From 2497aada8ac9f5592f5b0de275cfe3c330ef7587 Mon Sep 17 00:00:00 2001
From: Sheen Capadngan <sheensantoscapadngan@gmail.com>
Date: Thu, 4 Jul 2024 15:54:37 +0800
Subject: [PATCH] misc: added oidc auth to access token trusted Ips

---
 .../identity-access-token/identity-access-token-dal.ts | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/backend/src/services/identity-access-token/identity-access-token-dal.ts b/backend/src/services/identity-access-token/identity-access-token-dal.ts
index 4f04ef0acf..cac17445df 100644
--- a/backend/src/services/identity-access-token/identity-access-token-dal.ts
+++ b/backend/src/services/identity-access-token/identity-access-token-dal.ts
@@ -51,6 +51,12 @@ export const identityAccessTokenDALFactory = (db: TDbClient) => {
             `${TableName.IdentityKubernetesAuth}.identityId`
           );
         })
+        .leftJoin(TableName.IdentityOidcAuth, (qb) => {
+          qb.on(`${TableName.Identity}.authMethod`, db.raw("?", [IdentityAuthMethod.OIDC_AUTH])).andOn(
+            `${TableName.Identity}.id`,
+            `${TableName.IdentityOidcAuth}.identityId`
+          );
+        })
         .select(selectAllTableCols(TableName.IdentityAccessToken))
         .select(
           db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityUniversalAuth).as("accessTokenTrustedIpsUa"),
@@ -58,6 +64,7 @@ export const identityAccessTokenDALFactory = (db: TDbClient) => {
           db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityAwsAuth).as("accessTokenTrustedIpsAws"),
           db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityAzureAuth).as("accessTokenTrustedIpsAzure"),
           db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityKubernetesAuth).as("accessTokenTrustedIpsK8s"),
+          db.ref("accessTokenTrustedIps").withSchema(TableName.IdentityOidcAuth).as("accessTokenTrustedIpsOidc"),
           db.ref("name").withSchema(TableName.Identity)
         )
         .first();
@@ -71,7 +78,8 @@ export const identityAccessTokenDALFactory = (db: TDbClient) => {
           doc.accessTokenTrustedIpsGcp ||
           doc.accessTokenTrustedIpsAws ||
           doc.accessTokenTrustedIpsAzure ||
-          doc.accessTokenTrustedIpsK8s
+          doc.accessTokenTrustedIpsK8s ||
+          doc.accessTokenTrustedIpsOidc
       };
     } catch (error) {
       throw new DatabaseError({ error, name: "IdAccessTokenFindOne" });