From 768efc0915f3339a69cedc1e29eb87f7bf58967d Mon Sep 17 00:00:00 2001 From: Stanislav Kiselev <151746694+stankis@users.noreply.github.com> Date: Mon, 24 Jun 2024 14:36:43 +0300 Subject: [PATCH] Add Zitadel user roles (#145) * Add Zitadel user roles * Code review fixes --- src/utils/zitadel.ts | 32 +++++++++++++++++++++++++++++++- 1 file changed, 31 insertions(+), 1 deletion(-) diff --git a/src/utils/zitadel.ts b/src/utils/zitadel.ts index c8c31cfd..4c115299 100644 --- a/src/utils/zitadel.ts +++ b/src/utils/zitadel.ts @@ -3,15 +3,42 @@ import {Utils} from './utils'; import axios from 'axios'; import axiosRetry from 'axios-retry'; +enum ZitadelUserRole { + Creator = 'creator', + Admin = 'admin', + Viewer = 'viewer', +} + type IntrospectionResult = { active: boolean; userId?: string; username?: string; + role?: ZitadelUserRole; }; const axiosInstance = axios.create(); axiosRetry(axiosInstance, {retries: 3}); +const getRole = (data: any): ZitadelUserRole => { + const scope = 'urn:zitadel:iam:org:project:roles'; + + const roles = data[scope]; + + if (!roles) { + return ZitadelUserRole.Viewer; + } + + if (roles['admin']) { + return ZitadelUserRole.Admin; + } + + if (roles['creator']) { + return ZitadelUserRole.Creator; + } + + return ZitadelUserRole.Viewer; +}; + export const introspect = async (ctx: AppContext, token?: string): Promise => { ctx.log('Token introspection'); @@ -47,7 +74,10 @@ export const introspect = async (ctx: AppContext, token?: string): Promise