jwt profile and authorization handling

2020-09-28 13:55:22 +02:00 · 2020-09-28 13:55:22 +02:00 · 0cad2e4652
commit 0cad2e4652
parent d368b2d950
12 changed files with 128 additions and 309 deletions
--- a/pkg/rp/tockenexchange.go
+++ b/pkg/rp/tockenexchange.go
@ -43,12 +43,17 @@ func DelegationTokenExchange(ctx context.Context, subjectToken string, rp Relayi
 }

 //JWTProfileExchange handles the oauth2 jwt profile exchange
-func JWTProfileExchange(ctx context.Context, assertion *oidc.JWTProfileAssertion, rp RelayingParty) (*oauth2.Token, error) {
+func JWTProfileExchange(ctx context.Context, jwtProfileRequest *tokenexchange.JWTProfileRequest, rp RelayingParty) (*oauth2.Token, error) {
+	return CallTokenEndpoint(jwtProfileRequest, rp)
+}
+
+//JWTProfileExchange handles the oauth2 jwt profile exchange
+func JWTProfileAssertionExchange(ctx context.Context, assertion *oidc.JWTProfileAssertion, scopes oidc.Scopes, rp RelayingParty) (*oauth2.Token, error) {
 	token, err := generateJWTProfileToken(assertion)
 	if err != nil {
 		return nil, err
 	}
-	return CallJWTProfileEndpoint(token, rp)
+	return JWTProfileExchange(ctx, tokenexchange.NewJWTProfileRequest(token, scopes...), rp)
 }

 func generateJWTProfileToken(assertion *oidc.JWTProfileAssertion) (string, error) {