Livio Amstutz fc6154cffc
feat: token revocation and OP certification (#2594)
* fix: try using only user session if no user is set (id_token_hint) on prompt none

* fix caos errors As implementation

* implement request mode

* return explicit error on invalid refresh token use

* begin token revocation

* token revocation

* tests

* tests

* cleanup

* set op config

* add revocation endpoint to config

* add revocation endpoint to config

* migration version

* error handling in token revocation

* migration version

* update oidc lib to 1.0.0
2021-11-03 08:35:24 +01:00

31 lines
691 B
Go

package domain
import (
"strings"
"time"
es_models "github.com/caos/zitadel/internal/eventstore/v1/models"
)
type Token struct {
es_models.ObjectRoot
TokenID string
ApplicationID string
UserAgentID string
RefreshTokenID string
Audience []string
Expiration time.Time
Scopes []string
PreferredLanguage string
}
func AddAudScopeToAudience(audience, scopes []string) []string {
for _, scope := range scopes {
if strings.HasPrefix(scope, ProjectIDScope) && strings.HasSuffix(scope, AudSuffix) {
audience = append(audience, strings.TrimSuffix(strings.TrimPrefix(scope, ProjectIDScope), AudSuffix))
}
}
return audience
}