cim/zitadel-oidc
5
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

add CanSetUserinfoFromRequest interface

Browse source
This commit is contained in:
David Sharnoff 2023-03-10 15:53:33 -08:00
parent eea2ed1a51
commit e56925ae7d
3 changed files with 19 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
example/server/storage/storage.go
View file

@ -360,6 +360,12 @@ func (s *Storage) SetUserinfoFromScopes(ctx context.Context, userinfo oidc.UserI
return s.setUserinfo(ctx, userinfo, userID, clientID, scopes) return s.setUserinfo(ctx, userinfo, userID, clientID, scopes)
} }
// SetUserinfoFromRequest is an optional addon to op.Storage for setting user information
// using the request.
func (s *Storage) SetUserinfoFromRequest(ctx context.Context, userinfo oidc.UserInfoSetter, request op.IDTokenRequest, scopes []string) error {
return nil
}
// SetUserinfoFromToken implements the op.Storage interface // SetUserinfoFromToken implements the op.Storage interface
// it will be called for the userinfo endpoint, so we read the token and pass the information from that to the private function // it will be called for the userinfo endpoint, so we read the token and pass the information from that to the private function
func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo oidc.UserInfoSetter, tokenID, subject, origin string) error { func (s *Storage) SetUserinfoFromToken(ctx context.Context, userinfo oidc.UserInfoSetter, tokenID, subject, origin string) error {

7
pkg/op/storage.go
View file

@ -82,6 +82,13 @@ type OPStorage interface {
ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error) ValidateJWTProfileScopes(ctx context.Context, userID string, scopes []string) ([]string, error)
} }
// CanSetUserinfoFromRequest is an optional additional interface that may be implemented by
// implementors of Storage. It allows additional data to be set in id_tokens based on the
// request.
type CanSetUserinfoFromRequest interface {
SetUserinfoFromRequest(ctx context.Context, userinfo oidc.UserInfoSetter, request IDTokenRequest, scopes []string) error
}
// Storage is a required parameter for NewOpenIDProvider(). In addition to the // Storage is a required parameter for NewOpenIDProvider(). In addition to the
// embedded interfaces below, if the passed Storage implements ClientCredentialsStorage // embedded interfaces below, if the passed Storage implements ClientCredentialsStorage
// then the grant type "client_credentials" will be supported. In that case, the access // then the grant type "client_credentials" will be supported. In that case, the access

6
pkg/op/token.go
View file

@ -145,6 +145,12 @@ func CreateIDToken(ctx context.Context, issuer string, request IDTokenRequest, v
if err != nil { if err != nil {
return "", err return "", err
} }
if fromRequest, ok := storage.(CanSetUserinfoFromRequest); ok {
err := fromRequest.SetUserinfoFromRequest(ctx, userInfo, request, scopes)
if err != nil {
return "", err
}
}
claims.SetUserinfo(userInfo) claims.SetUserinfo(userInfo)
} }
if code != "" { if code != "" {