OpenIDConnect v1 implementation

[jthann]

OpenIDConnect integration implementation #827

[codecov-commenter]

Codecov Report

Base: 79.25% // Head: 77.22% // Decreases project coverage by -2.02% ⚠️

Coverage data is based on head (5d76f55) compared to base (b67c5ff).
Patch coverage: 0.71% of modified lines in pull request are covered.

❗ Current head 5d76f55 differs from pull request most recent head d82ecf4. Consider uploading reports for the commit d82ecf4 to get more accurate results

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #828      +/-   ##
==========================================
- Coverage   79.25%   77.22%   -2.03%     
==========================================
  Files         101      102       +1     
  Lines       11188    11466     +278     
==========================================
- Hits         8867     8855      -12     
- Misses       1826     2112     +286     
- Partials      495      499       +4     

Impacted Files	Coverage Δ
pkg/cluster/cluster_interface.go	76.92% <ø> (ø)
pkg/cluster/op.go	64.63% <0.00%> (-7.56%)	⬇️
pkg/protocols/httpprot/response.go	83.95% <ø> (ø)
pkg/v/v.go	51.92% <ø> (ø)
pkg/filters/oidcadaptor/oidcadaptor.go	0.75% <0.75%> (ø)
pkg/cluster/syncer.go	77.56% <0.00%> (-5.77%)	⬇️
pkg/object/mqttproxy/broker.go	74.79% <0.00%> (-1.01%)	⬇️
pkg/filters/proxy/pool.go	80.05% <0.00%> (+0.87%)	⬆️

Help us with your feedback. Take ten seconds to tell us how you rate us. Have a feature suggestion? Share it here.

☔ View full report at Codecov.
📢 Do you have feedback about the report comment? Let us know in this issue.

[localvar]

Suggested change

	OIDC End-User basic profile map json encoded by standard base64 which header name is `X-Userinfo`
	End-User origin request url before OpenID Connect or OAuth2.0 flow which header name is `X-Origin-ReqURL`
	The ID Token returned by OpenID Connect flow which header name is `X-Id-Token`
	The AccessToken returned by OpenId Connect or OAuth2.0 flow which header name is `X-Access-Token`
	* **X-Userinfo**: Base64 encoded OIDC End-User basic profile.
	* **X-Origin-ReqURL**: End-User origin request URL before OpenID Connect or OAuth2.0 flow.
	* **X-Id-Token**: The ID Token returned by OpenID Connect flow.
	* **X-Access-Token**: The AccessToken returned by OpenId Connect or OAuth2.0 flow.

and propose X-Userinfo to be X-User-Info, X-Origin-ReqURL to be X-Origin-Request-Url.

[localvar]

Suggested change

	"github.com/google/uuid"
	"io"
	"io/ioutil"
	"net/http"
	"net/url"
	"strings"
	"time"
	"github.com/MicahParks/keyfunc"
	"github.com/golang-jwt/jwt/v4"
	"io"
	"io/ioutil"
	"net/http"
	"net/url"
	"strings"
	"time"
	"github.com/google/uuid"
	"github.com/golang-jwt/jwt/v4"
	"github.com/MicahParks/keyfunc"

[localvar]

Suggested change

	//Following are user custom defined
	// Following are user custom defined

[localvar]

Suggested change

	//If Discovery not configured, following should be configured for OAuth2
	// If Discovery is not configured, the following should be configured for OAuth2

[localvar]

Suggested change

	//for testable delegate store interface operation to itself
	// delegate store interface operation to itself for testing

[localvar]

Suggested change

	//nonce is optional
	// nonce is optional

[localvar]

cookie name is not case-sensitive, propose to call req.Cookie

[localvar]

ioutil.ReadAll is Deprecated.

Suggested change

	respBody, err := ioutil.ReadAll(resp.Body)
	respBody, err := io.ReadAll(resp.Body)

[localvar]

Suggested change

	authCode := req.Request.URL.Query().Get("code")
	state := req.Request.URL.Query().Get("state")
	authCode := req.Std().URL.Query().Get("code")
	state := req.Std().URL.Query().Get("state")

[localvar]

Suggested change

	mapClaims, _ := parseToken.Claims.(jwt.MapClaims)
	for k, v := range mapClaims {
	userInfo[k] = v
	}
	if claims, ok := parseToken.Claims.(jwt.MapClaims); ok {
	userInfo = claims
	}