TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 19:07:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(oidc): allow additional audience based on scope in device auth (#7685)

Browse Source 
feat(oidc): allow additional audience based on scope
This commit is contained in:
Tim Möhlmann
2024-04-03 09:06:21 +03:00
committed by GitHub
parent 2d25244c77
commit 5b3946b67e
10 changed files with 61 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/query/device_auth.go
View File

@@ -37,6 +37,10 @@ var (
name: projection.DeviceAuthRequestColumnScopes,
table: deviceAuthRequestTable,
}
DeviceAuthRequestColumnAudience = Column{
name: projection.DeviceAuthRequestColumnAudience,
table: deviceAuthRequestTable,
}
DeviceAuthRequestColumnCreationDate = Column{
name: projection.DeviceAuthRequestColumnCreationDate,
table: deviceAuthRequestTable,
@@ -61,6 +65,7 @@ type DeviceAuth struct {
UserCode string
Expires time.Time
Scopes []string
Audience []string
State domain.DeviceAuthState
Subject string
UserAuthMethods []domain.UserAuthMethodType
@@ -109,6 +114,7 @@ var deviceAuthSelectColumns = []string{
DeviceAuthRequestColumnDeviceCode.identifier(),
DeviceAuthRequestColumnUserCode.identifier(),
DeviceAuthRequestColumnScopes.identifier(),
DeviceAuthRequestColumnAudience.identifier(),
}
func prepareDeviceAuthQuery(ctx context.Context, db prepareDatabase) (sq.SelectBuilder, func(*sql.Row) (*domain.AuthRequestDevice, error)) {
@@ -116,7 +122,8 @@ func prepareDeviceAuthQuery(ctx context.Context, db prepareDatabase) (sq.SelectB
func(row *sql.Row) (*domain.AuthRequestDevice, error) {
dst := new(domain.AuthRequestDevice)
var (
scopes database.TextArray[string]
scopes database.TextArray[string]
audience database.TextArray[string]
)
err := row.Scan(
@@ -124,6 +131,7 @@ func prepareDeviceAuthQuery(ctx context.Context, db prepareDatabase) (sq.SelectB
&dst.DeviceCode,
&dst.UserCode,
&scopes,
&audience,
)
if errors.Is(err, sql.ErrNoRows) {
return nil, zerrors.ThrowNotFound(err, "QUERY-Sah9a", "Errors.DeviceAuth.NotExisting")
@@ -132,6 +140,7 @@ func prepareDeviceAuthQuery(ctx context.Context, db prepareDatabase) (sq.SelectB
return nil, zerrors.ThrowInternal(err, "QUERY-Voo3o", "Errors.Internal")
}
dst.Scopes = scopes
dst.Audience = audience
return dst, nil
}
}