forked from baron/baron-sso
multi IDP 모델 적용 scaffolding
This commit is contained in:
62
backend/internal/service/descope_service.go
Normal file
62
backend/internal/service/descope_service.go
Normal file
@@ -0,0 +1,62 @@
|
||||
package service
|
||||
|
||||
import (
|
||||
"baron-sso-backend/internal/domain"
|
||||
"log/slog"
|
||||
|
||||
"github.com/descope/go-sdk/descope/client"
|
||||
)
|
||||
|
||||
type DescopeProvider struct {
|
||||
Client *client.DescopeClient
|
||||
fieldMapping map[string]string // Key: Broker Field Name, Value: Descope Attribute Key
|
||||
}
|
||||
|
||||
func NewDescopeProvider(projectID, managementKey string) *DescopeProvider {
|
||||
var descopeClient *client.DescopeClient
|
||||
var err error
|
||||
if projectID != "" {
|
||||
descopeClient, err = client.NewWithConfig(&client.Config{
|
||||
ProjectID: projectID,
|
||||
ManagementKey: managementKey,
|
||||
})
|
||||
if err != nil {
|
||||
slog.Warn("Failed to initialize Descope Client in Provider", "error", err)
|
||||
}
|
||||
}
|
||||
|
||||
// Define the mapping between BrokerUser fields and Descope attributes.
|
||||
// In a real scenario, this could be loaded from a config file.
|
||||
// For this implementation, we hardcode the support to demonstrate the validation.
|
||||
// We map the Broker's required custom attributes to Descope's keys.
|
||||
mapping := map[string]string{
|
||||
"grade": "customAttributes.userRank", // Broker 'grade' maps to Descope 'userRank'
|
||||
"department": "customAttributes.dept", // Broker 'department' maps to Descope 'dept'
|
||||
}
|
||||
|
||||
return &DescopeProvider{
|
||||
Client: descopeClient,
|
||||
fieldMapping: mapping,
|
||||
}
|
||||
}
|
||||
|
||||
func (d *DescopeProvider) Name() string {
|
||||
return "Descope"
|
||||
}
|
||||
|
||||
// GetMetadata returns the schema support information.
|
||||
// Currently, it returns the standard fields Descope supports + the mapped custom attributes.
|
||||
func (d *DescopeProvider) GetMetadata() (*domain.IDPMetadata, error) {
|
||||
// 1. Standard Fields supported by Descope
|
||||
supported := []string{"id", "email", "name", "phone_number"}
|
||||
|
||||
// 2. Add mapped custom attributes
|
||||
// The Validator checks if the Broker's required keys (e.g., "grade") are present in this list.
|
||||
for brokerKey := range d.fieldMapping {
|
||||
supported = append(supported, brokerKey)
|
||||
}
|
||||
|
||||
return &domain.IDPMetadata{
|
||||
SupportedFields: supported,
|
||||
}, nil
|
||||
}
|
||||
Reference in New Issue
Block a user