build(oidc): use authelia maintained library (#6821)

Replaces github.com/ory/fosite with authelia.com/providers.oauth2 which is a hard fork of the former and has several major improvements. Signed-off-by: James Elliott <james-d-elliott@users.noreply.github.com>
author: James Elliott <james-d-elliott@users.noreply.github.com> 2024-03-12 01:35:49 +1100
committer: GitHub <noreply@github.com> 2024-03-12 00:35:49 +1000
commit: 2b9281564070eac6aeafa35024f31e902c214c44 (patch)
tree: 8a7a5f0d0a715ca7ed5c70c67584c90e244ef9b4 /internal/handlers/handler_oauth_introspection.go
parent: d377bee62fef13db04e55d66e9b640f790463c32 (diff)
1 files changed, 11 insertions, 11 deletions
diff --git a/internal/handlers/handler_oauth_introspection.go b/internal/handlers/handler_oauth_introspection.go
index 67fa1fb83..8a623f4c6 100644
--- a/internal/handlers/handler_oauth_introspection.go
+++ b/internal/handlers/handler_oauth_introspection.go
@@ -6,9 +6,9 @@ import (
 	"net/url"
 	"time"
 
+	oauthelia2 "authelia.com/provider/oauth2"
+	"authelia.com/provider/oauth2/token/jwt"
 	"github.com/google/uuid"
-	"github.com/ory/fosite"
-	"github.com/ory/fosite/token/jwt"
 	"github.com/pkg/errors"
 	"github.com/valyala/fasthttp"
 
@@ -22,12 +22,12 @@ import (
 func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter, req *http.Request) {
 	var (
 		requestID uuid.UUID
-		responder fosite.IntrospectionResponder
+		responder oauthelia2.IntrospectionResponder
 		err       error
 	)
 
 	if requestID, err = uuid.NewRandom(); err != nil {
-		ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, fosite.ErrServerError)
+		ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, oauthelia2.ErrServerError)
 
 		return
 	}
@@ -46,7 +46,7 @@ func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
 
 	ctx.Logger.Tracef("Introspection Request with id '%s' yielded a %s (active: %t) requested at %s created with request id '%s' on client with id '%s'", requestID, responder.GetTokenUse(), responder.IsActive(), responder.GetAccessRequester().GetRequestedAt().String(), responder.GetAccessRequester().GetID(), responder.GetAccessRequester().GetClient().GetID())
 
-	aud, introspection := oidc.IntrospectionResponseToMap(responder)
+	aud, introspection := responder.ToMap()
 
 	var (
 		client oidc.Client
@@ -54,9 +54,9 @@ func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
 	)
 
 	if client, ok = responder.GetAccessRequester().GetClient().(oidc.Client); !ok {
-		ctx.Logger.Errorf("Introspection Request with id '%s' failed with error: %s", requestID, oidc.ErrorToDebugRFC6749Error(fosite.ErrInvalidClient.WithDebugf("The client does not implement the correct type as it's a '%T'", responder.GetAccessRequester().GetClient())))
+		ctx.Logger.Errorf("Introspection Request with id '%s' failed with error: %s", requestID, oidc.ErrorToDebugRFC6749Error(oauthelia2.ErrInvalidClient.WithDebugf("The client does not implement the correct type as it's a '%T'", responder.GetAccessRequester().GetClient())))
 
-		ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, fosite.ErrInvalidClient)
+		ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, oauthelia2.ErrInvalidClient)
 
 		return
 	}
@@ -80,7 +80,7 @@ func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
 		if issuer, err = ctx.IssuerURL(); err != nil {
 			ctx.Logger.WithError(err).Errorf("Error occurred determining issuer")
 
-			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(fosite.ErrServerError.WithHint("Failed to lookup required information to perform this request.").WithDebugf("The issuer could not be determined with error %+v.", err)))
+			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(oauthelia2.ErrServerError.WithHint("Failed to lookup required information to perform this request.").WithDebugf("The issuer could not be determined with error %+v.", err)))
 
 			return
 		}
@@ -88,7 +88,7 @@ func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
 		if jwk = ctx.Providers.OpenIDConnect.KeyManager.Get(ctx, client.GetIntrospectionSignedResponseKeyID(), alg); jwk == nil {
 			ctx.Logger.WithError(err).Errorf("Introspection Request with id '%s' failed to lookup key for key manager due to likely no support for the key algorithm", requestID)
 
-			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(fosite.ErrServerError.WithHint("Failed to lookup required information to perform this request.").WithDebugf("The JWK matching algorithm '%s' and key id '%s' could not be found.", alg, client.GetIntrospectionSignedResponseKeyID())))
+			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(oauthelia2.ErrServerError.WithHint("Failed to lookup required information to perform this request.").WithDebugf("The JWK matching algorithm '%s' and key id '%s' could not be found.", alg, client.GetIntrospectionSignedResponseKeyID())))
 
 			return
 		}
@@ -96,7 +96,7 @@ func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
 		if jti, err = uuid.NewRandom(); err != nil {
 			ctx.Logger.WithError(err).Errorf("Introspection Request with id '%s' failed to generate a JTI", requestID)
 
-			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(fosite.ErrServerError.WithHint("Failed to lookup required information to perform this request.").WithDebugf("The JTI could not be generated for the Introspection JWT response type with error %+v.", err)))
+			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(oauthelia2.ErrServerError.WithHint("Failed to lookup required information to perform this request.").WithDebugf("The JTI could not be generated for the Introspection JWT response type with error %+v.", err)))
 
 			return
 		}
@@ -122,7 +122,7 @@ func OAuthIntrospectionPOST(ctx *middlewares.AutheliaCtx, rw http.ResponseWriter
 		if token, _, err = jwk.Strategy().Generate(ctx, claims, headers); err != nil {
 			ctx.Logger.WithError(err).Errorf("Introspection Request with id '%s' failed to generate the Introspection JWT response", requestID)
 
-			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(fosite.ErrServerError.WithHint("Failed to generate the response.").WithDebugf("The Introspection JWT itself could not be generated with error %+v.", err)))
+			ctx.Providers.OpenIDConnect.WriteIntrospectionError(ctx, rw, errors.WithStack(oauthelia2.ErrServerError.WithHint("Failed to generate the response.").WithDebugf("The Introspection JWT itself could not be generated with error %+v.", err)))
 
 			return
 		}
author	James Elliott <james-d-elliott@users.noreply.github.com>	2024-03-12 01:35:49 +1100
committer	GitHub <noreply@github.com>	2024-03-12 00:35:49 +1000
commit	2b9281564070eac6aeafa35024f31e902c214c44 (patch)
tree	8a7a5f0d0a715ca7ed5c70c67584c90e244ef9b4 /internal/handlers/handler_oauth_introspection.go
parent	d377bee62fef13db04e55d66e9b640f790463c32 (diff)