2021-01-04 13:52:13 +00:00
|
|
|
package idpconfig
|
|
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"encoding/json"
|
2022-01-03 08:19:07 +00:00
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
2021-01-20 10:06:52 +00:00
|
|
|
|
2022-04-26 23:01:45 +00:00
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/errors"
|
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore/repository"
|
2021-01-04 13:52:13 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
2021-09-14 13:15:01 +00:00
|
|
|
OIDCConfigAddedEventType eventstore.EventType = "oidc.config.added"
|
|
|
|
|
OIDCConfigChangedEventType eventstore.EventType = "oidc.config.changed"
|
2021-01-04 13:52:13 +00:00
|
|
|
)
|
|
|
|
|
|
|
|
|
|
type OIDCConfigAddedEvent struct {
|
2021-02-23 14:13:04 +00:00
|
|
|
eventstore.BaseEvent `json:"-"`
|
2021-01-04 13:52:13 +00:00
|
|
|
|
2021-07-06 14:39:48 +00:00
|
|
|
IDPConfigID string `json:"idpConfigId"`
|
|
|
|
|
ClientID string `json:"clientId,omitempty"`
|
|
|
|
|
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
|
|
|
|
|
Issuer string `json:"issuer,omitempty"`
|
|
|
|
|
AuthorizationEndpoint string `json:"authorizationEndpoint,omitempty"`
|
|
|
|
|
TokenEndpoint string `json:"tokenEndpoint,omitempty"`
|
|
|
|
|
Scopes []string `json:"scopes,omitempty"`
|
2021-01-04 13:52:13 +00:00
|
|
|
|
|
|
|
|
IDPDisplayNameMapping domain.OIDCMappingField `json:"idpDisplayNameMapping,omitempty"`
|
|
|
|
|
UserNameMapping domain.OIDCMappingField `json:"usernameMapping,omitempty"`
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (e *OIDCConfigAddedEvent) Data() interface{} {
|
|
|
|
|
return e
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-21 09:49:38 +00:00
|
|
|
func (e *OIDCConfigAddedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-04 13:52:13 +00:00
|
|
|
func NewOIDCConfigAddedEvent(
|
|
|
|
|
base *eventstore.BaseEvent,
|
|
|
|
|
clientID,
|
|
|
|
|
idpConfigID,
|
2021-07-06 14:39:48 +00:00
|
|
|
issuer,
|
|
|
|
|
authorizationEndpoint,
|
|
|
|
|
tokenEndpoint string,
|
2021-01-04 13:52:13 +00:00
|
|
|
clientSecret *crypto.CryptoValue,
|
|
|
|
|
idpDisplayNameMapping,
|
|
|
|
|
userNameMapping domain.OIDCMappingField,
|
|
|
|
|
scopes ...string,
|
|
|
|
|
) *OIDCConfigAddedEvent {
|
|
|
|
|
|
|
|
|
|
return &OIDCConfigAddedEvent{
|
|
|
|
|
BaseEvent: *base,
|
|
|
|
|
IDPConfigID: idpConfigID,
|
|
|
|
|
ClientID: clientID,
|
|
|
|
|
ClientSecret: clientSecret,
|
|
|
|
|
Issuer: issuer,
|
2021-07-06 14:39:48 +00:00
|
|
|
AuthorizationEndpoint: authorizationEndpoint,
|
|
|
|
|
TokenEndpoint: tokenEndpoint,
|
2021-01-04 13:52:13 +00:00
|
|
|
Scopes: scopes,
|
|
|
|
|
IDPDisplayNameMapping: idpDisplayNameMapping,
|
|
|
|
|
UserNameMapping: userNameMapping,
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-03 08:19:07 +00:00
|
|
|
func OIDCConfigAddedEventMapper(event *repository.Event) (eventstore.Event, error) {
|
2021-01-04 13:52:13 +00:00
|
|
|
e := &OIDCConfigAddedEvent{
|
|
|
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err := json.Unmarshal(event.Data, e)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.ThrowInternal(err, "OIDC-plaBZ", "unable to unmarshal event")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return e, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type OIDCConfigChangedEvent struct {
|
|
|
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
|
|
|
|
|
|
IDPConfigID string `json:"idpConfigId"`
|
|
|
|
|
|
2021-07-06 14:39:48 +00:00
|
|
|
ClientID *string `json:"clientId,omitempty"`
|
|
|
|
|
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
|
|
|
|
|
Issuer *string `json:"issuer,omitempty"`
|
|
|
|
|
AuthorizationEndpoint *string `json:"authorizationEndpoint,omitempty"`
|
|
|
|
|
TokenEndpoint *string `json:"tokenEndpoint,omitempty"`
|
|
|
|
|
Scopes []string `json:"scopes,omitempty"`
|
2021-01-04 13:52:13 +00:00
|
|
|
|
2021-01-20 10:06:52 +00:00
|
|
|
IDPDisplayNameMapping *domain.OIDCMappingField `json:"idpDisplayNameMapping,omitempty"`
|
|
|
|
|
UserNameMapping *domain.OIDCMappingField `json:"usernameMapping,omitempty"`
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func (e *OIDCConfigChangedEvent) Data() interface{} {
|
|
|
|
|
return e
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-21 09:49:38 +00:00
|
|
|
func (e *OIDCConfigChangedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
|
|
|
return nil
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-04 13:52:13 +00:00
|
|
|
func NewOIDCConfigChangedEvent(
|
|
|
|
|
base *eventstore.BaseEvent,
|
2021-01-20 10:06:52 +00:00
|
|
|
idpConfigID string,
|
|
|
|
|
changes []OIDCConfigChanges,
|
|
|
|
|
) (*OIDCConfigChangedEvent, error) {
|
|
|
|
|
if len(changes) == 0 {
|
|
|
|
|
return nil, errors.ThrowPreconditionFailed(nil, "IDPCONFIG-ADzr5", "Errors.NoChangesFound")
|
|
|
|
|
}
|
|
|
|
|
changeEvent := &OIDCConfigChangedEvent{
|
|
|
|
|
BaseEvent: *base,
|
|
|
|
|
IDPConfigID: idpConfigID,
|
|
|
|
|
}
|
|
|
|
|
for _, change := range changes {
|
|
|
|
|
change(changeEvent)
|
|
|
|
|
}
|
|
|
|
|
return changeEvent, nil
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
type OIDCConfigChanges func(*OIDCConfigChangedEvent)
|
|
|
|
|
|
|
|
|
|
func ChangeClientID(clientID string) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.ClientID = &clientID
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ChangeClientSecret(secret *crypto.CryptoValue) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.ClientSecret = secret
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ChangeIssuer(issuer string) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.Issuer = &issuer
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-07-06 14:39:48 +00:00
|
|
|
func ChangeAuthorizationEndpoint(authorizationEndpoint string) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.AuthorizationEndpoint = &authorizationEndpoint
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ChangeTokenEndpoint(tokenEndpoint string) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.TokenEndpoint = &tokenEndpoint
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2021-01-20 10:06:52 +00:00
|
|
|
func ChangeIDPDisplayNameMapping(idpDisplayNameMapping domain.OIDCMappingField) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.IDPDisplayNameMapping = &idpDisplayNameMapping
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ChangeUserNameMapping(userNameMapping domain.OIDCMappingField) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.UserNameMapping = &userNameMapping
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func ChangeScopes(scopes []string) func(*OIDCConfigChangedEvent) {
|
|
|
|
|
return func(e *OIDCConfigChangedEvent) {
|
|
|
|
|
e.Scopes = scopes
|
2021-01-04 13:52:13 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-03 08:19:07 +00:00
|
|
|
func OIDCConfigChangedEventMapper(event *repository.Event) (eventstore.Event, error) {
|
2021-01-04 13:52:13 +00:00
|
|
|
e := &OIDCConfigChangedEvent{
|
|
|
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
err := json.Unmarshal(event.Data, e)
|
|
|
|
|
if err != nil {
|
|
|
|
|
return nil, errors.ThrowInternal(err, "OIDC-plaBZ", "unable to unmarshal event")
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return e, nil
|
|
|
|
|
}
|
