2021-02-08 11:30:30 +01:00
|
|
|
package domain
|
|
|
|
|
|
|
|
const (
|
|
|
|
OrgDomainPrimaryScope = "urn:zitadel:iam:org:domain:primary:"
|
2022-09-23 14:08:10 +02:00
|
|
|
OrgIDScope = "urn:zitadel:iam:org:id:"
|
2024-06-14 10:00:43 +02:00
|
|
|
OrgRoleIDScope = "urn:zitadel:iam:org:roles:id:"
|
2021-02-08 11:30:30 +01:00
|
|
|
OrgDomainPrimaryClaim = "urn:zitadel:iam:org:domain:primary"
|
2022-09-23 14:08:10 +02:00
|
|
|
OrgIDClaim = "urn:zitadel:iam:org:id"
|
2021-02-08 11:30:30 +01:00
|
|
|
ProjectIDScope = "urn:zitadel:iam:org:project:id:"
|
2022-08-09 09:45:59 +02:00
|
|
|
ProjectIDScopeZITADEL = "zitadel"
|
2021-02-08 11:30:30 +01:00
|
|
|
AudSuffix = ":aud"
|
2022-03-31 11:36:26 +02:00
|
|
|
SelectIDPScope = "urn:zitadel:iam:org:idp:id:"
|
2021-02-08 11:30:30 +01:00
|
|
|
)
|
|
|
|
|
2022-10-20 13:36:52 +01:00
|
|
|
// TODO: Change AuthRequest to interface and let oidcauthreqesut implement it
|
2021-02-08 11:30:30 +01:00
|
|
|
type Request interface {
|
|
|
|
Type() AuthRequestType
|
|
|
|
IsValid() bool
|
|
|
|
}
|
|
|
|
|
|
|
|
type AuthRequestType int32
|
|
|
|
|
|
|
|
const (
|
|
|
|
AuthRequestTypeOIDC AuthRequestType = iota
|
|
|
|
AuthRequestTypeSAML
|
2023-04-19 11:46:02 +03:00
|
|
|
AuthRequestTypeDevice
|
2021-02-08 11:30:30 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
type AuthRequestOIDC struct {
|
|
|
|
Scopes []string
|
|
|
|
ResponseType OIDCResponseType
|
2024-06-17 12:50:12 +03:00
|
|
|
ResponseMode OIDCResponseMode
|
2021-02-08 11:30:30 +01:00
|
|
|
Nonce string
|
|
|
|
CodeChallenge *OIDCCodeChallenge
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AuthRequestOIDC) Type() AuthRequestType {
|
|
|
|
return AuthRequestTypeOIDC
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AuthRequestOIDC) IsValid() bool {
|
|
|
|
return len(a.Scopes) > 0 &&
|
|
|
|
a.CodeChallenge == nil || a.CodeChallenge != nil && a.CodeChallenge.IsValid()
|
|
|
|
}
|
|
|
|
|
|
|
|
type AuthRequestSAML struct {
|
2022-09-12 17:18:08 +01:00
|
|
|
ID string
|
|
|
|
BindingType string
|
|
|
|
Code string
|
|
|
|
Issuer string
|
|
|
|
IssuerName string
|
|
|
|
Destination string
|
2021-02-08 11:30:30 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AuthRequestSAML) Type() AuthRequestType {
|
|
|
|
return AuthRequestTypeSAML
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AuthRequestSAML) IsValid() bool {
|
|
|
|
return true
|
|
|
|
}
|
2023-04-19 11:46:02 +03:00
|
|
|
|
|
|
|
type AuthRequestDevice struct {
|
2023-12-20 14:21:08 +02:00
|
|
|
ClientID string
|
2023-04-19 11:46:02 +03:00
|
|
|
DeviceCode string
|
|
|
|
UserCode string
|
|
|
|
Scopes []string
|
2024-04-03 09:06:21 +03:00
|
|
|
Audience []string
|
2023-04-19 11:46:02 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
func (*AuthRequestDevice) Type() AuthRequestType {
|
|
|
|
return AuthRequestTypeDevice
|
|
|
|
}
|
|
|
|
|
|
|
|
func (a *AuthRequestDevice) IsValid() bool {
|
2023-12-20 14:21:08 +02:00
|
|
|
return a.DeviceCode != "" && a.UserCode != ""
|
2023-04-19 11:46:02 +03:00
|
|
|
}
|