[authn]: add GetIDClaims() to Requester (#91387)

* authn: add GetIDClaims() to Requester Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com> * authn: update StaticRequester Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com> * update auth/idtest/mock Co-Authored-By: Gabriel MABILLE <gamab@users.noreply.github.com> * Fix test Co-authored-by: Claudiu Dragalina-Paraipan <claudiu.dragalina@grafana.com> --------- Co-authored-by: Gabriel MABILLE <gamab@users.noreply.github.com> Co-authored-by: gamab <gabriel.mabille@grafana.com>
2025-02-25 18:55:37 -06:00 · 2024-08-02 12:36:02 +03:00
parent a940bb87be
commit e2435f92f1
10 changed files with 112 additions and 32 deletions
--- a/pkg/services/authn/identity.go
+++ b/pkg/services/authn/identity.go
@@ -4,6 +4,7 @@ import (
 	"fmt"
 	"time"

+	"github.com/grafana/authlib/authn"
 	"golang.org/x/oauth2"

 	"github.com/grafana/grafana/pkg/apimachinery/identity"
@@ -69,7 +70,8 @@ type Identity struct {
 	Permissions map[int64]map[string][]string
 	// IDToken is a signed token representing the identity that can be forwarded to plugins and external services.
 	// Will only be set when featuremgmt.FlagIdForwarding is enabled.
-	IDToken string
+	IDToken       string
+	IDTokenClaims *authn.Claims[authn.IDTokenClaims]
 }

 // GetRawIdentifier implements Requester.
@@ -156,6 +158,10 @@ func (i *Identity) GetIDToken() string {
 	return i.IDToken
 }

+func (i *Identity) GetIDClaims() *authn.Claims[authn.IDTokenClaims] {
+	return i.IDTokenClaims
+}
+
 func (i *Identity) GetIsGrafanaAdmin() bool {
 	return i.IsGrafanaAdmin != nil && *i.IsGrafanaAdmin
 }