use of UpstreamOAuthProviderLocalpartPreference

Author: mcalinghee

crates/cli/src/sync.rs

@@ -57,20 +57,18 @@ fn map_claims_imports(
         subject: mas_data_model::UpstreamOAuthProviderSubjectPreference {
             template: config.subject.template.clone(),
         },
-        localpart: mas_data_model::UpstreamOAuthProviderImportPreference {
+        localpart: mas_data_model::UpstreamOAuthProviderLocalpartPreference {
             action: map_import_action(config.localpart.action),
             template: config.localpart.template.clone(),
             on_conflict: map_import_on_conflict(config.localpart.on_conflict),
         },
         displayname: mas_data_model::UpstreamOAuthProviderImportPreference {
             action: map_import_action(config.displayname.action),
             template: config.displayname.template.clone(),
-            on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
         },
         email: mas_data_model::UpstreamOAuthProviderImportPreference {
             action: map_import_action(config.email.action),
             template: config.email.template.clone(),
-            on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
         },
         account_name: mas_data_model::UpstreamOAuthProviderSubjectPreference {
             template: config.account_name.template.clone(),

crates/config/src/sections/upstream_oauth2.rs

@@ -128,9 +128,6 @@ impl ConfigurationSection for UpstreamOAuth2Config {
                     "The field `action` must be either `force` or `require` when `on_conflict` is set to `add`",
                 ));
             }
-
-            //TODO : check that claims imports use on_conflict where it is not
-            // supported?
         }
 
         Ok(())

crates/data-model/src/lib.rs

@@ -42,9 +42,10 @@ pub use self::{
         UpstreamOAuthAuthorizationSession, UpstreamOAuthAuthorizationSessionState,
         UpstreamOAuthLink, UpstreamOAuthProvider, UpstreamOAuthProviderClaimsImports,
         UpstreamOAuthProviderDiscoveryMode, UpstreamOAuthProviderImportAction,
-        UpstreamOAuthProviderImportPreference, UpstreamOAuthProviderOnConflict, UpstreamOAuthProviderOnBackchannelLogout,
-        UpstreamOAuthProviderPkceMode, UpstreamOAuthProviderResponseMode,
-        UpstreamOAuthProviderSubjectPreference, UpstreamOAuthProviderTokenAuthMethod,
+        UpstreamOAuthProviderImportPreference, UpstreamOAuthProviderLocalpartPreference, UpstreamOAuthProviderOnBackchannelLogout,
+        UpstreamOAuthProviderOnConflict, UpstreamOAuthProviderPkceMode,
+        UpstreamOAuthProviderResponseMode, UpstreamOAuthProviderSubjectPreference,
+        UpstreamOAuthProviderTokenAuthMethod,
     },
     user_agent::{DeviceType, UserAgent},
     users::{

crates/data-model/src/upstream_oauth2/mod.rs

@@ -16,6 +16,7 @@ pub use self::{
         ImportAction as UpstreamOAuthProviderImportAction,
         ImportPreference as UpstreamOAuthProviderImportPreference,
         OnBackchannelLogout as UpstreamOAuthProviderOnBackchannelLogout,
+        LocalpartPreference as UpstreamOAuthProviderLocalpartPreference,
         OnConflict as UpstreamOAuthProviderOnConflict, PkceMode as UpstreamOAuthProviderPkceMode,
         ResponseMode as UpstreamOAuthProviderResponseMode,
         SubjectPreference as UpstreamOAuthProviderSubjectPreference,

crates/data-model/src/upstream_oauth2/provider.rs

@@ -313,7 +313,7 @@ pub struct ClaimsImports {
     pub subject: SubjectPreference,
 
     #[serde(default)]
-    pub localpart: ImportPreference,
+    pub localpart: LocalpartPreference,
 
     #[serde(default)]
     pub displayname: ImportPreference,
@@ -333,7 +333,7 @@ pub struct SubjectPreference {
 }
 
 #[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
-pub struct ImportPreference {
+pub struct LocalpartPreference {
     #[serde(default)]
     pub action: ImportAction,
 
@@ -344,6 +344,23 @@ pub struct ImportPreference {
     pub on_conflict: OnConflict,
 }
 
+impl std::ops::Deref for LocalpartPreference {
+    type Target = ImportAction;
+
+    fn deref(&self) -> &Self::Target {
+        &self.action
+    }
+}
+
+#[derive(Debug, Clone, PartialEq, Eq, Serialize, Deserialize, Default)]
+pub struct ImportPreference {
+    #[serde(default)]
+    pub action: ImportAction,
+
+    #[serde(default)]
+    pub template: Option<String>,
+}
+
 impl std::ops::Deref for ImportPreference {
     type Target = ImportAction;
 

crates/handlers/src/upstream_oauth2/link.rs

@@ -677,7 +677,7 @@ pub(crate) async fn post(
             }
             let context = context.build();
 
-            // Check both if is it `force` or `require`
+            // `is_forced` checks both if is it `force` or `require`
             if !provider.claims_imports.localpart.is_forced() {
                 //Claims import for `localpart` should be `require` or `force` at this stage
                 return Err(RouteError::InvalidFormAction);
@@ -1004,7 +1004,8 @@ mod tests {
     use hyper::{Request, StatusCode, header::CONTENT_TYPE};
     use mas_data_model::{
         UpstreamOAuthAuthorizationSession, UpstreamOAuthLink, UpstreamOAuthProviderClaimsImports,
-        UpstreamOAuthProviderImportPreference, UpstreamOAuthProviderTokenAuthMethod, User,
+        UpstreamOAuthProviderImportPreference, UpstreamOAuthProviderLocalpartPreference,
+        UpstreamOAuthProviderTokenAuthMethod, User,
     };
     use mas_iana::jose::JsonWebSignatureAlg;
     use mas_jose::jwt::{JsonWebSignatureHeader, Jwt};
@@ -1030,15 +1031,14 @@ mod tests {
         let cookies = CookieHelper::new();
 
         let claims_imports = UpstreamOAuthProviderClaimsImports {
-            localpart: UpstreamOAuthProviderImportPreference {
+            localpart: UpstreamOAuthProviderLocalpartPreference {
                 action: mas_data_model::UpstreamOAuthProviderImportAction::Force,
                 template: None,
                 on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
             },
             email: UpstreamOAuthProviderImportPreference {
                 action: mas_data_model::UpstreamOAuthProviderImportAction::Force,
                 template: None,
-                on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
             },
             ..UpstreamOAuthProviderClaimsImports::default()
         };
@@ -1232,15 +1232,14 @@ mod tests {
         let cookies = CookieHelper::new();
 
         let claims_imports = UpstreamOAuthProviderClaimsImports {
-            localpart: UpstreamOAuthProviderImportPreference {
+            localpart: UpstreamOAuthProviderLocalpartPreference {
                 action: mas_data_model::UpstreamOAuthProviderImportAction::Require,
                 template: None,
                 on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::Add,
             },
             email: UpstreamOAuthProviderImportPreference {
                 action: mas_data_model::UpstreamOAuthProviderImportAction::Require,
                 template: None,
-                on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
             },
             ..UpstreamOAuthProviderClaimsImports::default()
         };
@@ -1387,15 +1386,14 @@ mod tests {
         let cookies = CookieHelper::new();
 
         let claims_imports = UpstreamOAuthProviderClaimsImports {
-            localpart: UpstreamOAuthProviderImportPreference {
+            localpart: UpstreamOAuthProviderLocalpartPreference {
                 action: mas_data_model::UpstreamOAuthProviderImportAction::Require,
                 template: None,
                 on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
             },
             email: UpstreamOAuthProviderImportPreference {
                 action: mas_data_model::UpstreamOAuthProviderImportAction::Require,
                 template: None,
-                on_conflict: mas_data_model::UpstreamOAuthProviderOnConflict::default(),
             },
             ..UpstreamOAuthProviderClaimsImports::default()
         };