diff --git a/backend/src/services/identity-access-token/identity-access-token-dal.ts b/backend/src/services/identity-access-token/identity-access-token-dal.ts index 4f04ef0acf..cac17445df 100644 --- a/backend/src/services/identity-access-token/identity-access-token-dal.ts +++ b/backend/src/services/identity-access-token/identity-access-token-dal.ts @@ -51,6 +51,12 @@ export const identityAccessTokenDALFactory = (db: TDbClient) => { `${TableName.IdentityKubernetesAuth}.identityId` ); }) + .leftJoin(TableName.IdentityOidcAuth, (qb) => { + qb.on(`${TableName.Identity}.authMethod`, db.raw("?", [IdentityAuthMethod.OIDC_AUTH])).andOn( + `${TableName.Identity}.id`, + `${TableName.IdentityOidcAuth}.identityId` + ); + }) .select(selectAllTableCols(TableName.IdentityAccessToken)) .select( db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityUniversalAuth).as("accessTokenTrustedIpsUa"), @@ -58,6 +64,7 @@ export const identityAccessTokenDALFactory = (db: TDbClient) => { db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityAwsAuth).as("accessTokenTrustedIpsAws"), db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityAzureAuth).as("accessTokenTrustedIpsAzure"), db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityKubernetesAuth).as("accessTokenTrustedIpsK8s"), + db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityOidcAuth).as("accessTokenTrustedIpsOidc"), db.ref("name").withSchema(TableName.Identity) ) .first(); @@ -71,7 +78,8 @@ export const identityAccessTokenDALFactory = (db: TDbClient) => { doc.accessTokenTrustedIpsGcp || doc.accessTokenTrustedIpsAws || doc.accessTokenTrustedIpsAzure || - doc.accessTokenTrustedIpsK8s + doc.accessTokenTrustedIpsK8s || + doc.accessTokenTrustedIpsOidc }; } catch (error) { throw new DatabaseError({ error, name: "IdAccessTokenFindOne" });