feat: project roles (#843)

* fix logging * token verification * feat: assert roles * feat: add project role assertion on project and token type on app * id and access token role assertion * add project role check * user grant required step in login * update library * fix merge * fix merge * fix merge * update oidc library * fix tests * add tests for GrantRequiredStep * add missing field ProjectRoleCheck on project view model * fix project create * fix project create
2025-10-10 09:54:34 +00:00 · 2020-10-16 07:49:38 +02:00
parent f5a7a0a09f
commit a321d850ae
57 changed files with 10894 additions and 18297 deletions
--- a/internal/project/model/application_view.go
+++ b/internal/project/model/application_view.go
@@ -7,12 +7,14 @@ import (
 )

 type ApplicationView struct {
-	ID           string
-	ProjectID    string
-	Name         string
-	CreationDate time.Time
-	ChangeDate   time.Time
-	State        AppState
+	ID                   string
+	ProjectID            string
+	Name                 string
+	CreationDate         time.Time
+	ChangeDate           time.Time
+	State                AppState
+	ProjectRoleAssertion bool
+	ProjectRoleCheck     bool

 	IsOIDC                     bool
 	OIDCVersion                OIDCVersion
@@ -27,6 +29,9 @@ type ApplicationView struct {
 	ComplianceProblems         []string
 	DevMode                    bool
 	OriginAllowList            []string
+	AccessTokenType            OIDCTokenType
+	IDTokenRoleAssertion       bool
+	AccessTokenRoleAssertion   bool

 	Sequence uint64
 }