authenticateflow: move stateless flow logic (#4820)

Consolidate all logic specific to the stateless authenticate flow into a a new Stateless type in a new package internal/authenticateflow. This is in preparation for adding a new Stateful type implementing the older stateful authenticate flow (from Pomerium v0.20 and previous). This change is intended as a pure refactoring of existing logic, with no changes in functionality.
2025-07-19 17:50:17 +02:00 · 2023-12-06 16:55:57 -08:00 · 2023-12-06 16:55:57 -08:00 · b7896b3153
commit b7896b3153
parent 3b2bdd059a
18 changed files with 823 additions and 461 deletions
--- a/internal/authenticateflow/authenticateflow.go
+++ b/internal/authenticateflow/authenticateflow.go
@ -0,0 +1,31 @@
+// Package authenticateflow implements the core authentication flow. This
+// includes creating and parsing sign-in redirect URLs, storing and retrieving
+// session data, and handling authentication callback URLs.
+package authenticateflow
+
+import (
+	"fmt"
+
+	"google.golang.org/protobuf/types/known/structpb"
+
+	"github.com/pomerium/pomerium/internal/identity"
+	"github.com/pomerium/pomerium/pkg/grpc"
+	"github.com/pomerium/pomerium/pkg/grpc/user"
+)
+
+var outboundGRPCConnection = new(grpc.CachedOutboundGRPClientConn)
+
+func populateUserFromClaims(u *user.User, claims map[string]interface{}) {
+	if v, ok := claims["name"]; ok {
+		u.Name = fmt.Sprint(v)
+	}
+	if v, ok := claims["email"]; ok {
+		u.Email = fmt.Sprint(v)
+	}
+	if u.Claims == nil {
+		u.Claims = make(map[string]*structpb.ListValue)
+	}
+	for k, vs := range identity.Claims(claims).Flatten().ToPB() {
+		u.Claims[k] = vs
+	}
+}