From 790e4dcc502a9636fdf86a0d60ebe1f92e42c951 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Jagoba=20Gasc=C3=B3n?= Date: Wed, 14 Feb 2024 16:09:53 +0100 Subject: [PATCH] feat: add access token strategy parameter to cli fixes #3717 --- cmd/cmd_create_client.go | 1 + cmd/cmd_helper_client.go | 2 ++ 2 files changed, 3 insertions(+) diff --git a/cmd/cmd_create_client.go b/cmd/cmd_create_client.go index 629ef495a2e..462c194c206 100644 --- a/cmd/cmd_create_client.go +++ b/cmd/cmd_create_client.go @@ -17,6 +17,7 @@ import ( ) const ( + flagClientAccessTokenStrategy = "access-token-strategy" flagClientAllowedCORSOrigin = "allowed-cors-origin" flagClientAudience = "audience" flagClientBackchannelLogoutCallback = "backchannel-logout-callback" diff --git a/cmd/cmd_helper_client.go b/cmd/cmd_helper_client.go index f35af499cce..2f9cd72b048 100644 --- a/cmd/cmd_helper_client.go +++ b/cmd/cmd_helper_client.go @@ -18,6 +18,7 @@ import ( func clientFromFlags(cmd *cobra.Command) hydra.OAuth2Client { return hydra.OAuth2Client{ + AccessTokenStrategy: pointerx.String(flagx.MustGetString(cmd, flagClientAccessTokenStrategy)), AllowedCorsOrigins: flagx.MustGetStringSlice(cmd, flagClientAllowedCORSOrigin), Audience: flagx.MustGetStringSlice(cmd, flagClientAudience), BackchannelLogoutSessionRequired: pointerx.Bool(flagx.MustGetBool(cmd, flagClientBackChannelLogoutSessionRequired)), @@ -81,6 +82,7 @@ func registerClientFlags(flags *pflag.FlagSet) { flags.StringSlice(flagClientPostLogoutCallback, []string{}, "List of allowed URLs to be redirected to after a logout.") flags.Bool(flagClientSkipConsent, false, "Boolean flag specifying whether to skip the consent screen for this client. If omitted, the default value is false.") flags.Bool(flagClientLogoutSkipConsent, false, "Boolean flag specifying whether to skip the logout consent screen for this client. If omitted, the default value is false.") + flags.String(flagClientAccessTokenStrategy, "opaque", "The strategy used to generate access tokens. Valid options are `opaque` and `jwt`. If omitted, the default value is `opaque`.") // back-channel logout options flags.Bool(flagClientBackChannelLogoutSessionRequired, false, "Boolean flag specifying whether the client requires that a sid (session ID) Claim be included in the Logout Token to identify the client session with the OP when the backchannel-logout-callback is used. If omitted, the default value is false.")