From 32de8ed04a2446bb4e86f42cda591dc81d5247e8 Mon Sep 17 00:00:00 2001 From: Gani Georgiev Date: Sat, 29 Mar 2025 09:28:31 +0200 Subject: [PATCH 1/2] [#6657] allow OIDC email_verified to be int or boolean string --- CHANGELOG.md | 5 +++++ CHANGELOG_16_22.md | 5 +++++ tools/auth/oidc.go | 4 ++-- 3 files changed, 12 insertions(+), 2 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 3c678a0c..14e70171 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,3 +1,8 @@ +## v0.26.6 + +- Allow OIDC `email_verified` to be int or boolean string since some OIDC providers like AWS Cognito has non-standard userinfo response ([#6657](https://github.com/pocketbase/pocketbase/pull/6657)). + + ## v0.26.5 - Fixed canonical URI parts escaping when generating the S3 request signature ([#6654](https://github.com/pocketbase/pocketbase/issues/6654)). diff --git a/CHANGELOG_16_22.md b/CHANGELOG_16_22.md index 529e7d1b..1d591872 100644 --- a/CHANGELOG_16_22.md +++ b/CHANGELOG_16_22.md @@ -2,6 +2,11 @@ > For the most recent versions, please refer to [CHANGELOG.md](./CHANGELOG.md) --- +## v0.22.34 + +- (_Backported from v0.26.6_) Allow OIDC `email_verified` to be int or boolean string since some OIDC providers like AWS Cognito has non-standard userinfo response ([#6657](https://github.com/pocketbase/pocketbase/pull/6657)). + + ## v0.22.33 - (_Backported from v0.26.3_) Fixed and normalized logs error serialization across common types for more consistent logs error output ([#6631](https://github.com/pocketbase/pocketbase/issues/6631)). diff --git a/tools/auth/oidc.go b/tools/auth/oidc.go index ddef97b4..81529ad6 100644 --- a/tools/auth/oidc.go +++ b/tools/auth/oidc.go @@ -92,7 +92,7 @@ func (p *OIDC) FetchAuthUser(token *oauth2.Token) (*AuthUser, error) { Username string `json:"preferred_username"` Picture string `json:"picture"` Email string `json:"email"` - EmailVerified bool `json:"email_verified"` + EmailVerified any `json:"email_verified"` // see #6657 }{} if err := json.Unmarshal(data, &extracted); err != nil { return nil, err @@ -110,7 +110,7 @@ func (p *OIDC) FetchAuthUser(token *oauth2.Token) (*AuthUser, error) { user.Expiry, _ = types.ParseDateTime(token.Expiry) - if extracted.EmailVerified { + if cast.ToBool(extracted.EmailVerified) { user.Email = extracted.Email } From e29655aba90817ed39d182a6b0f8056cdb15b069 Mon Sep 17 00:00:00 2001 From: Gani Georgiev Date: Sat, 29 Mar 2025 09:44:55 +0200 Subject: [PATCH 2/2] bumped modernc.org/sqlite --- CHANGELOG.md | 2 ++ go.mod | 2 +- go.sum | 4 ++-- modernc_versions_check.go | 2 +- 4 files changed, 6 insertions(+), 4 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 14e70171..7c72041e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -2,6 +2,8 @@ - Allow OIDC `email_verified` to be int or boolean string since some OIDC providers like AWS Cognito has non-standard userinfo response ([#6657](https://github.com/pocketbase/pocketbase/pull/6657)). +- Updated `modernc.org/sqlite` to 1.36.3. + ## v0.26.5 diff --git a/go.mod b/go.mod index fb126bef..076fac91 100644 --- a/go.mod +++ b/go.mod @@ -21,7 +21,7 @@ require ( golang.org/x/net v0.37.0 golang.org/x/oauth2 v0.28.0 golang.org/x/sync v0.12.0 - modernc.org/sqlite v1.36.2 + modernc.org/sqlite v1.36.3 ) require ( diff --git a/go.sum b/go.sum index 9022eb3b..2fbe0528 100644 --- a/go.sum +++ b/go.sum @@ -130,8 +130,8 @@ modernc.org/opt v0.1.4 h1:2kNGMRiUjrp4LcaPuLY2PzUfqM/w9N23quVwhKt5Qm8= modernc.org/opt v0.1.4/go.mod h1:03fq9lsNfvkYSfxrfUhZCWPk1lm4cq4N+Bh//bEtgns= modernc.org/sortutil v1.2.1 h1:+xyoGf15mM3NMlPDnFqrteY07klSFxLElE2PVuWIJ7w= modernc.org/sortutil v1.2.1/go.mod h1:7ZI3a3REbai7gzCLcotuw9AC4VZVpYMjDzETGsSMqJE= -modernc.org/sqlite v1.36.2 h1:vjcSazuoFve9Wm0IVNHgmJECoOXLZM1KfMXbcX2axHA= -modernc.org/sqlite v1.36.2/go.mod h1:ADySlx7K4FdY5MaJcEv86hTJ0PjedAloTUuif0YS3ws= +modernc.org/sqlite v1.36.3 h1:qYMYlFR+rtLDUzuXoST1SDIdEPbX8xzuhdF90WsX1ss= +modernc.org/sqlite v1.36.3/go.mod h1:ADySlx7K4FdY5MaJcEv86hTJ0PjedAloTUuif0YS3ws= modernc.org/strutil v1.2.1 h1:UneZBkQA+DX2Rp35KcM69cSsNES9ly8mQWD71HKlOA0= modernc.org/strutil v1.2.1/go.mod h1:EHkiggD70koQxjVdSBM3JKM7k6L0FbGE5eymy9i3B9A= modernc.org/token v1.1.0 h1:Xl7Ap9dKaEs5kLoOQeQmPWevfnk/DM5qcLcYlA8ys6Y= diff --git a/modernc_versions_check.go b/modernc_versions_check.go index 1d11fbf8..33277ddf 100644 --- a/modernc_versions_check.go +++ b/modernc_versions_check.go @@ -10,7 +10,7 @@ import ( ) const ( - expectedDriverVersion = "v1.36.2" + expectedDriverVersion = "v1.36.3" expectedLibcVersion = "v1.61.13" // ModerncDepsCheckHookId is the id of the hook that performs the modernc.org/* deps checks.