TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:37:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(api): add oidc and jwt provider template (#5290)

Browse Source 
Adds possibility to manage OIDC and JWT template based providers
This commit is contained in:
Livio Spring
2023-02-27 16:32:18 +01:00
committed by GitHub
parent 9396e8b2f5
commit 80003939ad
29 changed files with 4338 additions and 295 deletions
Download Patch File Download Diff File Expand all files Collapse all files

192
internal/query/idp_template.go
View File

@@ -34,6 +34,8 @@ type IDPTemplate struct {
IsAutoCreation bool
IsAutoUpdate bool
*OAuthIDPTemplate
*OIDCIDPTemplate
*JWTIDPTemplate
*GoogleIDPTemplate
*LDAPIDPTemplate
}
@@ -53,6 +55,22 @@ type OAuthIDPTemplate struct {
Scopes database.StringArray
}
type OIDCIDPTemplate struct {
IDPID string
ClientID string
ClientSecret *crypto.CryptoValue
Issuer string
Scopes database.StringArray
}
type JWTIDPTemplate struct {
IDPID string
Issuer string
KeysEndpoint string
HeaderName string
Endpoint string
}
type GoogleIDPTemplate struct {
IDPID string
ClientID string
@@ -179,6 +197,68 @@ var (
}
)
var (
oidcIdpTemplateTable = table{
name: projection.IDPTemplateOIDCTable,
instanceIDCol: projection.OIDCInstanceIDCol,
}
OIDCIDCol = Column{
name: projection.OIDCIDCol,
table: oidcIdpTemplateTable,
}
OIDCInstanceIDCol = Column{
name: projection.OIDCInstanceIDCol,
table: oidcIdpTemplateTable,
}
OIDCIssuerCol = Column{
name: projection.OIDCIssuerCol,
table: oidcIdpTemplateTable,
}
OIDCClientIDCol = Column{
name: projection.OIDCClientIDCol,
table: oidcIdpTemplateTable,
}
OIDCClientSecretCol = Column{
name: projection.OIDCClientSecretCol,
table: oidcIdpTemplateTable,
}
OIDCScopesCol = Column{
name: projection.OIDCScopesCol,
table: oidcIdpTemplateTable,
}
)
var (
jwtIdpTemplateTable = table{
name: projection.IDPTemplateJWTTable,
instanceIDCol: projection.JWTInstanceIDCol,
}
JWTIDCol = Column{
name: projection.JWTIDCol,
table: jwtIdpTemplateTable,
}
JWTInstanceIDCol = Column{
name: projection.JWTInstanceIDCol,
table: jwtIdpTemplateTable,
}
JWTIssuerCol = Column{
name: projection.JWTIssuerCol,
table: jwtIdpTemplateTable,
}
JWTEndpointCol = Column{
name: projection.JWTEndpointCol,
table: jwtIdpTemplateTable,
}
JWTKeysEndpointCol = Column{
name: projection.JWTKeysEndpointCol,
table: jwtIdpTemplateTable,
}
JWTHeaderNameCol = Column{
name: projection.JWTHeaderNameCol,
table: jwtIdpTemplateTable,
}
)
var (
googleIdpTemplateTable = table{
name: projection.IDPTemplateGoogleTable,
@@ -428,6 +508,18 @@ func prepareIDPTemplateByIDQuery() (sq.SelectBuilder, func(*sql.Row) (*IDPTempla
OAuthTokenEndpointCol.identifier(),
OAuthUserEndpointCol.identifier(),
OAuthScopesCol.identifier(),
// oidc
OIDCIDCol.identifier(),
OIDCIssuerCol.identifier(),
OIDCClientIDCol.identifier(),
OIDCClientSecretCol.identifier(),
OIDCScopesCol.identifier(),
// jwt
JWTIDCol.identifier(),
JWTIssuerCol.identifier(),
JWTEndpointCol.identifier(),
JWTKeysEndpointCol.identifier(),
JWTHeaderNameCol.identifier(),
// google
GoogleIDCol.identifier(),
GoogleClientIDCol.identifier(),
@@ -458,6 +550,8 @@ func prepareIDPTemplateByIDQuery() (sq.SelectBuilder, func(*sql.Row) (*IDPTempla
LDAPProfileAttributeCol.identifier(),
).From(idpTemplateTable.identifier()).
LeftJoin(join(OAuthIDCol, IDPTemplateIDCol)).
LeftJoin(join(OIDCIDCol, IDPTemplateIDCol)).
LeftJoin(join(JWTIDCol, IDPTemplateIDCol)).
LeftJoin(join(GoogleIDCol, IDPTemplateIDCol)).
LeftJoin(join(LDAPIDCol, IDPTemplateIDCol)).
PlaceholderFormat(sq.Dollar),
@@ -474,6 +568,18 @@ func prepareIDPTemplateByIDQuery() (sq.SelectBuilder, func(*sql.Row) (*IDPTempla
oauthUserEndpoint := sql.NullString{}
oauthScopes := database.StringArray{}
oidcID := sql.NullString{}
oidcIssuer := sql.NullString{}
oidcClientID := sql.NullString{}
oidcClientSecret := new(crypto.CryptoValue)
oidcScopes := database.StringArray{}
jwtID := sql.NullString{}
jwtIssuer := sql.NullString{}
jwtEndpoint := sql.NullString{}
jwtKeysEndpoint := sql.NullString{}
jwtHeaderName := sql.NullString{}
googleID := sql.NullString{}
googleClientID := sql.NullString{}
googleClientSecret := new(crypto.CryptoValue)
@@ -524,6 +630,18 @@ func prepareIDPTemplateByIDQuery() (sq.SelectBuilder, func(*sql.Row) (*IDPTempla
&oauthTokenEndpoint,
&oauthUserEndpoint,
&oauthScopes,
// oidc
&oidcID,
&oidcIssuer,
&oidcClientID,
&oidcClientSecret,
&oidcScopes,
// jwt
&jwtID,
&jwtIssuer,
&jwtEndpoint,
&jwtKeysEndpoint,
&jwtHeaderName,
// google
&googleID,
&googleClientID,
@@ -573,6 +691,24 @@ func prepareIDPTemplateByIDQuery() (sq.SelectBuilder, func(*sql.Row) (*IDPTempla
Scopes: oauthScopes,
}
}
if oidcID.Valid {
idpTemplate.OIDCIDPTemplate = &OIDCIDPTemplate{
IDPID: oidcID.String,
ClientID: oidcClientID.String,
ClientSecret: oidcClientSecret,
Issuer: oidcIssuer.String,
Scopes: oidcScopes,
}
}
if jwtID.Valid {
idpTemplate.JWTIDPTemplate = &JWTIDPTemplate{
IDPID: jwtID.String,
Issuer: jwtIssuer.String,
KeysEndpoint: jwtKeysEndpoint.String,
HeaderName: jwtHeaderName.String,
Endpoint: jwtEndpoint.String,
}
}
if googleID.Valid {
idpTemplate.GoogleIDPTemplate = &GoogleIDPTemplate{
IDPID: googleID.String,
@@ -637,6 +773,18 @@ func prepareIDPTemplatesQuery() (sq.SelectBuilder, func(*sql.Rows) (*IDPTemplate
OAuthTokenEndpointCol.identifier(),
OAuthUserEndpointCol.identifier(),
OAuthScopesCol.identifier(),
// oidc
OIDCIDCol.identifier(),
OIDCIssuerCol.identifier(),
OIDCClientIDCol.identifier(),
OIDCClientSecretCol.identifier(),
OIDCScopesCol.identifier(),
// jwt
JWTIDCol.identifier(),
JWTIssuerCol.identifier(),
JWTEndpointCol.identifier(),
JWTKeysEndpointCol.identifier(),
JWTHeaderNameCol.identifier(),
// google
GoogleIDCol.identifier(),
GoogleClientIDCol.identifier(),
@@ -668,6 +816,8 @@ func prepareIDPTemplatesQuery() (sq.SelectBuilder, func(*sql.Rows) (*IDPTemplate
countColumn.identifier(),
).From(idpTemplateTable.identifier()).
LeftJoin(join(OAuthIDCol, IDPTemplateIDCol)).
LeftJoin(join(OIDCIDCol, IDPTemplateIDCol)).
LeftJoin(join(JWTIDCol, IDPTemplateIDCol)).
LeftJoin(join(GoogleIDCol, IDPTemplateIDCol)).
LeftJoin(join(LDAPIDCol, IDPTemplateIDCol)).
PlaceholderFormat(sq.Dollar),
@@ -687,6 +837,18 @@ func prepareIDPTemplatesQuery() (sq.SelectBuilder, func(*sql.Rows) (*IDPTemplate
oauthUserEndpoint := sql.NullString{}
oauthScopes := database.StringArray{}
oidcID := sql.NullString{}
oidcIssuer := sql.NullString{}
oidcClientID := sql.NullString{}
oidcClientSecret := new(crypto.CryptoValue)
oidcScopes := database.StringArray{}
jwtID := sql.NullString{}
jwtIssuer := sql.NullString{}
jwtEndpoint := sql.NullString{}
jwtKeysEndpoint := sql.NullString{}
jwtHeaderName := sql.NullString{}
googleID := sql.NullString{}
googleClientID := sql.NullString{}
googleClientSecret := new(crypto.CryptoValue)
@@ -737,6 +899,18 @@ func prepareIDPTemplatesQuery() (sq.SelectBuilder, func(*sql.Rows) (*IDPTemplate
&oauthTokenEndpoint,
&oauthUserEndpoint,
&oauthScopes,
// oidc
&oidcID,
&oidcIssuer,
&oidcClientID,
&oidcClientSecret,
&oidcScopes,
// jwt
&jwtID,
&jwtIssuer,
&jwtEndpoint,
&jwtKeysEndpoint,
&jwtHeaderName,
// google
&googleID,
&googleClientID,
@@ -785,6 +959,24 @@ func prepareIDPTemplatesQuery() (sq.SelectBuilder, func(*sql.Rows) (*IDPTemplate
Scopes: oauthScopes,
}
}
if oidcID.Valid {
idpTemplate.OIDCIDPTemplate = &OIDCIDPTemplate{
IDPID: oidcID.String,
ClientID: oidcClientID.String,
ClientSecret: oidcClientSecret,
Issuer: oidcIssuer.String,
Scopes: oidcScopes,
}
}
if jwtID.Valid {
idpTemplate.JWTIDPTemplate = &JWTIDPTemplate{
IDPID: jwtID.String,
Issuer: jwtIssuer.String,
KeysEndpoint: jwtKeysEndpoint.String,
HeaderName: jwtHeaderName.String,
Endpoint: jwtEndpoint.String,
}
}
if googleID.Valid {
idpTemplate.GoogleIDPTemplate = &GoogleIDPTemplate{
IDPID: googleID.String,