mirror of
https://github.com/zitadel/zitadel.git
synced 2025-02-25 18:55:27 -06:00
feat: add github provider template (#5334)
Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
This commit is contained in:
Livio Spring
GitHub
@@ -1320,6 +1320,54 @@ service AdminService {
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new GitHub identity provider on the instance
|
||||
rpc AddGitHubProvider(AddGitHubProviderRequest) returns (AddGitHubProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/github"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "iam.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing GitHub identity provider on the instance
|
||||
rpc UpdateGitHubProvider(UpdateGitHubProviderRequest) returns (UpdateGitHubProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/github/{id}"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "iam.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new GitHub Enterprise Server identity provider on the instance
|
||||
rpc AddGitHubEnterpriseServerProvider(AddGitHubEnterpriseServerProviderRequest) returns (AddGitHubEnterpriseServerProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/github_es"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "iam.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing GitHub Enterprise Server identity provider on the instance
|
||||
rpc UpdateGitHubEnterpriseServerProvider(UpdateGitHubEnterpriseServerProviderRequest) returns (UpdateGitHubEnterpriseServerProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/github_es/{id}"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "iam.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new Google identity provider on the instance
|
||||
rpc AddGoogleProvider(AddGoogleProviderRequest) returns (AddGoogleProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
@@ -4429,6 +4477,67 @@ message UpdateJWTProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
}
|
||||
|
||||
message AddGitHubProviderRequest {
|
||||
// GitHub will be used as default, if no name is provided
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string client_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_secret = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 4 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 5;
|
||||
}
|
||||
|
||||
message AddGitHubProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
string id = 2;
|
||||
}
|
||||
|
||||
message UpdateGitHubProviderRequest {
|
||||
string id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {max_len: 200}];
|
||||
string client_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
// client_secret will only be updated if provided
|
||||
string client_secret = 4 [(validate.rules).string = {max_len: 200}];
|
||||
repeated string scopes = 5 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 6;
|
||||
}
|
||||
|
||||
message UpdateGitHubProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
}
|
||||
|
||||
message AddGitHubEnterpriseServerProviderRequest {
|
||||
string client_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_secret = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string authorization_endpoint = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string token_endpoint = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string user_endpoint = 6 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 7 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 8;
|
||||
}
|
||||
|
||||
message AddGitHubEnterpriseServerProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
string id = 2;
|
||||
}
|
||||
|
||||
message UpdateGitHubEnterpriseServerProviderRequest {
|
||||
string id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
// client_secret will only be updated if provided
|
||||
string client_secret = 4 [(validate.rules).string = {max_len: 200}];
|
||||
string authorization_endpoint = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string token_endpoint = 6 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string user_endpoint = 7 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 8 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 9;
|
||||
}
|
||||
|
||||
message UpdateGitHubEnterpriseServerProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
}
|
||||
|
||||
message AddGoogleProviderRequest {
|
||||
// Google will be used as default, if no name is provided
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
|
||||
@@ -253,7 +253,7 @@ enum ProviderType {
|
||||
PROVIDER_TYPE_OAUTH = 4;
|
||||
PROVIDER_TYPE_AZURE_AD = 5;
|
||||
PROVIDER_TYPE_GITHUB = 6;
|
||||
PROVIDER_TYPE_GITHUB_EE = 7;
|
||||
PROVIDER_TYPE_GITHUB_ES = 7;
|
||||
PROVIDER_TYPE_GITLAB = 8;
|
||||
PROVIDER_TYPE_GITLAB_SELF_HOSTED = 9;
|
||||
PROVIDER_TYPE_GOOGLE = 10;
|
||||
@@ -267,6 +267,8 @@ message ProviderConfig {
|
||||
OAuthConfig oauth = 4;
|
||||
GenericOIDCConfig oidc = 5;
|
||||
JWTConfig jwt = 6;
|
||||
GitHubConfig github = 7;
|
||||
GitHubEnterpriseServerConfig github_es = 8;
|
||||
}
|
||||
}
|
||||
message OAuthConfig {
|
||||
@@ -284,6 +286,19 @@ message GenericOIDCConfig {
|
||||
repeated string scopes = 3;
|
||||
}
|
||||
|
||||
message GitHubConfig {
|
||||
string client_id = 1;
|
||||
repeated string scopes = 2;
|
||||
}
|
||||
|
||||
message GitHubEnterpriseServerConfig {
|
||||
string client_id = 1;
|
||||
string authorization_endpoint = 2;
|
||||
string token_endpoint = 3;
|
||||
string user_endpoint = 4;
|
||||
repeated string scopes = 5;
|
||||
}
|
||||
|
||||
message GoogleConfig {
|
||||
string client_id = 1;
|
||||
repeated string scopes = 2;
|
||||
|
||||
@@ -6488,7 +6488,7 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new OIDC identity provider in the organisation
|
||||
// Add a new OIDC identity provider in the organization
|
||||
rpc AddGenericOIDCProvider(AddGenericOIDCProviderRequest) returns (AddGenericOIDCProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/generic_oidc"
|
||||
@@ -6500,7 +6500,7 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing OIDC identity provider in the organisation
|
||||
// Change an existing OIDC identity provider in the organization
|
||||
rpc UpdateGenericOIDCProvider(UpdateGenericOIDCProviderRequest) returns (UpdateGenericOIDCProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/generic_oidc/{id}"
|
||||
@@ -6512,7 +6512,7 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new JWT identity provider in the organisation
|
||||
// Add a new JWT identity provider in the organization
|
||||
rpc AddJWTProvider(AddJWTProviderRequest) returns (AddJWTProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/generic_jwt"
|
||||
@@ -6524,7 +6524,7 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing JWT identity provider in the organisation
|
||||
// Change an existing JWT identity provider in the organization
|
||||
rpc UpdateJWTProvider(UpdateJWTProviderRequest) returns (UpdateJWTProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/generic_jwt/{id}"
|
||||
@@ -6536,7 +6536,55 @@ service ManagementService {
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new Google identity provider in the organisation
|
||||
// Add a new GitHub identity provider in the organization
|
||||
rpc AddGitHubProvider(AddGitHubProviderRequest) returns (AddGitHubProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/github"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "org.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing GitHub identity provider in the organization
|
||||
rpc UpdateGitHubProvider(UpdateGitHubProviderRequest) returns (UpdateGitHubProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/github/{id}"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "org.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new GitHub Enterprise Server identity provider in the organization
|
||||
rpc AddGitHubEnterpriseServerProvider(AddGitHubEnterpriseServerProviderRequest) returns (AddGitHubEnterpriseServerProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/github_es"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "org.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Change an existing GitHub Enterprise Server identity provider in the organization
|
||||
rpc UpdateGitHubEnterpriseServerProvider(UpdateGitHubEnterpriseServerProviderRequest) returns (UpdateGitHubEnterpriseServerProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
put: "/idps/github_es/{id}"
|
||||
body: "*"
|
||||
};
|
||||
|
||||
option (zitadel.v1.auth_option) = {
|
||||
permission: "org.idp.write"
|
||||
};
|
||||
}
|
||||
|
||||
// Add a new Google identity provider in the organization
|
||||
rpc AddGoogleProvider(AddGoogleProviderRequest) returns (AddGoogleProviderResponse) {
|
||||
option (google.api.http) = {
|
||||
post: "/idps/google"
|
||||
@@ -11103,6 +11151,67 @@ message UpdateJWTProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
}
|
||||
|
||||
message AddGitHubProviderRequest {
|
||||
// GitHub will be used as default, if no name is provided
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
string client_id = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_secret = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 4 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 5;
|
||||
}
|
||||
|
||||
message AddGitHubProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
string id = 2;
|
||||
}
|
||||
|
||||
message UpdateGitHubProviderRequest {
|
||||
string id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {max_len: 200}];
|
||||
string client_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
// client_secret will only be updated if provided
|
||||
string client_secret = 4 [(validate.rules).string = {max_len: 200}];
|
||||
repeated string scopes = 5 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 6;
|
||||
}
|
||||
|
||||
message UpdateGitHubProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
}
|
||||
|
||||
message AddGitHubEnterpriseServerProviderRequest {
|
||||
string client_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_secret = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string authorization_endpoint = 4 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string token_endpoint = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string user_endpoint = 6 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 7 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 8;
|
||||
}
|
||||
|
||||
message AddGitHubEnterpriseServerProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
string id = 2;
|
||||
}
|
||||
|
||||
message UpdateGitHubEnterpriseServerProviderRequest {
|
||||
string id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string name = 2 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string client_id = 3 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
// client_secret will only be updated if provided
|
||||
string client_secret = 4 [(validate.rules).string = {max_len: 200}];
|
||||
string authorization_endpoint = 5 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string token_endpoint = 6 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
string user_endpoint = 7 [(validate.rules).string = {min_len: 1, max_len: 200}];
|
||||
repeated string scopes = 8 [(validate.rules).repeated = {max_items: 20, items: {string: {min_len: 1, max_len: 100}}}];
|
||||
zitadel.idp.v1.Options provider_options = 9;
|
||||
}
|
||||
|
||||
message UpdateGitHubEnterpriseServerProviderResponse {
|
||||
zitadel.v1.ObjectDetails details = 1;
|
||||
}
|
||||
|
||||
message AddGoogleProviderRequest {
|
||||
// Google will be used as default, if no name is provided
|
||||
string name = 1 [(validate.rules).string = {max_len: 200}];
|
||||
|
||||
Reference in New Issue
Block a user