Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Implement RFC 8628 #826

Merged
merged 36 commits into from
Feb 3, 2025
+4,893 −844
Merged

Implement RFC 8628 #826

Changes from 1 commit
Commits
Show all changes
36 commits
Select commit Hold shift + click to select a range
da9b16b
fix: fix tests
nsklikas Oct 15, 2024
a2f5611
fix: Use Requester param in WriteAccessError
nsklikas Feb 5, 2024
55b085d
fix: generalize validateAuthorizeAudience method
nsklikas Feb 6, 2024
27fc5e1
feat: add device flow base logic
nsklikas Feb 6, 2024
95c216d
fix: add handler for device authorization req
nsklikas Feb 6, 2024
9dc12f8
fix: add device flow handlers to compose
nsklikas Feb 6, 2024
d7b70dd
fix: update memory storage
nsklikas Feb 6, 2024
09a8abe
chore: update integration tests
nsklikas Feb 7, 2024
9618c06
fix: review comments
nsklikas Feb 9, 2024
282633a
feat: implement the access token handling for device authorization flow
wood-push-melon Mar 15, 2024
044f494
fix: passing the correct authorization request when validating if the…
wood-push-melon Mar 17, 2024
027ada7
feat: error handling for authorization pending in device flow
wood-push-melon Mar 18, 2024
88d7ee4
test: reorganize the testcases
wood-push-melon Mar 18, 2024
8ff61e7
chore: resolve comments
wood-push-melon Mar 19, 2024
f1a3568
fix: fix oauth2 core storage interface and device flow session type a…
wood-push-melon Mar 24, 2024
8a3cdd8
fix: implement rate limiting
nsklikas Mar 28, 2024
21d1726
fix: do not validate request when creating response
nsklikas Mar 28, 2024
cb518cc
fix: add the OIDC handler for device flow (#13)
wood-push-melon Apr 5, 2024
426d5ab
fix: fix the refresh token issue (#14)
wood-push-melon Apr 12, 2024
8951431
fix: use correct grant lifespan to issue tokens
nsklikas Apr 29, 2024
040eb7c
fix: handle the user code generation duplication
wood-push-melon Apr 29, 2024
bc45749
chore: migrate to uber/gomock
nsklikas Sep 12, 2024
57bd545
refactor: revert oauth handler changes
nsklikas Oct 16, 2024
4ae79b3
ci: use hydra from branch
nsklikas Oct 16, 2024
3d5c071
fix: remove rate limiting implementation
nsklikas Oct 16, 2024
54a1ff0
fix: make user code creation configurable
nsklikas Oct 16, 2024
4ca84a3
refactor: simplify handler and test logic
nsklikas Oct 17, 2024
675f6f0
refactor: merge user and device code storage
nsklikas Nov 12, 2024
f7ed555
refactor: enhance deviceRequest struct
nsklikas Nov 15, 2024
5db11b0
fix: do not create openid session on device auth request
nsklikas Nov 18, 2024
846cf99
test: check for id and refresh token
nsklikas Jan 7, 2025
8994571
chore: migrate to uber/gomock
nsklikas Jan 7, 2025
54071fe
fix: delete oidc session when used
nsklikas Jan 7, 2025
ae40a12
fix: remove rate limiting implementation
nsklikas Jan 7, 2025
1f15315
chore: update copyright date
nsklikas Jan 7, 2025
b77efc3
fix: write device_code expiration in session
nsklikas Jan 24, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Prev Previous commit
Next Next commit
fix: fix oauth2 core storage interface and device flow session type a… 
…ssertion
@wood-push-melon @nsklikas
wood-push-melon authored and nsklikas committed Jan 22, 2025
commit f1a3568fd31a9b6ee04faf230a449c59719f6d6a
2 changes: 1 addition & 1 deletion handler/oauth2/flow_authorize_code_token_test.go
View file
Original file line number Diff line number Diff line change
@@ -31,8 +31,8 @@ func TestAuthorizeCode_PopulateTokenEndpointResponse(t *testing.T) {
var h GenericCodeTokenEndpointHandler

testCases := []struct {
areq *fosite.AccessRequest
description string
areq *fosite.AccessRequest
setup func(t *testing.T, areq *fosite.AccessRequest, config *fosite.Config)
check func(t *testing.T, aresp *fosite.AccessResponse)
expectErr error
1 change: 1 addition & 0 deletions handler/oauth2/storage.go
View file
Original file line number Diff line number Diff line change
@@ -10,6 +10,7 @@ import (
)

type CoreStorage interface {
AuthorizeCodeStorage
AccessTokenStorage
RefreshTokenStorage
}
4 changes: 2 additions & 2 deletions handler/rfc8628/strategy_hmacsha.go
View file
Original file line number Diff line number Diff line change
@@ -22,8 +22,8 @@ import (

// DeviceFlowSession is a fosite.Session container specific for the device flow.
type DeviceFlowSession interface {
// BrowserFlowCompleted returns the flag indicating whether user has completed the browser flow or not.
BrowserFlowCompleted() bool
// GetBrowserFlowCompleted returns the flag indicating whether user has completed the browser flow or not.
GetBrowserFlowCompleted() bool

// SetBrowserFlowCompleted allows client to mark user has completed the browser flow.
SetBrowserFlowCompleted(flag bool)
2 changes: 1 addition & 1 deletion handler/rfc8628/token_handler.go
View file
Original file line number Diff line number Diff line change
@@ -67,7 +67,7 @@ func (s DeviceSessionHandler) Session(ctx context.Context, requester fosite.Acce
return nil, errorsx.WithStack(fosite.ErrServerError.WithWrap(err).WithDebug(err.Error()))
}

session, ok := req.GetSession().(*DefaultDeviceFlowSession)
session, ok := req.GetSession().(DeviceFlowSession)
if !ok {
return nil, fosite.ErrServerError.WithHint("Wrong authorization request session.")
}