Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement RFC 8628 #826

Merged
merged 36 commits into from
Feb 3, 2025
Merged

Implement RFC 8628 #826

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
da9b16b
fix: fix tests
nsklikas Oct 15, 2024
a2f5611
fix: Use Requester param in WriteAccessError
nsklikas Feb 5, 2024
55b085d
fix: generalize validateAuthorizeAudience method
nsklikas Feb 6, 2024
27fc5e1
feat: add device flow base logic
nsklikas Feb 6, 2024
95c216d
fix: add handler for device authorization req
nsklikas Feb 6, 2024
9dc12f8
fix: add device flow handlers to compose
nsklikas Feb 6, 2024
d7b70dd
fix: update memory storage
nsklikas Feb 6, 2024
09a8abe
chore: update integration tests
nsklikas Feb 7, 2024
9618c06
fix: review comments
nsklikas Feb 9, 2024
282633a
feat: implement the access token handling for device authorization flow
wood-push-melon Mar 15, 2024
044f494
fix: passing the correct authorization request when validating if the…
wood-push-melon Mar 17, 2024
027ada7
feat: error handling for authorization pending in device flow
wood-push-melon Mar 18, 2024
88d7ee4
test: reorganize the testcases
wood-push-melon Mar 18, 2024
8ff61e7
chore: resolve comments
wood-push-melon Mar 19, 2024
f1a3568
fix: fix oauth2 core storage interface and device flow session type a…
wood-push-melon Mar 24, 2024
8a3cdd8
fix: implement rate limiting
nsklikas Mar 28, 2024
21d1726
fix: do not validate request when creating response
nsklikas Mar 28, 2024
cb518cc
fix: add the OIDC handler for device flow (#13)
wood-push-melon Apr 5, 2024
426d5ab
fix: fix the refresh token issue (#14)
wood-push-melon Apr 12, 2024
8951431
fix: use correct grant lifespan to issue tokens
nsklikas Apr 29, 2024
040eb7c
fix: handle the user code generation duplication
wood-push-melon Apr 29, 2024
bc45749
chore: migrate to uber/gomock
nsklikas Sep 12, 2024
57bd545
refactor: revert oauth handler changes
nsklikas Oct 16, 2024
4ae79b3
ci: use hydra from branch
nsklikas Oct 16, 2024
3d5c071
fix: remove rate limiting implementation
nsklikas Oct 16, 2024
54a1ff0
fix: make user code creation configurable
nsklikas Oct 16, 2024
4ca84a3
refactor: simplify handler and test logic
nsklikas Oct 17, 2024
675f6f0
refactor: merge user and device code storage
nsklikas Nov 12, 2024
f7ed555
refactor: enhance deviceRequest struct
nsklikas Nov 15, 2024
5db11b0
fix: do not create openid session on device auth request
nsklikas Nov 18, 2024
846cf99
test: check for id and refresh token
nsklikas Jan 7, 2025
8994571
chore: migrate to uber/gomock
nsklikas Jan 7, 2025
54071fe
fix: delete oidc session when used
nsklikas Jan 7, 2025
ae40a12
fix: remove rate limiting implementation
nsklikas Jan 7, 2025
1f15315
chore: update copyright date
nsklikas Jan 7, 2025
b77efc3
fix: write device_code expiration in session
nsklikas Jan 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 2 additions & 2 deletions .github/workflows/oidc-conformity.yml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@ jobs:
uses: actions/checkout@v2
with:
fetch-depth: 2
repository: ory/hydra
ref: a35e78e364a26c4f87f37d9f545ef10b3ffa468a
repository: nsklikas/hydra
ref: canonical-master
- uses: actions/setup-go@v2
with:
go-version: "1.21"
Expand Down
2 changes: 1 addition & 1 deletion Makefile
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ test: # runs all tests
curl https://raw.githubusercontent.com/ory/ci/master/licenses/install | sh

.bin/mockgen:
go build -o .bin/mockgen github.com/golang/mock/mockgen
go build -o .bin/mockgen go.uber.org/mock/mockgen

.bin/ory: Makefile
curl https://raw.githubusercontent.com/ory/meta/master/install.sh | bash -s -- -b .bin ory v0.1.48
Expand Down
7 changes: 4 additions & 3 deletions access_error.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand All @@ -10,11 +10,12 @@ import (
"net/http"
)

func (f *Fosite) WriteAccessError(ctx context.Context, rw http.ResponseWriter, req AccessRequester, err error) {
// Convert an error to an http response as per RFC6749
func (f *Fosite) WriteAccessError(ctx context.Context, rw http.ResponseWriter, req Requester, err error) {
f.writeJsonError(ctx, rw, req, err)
}

func (f *Fosite) writeJsonError(ctx context.Context, rw http.ResponseWriter, requester AccessRequester, err error) {
func (f *Fosite) writeJsonError(ctx context.Context, rw http.ResponseWriter, requester Requester, err error) {
rw.Header().Set("Content-Type", "application/json;charset=UTF-8")
rw.Header().Set("Cache-Control", "no-store")
rw.Header().Set("Pragma", "no-cache")
Expand Down
4 changes: 2 additions & 2 deletions access_error_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -11,9 +11,9 @@ import (
"net/http/httptest"
"testing"

"github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
. "github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion access_request.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion access_request_handler.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions access_request_handler_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -10,10 +10,10 @@ import (
"net/url"
"testing"

"github.com/golang/mock/gomock"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
"github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion access_request_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion access_response.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion access_response_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand Down
2 changes: 1 addition & 1 deletion access_response_writer.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions access_response_writer_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -8,9 +8,9 @@ import (
"fmt"
"testing"

"github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
"github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion access_write.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions access_write_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -8,8 +8,8 @@ import (
"net/http"
"testing"

"github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
. "github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion arguments.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion arguments_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
8 changes: 4 additions & 4 deletions audience_strategy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down Expand Up @@ -92,10 +92,10 @@ func GetAudiences(form url.Values) []string {
}
}

func (f *Fosite) validateAuthorizeAudience(ctx context.Context, r *http.Request, request *AuthorizeRequest) error {
audience := GetAudiences(request.Form)
func (f *Fosite) validateAudience(ctx context.Context, r *http.Request, request Requester) error {
audience := GetAudiences(request.GetRequestForm())

if err := f.Config.GetAudienceStrategy(ctx)(request.Client.GetAudience(), audience); err != nil {
if err := f.Config.GetAudienceStrategy(ctx)(request.GetClient().GetAudience(), audience); err != nil {
return err
}

Expand Down
2 changes: 1 addition & 1 deletion audience_strategy_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_error.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions authorize_error_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -10,8 +10,8 @@ import (
"net/url"
"testing"

"github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
. "github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion authorize_helper.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_helper_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand Down
2 changes: 1 addition & 1 deletion authorize_helper_whitebox_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_request.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions authorize_request_handler.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down Expand Up @@ -390,7 +390,7 @@ func (f *Fosite) newAuthorizeRequest(ctx context.Context, r *http.Request, isPAR
return request, err
}

if err = f.validateAuthorizeAudience(ctx, r, request); err != nil {
if err = f.validateAudience(ctx, r, request); err != nil {
return request, err
}

Expand Down
2 changes: 1 addition & 1 deletion authorize_request_handler_oidc_request_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions authorize_request_handler_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -10,10 +10,10 @@ import (
"net/url"
"testing"

"github.com/golang/mock/gomock"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
"github.com/stretchr/testify/require"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
. "github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion authorize_request_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_response.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_response_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_response_writer.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions authorize_response_writer_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -7,9 +7,9 @@ import (
"context"
"testing"

"github.com/golang/mock/gomock"
"github.com/pkg/errors"
"github.com/stretchr/testify/assert"
gomock "go.uber.org/mock/gomock"

"github.com/ory/fosite"
. "github.com/ory/fosite"
Expand Down
2 changes: 1 addition & 1 deletion authorize_validators_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion authorize_write.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
4 changes: 2 additions & 2 deletions authorize_write_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand All @@ -9,8 +9,8 @@ import (
"net/url"
"testing"

"github.com/golang/mock/gomock"
"github.com/stretchr/testify/assert"
gomock "go.uber.org/mock/gomock"

. "github.com/ory/fosite"
. "github.com/ory/fosite/internal"
Expand Down
2 changes: 1 addition & 1 deletion client.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_authentication.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_authentication_jwks_strategy.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_authentication_jwks_strategy_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_authentication_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite_test
Expand Down
2 changes: 1 addition & 1 deletion client_manager.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_with_custom_token_lifespans.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
2 changes: 1 addition & 1 deletion client_with_custom_token_lifespans_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
// Copyright © 2024 Ory Corp
// Copyright © 2025 Ory Corp
// SPDX-License-Identifier: Apache-2.0

package fosite
Expand Down
Loading
Loading