16 +00:00
statik
chore: initial version of a devcontainer (#6352)
2023-08-15 10:49:05 +02:00
telemetry
feat: enable application performance profiling (#8442)
2024-08-16 13:26:53 +00:00
test
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
user
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
v2
fix(eventstore): revert precise decimal (#8527) (#8679)
2024-09-24 18:43:29 +02:00
view/repository
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
webauthn
fix: add domain as attribute to list user auth methods (#8718)
2024-10-10 16:50:53 +00:00
zerrors
fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374)
2024-08-02 08:38:37 +00:00