Module: BetterAuth::SSO::Routes::Schemas

Defined in:

lib/better_auth/sso/routes/schemas.rb

Constant Summary

OIDC_MAPPING_KEYS =

%i[id email email_verified name image extra_fields].freeze

SAML_MAPPING_KEYS =

%i[id email email_verified name first_name last_name extra_fields].freeze

OIDC_CONFIG_KEYS =

%i[
  client_id
  client_secret
  authorization_endpoint
  token_endpoint
  user_info_endpoint
  token_endpoint_authentication
  jwks_endpoint
  discovery_endpoint
  scopes
  pkce
  override_user_info
  mapping
].freeze

SAML_CONFIG_KEYS =

%i[
  entry_point
  cert
  callback_url
  audience
  idp_metadata
  sp_metadata
  want_assertions_signed
  authn_requests_signed
  want_logout_request_signed
  want_logout_response_signed
  signature_algorithm
  digest_algorithm
  identifier_format
  private_key
  decryption_pvk
  additional_params
  mapping
].freeze

Class Method Summary

• .field(logical_name, attributes, mappings) ⇒ Object
• .oidc_config_key?(key) ⇒ Boolean
• .plugin_schema(config = {}) ⇒ Object
• .saml_config_key?(key) ⇒ Boolean

Class Method Details

.field(logical_name, attributes, mappings) ⇒ Object

# File 'lib/better_auth/sso/routes/schemas.rb', line 76

def field(logical_name, attributes, mappings)
  mapping = mappings[BetterAuth::Plugins.normalize_key(logical_name)]
  mapping ? attributes.merge(field_name: mapping) : attributes
end

.oidc_config_key?(key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/better_auth/sso/routes/schemas.rb', line 68

def oidc_config_key?(key)
  OIDC_CONFIG_KEYS.include?(BetterAuth::Plugins.normalize_key(key))
end

.plugin_schema(config = {}) ⇒ Object

# File 'lib/better_auth/sso/routes/schemas.rb', line 45

def plugin_schema(config = {})
  normalized = BetterAuth::Plugins.normalize_hash(config || {})
  field_mappings = BetterAuth::Plugins.normalize_hash(normalized[:fields] || {})
  fields = {
    issuer: field("issuer", {type: "string", required: true}, field_mappings),
    oidcConfig: field("oidcConfig", {type: "string", required: false}, field_mappings),
    samlConfig: field("samlConfig", {type: "string", required: false}, field_mappings),
    userId: field("userId", {type: "string", required: true, references: {model: "user", field: "id"}}, field_mappings),
    providerId: field("providerId", {type: "string", required: true, unique: true}, field_mappings),
    domain: field("domain", {type: "string", required: true}, field_mappings),
    organizationId: field("organizationId", {type: "string", required: false}, field_mappings)
  }
  if normalized.dig(:domain_verification, :enabled)
    fields[:domainVerified] = field("domainVerified", {type: "boolean", required: false, default_value: false}, field_mappings)
  end
  {
    ssoProvider: {
      model_name: normalized[:model_name] || "ssoProviders",
      fields: fields
    }
  }
end

.saml_config_key?(key) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/better_auth/sso/routes/schemas.rb', line 72

def saml_config_key?(key)
  SAML_CONFIG_KEYS.include?(BetterAuth::Plugins.normalize_key(key))
end