mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-15 04:18:01 +00:00
e22689c125
* cleanup todo * pass id token details to oidc * feat(oidc): id token for device authorization This changes updates to the newest oidc version, so the Device Authorization grant can return ID tokens when the scope `openid` is set. There is also some refactoring done, so that the eventstore can be queried directly when polling for state. The projection is cleaned up to a minimum with only data required for the login UI. * try to be explicit wit hthe timezone to fix github * pin oidc v3.8.0 * remove TBD entry
70 lines
1.7 KiB
Go
70 lines
1.7 KiB
Go
package command
|
|
|
|
import (
|
|
"time"
|
|
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
"github.com/zitadel/zitadel/internal/repository/deviceauth"
|
|
)
|
|
|
|
type DeviceAuthWriteModel struct {
|
|
eventstore.WriteModel
|
|
|
|
ClientID string
|
|
DeviceCode string
|
|
UserCode string
|
|
Expires time.Time
|
|
Scopes []string
|
|
State domain.DeviceAuthState
|
|
Subject string
|
|
UserAuthMethods []domain.UserAuthMethodType
|
|
AuthTime time.Time
|
|
}
|
|
|
|
func NewDeviceAuthWriteModel(deviceCode, resourceOwner string) *DeviceAuthWriteModel {
|
|
return &DeviceAuthWriteModel{
|
|
WriteModel: eventstore.WriteModel{
|
|
AggregateID: deviceCode,
|
|
ResourceOwner: resourceOwner,
|
|
},
|
|
}
|
|
}
|
|
|
|
func (m *DeviceAuthWriteModel) Reduce() error {
|
|
for _, event := range m.Events {
|
|
switch e := event.(type) {
|
|
case *deviceauth.AddedEvent:
|
|
m.ClientID = e.ClientID
|
|
m.DeviceCode = e.DeviceCode
|
|
m.UserCode = e.UserCode
|
|
m.Expires = e.Expires
|
|
m.Scopes = e.Scopes
|
|
m.State = e.State
|
|
case *deviceauth.ApprovedEvent:
|
|
m.State = domain.DeviceAuthStateApproved
|
|
m.Subject = e.Subject
|
|
m.UserAuthMethods = e.UserAuthMethods
|
|
m.AuthTime = e.AuthTime
|
|
case *deviceauth.CanceledEvent:
|
|
m.State = e.Reason.State()
|
|
}
|
|
}
|
|
|
|
return m.WriteModel.Reduce()
|
|
}
|
|
|
|
func (m *DeviceAuthWriteModel) Query() *eventstore.SearchQueryBuilder {
|
|
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
|
|
ResourceOwner(m.ResourceOwner).
|
|
AddQuery().
|
|
AggregateTypes(deviceauth.AggregateType).
|
|
AggregateIDs(m.AggregateID).
|
|
EventTypes(
|
|
deviceauth.AddedEventType,
|
|
deviceauth.ApprovedEventType,
|
|
deviceauth.CanceledEventType,
|
|
).
|
|
Builder()
|
|
}
|