fix: migrate external id of federated users (#6312)

* feat: migrate external id * implement tests and some renaming * fix projection * cleanup * i18n * fix event type * handle migration for new services as well * typo
2025-08-12 06:07:33 +00:00 · 2023-08-04 11:35:36 +02:00
parent d33a4fbb2f
commit 45262e6829
28 changed files with 611 additions and 9 deletions
--- a/internal/idp/providers/azuread/session.go
+++ b/internal/idp/providers/azuread/session.go
@@ -0,0 +1,29 @@
+package azuread
+
+import (
+	"net/http"
+
+	httphelper "github.com/zitadel/oidc/v2/pkg/http"
+	"github.com/zitadel/oidc/v2/pkg/oidc"
+
+	"github.com/zitadel/zitadel/internal/idp/providers/oauth"
+)
+
+// Session extends the [oauth.Session] to extend it with the [idp.SessionSupportsMigration] functionality
+type Session struct {
+	*oauth.Session
+}
+
+// RetrievePreviousID implements the [idp.SessionSupportsMigration] interface by returning the `sub` from the userinfo endpoint
+func (s *Session) RetrievePreviousID() (string, error) {
+	req, err := http.NewRequest("GET", userinfoEndpoint, nil)
+	if err != nil {
+		return "", err
+	}
+	req.Header.Set("authorization", s.Tokens.TokenType+" "+s.Tokens.AccessToken)
+	userinfo := new(oidc.UserInfo)
+	if err := httphelper.HttpRequest(s.Provider.HttpClient(), req, &userinfo); err != nil {
+		return "", err
+	}
+	return userinfo.Subject, nil
+}