zitadel/oidc at 85d7536d4410879037f2cd132ca8f8149f518800 - zitadel - private dev space

TheArchive/zitadel

mirror of https://github.com/zitadel/zitadel.git synced 2025-05-20 19:18:19 +00:00

History

Livio Spring 85d7536d44

fix(oauth): ensure client error is prioritized over token error (#8133 )

# Which Problems Are Solved

Introduced with #6909, the authentication check (API client) and the
token verification on the introspection endpoint where parallelized to
improve performance. Only the first error would be considered and
returned (and the second completely ignored).
This could lead to situations where both the client authentication and
token verification failed and the response would result in a 200 OK with
`active: false`.

# How the Problems Are Solved

- The client authentication check error will always be prioritized.
- An error in the token check will no longer terminate the client
authentication check.

# Additional Changes

None.

# Additional Context

- reported in Discord:
https://discord.com/channels/927474939156643850/1242770807105781760

2024-06-17 09:09:00 +00:00

..

access_token.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

amr_test.go

feat(oidc): token exchange impersonation (#7516 )

2024-03-20 10:18:46 +00:00

amr.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

auth_request_converter_v2.go

merge main into next

2023-10-19 12:34:00 +02:00

auth_request_converter.go

fix(oidc): IDP and machine user auth methods (#7992 )

2024-05-23 05:35:10 +00:00

auth_request_integration_test.go

fix(oidc): only return state in access token response for implicit flow (#8108 )

2024-06-12 11:53:56 +00:00

auth_request.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

client_converter.go

feat(oidc): organization roles scope (#8120 )

2024-06-14 10:00:43 +02:00

client_credentials.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

client_integration_test.go

fix(oauth): ensure client error is prioritized over token error (#8133 )

2024-06-17 09:09:00 +00:00

client.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

device_auth.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

error_test.go

fix: uniform oidc errors (#7237 )

2024-01-18 07:10:49 +01:00

error.go

fix(oidc): return bad request for base64 errors (#7730 )

2024-04-09 08:42:59 +02:00

introspect.go

fix(oauth): ensure client error is prioritized over token error (#8133 )

2024-06-17 09:09:00 +00:00

jwt-profile.go

fix: uniform oidc errors (#7237 )

2024-01-18 07:10:49 +01:00

key_test.go

chore(deps): update all go deps (#7773 )

2024-04-15 09:17:36 +00:00

key.go

chore(deps): update all go deps (#7773 )

2024-04-15 09:17:36 +00:00

oidc_integration_test.go

fix(oidc): remove MFA requirement on ZITADEL API based on user auth methods (#8069 )

2024-06-12 12:24:17 +00:00

op.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

server_integration_test.go

chore(oidc): add refresh token error integration test (#7766 )

2024-04-17 08:38:03 +00:00

server_test.go

feat: restrict languages (#6931 )

2023-12-05 11:12:01 +00:00

server.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

token_client_credentials_integration_test.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

token_client_credentials.go

fix(oauth2): correctly return an error on client_credentials and jwt_profile (#8092 )

2024-06-12 06:42:50 +00:00

token_code.go

fix(oidc): only return state in access token response for implicit flow (#8108 )

2024-06-12 11:53:56 +00:00

token_device.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

token_exchange_converter.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

token_exchange_integration_test.go

perf(oidc): optimize token creation (#7822 )

2024-05-16 07:07:56 +02:00

token_exchange.go

fix(oidc): upgrade zitadel/oidc to allow scope without openid (#8109 )

2024-06-13 09:32:27 +00:00

token_jwt_profile_integration_test.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

token_jwt_profile.go

fix(oauth2): correctly return an error on client_credentials and jwt_profile (#8092 )

2024-06-12 06:42:50 +00:00

token_refresh.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

token.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

userinfo_integration_test.go

feat(oidc): organization roles scope (#8120 )

2024-06-14 10:00:43 +02:00

userinfo_test.go

fix(oidc): respect role assertion and idTokenInfo flags and trigger preAccessToken trigger (#8046 )

2024-05-31 10:10:18 +00:00

userinfo.go

feat(oidc): organization roles scope (#8120 )

2024-06-14 10:00:43 +02:00