fix: use idToken for mapping when using old configs (#5458)

* fix: use idToken for mapping when using old configs * fix events and add tests
2025-08-11 19:17:32 +00:00 · 2023-03-16 16:47:22 +01:00
parent a8a2edadc2
commit 1896f13952
24 changed files with 1371 additions and 331 deletions
--- a/internal/repository/idp/oidc.go
+++ b/internal/repository/idp/oidc.go
@@ -12,12 +12,13 @@ import (
 type OIDCIDPAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

-	ID           string              `json:"id"`
-	Name         string              `json:"name"`
-	Issuer       string              `json:"issuer"`
-	ClientID     string              `json:"clientId"`
-	ClientSecret *crypto.CryptoValue `json:"clientSecret"`
-	Scopes       []string            `json:"scopes,omitempty"`
+	ID               string              `json:"id"`
+	Name             string              `json:"name"`
+	Issuer           string              `json:"issuer"`
+	ClientID         string              `json:"clientId"`
+	ClientSecret     *crypto.CryptoValue `json:"clientSecret"`
+	Scopes           []string            `json:"scopes,omitempty"`
+	IsIDTokenMapping bool                `json:"idTokenMapping,omitempty"`
 	Options
 }

@@ -29,17 +30,19 @@ func NewOIDCIDPAddedEvent(
 	clientID string,
 	clientSecret *crypto.CryptoValue,
 	scopes []string,
+	isIDTokenMapping bool,
 	options Options,
 ) *OIDCIDPAddedEvent {
 	return &OIDCIDPAddedEvent{
-		BaseEvent:    *base,
-		ID:           id,
-		Name:         name,
-		Issuer:       issuer,
-		ClientID:     clientID,
-		ClientSecret: clientSecret,
-		Scopes:       scopes,
-		Options:      options,
+		BaseEvent:        *base,
+		ID:               id,
+		Name:             name,
+		Issuer:           issuer,
+		ClientID:         clientID,
+		ClientSecret:     clientSecret,
+		Scopes:           scopes,
+		IsIDTokenMapping: isIDTokenMapping,
+		Options:          options,
 	}
 }

@@ -67,12 +70,13 @@ func OIDCIDPAddedEventMapper(event *repository.Event) (eventstore.Event, error)
 type OIDCIDPChangedEvent struct {
 	eventstore.BaseEvent `json:"-"`

-	ID           string              `json:"id"`
-	Name         *string             `json:"name,omitempty"`
-	Issuer       *string             `json:"issuer,omitempty"`
-	ClientID     *string             `json:"clientId,omitempty"`
-	ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
-	Scopes       []string            `json:"scopes,omitempty"`
+	ID               string              `json:"id"`
+	Name             *string             `json:"name,omitempty"`
+	Issuer           *string             `json:"issuer,omitempty"`
+	ClientID         *string             `json:"clientId,omitempty"`
+	ClientSecret     *crypto.CryptoValue `json:"clientSecret,omitempty"`
+	Scopes           []string            `json:"scopes,omitempty"`
+	IsIDTokenMapping *bool               `json:"idTokenMapping,omitempty"`
 	OptionChanges
 }

@@ -132,6 +136,12 @@ func ChangeOIDCScopes(scopes []string) func(*OIDCIDPChangedEvent) {
 	}
 }

+func ChangeOIDCIsIDTokenMapping(idTokenMapping bool) func(*OIDCIDPChangedEvent) {
+	return func(e *OIDCIDPChangedEvent) {
+		e.IsIDTokenMapping = &idTokenMapping
+	}
+}
+
 func (e *OIDCIDPChangedEvent) Data() interface{} {
 	return e
 }
--- a/internal/repository/instance/idp.go
+++ b/internal/repository/instance/idp.go
@@ -130,6 +130,7 @@ func NewOIDCIDPAddedEvent(
 	clientID string,
 	clientSecret *crypto.CryptoValue,
 	scopes []string,
+	isIDTokenMapping bool,
 	options idp.Options,
 ) *OIDCIDPAddedEvent {

@@ -146,6 +147,7 @@ func NewOIDCIDPAddedEvent(
 			clientID,
 			clientSecret,
 			scopes,
+			isIDTokenMapping,
 			options,
 		),
 	}
--- a/internal/repository/org/idp.go
+++ b/internal/repository/org/idp.go
@@ -130,6 +130,7 @@ func NewOIDCIDPAddedEvent(
 	clientID string,
 	clientSecret *crypto.CryptoValue,
 	scopes []string,
+	isIDTokenMapping bool,
 	options idp.Options,
 ) *OIDCIDPAddedEvent {

@@ -146,6 +147,7 @@ func NewOIDCIDPAddedEvent(
 			clientID,
 			clientSecret,
 			scopes,
+			isIDTokenMapping,
 			options,
 		),
 	}