feat: Fix RefreshTokens
for other OPs when using GoogleOp
(upgrades go to 1.21)
#201
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR upgrades the
zitadel/oidc/v3
dependency to the latest versionv3.23.2
which has my PRs merged that fix refresh when the OP is Okta (zitadel/oidc#599) and when the OP is Microsoft (zitadel/oidc#594).The fix for Okta requires no changes except for upgrading the zitadel dependency. The fix for Microsoft requires the inclusion of
rp.WithNonce(nil)
to disable the nonce check when verifying the refreshedid_token
(now possible due to upgrading).Also, I had to upgrade us to
go1.21
becausezitadel
's minimum version is that as well.Tested refresh manually for Google, Microsoft, and Okta using
GoogleOp
.go.mod
file instead of hardcoding versionTests