polycule-connect/polyculeconnect/internal/model/client.go

package model

import (
	"time"

	"github.com/zitadel/oidc/v3/pkg/oidc"
	"github.com/zitadel/oidc/v3/pkg/op"
)

type ClientConfig struct {
	ID           string
	Secret       string
	RedirectURIs []string
	TrustedPeers []string
	Name         string
	AuthRequest  *AuthRequest
}

type Client struct {
	ClientConfig
}

func (c Client) GetID() string {
	return c.ClientConfig.ID
}

func (c Client) RedirectURIs() []string {
	return c.ClientConfig.RedirectURIs
}

func (c Client) PostLogoutRedirectURIs() []string {
	return nil
}

func (c Client) ApplicationType() op.ApplicationType {
	return op.ApplicationTypeWeb // TODO: should we support more?
}

func (c Client) AuthMethod() oidc.AuthMethod {
	return oidc.AuthMethodNone
}

func (c Client) ResponseTypes() []oidc.ResponseType {
	return []oidc.ResponseType{oidc.ResponseTypeCode}
}

func (c Client) GrantTypes() []oidc.GrantType {
	return []oidc.GrantType{oidc.GrantTypeCode}
}

func (c Client) LoginURL(authRequestID string) string {
	// here we have the requestID, meaning we should:
	//	- get the request from its ID
	//	- get the associated backend
	//	- build the correct URI to use as a redirection, which is from the backend
	//	- afterwards would should basically handle it as a OIDC client
	return authRequestID
}

func (c Client) AccessTokenType() op.AccessTokenType {
	return op.AccessTokenTypeJWT
}

func (c Client) IDTokenLifetime() time.Duration {
	return 1 * time.Hour
}

func (c Client) DevMode() bool {
	return true
}

func (c Client) RestrictAdditionalIdTokenScopes() func(scopes []string) []string {
	return func(scopes []string) []string {
		return scopes
	}
}

func (c Client) RestrictAdditionalAccessTokenScopes() func(scopes []string) []string {
	return func(scopes []string) []string {
		return scopes
	}
}

func (c Client) IsScopeAllowed(scope string) bool {
	return true
}

func (c Client) IDTokenUserinfoClaimsAssertion() bool {
	return true
}

func (c Client) ClockSkew() time.Duration {
	return 0
}