fix(idp): provide id_token for tenant id based azure ad (#7188)

* fix(idp): provide id_token for tenant based azure ad * comments * remove unintentional changes
2025-08-12 04:57:33 +00:00 · 2024-01-10 16:02:17 +01:00
parent 1a1bb564b9
commit 7c592ce638
7 changed files with 96 additions and 18 deletions
--- a/internal/api/idp/idp.go
+++ b/internal/api/idp/idp.go
@@ -393,7 +393,7 @@ func (h *Handler) fetchIDPUserFromCode(ctx context.Context, identityProvider idp
 	case *openid.Provider:
 		session = &openid.Session{Provider: provider, Code: code}
 	case *azuread.Provider:
-		session = &azuread.Session{Session: &oauth.Session{Provider: provider.Provider, Code: code}}
+		session = &azuread.Session{Provider: provider, Code: code}
 	case *github.Provider:
 		session = &oauth.Session{Provider: provider.Provider, Code: code}
 	case *gitlab.Provider:
--- a/internal/api/ui/login/external_provider_handler.go
+++ b/internal/api/ui/login/external_provider_handler.go
@@ -270,7 +270,7 @@ func (l *Login) handleExternalLoginCallback(w http.ResponseWriter, r *http.Reque
 			l.externalAuthFailed(w, r, authReq, nil, nil, err)
 			return
 		}
-		session = &azuread.Session{Session: &oauth.Session{Provider: provider.(*azuread.Provider).Provider, Code: data.Code}}
+		session = &azuread.Session{Provider: provider.(*azuread.Provider), Code: data.Code}
 	case domain.IDPTypeGitHub:
 		provider, err = l.githubProvider(r.Context(), identityProvider)
 		if err != nil {
@@ -1132,7 +1132,7 @@ func tokens(session idp.Session) *oidc.Tokens[*oidc.IDTokenClaims] {
 	case *oauth.Session:
 		return s.Tokens
 	case *azuread.Session:
-		return s.Tokens
+		return s.Tokens()
 	case *apple.Session:
 		return s.Tokens
 	}