Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

OIDC: validate id token #3531

Merged
merged 5 commits into from
Jul 3, 2023
Merged

OIDC: validate id token #3531

merged 5 commits into from
Jul 3, 2023

Conversation

kerryarchibald
Copy link
Contributor

@kerryarchibald kerryarchibald commented Jun 29, 2023
edited by github-actions bot
Loading

For element-hq/element-web#25657

3.1.1. Authorization Code Flow Steps

  1. Client prepares an Authentication Request containing the desired request parameters.
  2. Client sends the request to the Authorization Server.
  3. Authorization Server Authenticates the End-User.
  4. Authorization Server obtains End-User Consent/Authorization.
  5. Authorization Server sends the End-User back to the Client with an Authorization Code.
  6. Client requests a response using the Authorization Code at the Token Endpoint.
  7. Client receives a response that contains an ID Token and Access Token in the response body.
  8. Client validates the ID token and retrieves the End-User's Subject Identifier.

Checklist

  • Tests written for new code (and old code if feasible)
  • Linter and other CI checks pass
  • Sign-off given on the changes (see CONTRIBUTING.md)

Here's what your changelog entry will look like:

✨ Features

@github-actions github-actions bot requested a deployment to PR Documentation Preview June 29, 2023 04:34 In progress
@kerryarchibald kerryarchibald mentioned this pull request Jun 29, 2023
Closed
3 tasks
@kerryarchibald kerryarchibald marked this pull request as ready for review July 3, 2023 03:33
@kerryarchibald kerryarchibald requested review from a team as code owners July 3, 2023 03:33
@kerryarchibald kerryarchibald added this pull request to the merge queue Jul 3, 2023
Merged via the queue into develop with commit 09de76b Jul 3, 2023
21 checks passed
@kerryarchibald kerryarchibald deleted the kerry/25574/validate-id-token branch July 3, 2023 21:24
This was referenced Jul 7, 2023
Merged
Merged
su-ex added a commit to SchildiChat/matrix-js-sdk that referenced this pull request Feb 24, 2024
@su-ex
Merge tag 'v27.0.0' into sc
9bbc329 
* Drop support for Node 16 ([\matrix-org#3533](matrix-org#3533)).
* Improve types around login, registration, UIA and identity servers ([\matrix-org#3537](matrix-org#3537)).
* **The Browserify artifact is being deprecated, scheduled for removal in the October 10th release cycle. (matrix-org#3189)**
* Simplify `MatrixClient::setPowerLevel` API ([\matrix-org#3570](matrix-org#3570)). Fixes element-hq/element-web#13900 and matrix-org#1844.
* Deprecate `VerificationRequest.getQRCodeBytes` and replace it with the asynchronous `generateQRCode`. ([\matrix-org#3562](matrix-org#3562)).
* Deprecate `VerificationRequest.beginKeyVerification()` in favour of `VerificationRequest.startVerification()`. ([\matrix-org#3528](matrix-org#3528)).
* Deprecate `Crypto.VerificationRequest` application event, replacing it with `Crypto.VerificationRequestReceived`. ([\matrix-org#3514](matrix-org#3514)).
* Throw saner error when peeking has its room pulled out from under it ([\matrix-org#3577](matrix-org#3577)). Fixes element-hq/element-web#18679.
* OIDC: Log in ([\matrix-org#3554](matrix-org#3554)). Contributed by @kerryarchibald.
* Prevent threads code from making identical simultaneous API hits ([\matrix-org#3541](matrix-org#3541)). Fixes element-hq/element-web#25395.
* Update IUnsigned type to be extensible ([\matrix-org#3547](matrix-org#3547)).
* add stop() api to BackupManager for clean shutdown ([\matrix-org#3553](matrix-org#3553)).
* Log the message ID of any undecryptable to-device messages ([\matrix-org#3543](matrix-org#3543)).
* Ignore thread relations on state events for consistency with edits ([\matrix-org#3540](matrix-org#3540)).
* OIDC: validate id token ([\matrix-org#3531](matrix-org#3531)). Contributed by @kerryarchibald.
* Fix read receipt sending behaviour around thread roots ([\matrix-org#3600](matrix-org#3600)).
* Fix `TypedEventEmitter::removeAllListeners(void)` not working ([\matrix-org#3561](matrix-org#3561)).
* Don't allow Olm unwedging rate-limiting to race ([\matrix-org#3549](matrix-org#3549)). Fixes element-hq/element-web#25716.
* Fix an instance of failed to decrypt error when an in flight `/keys/query` fails. ([\matrix-org#3486](matrix-org#3486)).
* Use the right anchor emoji for SAS verification ([\matrix-org#3534](matrix-org#3534)).
* fix a bug which caused the wrong emoji to be shown during SAS device verification. ([\matrix-org#3523](matrix-org#3523)).
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@germain-gg germain-gg germain-gg approved these changes

@robintown robintown Awaiting requested review from robintown robintown is a code owner automatically assigned from matrix-org/element-web-reviewers

Assignees
No one assigned
Labels
T-Enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kerryarchibald @germain-gg