trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

providers/proxy: use access token (#8022) 

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens L 2023-12-30 16:36:43 +01:00 committed by GitHub
parent 255f217c26
commit 1ea3dae5ac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
internal/outpost/proxyv2/application/oauth_callback.go
View File

@ -31,16 +31,11 @@ func (a *Application) redeemCallback(savedState string, u *url.URL, c context.Co
return nil, err return nil, err
} }
// Extract the ID Token from OAuth2 token. jwt := oauth2Token.AccessToken
rawIDToken, ok := oauth2Token.Extra("id_token").(string) a.log.WithField("jwt", jwt).Trace("access_token")
if !ok {
return nil, fmt.Errorf("missing id_token")
}
a.log.WithField("id_token", rawIDToken).Trace("id_token")
// Parse and verify ID Token payload. // Parse and verify ID Token payload.
idToken, err := a.tokenVerifier.Verify(ctx, rawIDToken) idToken, err := a.tokenVerifier.Verify(ctx, jwt)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -53,6 +48,6 @@ func (a *Application) redeemCallback(savedState string, u *url.URL, c context.Co
if claims.Proxy == nil { if claims.Proxy == nil {
claims.Proxy = &ProxyClaims{} claims.Proxy = &ProxyClaims{}
} }
claims.RawToken = rawIDToken claims.RawToken = jwt
return claims, nil return claims, nil
} }