From 014d760f3dd7db2079dd82d9769c189d4c7a380f Mon Sep 17 00:00:00 2001 From: Matt Moyer Date: Fri, 4 Dec 2020 15:15:33 -0600 Subject: [PATCH] Add validated ID token claims to the oidctypes.Token structure. This is just a more convenient copy of these values which are already stored inside the ID token. This will save us from having to pass them around seprately or re-parse them later. Signed-off-by: Matt Moyer --- pkg/oidcclient/filesession/cachefile_test.go | 7 +++++++ pkg/oidcclient/filesession/testdata/valid.yaml | 5 +++++ pkg/oidcclient/oidctypes/oidctypes.go | 3 +++ 3 files changed, 15 insertions(+) diff --git a/pkg/oidcclient/filesession/cachefile_test.go b/pkg/oidcclient/filesession/cachefile_test.go index b1e1c984..39ac87fb 100644 --- a/pkg/oidcclient/filesession/cachefile_test.go +++ b/pkg/oidcclient/filesession/cachefile_test.go @@ -38,6 +38,13 @@ var validSession = sessionCache{ IDToken: &oidctypes.IDToken{ Token: "test-id-token", Expiry: metav1.NewTime(time.Date(2020, 10, 20, 19, 42, 07, 0, time.UTC).Local()), + Claims: map[string]interface{}{ + "foo": "bar", + "nested": map[string]interface{}{ + "key1": "value1", + "key2": "value2", + }, + }, }, RefreshToken: &oidctypes.RefreshToken{ Token: "test-refresh-token", diff --git a/pkg/oidcclient/filesession/testdata/valid.yaml b/pkg/oidcclient/filesession/testdata/valid.yaml index 67602c7b..e0d1943c 100644 --- a/pkg/oidcclient/filesession/testdata/valid.yaml +++ b/pkg/oidcclient/filesession/testdata/valid.yaml @@ -20,5 +20,10 @@ sessions: id: expiryTimestamp: "2020-10-20T19:42:07Z" token: test-id-token + claims: + foo: bar + nested: + key1: value1 + key2: value2 refresh: token: test-refresh-token diff --git a/pkg/oidcclient/oidctypes/oidctypes.go b/pkg/oidcclient/oidctypes/oidctypes.go index 94f5dcc9..d3d1b658 100644 --- a/pkg/oidcclient/oidctypes/oidctypes.go +++ b/pkg/oidcclient/oidctypes/oidctypes.go @@ -31,6 +31,9 @@ type IDToken struct { // Expiry is the optional expiration time of the ID token. Expiry v1.Time `json:"expiryTimestamp,omitempty"` + + // Claims are the claims expressed by the Token. + Claims map[string]interface{} `json:"claims,omitempty"` } // Token contains the elements of an OIDC session.