feat(wh): Add oidc related columns to wh_user_dimension #1455
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
mgaffney
requested changes
Aug 11, 2021
Comment on lines
22
to
23
| coalesce(apa.name, 'None') as auth_account_name, | ||
| coalesce(apa.description, 'None') as auth_account_description, |
There was a problem hiding this comment.
I think the auth_oidc_account table also has name and description columns. If so, these need to be case statements.
Comment on lines
47
to
48
| coalesce(apm.name, 'None') as auth_method_name, | ||
| coalesce(apm.description, 'None') as auth_method_description, |
There was a problem hiding this comment.
The auth_oidc_method table has name and description columns so these should be case statements too.
| case | ||
| when apa.public_id is not null then 'Not Applicable' | ||
| when aoa.public_id is null then 'None' | ||
| else aoa.issuer |
There was a problem hiding this comment.
This should be the issuer from the auth_oidc_method table.
| left join auth_method as am on aa.auth_method_id = am.public_id | ||
| left join auth_password_account as apa on aa.public_id = apa.public_id | ||
| left join auth_password_method as apm on am.public_id = apm.public_id | ||
| left join auth_oidc_account as aoa on aa.public_id = aoa.public_id |
There was a problem hiding this comment.
Need a join for auth_oidc_method
mgaffney
previously approved these changes
Aug 11, 2021
This adds new columns to the wh_user_dimension to provide additional
data from OIDC that does not apply to Password Auth.
Note: Given the specifics of the data, it is possible these columns may
be used by other auth methods in the future, hence the lack of `oidc` in
the column names.
The specific columns are:
- auth_method_external_id
For OIDC this is the Issuer
- auth_account_external_id
For OIDC this is the Subject
- auth_account_full_name
For OIDC this is the account's Full Name, and can be `None`.
- auth_account_email
For OIDC this is the account's Email, and can be `None`.
For all of these new columns, they will be `Not Applicable` if the auth
method is Password.
mgaffney
approved these changes
Aug 11, 2021
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This adds new columns to the wh_user_dimension to provide additional
data from OIDC that does not apply to Password Auth.
Note: Given the specifics of the data, it is possible these columns may
be used by other auth methods in the future, hence the lack of
oidcinthe column names.
The specific columns are:
For OIDC this is the Issuer
For OIDC this is the Subject
For OIDC this is the account's Full Name, and can be
None.For OIDC this is the account's Email, and can be
None.For all of these new columns, they will be
Not Applicableif the authmethod is Password.