package model import ( "time" "github.com/zitadel/oidc/v3/pkg/oidc" "github.com/zitadel/oidc/v3/pkg/op" ) type ClientConfig struct { ID string Secret string RedirectURIs []string TrustedPeers []string Name string AuthRequest *AuthRequest } type Client struct { ClientConfig } func (c Client) GetID() string { return c.ClientConfig.ID } func (c Client) RedirectURIs() []string { return c.ClientConfig.RedirectURIs } func (c Client) PostLogoutRedirectURIs() []string { return nil } func (c Client) ApplicationType() op.ApplicationType { return op.ApplicationTypeWeb // TODO: should we support more? } func (c Client) AuthMethod() oidc.AuthMethod { return oidc.AuthMethodNone } func (c Client) ResponseTypes() []oidc.ResponseType { return []oidc.ResponseType{oidc.ResponseTypeCode} } func (c Client) GrantTypes() []oidc.GrantType { return []oidc.GrantType{oidc.GrantTypeCode} } func (c Client) LoginURL(authRequestID string) string { // here we have the requestID, meaning we should: // - get the request from its ID // - get the associated backend // - build the correct URI to use as a redirection, which is from the backend // - afterwards would should basically handle it as a OIDC client return authRequestID } func (c Client) AccessTokenType() op.AccessTokenType { return op.AccessTokenTypeJWT } func (c Client) IDTokenLifetime() time.Duration { return 1 * time.Hour } func (c Client) DevMode() bool { return true } func (c Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string { return func(scopes []string) []string { return scopes } } func (c Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string { return func(scopes []string) []string { return scopes } } func (c Client) IsScopeAllowed(scope string) bool { return true } func (c Client) IDTokenUserinfoClaimsAssertion() bool { return true } func (c Client) ClockSkew() time.Duration { return 0 }