feat: multi-instance-ocis

Signed-off-by: Julian Koberg <julian.koberg@kiteworks.com>
2026-04-26 01:35:25 +02:00 · 2025-11-26 14:10:23 +01:00
parent 9f2b8a5b0a
commit b5a765124b
14 changed files with 379 additions and 188 deletions
--- a/services/proxy/pkg/user/backend/cs3.go
+++ b/services/proxy/pkg/user/backend/cs3.go
@@ -163,7 +163,7 @@ func (c *cs3backend) Authenticate(ctx context.Context, username string, password
 // attributes from the provided `claims` map. On success it returns the new
 // user. If the user already exist this is not considered an error and the
 // function will just return the existing user.
-func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string]interface{}) (*cs3.User, error) {
+func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string]interface{}, guest bool) (*cs3.User, error) {
 	gatewayClient, err := c.gatewaySelector.Next()
 	if err != nil {
 		c.logger.Error().Err(err).Msg("could not select next gateway client")
@@ -188,12 +188,13 @@ func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string
 		return nil, err
 	}

-	newUser, err := c.libregraphUserFromClaims(claims)
+	newUser, err := c.libregraphUserFromClaims(claims, guest)
 	if err != nil {
 		c.logger.Error().Err(err).Interface("claims", claims).Msg("Error creating user from claims")
 		return nil, fmt.Errorf("error creating user from claims: %w", err)
 	}

+	fmt.Println("XXX PROXY Creating user with", newUser.GetUserType())
 	req := lgClient.UsersApi.CreateUser(newctx).User(newUser)

 	created, resp, err := req.Execute()
@@ -236,7 +237,7 @@ func (c *cs3backend) CreateUserFromClaims(ctx context.Context, claims map[string
 }

 func (c *cs3backend) UpdateUserIfNeeded(ctx context.Context, user *cs3.User, claims map[string]interface{}) error {
-	newUser, err := c.libregraphUserFromClaims(claims)
+	newUser, err := c.libregraphUserFromClaims(claims, false)
 	if err != nil {
 		c.logger.Error().Err(err).Interface("claims", claims).Msg("Error converting claims to user")
 		return fmt.Errorf("error converting claims to updated user: %w", err)
@@ -475,7 +476,7 @@ func (c *cs3backend) isAlreadyExists(resp *http.Response) (bool, error) {
 	return false, nil
 }

-func (c *cs3backend) libregraphUserFromClaims(claims map[string]interface{}) (libregraph.User, error) {
+func (c *cs3backend) libregraphUserFromClaims(claims map[string]interface{}, guest bool) (libregraph.User, error) {
 	user := libregraph.User{}
 	if dn, ok := claims[c.autoProvisionClaims.DisplayName].(string); ok {
 		user.SetDisplayName(dn)
@@ -491,6 +492,9 @@ func (c *cs3backend) libregraphUserFromClaims(claims map[string]interface{}) (li
 	if mail, ok := claims[c.autoProvisionClaims.Email].(string); ok {
 		user.SetMail(mail)
 	}
+	if guest {
+		user.SetUserType("guest")
+	}

 	sub, subExists := claims[oidc.Sub].(string)
 	iss, issExists := claims[oidc.Iss].(string)