feat: Extend oidc idp with oauth endpoints (#1980)

* feat: add oauth attributes to oidc idp configuration * feat: return idpconfig id on create idp * feat: tests * feat: descriptions * feat: docs * feat: tests
2025-08-11 19:07:30 +00:00 · 2021-07-06 16:39:48 +02:00
parent 5349d96ce4
commit ff9af1704f
39 changed files with 419 additions and 156 deletions
--- a/internal/repository/iam/idp_oidc_config.go
+++ b/internal/repository/iam/idp_oidc_config.go
@@ -24,7 +24,9 @@ func NewIDPOIDCConfigAddedEvent(
 	aggregate *eventstore.Aggregate,
 	clientID,
 	idpConfigID,
-	issuer string,
+	issuer,
+	authorizationEndpoint,
+	tokenEndpoint string,
 	clientSecret *crypto.CryptoValue,
 	idpDisplayNameMapping,
 	userNameMapping domain.OIDCMappingField,
@@ -41,6 +43,8 @@ func NewIDPOIDCConfigAddedEvent(
 			clientID,
 			idpConfigID,
 			issuer,
+			authorizationEndpoint,
+			tokenEndpoint,
 			clientSecret,
 			idpDisplayNameMapping,
 			userNameMapping,
--- a/internal/repository/idpconfig/oidc_config.go
+++ b/internal/repository/idpconfig/oidc_config.go
@@ -18,11 +18,13 @@ const (
 type OIDCConfigAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`

-	IDPConfigID  string              `json:"idpConfigId"`
-	ClientID     string              `json:"clientId,omitempty"`
-	ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
-	Issuer       string              `json:"issuer,omitempty"`
-	Scopes       []string            `json:"scopes,omitempty"`
+	IDPConfigID           string              `json:"idpConfigId"`
+	ClientID              string              `json:"clientId,omitempty"`
+	ClientSecret          *crypto.CryptoValue `json:"clientSecret,omitempty"`
+	Issuer                string              `json:"issuer,omitempty"`
+	AuthorizationEndpoint string              `json:"authorizationEndpoint,omitempty"`
+	TokenEndpoint         string              `json:"tokenEndpoint,omitempty"`
+	Scopes                []string            `json:"scopes,omitempty"`

 	IDPDisplayNameMapping domain.OIDCMappingField `json:"idpDisplayNameMapping,omitempty"`
 	UserNameMapping       domain.OIDCMappingField `json:"usernameMapping,omitempty"`
@@ -40,7 +42,9 @@ func NewOIDCConfigAddedEvent(
 	base *eventstore.BaseEvent,
 	clientID,
 	idpConfigID,
-	issuer string,
+	issuer,
+	authorizationEndpoint,
+	tokenEndpoint string,
 	clientSecret *crypto.CryptoValue,
 	idpDisplayNameMapping,
 	userNameMapping domain.OIDCMappingField,
@@ -53,6 +57,8 @@ func NewOIDCConfigAddedEvent(
 		ClientID:              clientID,
 		ClientSecret:          clientSecret,
 		Issuer:                issuer,
+		AuthorizationEndpoint: authorizationEndpoint,
+		TokenEndpoint:         tokenEndpoint,
 		Scopes:                scopes,
 		IDPDisplayNameMapping: idpDisplayNameMapping,
 		UserNameMapping:       userNameMapping,
@@ -77,10 +83,12 @@ type OIDCConfigChangedEvent struct {

 	IDPConfigID string `json:"idpConfigId"`

-	ClientID     *string             `json:"clientId,omitempty"`
-	ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
-	Issuer       *string             `json:"issuer,omitempty"`
-	Scopes       []string            `json:"scopes,omitempty"`
+	ClientID              *string             `json:"clientId,omitempty"`
+	ClientSecret          *crypto.CryptoValue `json:"clientSecret,omitempty"`
+	Issuer                *string             `json:"issuer,omitempty"`
+	AuthorizationEndpoint *string             `json:"authorizationEndpoint,omitempty"`
+	TokenEndpoint         *string             `json:"tokenEndpoint,omitempty"`
+	Scopes                []string            `json:"scopes,omitempty"`

 	IDPDisplayNameMapping *domain.OIDCMappingField `json:"idpDisplayNameMapping,omitempty"`
 	UserNameMapping       *domain.OIDCMappingField `json:"usernameMapping,omitempty"`
@@ -132,6 +140,18 @@ func ChangeIssuer(issuer string) func(*OIDCConfigChangedEvent) {
 	}
 }

+func ChangeAuthorizationEndpoint(authorizationEndpoint string) func(*OIDCConfigChangedEvent) {
+	return func(e *OIDCConfigChangedEvent) {
+		e.AuthorizationEndpoint = &authorizationEndpoint
+	}
+}
+
+func ChangeTokenEndpoint(tokenEndpoint string) func(*OIDCConfigChangedEvent) {
+	return func(e *OIDCConfigChangedEvent) {
+		e.TokenEndpoint = &tokenEndpoint
+	}
+}
+
 func ChangeIDPDisplayNameMapping(idpDisplayNameMapping domain.OIDCMappingField) func(*OIDCConfigChangedEvent) {
 	return func(e *OIDCConfigChangedEvent) {
 		e.IDPDisplayNameMapping = &idpDisplayNameMapping
--- a/internal/repository/org/idp_oidc_config.go
+++ b/internal/repository/org/idp_oidc_config.go
@@ -24,7 +24,9 @@ func NewIDPOIDCConfigAddedEvent(
 	aggregate *eventstore.Aggregate,
 	clientID,
 	idpConfigID,
-	issuer string,
+	issuer,
+	authorizationEndpoint,
+	tokenEndpoint string,
 	clientSecret *crypto.CryptoValue,
 	idpDisplayNameMapping,
 	userNameMapping domain.OIDCMappingField,
@@ -41,6 +43,8 @@ func NewIDPOIDCConfigAddedEvent(
 			clientID,
 			idpConfigID,
 			issuer,
+			authorizationEndpoint,
+			tokenEndpoint,
 			clientSecret,
 			idpDisplayNameMapping,
 			userNameMapping,