ping: identity and directory providers (#1975)

* ping: add identity provider

* ping: implement directory provider

* ping, not onelogin

* ping, not onelogin

* escape path params

internal/identity/oidc/ping/ping.go

@@ -0,0 +1,39 @@
+// Package ping implements OpenID Connect for Ping
+//
+// https://www.pomerium.io/docs/identity-providers/ping.html
+package ping
+
+import (
+	"context"
+	"fmt"
+
+	"github.com/pomerium/pomerium/internal/identity/oauth"
+	pom_oidc "github.com/pomerium/pomerium/internal/identity/oidc"
+)
+
+const (
+	// Name identifies the Ping identity provider.
+	Name = "ping"
+)
+
+// Provider is a Ping implementation of the Authenticator interface.
+type Provider struct {
+	*pom_oidc.Provider
+}
+
+// New instantiates an OpenID Connect (OIDC) provider for Ping.
+func New(ctx context.Context, o *oauth.Options) (*Provider, error) {
+	var p Provider
+	var err error
+	genericOidc, err := pom_oidc.New(ctx, o)
+	if err != nil {
+		return nil, fmt.Errorf("%s: failed creating oidc provider: %w", Name, err)
+	}
+	p.Provider = genericOidc
+	return &p, nil
+}
+
+// Name returns the provider name.
+func (p *Provider) Name() string {
+	return Name
+}

internal/identity/providers.go

@@ -20,6 +20,7 @@ import (
 	"github.com/pomerium/pomerium/internal/identity/oidc/google"
 	"github.com/pomerium/pomerium/internal/identity/oidc/okta"
 	"github.com/pomerium/pomerium/internal/identity/oidc/onelogin"
+	"github.com/pomerium/pomerium/internal/identity/oidc/ping"
 )
 
 // Authenticator is an interface representing the ability to authenticate with an identity provider.
@@ -53,6 +54,8 @@ func NewAuthenticator(o oauth.Options) (a Authenticator, err error) {
 		a, err = okta.New(ctx, &o)
 	case onelogin.Name:
 		a, err = onelogin.New(ctx, &o)
+	case ping.Name:
+		a, err = ping.New(ctx, &o)
 	default:
 		return nil, fmt.Errorf("identity: unknown provider: %s", o.ProviderName)
 	}