fix: add email query to github idp if email empty (#10705)

# Which Problems Are Solved In the integration with Github, private emails are not returned with the userinfo. # How the Problems Are Solved If the scope `user:email` is set in the Github IDP and the email is not included in the userinfo, a request to Github's API is executed to query the email of the user. # Additional Changes Additional tests. # Additional Context Closes #10098 --------- Co-authored-by: Marco A. <marco@zitadel.com> Co-authored-by: Livio Spring <livio.a@gmail.com> (cherry picked from commit a7e1bfb4a3)
2025-12-27 07:26:39 +00:00 · 2025-10-07 08:13:06 +02:00
parent 1014c6d93f
commit d562cf5b45
7 changed files with 458 additions and 42 deletions
--- a/internal/command/idp_intent.go
+++ b/internal/command/idp_intent.go
@@ -17,6 +17,7 @@ import (
 	"github.com/zitadel/zitadel/internal/idp"
 	"github.com/zitadel/zitadel/internal/idp/providers/apple"
 	"github.com/zitadel/zitadel/internal/idp/providers/azuread"
+	"github.com/zitadel/zitadel/internal/idp/providers/github"
 	"github.com/zitadel/zitadel/internal/idp/providers/jwt"
 	"github.com/zitadel/zitadel/internal/idp/providers/ldap"
 	"github.com/zitadel/zitadel/internal/idp/providers/oauth"
@@ -299,6 +300,8 @@ func tokensForSucceededIDPIntent(session idp.Session, encryptionAlg crypto.Encry
 		tokens = s.Tokens
 	case *jwt.Session:
 		tokens = s.Tokens
+	case *github.Session:
+		tokens = s.Tokens()
 	case *azuread.Session:
 		tokens = s.Tokens()
 	case *apple.Session: