fix: use of generic oauth provider (#5345)

Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2025-08-11 21:27:42 +00:00 · 2023-03-03 11:38:49 +01:00
parent cfe00ef0d0
commit 2efa305e10
28 changed files with 456 additions and 98 deletions
--- a/internal/repository/idp/oauth.go
+++ b/internal/repository/idp/oauth.go
@@ -20,6 +20,7 @@ type OAuthIDPAddedEvent struct {
 	TokenEndpoint         string              `json:"tokenEndpoint,omitempty"`
 	UserEndpoint          string              `json:"userEndpoint,omitempty"`
 	Scopes                []string            `json:"scopes,omitempty"`
+	IDAttribute           string              `json:"idAttribute,omitempty"`
 	Options
 }

@@ -31,7 +32,8 @@ func NewOAuthIDPAddedEvent(
 	clientSecret *crypto.CryptoValue,
 	authorizationEndpoint,
 	tokenEndpoint,
-	userEndpoint string,
+	userEndpoint,
+	idAttribute string,
 	scopes []string,
 	options Options,
 ) *OAuthIDPAddedEvent {
@@ -45,6 +47,7 @@ func NewOAuthIDPAddedEvent(
 		TokenEndpoint:         tokenEndpoint,
 		UserEndpoint:          userEndpoint,
 		Scopes:                scopes,
+		IDAttribute:           idAttribute,
 		Options:               options,
 	}
 }
@@ -81,6 +84,7 @@ type OAuthIDPChangedEvent struct {
 	TokenEndpoint         *string             `json:"tokenEndpoint,omitempty"`
 	UserEndpoint          *string             `json:"userEndpoint,omitempty"`
 	Scopes                []string            `json:"scopes,omitempty"`
+	IDAttribute           *string             `json:"idAttribute,omitempty"`
 	OptionChanges
 }

@@ -151,6 +155,12 @@ func ChangeOAuthScopes(scopes []string) func(*OAuthIDPChangedEvent) {
 	}
 }

+func ChangeOAuthIDAttribute(idAttribute string) func(*OAuthIDPChangedEvent) {
+	return func(e *OAuthIDPChangedEvent) {
+		e.IDAttribute = &idAttribute
+	}
+}
+
 func (e *OAuthIDPChangedEvent) Data() interface{} {
 	return e
 }
--- a/internal/repository/instance/idp.go
+++ b/internal/repository/instance/idp.go
@@ -36,7 +36,8 @@ func NewOAuthIDPAddedEvent(
 	clientSecret *crypto.CryptoValue,
 	authorizationEndpoint,
 	tokenEndpoint,
-	userEndpoint string,
+	userEndpoint,
+	idAttribute string,
 	scopes []string,
 	options idp.Options,
 ) *OAuthIDPAddedEvent {
@@ -55,6 +56,7 @@ func NewOAuthIDPAddedEvent(
 			authorizationEndpoint,
 			tokenEndpoint,
 			userEndpoint,
+			idAttribute,
 			scopes,
 			options,
 		),
--- a/internal/repository/org/idp.go
+++ b/internal/repository/org/idp.go
@@ -36,7 +36,8 @@ func NewOAuthIDPAddedEvent(
 	clientSecret *crypto.CryptoValue,
 	authorizationEndpoint,
 	tokenEndpoint,
-	userEndpoint string,
+	userEndpoint,
+	idAttribute string,
 	scopes []string,
 	options idp.Options,
 ) *OAuthIDPAddedEvent {
@@ -55,6 +56,7 @@ func NewOAuthIDPAddedEvent(
 			authorizationEndpoint,
 			tokenEndpoint,
 			userEndpoint,
+			idAttribute,
 			scopes,
 			options,
 		),