Merge pull request #111 from SAP/toke-scim-id

Token scim_id
SAP · Feb 19, 2024 · a92711a · a92711a
2 parents 76f22d8 + 53b9e5c
commit a92711a
Show file tree

Hide file tree

Showing 2 changed files with 18 additions and 4 deletions.
diff --git a/auth/token.go b/auth/token.go
@@ -25,6 +25,8 @@ const (
 	claimSapGlobalAppTID = "app_tid"
 	claimIasIssuer       = "ias_iss"
 	claimAzp             = "azp"
+	claimScimID          = "scim_id"
+	claimGroups          = "groups"
 )
 
 type Token struct {
@@ -146,6 +148,18 @@ func (t Token) UserUUID() string {
 	return v
 }
 
+// ScimID returns "scim_id" claim, if it doesn't exist empty string is returned
+func (t Token) ScimID() string {
+	v, _ := t.GetClaimAsString(claimScimID)
+	return v
+}
+
+// Groups returns "groups" claim, if it doesn't exist empty string is returned
+func (t Token) Groups() []string {
+	v, _ := t.GetClaimAsStringSlice(claimGroups)
+	return v
+}
+
 // ErrClaimNotExists shows that the requested custom claim does not exist in the token
 var ErrClaimNotExists = errors.New("claim does not exist in the token")
 
@@ -168,7 +182,7 @@ func (t Token) GetClaimAsString(claim string) (string, error) {
 	return stringValue, nil
 }
 
-// GetClaimAsStringSlice returns a custom claim type asserted as string slice. The claim name is case sensitive. Returns error if the claim is not available or not an array
+// GetClaimAsStringSlice returns a custom claim type asserted as string slice. The claim name is case-sensitive. Returns error if the claim is not available or not an array
 func (t Token) GetClaimAsStringSlice(claim string) ([]string, error) {
 	value, exists := t.jwtToken.Get(claim)
 	if !exists {

diff --git a/sample/middleware.go b/sample/middleware.go
@@ -28,8 +28,8 @@ func main() {
 		panic(err)
 	}
 	authMiddleware := auth.NewMiddleware(config, auth.Options{})
-	r.Use(authMiddleware.AuthenticationHandler)
-	r.HandleFunc("/helloWorld", helloWorld).Methods(http.MethodGet)
+	r.Use(authMiddleware.AuthenticationHandler) // force oauth2 bearer token flow
+	r.HandleFunc("/auth", parseToken).Methods(http.MethodGet)
 
 	address := ":" + os.Getenv("PORT")
 	if address == "" {
@@ -47,7 +47,7 @@ func main() {
 	}
 }
 
-func helloWorld(w http.ResponseWriter, r *http.Request) {
+func parseToken(w http.ResponseWriter, r *http.Request) {
 	user, ok := auth.TokenFromCtx(r)
 	if ok {
 		_, _ = fmt.Fprintf(w, "Hello world!\nYou're logged in as %s", user.Email())