cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cleanup

Browse source
This commit is contained in:
Livio Amstutz 2020-03-06 17:10:04 +01:00
parent f14302fc29
commit 527a0d607a
3 changed files with 41 additions and 302 deletions
Download patch file Download diff file Expand all files Collapse all files

72
pkg/oidc/token.go
View file

@ -39,7 +39,6 @@ type AccessTokenClaims struct {
type IDTokenClaims struct { type IDTokenClaims struct {
Issuer string Issuer string
Subject string
Audiences []string Audiences []string
Expiration time.Time Expiration time.Time
NotBefore time.Time NotBefore time.Time
@ -54,10 +53,7 @@ type IDTokenClaims struct {
AuthenticationContextClassReference string AuthenticationContextClassReference string
AuthenticationMethodsReferences []string AuthenticationMethodsReferences []string
ClientID string ClientID string
UserinfoProfile Userinfo
UserinfoEmail
UserinfoPhone
UserinfoAddress *UserinfoAddress
Signature jose.SignatureAlgorithm //TODO: ??? Signature jose.SignatureAlgorithm //TODO: ???
} }
@ -156,71 +152,9 @@ func (t *IDTokenClaims) MarshalJSON() ([]byte, error) {
AuthenticationMethodsReferences: t.AuthenticationMethodsReferences, AuthenticationMethodsReferences: t.AuthenticationMethodsReferences,
ClientID: t.ClientID, ClientID: t.ClientID,
} }
j.setUserinfo(t) j.setUserinfo(t.Userinfo)
return json.Marshal(j) return json.Marshal(j)
} }
func (t *IDTokenClaims) GetUserinfoProfile() UserinfoProfile {
return t.UserinfoProfile
}
func (t *IDTokenClaims) GetUserinfoEmail() UserinfoEmail {
return t.UserinfoEmail
}
func (t *IDTokenClaims) GetUserinfoPhone() UserinfoPhone {
return t.UserinfoPhone
}
func (t *IDTokenClaims) GetAddress() *UserinfoAddress {
return t.UserinfoAddress
}
// func (t *IDTokenClaims) GetUserinfoEmail() UserinfoEmailI {
// return t.UserinfoEmail
// }
// func (t *IDTokenClaims) setUserinfo(j *jsonToken) {
// t.setUserinfoProfile(j)
// t.setUserinfoEmail(j)
// t.setUserinfoPhone(j)
// t.setUserinfoAddress(j)
// }
// func (t *IDTokenClaims) setUserinfoProfile(j *jsonToken) {
// j.Name = t.Name
// j.GivenName = t.GivenName
// j.FamilyName = t.FamilyName
// j.MiddleName = t.MiddleName
// j.Nickname = t.Nickname
// j.Profile = t.Profile
// j.Picture = t.Picture
// j.Website = t.Website
// j.Gender = string(t.Gender)
// j.Birthdate = t.Birthdate
// j.Zoneinfo = t.Zoneinfo
// j.Locale = t.Locale.String()
// j.UpdatedAt = timeToJSON(t.UpdatedAt)
// j.PreferredUsername = t.PreferredUsername
// }
// func (t *IDTokenClaims) setUserinfoEmail(j *jsonToken) {
// j.Email = t.Email
// j.EmailVerified = t.EmailVerified
// }
// func (t *IDTokenClaims) setUserinfoPhone(j *jsonToken) {
// j.Phone = t.PhoneNumber
// j.PhoneVerified = t.PhoneNumberVerified
// }
// func (t *IDTokenClaims) setUserinfoAddress(j *jsonToken) {
// if t.UserinfoAddress == nil {
// return
// }
// j.jsonUserinfoAddress.Country = t.UserinfoAddress.Country
// j.jsonUserinfoAddress.Formatted = t.UserinfoAddress.Formatted
// j.jsonUserinfoAddress.Locality = t.UserinfoAddress.Locality
// j.jsonUserinfoAddress.PostalCode = t.UserinfoAddress.PostalCode
// j.jsonUserinfoAddress.Region = t.UserinfoAddress.Region
// j.jsonUserinfoAddress.StreetAddress = t.UserinfoAddress.StreetAddress
// }
func (t *IDTokenClaims) UnmarshalJSON(b []byte) error { func (t *IDTokenClaims) UnmarshalJSON(b []byte) error {
var i jsonToken var i jsonToken
@ -246,7 +180,7 @@ func (t *IDTokenClaims) UnmarshalJSON(b []byte) error {
t.UserinfoProfile = i.UnmarshalUserinfoProfile() t.UserinfoProfile = i.UnmarshalUserinfoProfile()
t.UserinfoEmail = i.UnmarshalUserinfoEmail() t.UserinfoEmail = i.UnmarshalUserinfoEmail()
t.UserinfoPhone = i.UnmarshalUserinfoPhone() t.UserinfoPhone = i.UnmarshalUserinfoPhone()
t.UserinfoAddress = i.UnmarshalUserinfoAddress() t.Address = i.UnmarshalUserinfoAddress()
return nil return nil
} }

262
pkg/oidc/userinfo.go
View file

@ -7,71 +7,16 @@ import (
"golang.org/x/text/language" "golang.org/x/text/language"
) )
type userinfo interface {
GetUserinfoProfile() UserinfoProfile
GetUserinfoEmail() UserinfoEmail
GetUserinfoPhone() UserinfoPhone
GetAddress() *UserinfoAddress
}
type UserinfoProfileI interface {
GetName() string
GetGivenName() string
GetFamilyName() string
GetMiddleName() string
GetNickname() string
GetProfile() string
GetPicture() string
GetWebsite() string
GetGender() Gender
GetBirthdate() string
GetZoneinfo() string
GetLocale() language.Tag
GetUpdatedAt() time.Time
GetPreferredUsername() string
}
type UserinfoEmailI interface {
GetEmail() string
IsEmailVerified() bool
}
type Userinfo struct { type Userinfo struct {
Subject string Subject string
Address *UserinfoAddress
UserinfoProfile UserinfoProfile
UserinfoEmail UserinfoEmail
UserinfoPhone UserinfoPhone
Address *UserinfoAddress
claims map[string]interface{} claims map[string]interface{}
} }
type UserinfoPhoneI interface {
GetPhoneNumber() string
IsPhoneNumberVerified() bool
}
type UserinfoPhone struct {
PhoneNumber string
PhoneNumberVerified bool
}
func (u UserinfoPhone) GetPhoneNumber() string {
return u.PhoneNumber
}
func (u UserinfoPhone) IsPhoneNumberVerified() bool {
return u.PhoneNumberVerified
}
type UserinfoAddressI interface {
GetCountry() string
GetFormatted() string
GetLocality() string
GetPostalCode() string
GetRegion() string
GetStreetAddress() string
}
type UserinfoProfile struct { type UserinfoProfile struct {
Name string Name string
GivenName string GivenName string
@ -89,50 +34,17 @@ type UserinfoProfile struct {
PreferredUsername string PreferredUsername string
} }
func (u UserinfoProfile) GetName() string { type Gender string
return u.Name
} type UserinfoEmail struct {
func (u UserinfoProfile) GetGivenName() string { Email string
return u.GivenName EmailVerified bool
}
func (u UserinfoProfile) GetFamilyName() string {
return u.FamilyName
}
func (u UserinfoProfile) GetMiddleName() string {
return u.MiddleName
}
func (u UserinfoProfile) GetNickname() string {
return u.Nickname
}
func (u UserinfoProfile) GetProfile() string {
return u.Profile
}
func (u UserinfoProfile) GetPicture() string {
return u.Picture
}
func (u UserinfoProfile) GetWebsite() string {
return u.Website
}
func (u UserinfoProfile) GetGender() Gender {
return u.Gender
}
func (u UserinfoProfile) GetBirthdate() string {
return u.Birthdate
}
func (u UserinfoProfile) GetZoneinfo() string {
return u.Zoneinfo
}
func (u UserinfoProfile) GetLocale() language.Tag {
return u.Locale
}
func (u UserinfoProfile) GetUpdatedAt() time.Time {
return u.UpdatedAt
}
func (u UserinfoProfile) GetPreferredUsername() string {
return u.PreferredUsername
} }
type Gender string type UserinfoPhone struct {
PhoneNumber string
PhoneNumberVerified bool
}
type UserinfoAddress struct { type UserinfoAddress struct {
Formatted string Formatted string
@ -143,45 +55,6 @@ type UserinfoAddress struct {
Country string Country string
} }
func (u UserinfoAddress) GetCountry() string {
return u.Country
}
func (u UserinfoAddress) GetFormatted() string {
return u.Formatted
}
func (u UserinfoAddress) GetLocality() string {
return u.Locality
}
func (u UserinfoAddress) GetPostalCode() string {
return u.PostalCode
}
func (u UserinfoAddress) GetRegion() string {
return u.Region
}
func (u UserinfoAddress) GetStreetAddress() string {
return u.StreetAddress
}
type UserinfoEmail struct {
Email string
EmailVerified bool
}
func (u UserinfoEmail) GetEmail() string {
return u.Email
}
func (u UserinfoEmail) IsEmailVerified() bool {
return u.EmailVerified
}
type jsonUserinfo struct {
jsonUserinfoProfile
jsonUserinfoEmail
jsonUserinfoPhone
jsonUserinfoAddress *jsonUserinfoAddress `json:"address,omitempty"`
}
type jsonUserinfoProfile struct { type jsonUserinfoProfile struct {
Name string `json:"name,omitempty"` Name string `json:"name,omitempty"`
GivenName string `json:"given_name,omitempty"` GivenName string `json:"given_name,omitempty"`
@ -218,93 +91,33 @@ type jsonUserinfoAddress struct {
Country string `json:"country,omitempty"` Country string `json:"country,omitempty"`
} }
// func (t *Userinfo) setUserinfoProfile(j *jsonToken) {
// j.Name = t.Name
// j.GivenName = t.GivenName
// j.FamilyName = t.FamilyName
// j.MiddleName = t.MiddleName
// j.Nickname = t.Nickname
// j.Profile = t.Profile
// j.Picture = t.Picture
// j.Website = t.Website
// j.Gender = string(t.Gender)
// j.Birthdate = t.Birthdate
// j.Zoneinfo = t.Zoneinfo
// j.Locale = t.Locale.String()
// j.UpdatedAt = timeToJSON(t.UpdatedAt)
// j.PreferredUsername = t.PreferredUsername
// }
// func marshalUserinfoProfile(i UserinfoProfile, claims map[string]interface{}) {
// claims["name"] = i.Name
// claims["given_name"] = i.GivenName
// claims["family_name"] = i.FamilyName
// claims["middle_name"] = i.MiddleName
// claims["nickname"] = i.Nickname
// claims["profile"] = i.Profile
// claims["picture"] = i.Picture
// claims["website"] = i.Website
// claims["gender"] = i.Gender
// claims["birthdate"] = i.Birthdate
// claims["Zoneinfo"] = i.Zoneinfo
// claims["locale"] = i.Locale.String()
// claims["updated_at"] = i.UpdatedAt.UTC().Unix()
// claims["preferred_username"] = i.PreferredUsername
// }
// func marshalUserinfoEmail(i UserinfoEmail, claims map[string]interface{}) {
// if i.Email != "" {
// claims["email"] = i.Email
// }
// if i.EmailVerified {
// claims["email_verified"] = i.EmailVerified
// }
// }
// func marshalUserinfoAddress(i *UserinfoAddress, claims map[string]interface{}) {
// if i == nil {
// return
// }
// address := make(map[string]interface{})
// if i.Formatted != "" {
// address["formatted"] = i.Formatted
// }
// if i.StreetAddress != "" {
// address["street_address"] = i.StreetAddress
// }
// claims["address"] = address
// }
// func marshalUserinfoPhone(i UserinfoPhone, claims map[string]interface{}) {
// claims["phone_number"] = i.PhoneNumber
// claims["phone_number_verified"] = i.PhoneNumberVerified
// }
func (i *Userinfo) MarshalJSON() ([]byte, error) { func (i *Userinfo) MarshalJSON() ([]byte, error) {
j := new(jsonUserinfo) j := new(jsonUserinfo)
j.setUserinfo(i) j.Subject = i.Subject
j.setUserinfo(*i)
return json.Marshal(j) return json.Marshal(j)
} }
func (i *Userinfo) GetAddress() *UserinfoAddress { func (i *Userinfo) UnmmarshalJSON(data []byte) error {
return i.Address if err := json.Unmarshal(data, i); err != nil {
return err
}
return json.Unmarshal(data, i.claims)
} }
func (i *Userinfo) GetUserinfoProfile() UserinfoProfile { type jsonUserinfo struct {
return i.UserinfoProfile Subject string `json:"sub,omitempty"`
} jsonUserinfoProfile
func (i *Userinfo) GetUserinfoEmail() UserinfoEmail { jsonUserinfoEmail
return i.UserinfoEmail jsonUserinfoPhone
} JsonUserinfoAddress *jsonUserinfoAddress `json:"address,omitempty"`
func (i *Userinfo) GetUserinfoPhone() UserinfoPhone {
return i.UserinfoPhone
} }
func (j *jsonUserinfo) setUserinfo(i userinfo) { func (j *jsonUserinfo) setUserinfo(i Userinfo) {
j.setUserinfoProfile(i.GetUserinfoProfile()) j.setUserinfoProfile(i.UserinfoProfile)
j.setUserinfoEmail(i.GetUserinfoEmail()) j.setUserinfoEmail(i.UserinfoEmail)
j.setUserinfoPhone(i.GetUserinfoPhone()) j.setUserinfoPhone(i.UserinfoPhone)
j.setUserinfoAddress(i.GetAddress()) j.setUserinfoAddress(i.Address)
} }
func (j *jsonUserinfo) setUserinfoProfile(i UserinfoProfile) { func (j *jsonUserinfo) setUserinfoProfile(i UserinfoProfile) {
@ -340,19 +153,12 @@ func (j *jsonUserinfo) setUserinfoAddress(i *UserinfoAddress) {
if i == nil { if i == nil {
return return
} }
j.jsonUserinfoAddress.Country = i.Country j.JsonUserinfoAddress.Country = i.Country
j.jsonUserinfoAddress.Formatted = i.Formatted j.JsonUserinfoAddress.Formatted = i.Formatted
j.jsonUserinfoAddress.Locality = i.Locality j.JsonUserinfoAddress.Locality = i.Locality
j.jsonUserinfoAddress.PostalCode = i.PostalCode j.JsonUserinfoAddress.PostalCode = i.PostalCode
j.jsonUserinfoAddress.Region = i.Region j.JsonUserinfoAddress.Region = i.Region
j.jsonUserinfoAddress.StreetAddress = i.StreetAddress j.JsonUserinfoAddress.StreetAddress = i.StreetAddress
}
func (i *Userinfo) UnmmarshalJSON(data []byte) error {
if err := json.Unmarshal(data, i); err != nil {
return err
}
return json.Unmarshal(data, i.claims)
} }
type UserInfoRequest struct { type UserInfoRequest struct {

9
pkg/op/token.go
View file

@ -80,7 +80,6 @@ func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, vali
} }
claims := &oidc.IDTokenClaims{ claims := &oidc.IDTokenClaims{
Issuer: issuer, Issuer: issuer,
Subject: authReq.GetSubject(),
Audiences: authReq.GetAudience(), Audiences: authReq.GetAudience(),
Expiration: exp, Expiration: exp,
IssuedAt: time.Now().UTC(), IssuedAt: time.Now().UTC(),
@ -89,10 +88,10 @@ func CreateIDToken(ctx context.Context, issuer string, authReq AuthRequest, vali
AuthenticationContextClassReference: authReq.GetACR(), AuthenticationContextClassReference: authReq.GetACR(),
AuthenticationMethodsReferences: authReq.GetAMR(), AuthenticationMethodsReferences: authReq.GetAMR(),
AuthorizedParty: authReq.GetClientID(), AuthorizedParty: authReq.GetClientID(),
UserinfoProfile: userinfo.UserinfoProfile, Userinfo: *userinfo,
UserinfoEmail: userinfo.UserinfoEmail, //UserinfoEmail: userinfo.UserinfoEmail,
UserinfoPhone: userinfo.UserinfoPhone, //UserinfoPhone: userinfo.UserinfoPhone,
UserinfoAddress: userinfo.Address, //UserinfoAddress: userinfo.Address,
} }
if accessToken != "" { if accessToken != "" {
claims.AccessTokenHash, err = oidc.ClaimHash(accessToken, signer.SignatureAlgorithm()) claims.AccessTokenHash, err = oidc.ClaimHash(accessToken, signer.SignatureAlgorithm())