From 04820934859aaaa63499bc1076443f461e1ae022 Mon Sep 17 00:00:00 2001 From: Dario Date: Sat, 23 Nov 2024 01:00:03 +0100 Subject: [PATCH] implement oidc as a new provider --- lib/code0/identities.rb | 1 + lib/code0/identities/provider/oidc.rb | 63 ++++++++++++++++++++++++++ sig/code0/identities/provider/oidc.rbs | 17 +++++++ 3 files changed, 81 insertions(+) create mode 100644 lib/code0/identities/provider/oidc.rb create mode 100644 sig/code0/identities/provider/oidc.rbs diff --git a/lib/code0/identities.rb b/lib/code0/identities.rb index 1d397cf..8ff46ff 100644 --- a/lib/code0/identities.rb +++ b/lib/code0/identities.rb @@ -10,6 +10,7 @@ require_relative "identities/provider/google" require_relative "identities/provider/discord" require_relative "identities/provider/github" +require_relative "identities/provider/oidc" module Code0 module Identities diff --git a/lib/code0/identities/provider/oidc.rb b/lib/code0/identities/provider/oidc.rb new file mode 100644 index 0000000..a671a81 --- /dev/null +++ b/lib/code0/identities/provider/oidc.rb @@ -0,0 +1,63 @@ +# frozen_string_literal: true + +module Code0 + module Identities + module Provider + class Oidc < BaseOauth + def token_url + config[:token_url] + end + + def token_payload(code) + { code: code, + grant_type: "authorization_code", + redirect_uri: config[:redirect_uri], + client_id: config[:client_id], + client_secret: config[:client_secret] } + end + + def user_details_url + config[:user_details_url] + end + + def authorization_url + config[:user_details_url] + end + + def create_identity(response, *) + body = response.parsed_response + + Identity.new(config[:provider_name], + find_attribute(body, config[:attribute_statements][:identifier]), + find_attribute(body, config[:attribute_statements][:username]), + find_attribute(body, config[:attribute_statements][:email]), + find_attribute(body, config[:attribute_statements][:firstname]), + find_attribute(body, config[:attribute_statements][:lastname])) + end + + def config + config = super + + # rubocop:disable Layout/LineLength + config[:provider_name] ||= :oidc + config[:attribute_statements] ||= {} + config[:attribute_statements][:identifier] ||= %w[sub id identifier] + config[:attribute_statements][:username] ||= %w[username name login] + config[:attribute_statements][:email] ||= %w[email mail] + config[:attribute_statements][:firstname] ||= %w[first_name firstname firstName givenname given_name givenName] + config[:attribute_statements][:lastname] ||= %w[last_name lastname lastName family_name familyName familyname] + # rubocop:enable Layout/LineLength + + config + end + + def find_attribute(attributes, attribute_statements) + attribute_statements.each do |statement| + return attributes[statement] unless attributes[statement].nil? + end + nil + end + end + end + end +end diff --git a/sig/code0/identities/provider/oidc.rbs b/sig/code0/identities/provider/oidc.rbs new file mode 100644 index 0000000..1a6187d --- /dev/null +++ b/sig/code0/identities/provider/oidc.rbs @@ -0,0 +1,17 @@ +module Code0 + module Identities + module Provider + class Oidc < BaseOauth + def token_url: () -> String + + def token_payload: (code: String) -> { code: String, grant_type: "authorization_code", redirect_uri: String, client_id: String, client_secret: String } + + def user_details_url: () -> String + + def authorization_url: () -> String + + def create_identity: (response: Net::HTTPResponse) -> Identity + end + end + end +end