-
-
Notifications
You must be signed in to change notification settings - Fork 964
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Pass OIDC claims into post-login flow to include in web hook context
The login flow doesn't trigger a refresh of the identity when the OIDC claims have changed. By passing the claims through to the web hook context, this means that an external handler can be configured to update the identity as appropriate, when there are changes.
- Loading branch information
Showing
49 changed files
with
290 additions
and
210 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -84,7 +84,7 @@ func TestExecutePostRegistrationPostPersistHook(t *testing.T) { | |
browserRequest := httptest.NewRequest("GET", "/", nil) | ||
f := &login.Flow{} | ||
rec := httptest.NewRecorder() | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", f, nil)) | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", f, nil, nil)) | ||
require.Equal(t, 200, rec.Code) | ||
}) | ||
|
||
|
@@ -95,7 +95,7 @@ func TestExecutePostRegistrationPostPersistHook(t *testing.T) { | |
browserRequest.Header.Add("Accept", "application/json") | ||
f := &login.Flow{} | ||
rec := httptest.NewRecorder() | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", f, nil)) | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", f, nil, nil)) | ||
require.Equal(t, 200, rec.Code) | ||
}) | ||
|
||
|
@@ -112,7 +112,7 @@ func TestExecutePostRegistrationPostPersistHook(t *testing.T) { | |
flow.NewContinueWithVerificationUI(vf, "[email protected]", ""), | ||
} | ||
rec := httptest.NewRecorder() | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", rf, nil)) | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", rf, nil, nil)) | ||
assert.Equal(t, 200, rec.Code) | ||
assert.Equal(t, "/verification?flow="+vf.ID.String(), rf.ReturnToVerification) | ||
}) | ||
|
@@ -127,7 +127,7 @@ func TestExecutePostRegistrationPostPersistHook(t *testing.T) { | |
flow.NewContinueWithSetToken("token"), | ||
} | ||
rec := httptest.NewRecorder() | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", rf, nil)) | ||
require.NoError(t, h.ExecuteLoginPostHook(rec, browserRequest, "", rf, nil, nil)) | ||
assert.Equal(t, 200, rec.Code) | ||
}) | ||
}) | ||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,10 +1,14 @@ | ||
function(ctx) std.prune({ | ||
flow_id: ctx.flow.id, | ||
identity_id: if std.objectHas(ctx, "identity") then ctx.identity.id, | ||
session_id: if std.objectHas(ctx, "session") then ctx.session.id, | ||
identity_id: if std.objectHas(ctx, 'identity') then ctx.identity.id, | ||
session_id: if std.objectHas(ctx, 'session') then ctx.session.id, | ||
headers: ctx.request_headers, | ||
url: ctx.request_url, | ||
method: ctx.request_method, | ||
cookies: ctx.request_cookies, | ||
transient_payload: if std.objectHas(ctx.flow, "transient_payload") then ctx.flow.transient_payload, | ||
transient_payload: if std.objectHas(ctx.flow, 'transient_payload') then ctx.flow.transient_payload, | ||
nickname: if std.objectHas(ctx, 'claims') then ctx.claims.nickname, | ||
groups: if std.objectHas(ctx, 'claims') && | ||
std.objectHas(ctx.claims, 'raw_claims') && | ||
std.objectHas(ctx.claims.raw_claims, 'groups') then ctx.claims.raw_claims.groups, | ||
}) |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.