fix: use idToken for mapping when using old configs (#5458)

* fix: use idToken for mapping when using old configs * fix events and add tests
2025-08-12 01:37:31 +00:00 · 2023-03-16 16:47:22 +01:00
parent a8a2edadc2
commit 1896f13952
24 changed files with 1371 additions and 331 deletions
--- a/internal/query/projection/idp_template.go
+++ b/internal/query/projection/idp_template.go
@@ -17,7 +17,7 @@ import (
 )

 const (
-	IDPTemplateTable                 = "projections.idp_templates3"
+	IDPTemplateTable                 = "projections.idp_templates4"
 	IDPTemplateOAuthTable            = IDPTemplateTable + "_" + IDPTemplateOAuthSuffix
 	IDPTemplateOIDCTable             = IDPTemplateTable + "_" + IDPTemplateOIDCSuffix
 	IDPTemplateJWTTable              = IDPTemplateTable + "_" + IDPTemplateJWTSuffix
@@ -66,12 +66,13 @@ const (
 	OAuthScopesCol                = "scopes"
 	OAuthIDAttributeCol           = "id_attribute"

-	OIDCIDCol           = "idp_id"
-	OIDCInstanceIDCol   = "instance_id"
-	OIDCIssuerCol       = "issuer"
-	OIDCClientIDCol     = "client_id"
-	OIDCClientSecretCol = "client_secret"
-	OIDCScopesCol       = "scopes"
+	OIDCIDCol             = "idp_id"
+	OIDCInstanceIDCol     = "instance_id"
+	OIDCIssuerCol         = "issuer"
+	OIDCClientIDCol       = "client_id"
+	OIDCClientSecretCol   = "client_secret"
+	OIDCScopesCol         = "scopes"
+	OIDCIDTokenMappingCol = "id_token_mapping"

 	JWTIDCol           = "idp_id"
 	JWTInstanceIDCol   = "instance_id"
@@ -199,6 +200,7 @@ func newIDPTemplateProjection(ctx context.Context, config crdb.StatementHandlerC
 			crdb.NewColumn(OIDCClientIDCol, crdb.ColumnTypeText),
 			crdb.NewColumn(OIDCClientSecretCol, crdb.ColumnTypeJSONB),
 			crdb.NewColumn(OIDCScopesCol, crdb.ColumnTypeTextArray, crdb.Nullable()),
+			crdb.NewColumn(OIDCIDTokenMappingCol, crdb.ColumnTypeBool, crdb.Default(false)),
 		},
 			crdb.NewPrimaryKey(OIDCInstanceIDCol, OIDCIDCol),
 			IDPTemplateOIDCSuffix,
@@ -695,6 +697,7 @@ func (p *idpTemplateProjection) reduceOIDCIDPAdded(event eventstore.Event) (*han
 				handler.NewCol(OIDCClientIDCol, idpEvent.ClientID),
 				handler.NewCol(OIDCClientSecretCol, idpEvent.ClientSecret),
 				handler.NewCol(OIDCScopesCol, database.StringArray(idpEvent.Scopes)),
+				handler.NewCol(OIDCIDTokenMappingCol, idpEvent.IsIDTokenMapping),
 			},
 			crdb.WithTableSuffix(IDPTemplateOIDCSuffix),
 		),
@@ -931,6 +934,7 @@ func (p *idpTemplateProjection) reduceOldOIDCConfigAdded(event eventstore.Event)
 				handler.NewCol(OIDCClientIDCol, idpEvent.ClientID),
 				handler.NewCol(OIDCClientSecretCol, idpEvent.ClientSecret),
 				handler.NewCol(OIDCScopesCol, database.StringArray(idpEvent.Scopes)),
+				handler.NewCol(OIDCIDTokenMappingCol, true),
 			},
 			crdb.WithTableSuffix(IDPTemplateOIDCSuffix),
 		),
@@ -1831,6 +1835,9 @@ func reduceOIDCIDPChangedColumns(idpEvent idp.OIDCIDPChangedEvent) []handler.Col
 	if idpEvent.Scopes != nil {
 		oidcCols = append(oidcCols, handler.NewCol(OIDCScopesCol, database.StringArray(idpEvent.Scopes)))
 	}
+	if idpEvent.IsIDTokenMapping != nil {
+		oidcCols = append(oidcCols, handler.NewCol(OIDCIDTokenMappingCol, *idpEvent.IsIDTokenMapping))
+	}
 	return oidcCols
 }