Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

introspection improvements #300

Merged
merged 4 commits into from
Dec 9, 2023
Merged

introspection improvements #300

merged 4 commits into from
Dec 9, 2023

Conversation

paulswartz
Copy link
Collaborator

@paulswartz paulswartz commented Dec 9, 2023
edited
Loading

  • allow client authentication types other than client_secret_basic (by extracting the code used in oidcc_token)
  • include other values defined in https://datatracker.ietf.org/doc/html/rfc7662, as well as extra to include values outside the spec

paulswartz
paulswartz commented Dec 9, 2023
View reviewed changes
src/oidcc_auth_util.erl Outdated Show resolved Hide resolved
@coveralls
Copy link

coveralls commented Dec 9, 2023
edited
Loading

Pull Request Test Coverage Report for Build 97

  • 62 of 62 (100.0%) changed or added relevant lines in 3 files are covered.
  • 1 unchanged line in 1 file lost coverage.
  • Overall coverage increased (+0.8%) to 93.59%
Files with Coverage Reduction New Missed Lines %
src/oidcc_token.erl 1 88.82%
Totals Coverage Status
Change from base Build 129: 0.8%
Covered Lines: 730
Relevant Lines: 780
💛 - Coveralls

@paulswartz paulswartz marked this pull request as ready for review December 9, 2023 03:45
@maennchen maennchen mentioned this pull request Dec 9, 2023
Closed
maennchen
maennchen requested changes Dec 9, 2023
View reviewed changes
Copy link
Member

@maennchen maennchen left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This is looking good besides the two little changes.

@maennchen maennchen self-assigned this Dec 9, 2023
@maennchen maennchen added this to the v3.2.0 milestone Dec 9, 2023
@paulswartz
refactor: pull client authentication into a helper module
56f77c6
@paulswartz
feat: use add_client_authentication for introspection
3591684 
If the OP supports other kinds of auth (but not the basic auth header),
this allows the introspection endpoint to work.
@paulswartz
feat: add extra parameter to token_introspection
0715d0e 
From https://datatracker.ietf.org/doc/html/rfc7662#section-2.2:

> Specific implementations MAY extend this structure with their own
> service-specific response names as top-level members of this JSON
> object.
@paulswartz
fix: don't use any default algorithms for client_secret_jwt
4e3d1c2 
Fixes erlef#301
@paulswartz paulswartz requested a review from maennchen December 9, 2023 19:03
@maennchen maennchen merged commit b3dcd27 into erlef:main Dec 9, 2023
25 checks passed
@paulswartz paulswartz deleted the introspect branch January 13, 2024 01:02
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@maennchen maennchen maennchen approved these changes

Assignees

@maennchen maennchen

Labels
enhancement
Projects
None yet
Milestone
v3.2.0
Development

Successfully merging this pull request may close these issues.
3 participants
@paulswartz @coveralls @maennchen