feat(op): allow scope without openid #613
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This changes removes the requirement of the openid scope to be set for all token requests. As this library also support OAuth2-only authentication mechanisms we still want to sanitize requested scopes, but not enforce the openid scope. Related to zitadel/zitadel#8068
muhlemmer
added a commit
to zitadel/zitadel
that referenced
this pull request
Jun 12, 2024
This change upgrades the oidc package to include zitadel/oidc#613. This will drop the requirement of the `openid` scope in all auth and token request types.
livio-a
approved these changes
Jun 13, 2024
|
🎉 This PR is included in version 3.25.0 🎉 The release is available on GitHub release Your semantic-release bot 📦🚀 |
muhlemmer
added a commit
to zitadel/zitadel
that referenced
this pull request
Jun 13, 2024
# Which Problems Are Solved Drop the requirement of the `openid` scope in all auth and token request types. # How the Problems Are Solved This change upgrades the oidc package to include zitadel/oidc#613. # Additional Changes - Fix a typo in a go doc string - upgrade otel modules to match the version from oidc. # Additional Context - #7822 started doing scope validation for machine user authentication on the token endpoint. - #8068 reports breakage of machine authentication without `openid` scope. - Merge after zitadel/oidc#613 is released.
livio-a
pushed a commit
to zitadel/zitadel
that referenced
this pull request
Jun 13, 2024
# Which Problems Are Solved Drop the requirement of the `openid` scope in all auth and token request types. # How the Problems Are Solved This change upgrades the oidc package to include zitadel/oidc#613. # Additional Changes - Fix a typo in a go doc string - upgrade otel modules to match the version from oidc. # Additional Context - #7822 started doing scope validation for machine user authentication on the token endpoint. - #8068 reports breakage of machine authentication without `openid` scope. - Merge after zitadel/oidc#613 is released. (cherry picked from commit 81cc7c6)
livio-a
pushed a commit
to zitadel/zitadel
that referenced
this pull request
Jun 13, 2024
# Which Problems Are Solved Drop the requirement of the `openid` scope in all auth and token request types. # How the Problems Are Solved This change upgrades the oidc package to include zitadel/oidc#613. # Additional Changes - Fix a typo in a go doc string - upgrade otel modules to match the version from oidc. # Additional Context - #7822 started doing scope validation for machine user authentication on the token endpoint. - #8068 reports breakage of machine authentication without `openid` scope. - Merge after zitadel/oidc#613 is released. (cherry picked from commit 81cc7c6)
livio-a
pushed a commit
to zitadel/zitadel
that referenced
this pull request
Jun 21, 2024
# Which Problems Are Solved Drop the requirement of the `openid` scope in all auth and token request types. # How the Problems Are Solved This change upgrades the oidc package to include zitadel/oidc#613. # Additional Changes - Fix a typo in a go doc string - upgrade otel modules to match the version from oidc. # Additional Context - #7822 started doing scope validation for machine user authentication on the token endpoint. - #8068 reports breakage of machine authentication without `openid` scope. - Merge after zitadel/oidc#613 is released.
brandonkal
pushed a commit
to brandonkal/zitadel
that referenced
this pull request
Jun 26, 2024
…l#8109) # Which Problems Are Solved Drop the requirement of the `openid` scope in all auth and token request types. # How the Problems Are Solved This change upgrades the oidc package to include zitadel/oidc#613. # Additional Changes - Fix a typo in a go doc string - upgrade otel modules to match the version from oidc. # Additional Context - zitadel#7822 started doing scope validation for machine user authentication on the token endpoint. - zitadel#8068 reports breakage of machine authentication without `openid` scope. - Merge after zitadel/oidc#613 is released.
RedstonePfalz
pushed a commit
to RedstonePfalz/zitadel
that referenced
this pull request
Jul 22, 2024
…l#8109) # Which Problems Are Solved Drop the requirement of the `openid` scope in all auth and token request types. # How the Problems Are Solved This change upgrades the oidc package to include zitadel/oidc#613. # Additional Changes - Fix a typo in a go doc string - upgrade otel modules to match the version from oidc. # Additional Context - zitadel#7822 started doing scope validation for machine user authentication on the token endpoint. - zitadel#8068 reports breakage of machine authentication without `openid` scope. - Merge after zitadel/oidc#613 is released.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This changes removes the requirement of the openid scope to be set for all token requests.
As this library also support OAuth2-only authentication mechanisms we still want to sanitize requested scopes, but not enforce the openid scope.
Related to zitadel/zitadel#8068
Definition of Ready