1
0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-14 20:08:02 +00:00
zitadel/internal/repository/idpconfig/oidc_config.go
Livio Amstutz b6b5b1b782
feat: jwt as idp ()
* feat: jwt idp

* feat: command side

* feat: add tests

* fill idp views with jwt idps and return apis

* add jwtEndpoint to jwt idp

* begin jwt request handling

* merge

* handle jwt idp

* cleanup

* fixes

* autoregister

* get token from specific header name

* error handling

* fix texts

* handle renderExternalNotFoundOption

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-09-14 15:15:01 +02:00

185 lines
5.3 KiB
Go

package idpconfig
import (
"encoding/json"
"github.com/caos/zitadel/internal/eventstore"
"github.com/caos/zitadel/internal/crypto"
"github.com/caos/zitadel/internal/domain"
"github.com/caos/zitadel/internal/errors"
"github.com/caos/zitadel/internal/eventstore/repository"
)
const (
OIDCConfigAddedEventType eventstore.EventType = "oidc.config.added"
OIDCConfigChangedEventType eventstore.EventType = "oidc.config.changed"
)
type OIDCConfigAddedEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId"`
ClientID string `json:"clientId,omitempty"`
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
Issuer string `json:"issuer,omitempty"`
AuthorizationEndpoint string `json:"authorizationEndpoint,omitempty"`
TokenEndpoint string `json:"tokenEndpoint,omitempty"`
Scopes []string `json:"scopes,omitempty"`
IDPDisplayNameMapping domain.OIDCMappingField `json:"idpDisplayNameMapping,omitempty"`
UserNameMapping domain.OIDCMappingField `json:"usernameMapping,omitempty"`
}
func (e *OIDCConfigAddedEvent) Data() interface{} {
return e
}
func (e *OIDCConfigAddedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
return nil
}
func NewOIDCConfigAddedEvent(
base *eventstore.BaseEvent,
clientID,
idpConfigID,
issuer,
authorizationEndpoint,
tokenEndpoint string,
clientSecret *crypto.CryptoValue,
idpDisplayNameMapping,
userNameMapping domain.OIDCMappingField,
scopes ...string,
) *OIDCConfigAddedEvent {
return &OIDCConfigAddedEvent{
BaseEvent: *base,
IDPConfigID: idpConfigID,
ClientID: clientID,
ClientSecret: clientSecret,
Issuer: issuer,
AuthorizationEndpoint: authorizationEndpoint,
TokenEndpoint: tokenEndpoint,
Scopes: scopes,
IDPDisplayNameMapping: idpDisplayNameMapping,
UserNameMapping: userNameMapping,
}
}
func OIDCConfigAddedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
e := &OIDCConfigAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := json.Unmarshal(event.Data, e)
if err != nil {
return nil, errors.ThrowInternal(err, "OIDC-plaBZ", "unable to unmarshal event")
}
return e, nil
}
type OIDCConfigChangedEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId"`
ClientID *string `json:"clientId,omitempty"`
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
Issuer *string `json:"issuer,omitempty"`
AuthorizationEndpoint *string `json:"authorizationEndpoint,omitempty"`
TokenEndpoint *string `json:"tokenEndpoint,omitempty"`
Scopes []string `json:"scopes,omitempty"`
IDPDisplayNameMapping *domain.OIDCMappingField `json:"idpDisplayNameMapping,omitempty"`
UserNameMapping *domain.OIDCMappingField `json:"usernameMapping,omitempty"`
}
func (e *OIDCConfigChangedEvent) Data() interface{} {
return e
}
func (e *OIDCConfigChangedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
return nil
}
func NewOIDCConfigChangedEvent(
base *eventstore.BaseEvent,
idpConfigID string,
changes []OIDCConfigChanges,
) (*OIDCConfigChangedEvent, error) {
if len(changes) == 0 {
return nil, errors.ThrowPreconditionFailed(nil, "IDPCONFIG-ADzr5", "Errors.NoChangesFound")
}
changeEvent := &OIDCConfigChangedEvent{
BaseEvent: *base,
IDPConfigID: idpConfigID,
}
for _, change := range changes {
change(changeEvent)
}
return changeEvent, nil
}
type OIDCConfigChanges func(*OIDCConfigChangedEvent)
func ChangeClientID(clientID string) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.ClientID = &clientID
}
}
func ChangeClientSecret(secret *crypto.CryptoValue) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.ClientSecret = secret
}
}
func ChangeIssuer(issuer string) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.Issuer = &issuer
}
}
func ChangeAuthorizationEndpoint(authorizationEndpoint string) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.AuthorizationEndpoint = &authorizationEndpoint
}
}
func ChangeTokenEndpoint(tokenEndpoint string) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.TokenEndpoint = &tokenEndpoint
}
}
func ChangeIDPDisplayNameMapping(idpDisplayNameMapping domain.OIDCMappingField) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.IDPDisplayNameMapping = &idpDisplayNameMapping
}
}
func ChangeUserNameMapping(userNameMapping domain.OIDCMappingField) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.UserNameMapping = &userNameMapping
}
}
func ChangeScopes(scopes []string) func(*OIDCConfigChangedEvent) {
return func(e *OIDCConfigChangedEvent) {
e.Scopes = scopes
}
}
func OIDCConfigChangedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
e := &OIDCConfigChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := json.Unmarshal(event.Data, e)
if err != nil {
return nil, errors.ThrowInternal(err, "OIDC-plaBZ", "unable to unmarshal event")
}
return e, nil
}