From 6ffd913e28ecb91d762df9c62adb71754d43cbe8 Mon Sep 17 00:00:00 2001
From: beltram <beltram.maldant@gmail.com>
Date: Mon, 20 Nov 2023 11:33:08 +0100
Subject: [PATCH] feat: remove custom hardcoded OIDC challenge for Google

---
 acme/challenge.go | 13 ++-----------
 1 file changed, 2 insertions(+), 11 deletions(-)

diff --git a/acme/challenge.go b/acme/challenge.go
index 0c8e391e..560a8889 100644
--- a/acme/challenge.go
+++ b/acme/challenge.go
@@ -411,17 +411,8 @@ func wireOIDC01Validate(ctx context.Context, ch *Challenge, db DB, jwk *jose.JSO
 			"keyAuthorization does not match; expected %s, but got %s", expectedKeyAuth, wireChallengePayload.KeyAuth))
 	}
 
-	if claims.Issuer == "https://accounts.google.com" {
-		// for internal demo purpose only
-		var handle = fmt.Sprintf("im:wireapp=%s_wire", strings.ToLower(claims.GivenName))
-		var displayName = claims.Handle
-		if challengeValues.Name != displayName || challengeValues.Handle != handle {
-			return storeError(ctx, db, ch, false, NewError(ErrorRejectedIdentifierType, "OIDC claims don't match"))
-		}
-	} else {
-		if challengeValues.Name != claims.Name || challengeValues.Handle != claims.Handle {
-			return storeError(ctx, db, ch, false, NewError(ErrorRejectedIdentifierType, "OIDC claims don't match"))
-		}
+	if challengeValues.Name != claims.Name || challengeValues.Handle != claims.Handle {
+		return storeError(ctx, db, ch, false, NewError(ErrorRejectedIdentifierType, "OIDC claims don't match"))
 	}
 
 	// Update and store the challenge.