feat: Extend oidc idp with oauth endpoints (#1980)

* feat: add oauth attributes to oidc idp configuration

* feat: return idpconfig id on create idp

* feat: tests

* feat: descriptions

* feat: docs

* feat: tests

docs/docs/apis/proto/admin.md

@@ -1072,10 +1072,12 @@ This is an empty request
 | styling_type |  zitadel.idp.v1.IDPStylingType | - | enum.defined_only: true<br />  |
 | client_id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
 | client_secret |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
-| issuer |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
+| issuer |  string | Fill the issuer if the identity provider is oidc discovery compliant If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead | string.max_len: 200<br />  |
 | scopes | repeated string | - |  |
 | display_name_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
 | username_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
+| authorization_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
+| token_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
 
 
 
@@ -2498,12 +2500,14 @@ This is an empty request
 | Field | Type | Description | Validation |
 | ----- | ---- | ----------- | ----------- |
 | idp_id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
-| issuer |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
+| issuer |  string | Fill the issuer if the identity provider is oidc discovery compliant If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead | string.min_len: 1<br /> string.max_len: 200<br />  |
 | client_id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
 | client_secret |  string | - | string.max_len: 200<br />  |
 | scopes | repeated string | - |  |
 | display_name_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
 | username_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
+| authorization_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
+| token_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
 
 
 

docs/docs/apis/proto/idp.md

@@ -100,6 +100,8 @@ title: zitadel/idp.proto
 | scopes | repeated string | - |  |
 | display_name_mapping |  OIDCMappingField | - |  |
 | username_mapping |  OIDCMappingField | - |  |
+| authorization_endpoint |  string | - | string.max_len: 500<br />  |
+| token_endpoint |  string | - | string.max_len: 500<br />  |
 
 
 

docs/docs/apis/proto/management.md

@@ -3007,10 +3007,12 @@ This is an empty request
 | styling_type |  zitadel.idp.v1.IDPStylingType | - | enum.defined_only: true<br />  |
 | client_id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
 | client_secret |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
-| issuer |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
+| issuer |  string | Fill the issuer if the identity provider is oidc discovery compliant If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead | string.max_len: 200<br />  |
 | scopes | repeated string | - |  |
 | display_name_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
 | username_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
+| authorization_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
+| token_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
 
 
 
@@ -6901,10 +6903,12 @@ This is an empty request
 | idp_id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
 | client_id |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
 | client_secret |  string | - | string.max_len: 200<br />  |
-| issuer |  string | - | string.min_len: 1<br /> string.max_len: 200<br />  |
+| issuer |  string | Fill the issuer if the identity provider is oidc discovery compliant If the identity provider is only oauth2 compliant or does not serve a openid configuration, fill the authorization and token endpoint instead | string.min_len: 1<br /> string.max_len: 200<br />  |
 | scopes | repeated string | - |  |
 | display_name_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
 | username_mapping |  zitadel.idp.v1.OIDCMappingField | - | enum.defined_only: true<br />  |
+| authorization_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |
+| token_endpoint |  string | If the identity provider does not serve an openid configuration, fill the authorization and token endpoint instead of the issuer | string.max_len: 500<br />  |