feat: add enhanced support for Slack OAuth #10151
Conversation
| oidctest.WithExtra(func(email string) map[string]interface{} { | ||
| return map[string]interface{}{ | ||
| "authed_user": map[string]interface{}{ | ||
| "access_token": "slack-user-token", | ||
| }, | ||
| } | ||
| }), |
There was a problem hiding this comment.
Should we add the existing fields to the params of WithExtra? Maybe just pass the token in and let the function mutate the existing map.
I ask because it would be ideal to pass the actual access token:
oidctest.WithExtra(func(email string, token map[string]interface{}) {
token["authed_user"] = map[string]interface{}{
"access_token": token["access_token"],
}
// Completely nuke the original access token?
token["access_token"] = "bogus_unused_token"
}),This would make it valid to the fake OIDC IDP.
There was a problem hiding this comment.
I was primarily trying to mimic the usage on the output side, which has the Extra property. So while we could merge them together, I think it's better to make it super consumable to the other end.
There was a problem hiding this comment.
The thing is the refresh works because the refresh token is set correctly.
But the access-token is invalidly set to slack-user-token. We only check access-token on /user-info, so maybe it does not matter. But I could see it being a benefit to set the extra value to the correctly generated access_token.
There was a problem hiding this comment.
The access_token isn't being set. authed_user is which has a property of access_token.
I'm going to change this to be more abstract. It's too jank as-is right now.
I'm going to allow for any fields to be specified as
extra, and then stored in the database as a JSON mapping. They can be accessed from theextrapayload later on.