feat: add application as option key for API auth (#91)

smartive · Sep 8, 2021 · 8e7c988 · 8e7c988
1 parent 805bb73
commit 8e7c988
Show file tree

Hide file tree

Showing 2 changed files with 14 additions and 5 deletions.
diff --git a/src/Zitadel/Authentication/Options/ZitadelApiOptions.cs b/src/Zitadel/Authentication/Options/ZitadelApiOptions.cs
@@ -29,6 +29,13 @@ public class ZitadelApiOptions
         /// </summary>
         public BasicAuthentication? BasicAuthCredentials { get; set; }
 
+        /// <summary>
+        /// Correlates with <see cref="JwtProfileKey"/>. If the API application uses
+        /// a private key JWT (recommended), this property can be set to pass the
+        /// application object itself instead of a key path or key content.
+        /// </summary>
+        public Application? JwtProfile { get; set; }
+
         /// <summary>
         /// If the API application uses a private key JWT (recommended) to authenticate
         /// itself against the IAM API, use this property to provide the key information.

diff --git a/src/Zitadel/Authentication/Validation/ZitadelApiValidator.cs b/src/Zitadel/Authentication/Validation/ZitadelApiValidator.cs
@@ -14,6 +14,7 @@
 
 #if NET5_0_OR_GREATER
 using System.Net.Http.Json;
+
 #elif NETCOREAPP3_1_OR_GREATER
 using System.Text.Json;
 #endif
@@ -148,17 +149,18 @@ public override ClaimsPrincipal ValidateToken(
         private Func<string, HttpRequestMessage> RequestConstructor()
         {
             _oidcConfiguration ??= _configuration.GetConfigurationAsync().Result;
-            if (_options.BasicAuthCredentials == null && _options.JwtProfileKey == null)
+            if (_options.BasicAuthCredentials == null && _options.JwtProfileKey == null && _options.JwtProfile == null)
             {
                 throw new ApplicationException(
                     "Neither BasicAuth nor JwtPrivateKey credentials configured in Zitadel API authentication.");
             }
 
-            if (_options.JwtProfileKey != null)
+            if (_options.JwtProfileKey != null || _options.JwtProfile != null)
             {
-                var app = _options.JwtProfileKey.Content != null
-                    ? Application.LoadFromJsonString(_options.JwtProfileKey.Content)
-                    : Application.LoadFromJsonFile(_options.JwtProfileKey.Path ?? string.Empty);
+                var app = _options.JwtProfile ??
+                          (_options.JwtProfileKey?.Content != null
+                              ? Application.LoadFromJsonString(_options.JwtProfileKey.Content)
+                              : Application.LoadFromJsonFile(_options.JwtProfileKey?.Path ?? string.Empty));
 
                 string? jwt = null;