feat(api): add google provider template (#5247)

add functionality to manage templates based Google IDP
2025-08-11 21:17:32 +00:00 · 2023-02-21 18:18:28 +01:00
parent 94116fa04b
commit 40e7356f3e
28 changed files with 2527 additions and 50 deletions
--- a/internal/command/idp_model.go
+++ b/internal/command/idp_model.go
@@ -1,6 +1,8 @@
 package command

 import (
+	"reflect"
+
 	"github.com/zitadel/zitadel/internal/crypto"
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/eventstore"
@@ -8,6 +10,93 @@ import (
 	"github.com/zitadel/zitadel/internal/repository/idpconfig"
 )

+type GoogleIDPWriteModel struct {
+	eventstore.WriteModel
+
+	ID           string
+	Name         string
+	ClientID     string
+	ClientSecret *crypto.CryptoValue
+	Scopes       []string
+	idp.Options
+
+	State domain.IDPState
+}
+
+func (wm *GoogleIDPWriteModel) Reduce() error {
+	for _, event := range wm.Events {
+		switch e := event.(type) {
+		case *idp.GoogleIDPAddedEvent:
+			wm.reduceAddedEvent(e)
+		case *idp.GoogleIDPChangedEvent:
+			wm.reduceChangedEvent(e)
+		case *idp.RemovedEvent:
+			wm.State = domain.IDPStateRemoved
+		}
+	}
+	return wm.WriteModel.Reduce()
+}
+
+func (wm *GoogleIDPWriteModel) reduceAddedEvent(e *idp.GoogleIDPAddedEvent) {
+	wm.Name = e.Name
+	wm.ClientID = e.ClientID
+	wm.ClientSecret = e.ClientSecret
+	wm.Scopes = e.Scopes
+	wm.Options = e.Options
+	wm.State = domain.IDPStateActive
+}
+
+func (wm *GoogleIDPWriteModel) reduceChangedEvent(e *idp.GoogleIDPChangedEvent) {
+	if e.Name != nil {
+		wm.Name = *e.Name
+	}
+	if e.ClientID != nil {
+		wm.ClientID = *e.ClientID
+	}
+	if e.ClientSecret != nil {
+		wm.ClientSecret = e.ClientSecret
+	}
+	if e.Scopes != nil {
+		wm.Scopes = e.Scopes
+	}
+	wm.Options.ReduceChanges(e.OptionChanges)
+}
+
+func (wm *GoogleIDPWriteModel) NewChanges(
+	name string,
+	clientID string,
+	clientSecretString string,
+	secretCrypto crypto.Crypto,
+	scopes []string,
+	options idp.Options,
+) ([]idp.GoogleIDPChanges, error) {
+	changes := make([]idp.GoogleIDPChanges, 0)
+	var clientSecret *crypto.CryptoValue
+	var err error
+	if clientSecretString != "" {
+		clientSecret, err = crypto.Crypt([]byte(clientSecretString), secretCrypto)
+		if err != nil {
+			return nil, err
+		}
+		changes = append(changes, idp.ChangeGoogleClientSecret(clientSecret))
+	}
+	if wm.Name != name {
+		changes = append(changes, idp.ChangeGoogleName(name))
+	}
+	if wm.ClientID != clientID {
+		changes = append(changes, idp.ChangeGoogleClientID(clientID))
+	}
+	if !reflect.DeepEqual(wm.Scopes, scopes) {
+		changes = append(changes, idp.ChangeGoogleScopes(scopes))
+	}
+
+	opts := wm.Options.Changes(options)
+	if !opts.IsZero() {
+		changes = append(changes, idp.ChangeGoogleOptions(opts))
+	}
+	return changes, nil
+}
+
 type LDAPIDPWriteModel struct {
 	eventstore.WriteModel

@@ -34,7 +123,7 @@ func (wm *LDAPIDPWriteModel) Reduce() error {
 			if wm.ID != e.ID {
 				continue
 			}
-			wm.reduceAddeddEvent(e)
+			wm.reduceAddedEvent(e)
 		case *idp.LDAPIDPChangedEvent:
 			if wm.ID != e.ID {
 				continue
@@ -50,7 +139,7 @@ func (wm *LDAPIDPWriteModel) Reduce() error {
 	return wm.WriteModel.Reduce()
 }

-func (wm *LDAPIDPWriteModel) reduceAddeddEvent(e *idp.LDAPIDPAddedEvent) {
+func (wm *LDAPIDPWriteModel) reduceAddedEvent(e *idp.LDAPIDPAddedEvent) {
 	wm.Name = e.Name
 	wm.Host = e.Host
 	wm.Port = e.Port
@@ -170,6 +259,10 @@ type IDPRemoveWriteModel struct {
 func (wm *IDPRemoveWriteModel) Reduce() error {
 	for _, event := range wm.Events {
 		switch e := event.(type) {
+		case *idp.GoogleIDPAddedEvent:
+			wm.reduceAdded(e.ID, e.Name)
+		case *idp.GoogleIDPChangedEvent:
+			wm.reduceChanged(e.ID, e.Name)
 		case *idp.LDAPIDPAddedEvent:
 			wm.reduceAdded(e.ID, e.Name)
 		case *idp.LDAPIDPChangedEvent: