mindersec / minder / 25334664832

60%

Build Type

push

github

Committed by web-flow

Commit Message

Generalize identity provider and implement OIDC discovery (#6265)

* feat(auth): generalize identity provider and implement OIDC discovery

This commit decouples Minder from Keycloak-specific paths by:
- Implementing OIDC discovery for identity server configuration.
- Defining the IdentityManager interface for administrative operations.
- Refactoring event synchronization and user management to use the new interface.
- Removing legacy Keycloak-specific configuration helpers.
- Updating tests to use the generalized IdentityManager mock.

* chore(auth): fix linting and unit test regressions in identity refactor

- Fix duplicate DeleteUser call in handlers_user.go
- Resolve linting issues (unused receivers, missing docs) in interface.go
- Update tests to properly inject MockIdentityManager

* chore(auth): fix linting and add missing unit/integration tests

* refactor(auth): address PR maintainer feedback for IdentityProviders

- Use zitadel/oidc generic client for openid configuration discovery
- OIDC issuer claim matches the discovered client issuer output
- Add missing GitHub IDs clarification
- Include TODOs about unused methods for tracking

* fix(auth): address additional code review feedback

- Fix strings.Contains on ErrNotFound
- Export auth.ErrNotFound
- Restore removed TODO in token handler
- Remove noop test to exclude from coverage as requested
- Discard unintentional metrics/version test commits
- Remove obsolete httptest.NewServer loops

* feat: Add ResolveFederated to auth interface for generic OIDC support

* fix: use issuer_claim for WWW-Authenticate header and accept dual issuer URLs in docker-compose

* style: fix gci formatting in keycloak files

Coverage Stats

36 of 167 new or added lines in 11 files covered. (21.56%)

1 existing line in 1 file now uncovered.

20396 of 33745 relevant lines covered (60.44%)

38.8 hits per line