This repository has been archived by the owner on Apr 29, 2024. It is now read-only.
-
Notifications
You must be signed in to change notification settings - Fork 9
/
oidc.go
43 lines (39 loc) · 1.74 KB
/
oidc.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
package oidc
import (
"github.com/caos/orbos/internal/secret"
)
type OIDC struct {
//Internal name of the OIDC provider
Name string `json:"name,omitempty" yaml:"name,omitempty"`
//Issuer of the OIDC provider
Issuer string `json:"issuer,omitempty" yaml:"issuer,omitempty"`
ClientID *secret.Secret `yaml:"clientID,omitempty"`
//Existing secret with the clientID
ExistingClientIDSecret *secret.Existing `json:"existingClientIDSecret,omitempty" yaml:"existingClientIDSecret,omitempty"`
ClientSecret *secret.Secret `yaml:"clientSecret,omitempty"`
//Existing secret with the clientSecret
ExistingClientSecretSecret *secret.Existing `json:"existingClientSecretSecret,omitempty" yaml:"existingClientSecretSecret,omitempty"`
//Optional set of OIDC scopes to request. If omitted, defaults to: ["openid", "profile", "email", "groups"]
RequestedScopes []string `json:"requestedScopes,omitempty" yaml:"requestedScopes,omitempty"`
//Optional set of OIDC claims to request on the ID token.
RequestedIDTokenClaims map[string]Claim `json:"requestedIDTokenClaims,omitempty" yaml:"requestedIDTokenClaims,omitempty"`
}
func (c *OIDC) IsZero() bool {
if (c.ClientID == nil || c.ClientID.IsZero()) &&
(c.ClientSecret == nil || c.ClientSecret.IsZero()) &&
c.ExistingClientIDSecret == nil &&
c.ExistingClientSecretSecret == nil &&
c.Name == "" &&
c.Issuer == "" &&
c.RequestedScopes == nil &&
c.RequestedIDTokenClaims == nil {
return true
}
return false
}
type Claim struct {
//Define if the claim is required, otherwise the login will fail
Essential bool `json:"essential,omitempty" yaml:"essential,omitempty"`
//Required values of the claim, otherwise hte login will fail
Values []string `json:"values,omitempty" yaml:"values,omitempty"`
}