mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-11 15:37:33 +00:00
fix: idp user information mapping (#9892)
# Which Problems Are Solved
When retrieving the information of an IdP intent, depending on the IdP
type (e.g. Apple), there was issue when mapping the stored (event)
information back to the specific IdP type, potentially leading to a
panic.
# How the Problems Are Solved
- Correctly initialize the user struct to map the information to.
# Additional Changes
none
# Additional Context
- reported by a support request
- needs backport to 3.x and 2.x
(cherry picked from commit 1b2fd23e0b
)
This commit is contained in:
@@ -167,11 +167,11 @@ func (s *Server) RetrieveIdentityProviderIntent(ctx context.Context, req *user.R
|
||||
var idpUser idp.User
|
||||
switch p := provider.(type) {
|
||||
case *apple.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &apple.User{})
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, apple.InitUser())
|
||||
case *oauth.Provider:
|
||||
idpUser, err = unmarshalRawIdpUser(intent.IDPUser, p.User())
|
||||
case *oidc.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &oidc.User{UserInfo: &oidc_pkg.UserInfo{}})
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, oidc.InitUser())
|
||||
case *jwt.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &jwt.User{})
|
||||
case *azuread.Provider:
|
||||
@@ -179,9 +179,9 @@ func (s *Server) RetrieveIdentityProviderIntent(ctx context.Context, req *user.R
|
||||
case *github.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &github.User{})
|
||||
case *gitlab.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &oidc.User{UserInfo: &oidc_pkg.UserInfo{}})
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, oidc.InitUser())
|
||||
case *google.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &google.User{User: &oidc.User{UserInfo: &oidc_pkg.UserInfo{}}})
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, google.InitUser())
|
||||
case *saml.Provider:
|
||||
idpUser, err = unmarshalIdpUser(intent.IDPUser, &saml.UserMapper{})
|
||||
case *ldap.Provider:
|
||||
|
@@ -60,6 +60,10 @@ func NewUser(info *openid.UserInfo, names userNamesFormValue) *User {
|
||||
return &User{User: user}
|
||||
}
|
||||
|
||||
func InitUser() idp.User {
|
||||
return &User{User: oidc.InitUser()}
|
||||
}
|
||||
|
||||
// User extends the [oidc.User] by returning the email as preferred_username, since Apple does not return the latter.
|
||||
type User struct {
|
||||
*oidc.User
|
||||
|
@@ -34,6 +34,10 @@ var userMapper = func(info *openid.UserInfo) idp.User {
|
||||
return &User{oidc.DefaultMapper(info)}
|
||||
}
|
||||
|
||||
func InitUser() idp.User {
|
||||
return &User{oidc.InitUser()}
|
||||
}
|
||||
|
||||
// User is a representation of the authenticated Google and implements the [idp.User] interface
|
||||
// by wrapping an [idp.User] (implemented by [oidc.User]). It overwrites the [GetPreferredUsername] to use the `email` claim.
|
||||
type User struct {
|
||||
|
@@ -96,6 +96,10 @@ func NewUser(info *oidc.UserInfo) *User {
|
||||
return &User{UserInfo: info}
|
||||
}
|
||||
|
||||
func InitUser() *User {
|
||||
return &User{UserInfo: &oidc.UserInfo{}}
|
||||
}
|
||||
|
||||
type User struct {
|
||||
*oidc.UserInfo
|
||||
}
|
||||
|
Reference in New Issue
Block a user