feat(api): add generic oauth provider template (#5260)

adds functionality to manage templates based OIDC IDPs
2025-08-12 01:47:33 +00:00 · 2023-02-24 15:16:06 +01:00
parent aa9518ac02
commit 737d14e81b
28 changed files with 3199 additions and 117 deletions
--- a/internal/api/grpc/idp/converter.go
+++ b/internal/api/grpc/idp/converter.go
@@ -402,31 +402,57 @@ func configToPb(config *query.IDPTemplate) *idp_pb.ProviderConfig {
 			IsAutoUpdate:      config.IsAutoUpdate,
 		},
 	}
+	if config.OAuthIDPTemplate != nil {
+		oauthConfigToPb(providerConfig, config.OAuthIDPTemplate)
+		return providerConfig
+	}
 	if config.GoogleIDPTemplate != nil {
-		providerConfig.Config = &idp_pb.ProviderConfig_Google{
-			Google: &idp_pb.GoogleConfig{
-				ClientId: config.GoogleIDPTemplate.ClientID,
-				Scopes:   config.GoogleIDPTemplate.Scopes,
-			},
-		}
+		googleConfigToPb(providerConfig, config.GoogleIDPTemplate)
+		return providerConfig
 	}
 	if config.LDAPIDPTemplate != nil {
-		providerConfig.Config = &idp_pb.ProviderConfig_Ldap{
-			Ldap: &idp_pb.LDAPConfig{
-				Host:                config.Host,
-				Port:                config.Port,
-				Tls:                 config.TLS,
-				BaseDn:              config.BaseDN,
-				UserObjectClass:     config.UserObjectClass,
-				UserUniqueAttribute: config.UserUniqueAttribute,
-				Admin:               config.Admin,
-				Attributes:          ldapAttributesToPb(config.LDAPAttributes),
-			},
-		}
+		ldapConfigToPb(providerConfig, config.LDAPIDPTemplate)
+		return providerConfig
 	}
 	return providerConfig
 }

+func googleConfigToPb(providerConfig *idp_pb.ProviderConfig, template *query.GoogleIDPTemplate) {
+	providerConfig.Config = &idp_pb.ProviderConfig_Google{
+		Google: &idp_pb.GoogleConfig{
+			ClientId: template.ClientID,
+			Scopes:   template.Scopes,
+		},
+	}
+}
+
+func oauthConfigToPb(providerConfig *idp_pb.ProviderConfig, template *query.OAuthIDPTemplate) {
+	providerConfig.Config = &idp_pb.ProviderConfig_Oauth{
+		Oauth: &idp_pb.OAuthConfig{
+			ClientId:              template.ClientID,
+			AuthorizationEndpoint: template.AuthorizationEndpoint,
+			TokenEndpoint:         template.TokenEndpoint,
+			UserEndpoint:          template.UserEndpoint,
+			Scopes:                template.Scopes,
+		},
+	}
+}
+
+func ldapConfigToPb(providerConfig *idp_pb.ProviderConfig, template *query.LDAPIDPTemplate) {
+	providerConfig.Config = &idp_pb.ProviderConfig_Ldap{
+		Ldap: &idp_pb.LDAPConfig{
+			Host:                template.Host,
+			Port:                template.Port,
+			Tls:                 template.TLS,
+			BaseDn:              template.BaseDN,
+			UserObjectClass:     template.UserObjectClass,
+			UserUniqueAttribute: template.UserUniqueAttribute,
+			Admin:               template.Admin,
+			Attributes:          ldapAttributesToPb(template.LDAPAttributes),
+		},
+	}
+}
+
 func ldapAttributesToPb(attributes idp.LDAPAttributes) *idp_pb.LDAPAttributes {
 	return &idp_pb.LDAPAttributes{
 		IdAttribute:                attributes.IDAttribute,