feat: add ldap external idp to login api (#5938)

* fix: handling of ldap login through separate endpoint * fix: handling of ldap login through separate endpoint * fix: handling of ldap login through separate endpoint * fix: successful intent for ldap * fix: successful intent for ldap * fix: successful intent for ldap * fix: add changes from code review * fix: remove set intent credentials and handle ldap errors * fix: remove set intent credentials and handle ldap errors * refactor into separate methods and fix merge * remove mocks --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 21:47:32 +00:00 · 2023-08-16 13:29:57 +02:00
parent 1b923425cd
commit 52f68f8db8
27 changed files with 726 additions and 149 deletions
--- a/internal/api/idp/idp.go
+++ b/internal/api/idp/idp.go
@@ -28,8 +28,9 @@ import (
 )

 const (
-	HandlerPrefix = "/idps"
-	callbackPath  = "/callback"
+	HandlerPrefix    = "/idps"
+	callbackPath     = "/callback"
+	ldapCallbackPath = callbackPath + "/ldap"

 	paramIntentID         = "id"
 	paramToken            = "token"
@@ -82,18 +83,22 @@ func NewHandler(
 }

 func (h *Handler) handleCallback(w http.ResponseWriter, r *http.Request) {
+	ctx := r.Context()
 	data, err := h.parseCallbackRequest(r)
 	if err != nil {
 		http.Error(w, err.Error(), http.StatusBadRequest)
 		return
 	}
-	intent := h.getActiveIntent(w, r, data.State)
-	if intent == nil {
-		// if we didn't get an active intent the error was already handled (either redirected or display directly)
+	intent, err := h.commands.GetActiveIntent(ctx, data.State)
+	if err != nil {
+		if z_errs.IsNotFound(err) {
+			http.Error(w, err.Error(), http.StatusBadRequest)
+			return
+		}
+		redirectToFailureURLErr(w, r, intent, err)
 		return
 	}

-	ctx := r.Context()
 	// the provider might have returned an error
 	if data.Error != "" {
 		cmdErr := h.commands.FailIDPIntent(ctx, intent, reason(data.Error, data.ErrorDescription))