starred/pocket-id
1
0
Fork 0
mirror of https://github.com/pocket-id/pocket-id.git synced 2025-12-06 09:13:19 +03:00
Code Issues 121 Packages Projects Releases 16 Wiki Activity

[PR #991] fix: lookup federated client configurations when using RFC 7523 assertions #512

New Issue
Open
opened 2025-10-07 00:17:44 +03:00 by OVERLORD · 0 comments
OVERLORD commented 2025-10-07 00:17:44 +03:00
Owner
Copy Link

📋 Pull Request Information

Original PR: https://github.com/pocket-id/pocket-id/pull/991
Author: @michaelbeaumont
Created: 9/30/2025
Status: 🔄 Open

Base: mainHead: fix/fwt-bearer

📝 Commits (2)

  • 7329968 test: add cases
  • 8b1f96b fix: properly lookup clients when using RFC 7523 assertions

📊 Changes

2 files changed (+109 additions, -19 deletions)

View changed files

📝 backend/internal/service/oidc_service.go (+55 -19)
📝 backend/internal/service/oidc_service_test.go (+54 -0)

📄 Description

See #902. This is more a proposal for one way to solve the problem. In particular, it solves the case where the clientID is left out of the request, since it's optional in the RFC. Unfortunately we don't have a uniqueness constraint on the federatedIdentities across client configurations so we just take the first match.

I was unable to figure out how to write the JSON SQL logic using gorm...

🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.

## 📋 Pull Request Information **Original PR:** https://github.com/pocket-id/pocket-id/pull/991 **Author:** [@michaelbeaumont](https://github.com/michaelbeaumont) **Created:** 9/30/2025 **Status:** 🔄 Open **Base:** `main` ← **Head:** `fix/fwt-bearer` --- ### 📝 Commits (2) - [`7329968`](https://github.com/pocket-id/pocket-id/commit/73299680c3de8ad7818c4d1f6e301b4a6bd33d3b) test: add cases - [`8b1f96b`](https://github.com/pocket-id/pocket-id/commit/8b1f96b42bc8607cc493711f2833650022232742) fix: properly lookup clients when using RFC 7523 assertions ### 📊 Changes **2 files changed** (+109 additions, -19 deletions) <details> <summary>View changed files</summary> 📝 `backend/internal/service/oidc_service.go` (+55 -19) 📝 `backend/internal/service/oidc_service_test.go` (+54 -0) </details> ### 📄 Description See #902. This is more a proposal for one way to solve the problem. In particular, it solves the case where the clientID is left out of the request, since it's optional in the RFC. Unfortunately we don't have a uniqueness constraint on the federatedIdentities across client configurations so we just take the first match. I was unable to figure out how to write the JSON SQL logic using `gorm`... --- <sub>🔄 This issue represents a GitHub Pull Request. It cannot be merged through Gitea due to API limitations.</sub>
OVERLORD added the pull-request label 2025-10-07 00:17:44 +03:00
Sign in to join this conversation.
No Branch/Tag Specified
Branches Tags
Labels
Clear labels
breaking
bug
documentation
feature
needs more upvotes
open to pull requests
pull-request
Mirrored from GitHub Pull Request
No Label pull-request
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
OVERLORD
No Assignees
1 Participants
Notifications
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: starred/pocket-id#512
Delete Branch "%!s()"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?