feat: add updateUserOnLogin config option for oidc, jwt

internal/auth/auth.go

@@ -143,19 +143,36 @@ func GetAuthInstance() *Authentication {
 	return authInstance
 }
 
-func persistUser(user *schema.User) {
+func handleTokenUser(tokenUser *schema.User) {
 	r := repository.GetUserRepository()
-	dbUser, err := r.GetUser(user.Username)
+	dbUser, err := r.GetUser(tokenUser.Username)
 
 	if err != nil && err != sql.ErrNoRows {
-		log.Errorf("Error while loading user '%s': %v", user.Username, err)
+		log.Errorf("Error while loading user '%s': %v", tokenUser.Username, err)
-	} else if err == sql.ErrNoRows { // Adds New User
+	} else if err == sql.ErrNoRows && config.Keys.JwtConfig.SyncUserOnLogin { // Adds New User
-		if err := r.AddUser(user); err != nil {
+		if err := r.AddUser(tokenUser); err != nil {
-			log.Errorf("Error while adding user '%s' to DB: %v", user.Username, err)
+			log.Errorf("Error while adding user '%s' to DB: %v", tokenUser.Username, err)
 		}
-	} else { // Update Existing
+	} else if err == nil && config.Keys.JwtConfig.UpdateUserOnLogin { // Update Existing User
-		if err := r.UpdateUser(dbUser, user); err != nil {
+		if err := r.UpdateUser(dbUser, tokenUser); err != nil {
-			log.Errorf("Error while updating user '%s' to DB: %v", user.Username, err)
+			log.Errorf("Error while updating user '%s' to DB: %v", dbUser.Username, err)
+		}
+	}
+}
+
+func handleOIDCUser(OIDCUser *schema.User) {
+	r := repository.GetUserRepository()
+	dbUser, err := r.GetUser(OIDCUser.Username)
+
+	if err != nil && err != sql.ErrNoRows {
+		log.Errorf("Error while loading user '%s': %v", OIDCUser.Username, err)
+	} else if err == sql.ErrNoRows && config.Keys.OpenIDConfig.SyncUserOnLogin { // Adds New User
+		if err := r.AddUser(OIDCUser); err != nil {
+			log.Errorf("Error while adding user '%s' to DB: %v", OIDCUser.Username, err)
+		}
+	} else if err == nil && config.Keys.OpenIDConfig.UpdateUserOnLogin { // Update Existing User
+		if err := r.UpdateUser(dbUser, OIDCUser); err != nil {
+			log.Errorf("Error while updating user '%s' to DB: %v", dbUser.Username, err)
 		}
 	}
 }

internal/auth/jwtCookieSession.go

@@ -198,8 +198,8 @@ func (ja *JWTCookieSessionAuthenticator) Login(
 			AuthSource: schema.AuthViaToken,
 		}
 
-		if jc.SyncUserOnLogin {
+		if jc.SyncUserOnLogin || jc.UpdateUserOnLogin {
-			persistUser(user)
+			handleTokenUser(user)
 		}
 	}
 

internal/auth/jwtSession.go

@@ -138,8 +138,8 @@ func (ja *JWTSessionAuthenticator) Login(
 			AuthSource: schema.AuthViaToken,
 		}
 
-		if config.Keys.JwtConfig.SyncUserOnLogin {
+		if config.Keys.JwtConfig.SyncUserOnLogin || config.Keys.JwtConfig.UpdateUserOnLogin {
-			persistUser(user)
+			handleTokenUser(user)
 		}
 	}
 

internal/auth/oidc.go

@@ -168,8 +168,8 @@ func (oa *OIDC) OAuth2Callback(rw http.ResponseWriter, r *http.Request) {
 		AuthSource: schema.AuthViaOIDC,
 	}
 
-	if config.Keys.OpenIDConfig.SyncUserOnLogin {
+	if config.Keys.OpenIDConfig.SyncUserOnLogin || config.Keys.OpenIDConfig.UpdateUserOnLogin {
-		persistUser(user)
+		handleOIDCUser(user)
 	}
 
 	oa.authentication.SaveSession(rw, r, user)

pkg/schema/config.go

@@ -24,8 +24,9 @@ type LdapConfig struct {
 }
 
 type OpenIDConfig struct {
-	Provider        string `json:"provider"`
+	Provider          string `json:"provider"`
-	SyncUserOnLogin bool   `json:"syncUserOnLogin"`
+	SyncUserOnLogin   bool   `json:"syncUserOnLogin"`
+	UpdateUserOnLogin bool   `json:"updateUserOnLogin"`
 }
 
 type JWTAuthConfig struct {
@@ -45,6 +46,9 @@ type JWTAuthConfig struct {
 
 	// Should an non-existent user be added to the DB based on the information in the token
 	SyncUserOnLogin bool `json:"syncUserOnLogin"`
+
+	// Should an existent user be updated in the DB based on the information in the token
+	UpdateUserOnLogin bool `json:"updateUserOnLogin"`
 }
 
 type IntRange struct {