Skip to content

Commit

Permalink
feat: migrate to authorization_code grant_type (#1986)
Browse files Browse the repository at this point in the history 
* feat: migrate to authorization_code grant_type

* bump tweek-editor version
  • Loading branch information
@AleF83
AleF83 committed Oct 25, 2022
1 parent 0c4eaca commit 1e619cb
Show file tree
Hide file tree
Showing 11 changed files with 25 additions and 17 deletions.
6 changes: 4 additions & 2 deletions deployments/dev/docker-compose.e2e.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -46,7 +46,7 @@ services:
"ClientId": "tweek-openid-mock-client",
"Description": "Client for implicit flow",
"AllowedGrantTypes": [
"implicit"
"authorization_code"
],
"AllowAccessTokensViaBrowser": true,
"RedirectUris": [
Expand All @@ -59,7 +59,9 @@ services:
"email"
],
"IdentityTokenLifetime": 3600,
"AccessTokenLifetime": 3600
"AccessTokenLifetime": 3600,
"RequireClientSecret": false,
"RequirePkce": true
}
]
Expand Down
8 changes: 5 additions & 3 deletions deployments/dev/docker-compose.local-editor.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,9 +23,9 @@ services:
[
{
"ClientId": "tweek-openid-mock-client",
"Description": "Client for implicit flow",
"Description": "Tweek client",
"AllowedGrantTypes": [
"implicit"
"authorization_code"
],
"AllowAccessTokensViaBrowser": true,
"RedirectUris": [
Expand All @@ -38,7 +38,9 @@ services:
"email"
],
"IdentityTokenLifetime": 3600,
"AccessTokenLifetime": 3600
"AccessTokenLifetime": 3600,
"RequireClientSecret": false,
"RequirePkce": true
}
]
Expand Down
6 changes: 4 additions & 2 deletions deployments/dev/docker-compose.override.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ services:
"ClientId": "tweek-openid-mock-client",
"Description": "Tweek OIDC Mock",
"AllowedGrantTypes": [
"implicit"
"authorization_code"
],
"AllowAccessTokensViaBrowser": true,
"RedirectUris": [
Expand All @@ -136,7 +136,9 @@ services:
"email"
],
"IdentityTokenLifetime": 3600,
"AccessTokenLifetime": 3600
"AccessTokenLifetime": 3600,
"RequireClientSecret": false,
"RequirePkce": true
}
]
USERS_CONFIGURATION_INLINE: |
Expand Down
2 changes: 1 addition & 1 deletion deployments/dev/gateway/config/gateway.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,7 +18,7 @@
"login_type": "oidc",
"additional_info": {},
"scope": "openid profile email",
"response_type": "id_token"
"response_type": "code"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion deployments/dev/gateway/config/gateway.local.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -16,7 +16,7 @@
"login_info": {
"login_type": "oidc",
"scope": "openid profile email",
"response_type": "id_token"
"response_type": "code"
}
}
}
Expand Down
2 changes: 1 addition & 1 deletion deployments/dev/gateway/config/gateway.test.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@
"login_info": {
"login_type": "oidc",
"scope": "openid profile email",
"response_type": "id_token"
"response_type": "code"
}
}
},
Expand Down
6 changes: 4 additions & 2 deletions deployments/dev/tilt.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,7 +146,7 @@ services:
"ClientId": "tweek-openid-mock-client",
"Description": "Tweek OIDC Mock",
"AllowedGrantTypes": [
"implicit"
"authorization_code"
],
"AllowAccessTokensViaBrowser": true,
"RedirectUris": [
Expand All @@ -159,7 +159,9 @@ services:
"email"
],
"IdentityTokenLifetime": 3600,
"AccessTokenLifetime": 3600
"AccessTokenLifetime": 3600,
"RequireClientSecret": false,
"RequirePkce": true
}
]
USERS_CONFIGURATION_INLINE: |
Expand Down
2 changes: 1 addition & 1 deletion deployments/kubernetes/infra/gateway-config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,7 +23,7 @@ data:
"login_info": {
"login_type": "oidc",
"scope": "openid profile email",
"response_type": "id_token"
"response_type": "code"
}
}
},
Expand Down
2 changes: 1 addition & 1 deletion deployments/kubernetes/infra/oidc-server-mock.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ spec:
spec:
containers:
- name: oidc-mock
image: soluto/oidc-server-mock
image: soluto/oidc-server-mock:0.1.0
env:
- name: ASPNETCORE_ENVIRONMENT
value: Development
Expand Down
2 changes: 1 addition & 1 deletion services/editor/package.json
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
{
"name": "tweek-editor",
"version": "1.0.0-rc27",
"version": "1.0.0-rc28",
"main": "dist/index.js",
"repository": "Soluto/tweek",
"author": "Soluto",
Expand Down
4 changes: 2 additions & 2 deletions services/editor/src/services/auth/clients/oidc-auth-client.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,8 +3,8 @@ import { AuthProvider } from 'tweek-client';
import { BaseAuthClient, isTokenValid, RedirectState } from './base-auth-client';
import storage from './storage';

const basicOidcConfig = {
response_type: 'token id_token',
const basicOidcConfig: Oidc.UserManagerSettings = {
response_type: 'code',
filterProtocolClaims: true,
loadUserInfo: true,
automaticSilentRenew: true,
Expand Down

0 comments on commit 1e619cb

Please sign in to comment.