fix: provide tokens in azuread idp session (#6334)

2024-12-12 02:54:20 +00:00 · 2023-08-08 11:28:47 +02:00 · 2023-08-08 11:28:47 +02:00 · 8dc1fd06a1
commit 8dc1fd06a1
parent 605e683e29
3 changed files with 31 additions and 0 deletions
--- a/internal/api/ui/login/external_provider_handler.go
+++ b/internal/api/ui/login/external_provider_handler.go
@ -967,6 +967,8 @@ func tokens(session idp.Session) *oidc.Tokens[*oidc.IDTokenClaims] {
 		return s.Tokens
 	case *oauth.Session:
 		return s.Tokens
+	case *azuread.Session:
+		return s.Tokens
 	}
 	return nil
 }
--- a/internal/command/idp_intent.go
+++ b/internal/command/idp_intent.go
@ -14,6 +14,7 @@ import (
 	"github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/eventstore"
 	"github.com/zitadel/zitadel/internal/idp"
+	"github.com/zitadel/zitadel/internal/idp/providers/azuread"
 	"github.com/zitadel/zitadel/internal/idp/providers/jwt"
 	"github.com/zitadel/zitadel/internal/idp/providers/oauth"
 	openid "github.com/zitadel/zitadel/internal/idp/providers/oidc"
@ -165,6 +166,8 @@ func tokensForSucceededIDPIntent(session idp.Session, encryptionAlg crypto.Encry
 		tokens = s.Tokens
 	case *jwt.Session:
 		tokens = s.Tokens
+	case *azuread.Session:
+		tokens = s.Tokens
 	default:
 		return nil, "", nil
 	}
--- a/internal/command/idp_intent_test.go
+++ b/internal/command/idp_intent_test.go
@ -19,6 +19,7 @@ import (
 	"github.com/zitadel/zitadel/internal/id"
 	"github.com/zitadel/zitadel/internal/id/mock"
 	"github.com/zitadel/zitadel/internal/idp"
+	"github.com/zitadel/zitadel/internal/idp/providers/azuread"
 	"github.com/zitadel/zitadel/internal/idp/providers/jwt"
 	"github.com/zitadel/zitadel/internal/idp/providers/ldap"
 	"github.com/zitadel/zitadel/internal/idp/providers/oauth"
@ -745,6 +746,31 @@ func Test_tokensForSucceededIDPIntent(t *testing.T) {
 				err:         nil,
 			},
 		},
+		{
+			"azure tokens",
+			args{
+				&azuread.Session{
+					Session: &oauth.Session{
+						Tokens: &oidc.Tokens[*oidc.IDTokenClaims]{
+							Token: &oauth2.Token{
+								AccessToken: "accessToken",
+							},
+						},
+					},
+				},
+				crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
+			},
+			res{
+				accessToken: &crypto.CryptoValue{
+					CryptoType: crypto.TypeEncryption,
+					Algorithm:  "enc",
+					KeyID:      "id",
+					Crypted:    []byte("accessToken"),
+				},
+				idToken: "",
+				err:     nil,
+			},
+		},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {