mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 00:57:33 +00:00
fix: remove oauth endpoints from oidc config proto (#2014)
This commit is contained in:
Fabi
@@ -24,8 +24,6 @@ func addOIDCIDPRequestToDomainOIDCIDPConfig(req *admin_pb.AddOIDCIDPRequest) *do
|
||||
ClientID: req.ClientId,
|
||||
ClientSecretString: req.ClientSecret,
|
||||
Issuer: req.Issuer,
|
||||
AuthorizationEndpoint: req.AuthorizationEndpoint,
|
||||
TokenEndpoint: req.TokenEndpoint,
|
||||
Scopes: req.Scopes,
|
||||
IDPDisplayNameMapping: idp_grpc.MappingFieldToDomain(req.DisplayNameMapping),
|
||||
UsernameMapping: idp_grpc.MappingFieldToDomain(req.UsernameMapping),
|
||||
@@ -46,8 +44,6 @@ func updateOIDCConfigToDomain(req *admin_pb.UpdateIDPOIDCConfigRequest) *domain.
|
||||
ClientID: req.ClientId,
|
||||
ClientSecretString: req.ClientSecret,
|
||||
Issuer: req.Issuer,
|
||||
AuthorizationEndpoint: req.AuthorizationEndpoint,
|
||||
TokenEndpoint: req.TokenEndpoint,
|
||||
Scopes: req.Scopes,
|
||||
IDPDisplayNameMapping: idp_grpc.MappingFieldToDomain(req.DisplayNameMapping),
|
||||
UsernameMapping: idp_grpc.MappingFieldToDomain(req.UsernameMapping),
|
||||
|
||||
@@ -20,16 +20,14 @@ func Test_addOIDCIDPRequestToDomain(t *testing.T) {
|
||||
name: "all fields filled",
|
||||
args: args{
|
||||
req: &admin_pb.AddOIDCIDPRequest{
|
||||
Name: "ZITADEL",
|
||||
StylingType: idp.IDPStylingType_STYLING_TYPE_GOOGLE,
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
AuthorizationEndpoint: "https://accounts.zitadel.ch/oauth/v2/authorize",
|
||||
TokenEndpoint: "https://api.zitadel.ch/oauth/v2/token",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
Name: "ZITADEL",
|
||||
StylingType: idp.IDPStylingType_STYLING_TYPE_GOOGLE,
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -44,6 +42,8 @@ func Test_addOIDCIDPRequestToDomain(t *testing.T) {
|
||||
"OIDCConfig.IDPConfigID",
|
||||
"IDPConfigID",
|
||||
"State",
|
||||
"OIDCConfig.AuthorizationEndpoint",
|
||||
"OIDCConfig.TokenEndpoint",
|
||||
"Type", //TODO: default (0) is oidc
|
||||
)
|
||||
})
|
||||
@@ -62,14 +62,12 @@ func Test_addOIDCIDPRequestToDomainOIDCIDPConfig(t *testing.T) {
|
||||
name: "all fields filled",
|
||||
args: args{
|
||||
req: &admin_pb.AddOIDCIDPRequest{
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
AuthorizationEndpoint: "https://accounts.zitadel.ch/oauth/v2/authorize",
|
||||
TokenEndpoint: "https://api.zitadel.ch/oauth/v2/token",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -81,6 +79,8 @@ func Test_addOIDCIDPRequestToDomainOIDCIDPConfig(t *testing.T) {
|
||||
"ObjectRoot",
|
||||
"ClientSecret", //TODO: is client secret string enough for backend?
|
||||
"IDPConfigID",
|
||||
"AuthorizationEndpoint",
|
||||
"TokenEndpoint",
|
||||
)
|
||||
})
|
||||
}
|
||||
@@ -130,15 +130,13 @@ func Test_updateOIDCConfigToDomain(t *testing.T) {
|
||||
name: "all fields filled",
|
||||
args: args{
|
||||
req: &admin_pb.UpdateIDPOIDCConfigRequest{
|
||||
IdpId: "4208",
|
||||
Issuer: "zitadel.ch",
|
||||
AuthorizationEndpoint: "https://accounts.zitadel.ch/oauth/v2/authorize",
|
||||
TokenEndpoint: "https://api.zitadel.ch/oauth/v2/token",
|
||||
ClientId: "ZITEADEL",
|
||||
ClientSecret: "i'm so secret",
|
||||
Scopes: []string{"profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
IdpId: "4208",
|
||||
Issuer: "zitadel.ch",
|
||||
ClientId: "ZITEADEL",
|
||||
ClientSecret: "i'm so secret",
|
||||
Scopes: []string{"profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -149,6 +147,8 @@ func Test_updateOIDCConfigToDomain(t *testing.T) {
|
||||
test.AssertFieldsMapped(t, got,
|
||||
"ObjectRoot",
|
||||
"ClientSecret",
|
||||
"AuthorizationEndpoint",
|
||||
"TokenEndpoint",
|
||||
)
|
||||
})
|
||||
}
|
||||
|
||||
@@ -133,13 +133,11 @@ func IDPStylingTypeToPb(stylingType domain.IDPConfigStylingType) idp_pb.IDPStyli
|
||||
func ModelIDPViewToConfigPb(config *iam_model.IDPConfigView) *idp_pb.IDP_OidcConfig {
|
||||
return &idp_pb.IDP_OidcConfig{
|
||||
OidcConfig: &idp_pb.OIDCConfig{
|
||||
ClientId: config.OIDCClientID,
|
||||
Issuer: config.OIDCIssuer,
|
||||
Scopes: config.OIDCScopes,
|
||||
DisplayNameMapping: ModelMappingFieldToPb(config.OIDCIDPDisplayNameMapping),
|
||||
UsernameMapping: ModelMappingFieldToPb(config.OIDCUsernameMapping),
|
||||
AuthorizationEndpoint: config.OAuthAuthorizationEndpoint,
|
||||
TokenEndpoint: config.OAuthTokenEndpoint,
|
||||
ClientId: config.OIDCClientID,
|
||||
Issuer: config.OIDCIssuer,
|
||||
Scopes: config.OIDCScopes,
|
||||
DisplayNameMapping: ModelMappingFieldToPb(config.OIDCIDPDisplayNameMapping),
|
||||
UsernameMapping: ModelMappingFieldToPb(config.OIDCUsernameMapping),
|
||||
},
|
||||
}
|
||||
}
|
||||
@@ -147,13 +145,11 @@ func ModelIDPViewToConfigPb(config *iam_model.IDPConfigView) *idp_pb.IDP_OidcCon
|
||||
func IDPViewToConfigPb(config *domain.IDPConfigView) *idp_pb.IDP_OidcConfig {
|
||||
return &idp_pb.IDP_OidcConfig{
|
||||
OidcConfig: &idp_pb.OIDCConfig{
|
||||
ClientId: config.OIDCClientID,
|
||||
Issuer: config.OIDCIssuer,
|
||||
AuthorizationEndpoint: config.OAuthAuthorizationEndpoint,
|
||||
TokenEndpoint: config.OAuthTokenEndpoint,
|
||||
Scopes: config.OIDCScopes,
|
||||
DisplayNameMapping: MappingFieldToPb(config.OIDCIDPDisplayNameMapping),
|
||||
UsernameMapping: MappingFieldToPb(config.OIDCUsernameMapping),
|
||||
ClientId: config.OIDCClientID,
|
||||
Issuer: config.OIDCIssuer,
|
||||
Scopes: config.OIDCScopes,
|
||||
DisplayNameMapping: MappingFieldToPb(config.OIDCIDPDisplayNameMapping),
|
||||
UsernameMapping: MappingFieldToPb(config.OIDCUsernameMapping),
|
||||
},
|
||||
}
|
||||
}
|
||||
|
||||
@@ -24,8 +24,6 @@ func addOIDCIDPRequestToDomainOIDCIDPConfig(req *mgmt_pb.AddOrgOIDCIDPRequest) *
|
||||
ClientID: req.ClientId,
|
||||
ClientSecretString: req.ClientSecret,
|
||||
Issuer: req.Issuer,
|
||||
AuthorizationEndpoint: req.AuthorizationEndpoint,
|
||||
TokenEndpoint: req.TokenEndpoint,
|
||||
Scopes: req.Scopes,
|
||||
IDPDisplayNameMapping: idp_grpc.MappingFieldToDomain(req.DisplayNameMapping),
|
||||
UsernameMapping: idp_grpc.MappingFieldToDomain(req.UsernameMapping),
|
||||
@@ -46,8 +44,6 @@ func updateOIDCConfigToDomain(req *mgmt_pb.UpdateOrgIDPOIDCConfigRequest) *domai
|
||||
ClientID: req.ClientId,
|
||||
ClientSecretString: req.ClientSecret,
|
||||
Issuer: req.Issuer,
|
||||
AuthorizationEndpoint: req.AuthorizationEndpoint,
|
||||
TokenEndpoint: req.TokenEndpoint,
|
||||
Scopes: req.Scopes,
|
||||
IDPDisplayNameMapping: idp_grpc.MappingFieldToDomain(req.DisplayNameMapping),
|
||||
UsernameMapping: idp_grpc.MappingFieldToDomain(req.UsernameMapping),
|
||||
|
||||
@@ -20,16 +20,14 @@ func Test_addOIDCIDPRequestToDomain(t *testing.T) {
|
||||
name: "all fields filled",
|
||||
args: args{
|
||||
req: &mgmt_pb.AddOrgOIDCIDPRequest{
|
||||
Name: "ZITADEL",
|
||||
StylingType: idp.IDPStylingType_STYLING_TYPE_GOOGLE,
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
AuthorizationEndpoint: "https://accounts.zitadel.ch/oauth/v2/authorize",
|
||||
TokenEndpoint: "https://api.zitadel.ch/oauth/v2/token",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
Name: "ZITADEL",
|
||||
StylingType: idp.IDPStylingType_STYLING_TYPE_GOOGLE,
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -44,6 +42,8 @@ func Test_addOIDCIDPRequestToDomain(t *testing.T) {
|
||||
"OIDCConfig.IDPConfigID",
|
||||
"IDPConfigID",
|
||||
"State",
|
||||
"OIDCConfig.AuthorizationEndpoint",
|
||||
"OIDCConfig.TokenEndpoint",
|
||||
"Type", //TODO: default (0) is oidc
|
||||
)
|
||||
})
|
||||
@@ -62,14 +62,12 @@ func Test_addOIDCIDPRequestToDomainOIDCIDPConfig(t *testing.T) {
|
||||
name: "all fields filled",
|
||||
args: args{
|
||||
req: &mgmt_pb.AddOrgOIDCIDPRequest{
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
AuthorizationEndpoint: "https://accounts.zitadel.ch/oauth/v2/authorize",
|
||||
TokenEndpoint: "https://api.zitadel.ch/oauth/v2/token",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
ClientId: "test1234",
|
||||
ClientSecret: "test4321",
|
||||
Issuer: "zitadel.ch",
|
||||
Scopes: []string{"email", "profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -81,6 +79,8 @@ func Test_addOIDCIDPRequestToDomainOIDCIDPConfig(t *testing.T) {
|
||||
"ObjectRoot",
|
||||
"ClientSecret", //TODO: is client secret string enough for backend?
|
||||
"IDPConfigID",
|
||||
"AuthorizationEndpoint",
|
||||
"TokenEndpoint",
|
||||
)
|
||||
})
|
||||
}
|
||||
@@ -130,15 +130,13 @@ func Test_updateOIDCConfigToDomain(t *testing.T) {
|
||||
name: "all fields filled",
|
||||
args: args{
|
||||
req: &mgmt_pb.UpdateOrgIDPOIDCConfigRequest{
|
||||
IdpId: "4208",
|
||||
Issuer: "zitadel.ch",
|
||||
AuthorizationEndpoint: "https://accounts.zitadel.ch/oauth/v2/authorize",
|
||||
TokenEndpoint: "https://api.zitadel.ch/oauth/v2/token",
|
||||
ClientId: "ZITEADEL",
|
||||
ClientSecret: "i'm so secret",
|
||||
Scopes: []string{"profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
IdpId: "4208",
|
||||
Issuer: "zitadel.ch",
|
||||
ClientId: "ZITEADEL",
|
||||
ClientSecret: "i'm so secret",
|
||||
Scopes: []string{"profile"},
|
||||
DisplayNameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL,
|
||||
UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_PREFERRED_USERNAME,
|
||||
},
|
||||
},
|
||||
},
|
||||
@@ -149,6 +147,8 @@ func Test_updateOIDCConfigToDomain(t *testing.T) {
|
||||
test.AssertFieldsMapped(t, got,
|
||||
"ObjectRoot",
|
||||
"ClientSecret",
|
||||
"AuthorizationEndpoint",
|
||||
"TokenEndpoint",
|
||||
)
|
||||
})
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user