From 0b08da2b46cc458e07077ec71c576aba8033f821 Mon Sep 17 00:00:00 2001
From: wangsijie <wangsijie@silverhand.io>
Date: Tue, 9 Jan 2024 11:45:38 +0800
Subject: [PATCH] feat(core): generate oidc metadata for protected app (#5188)

---
 .../core/src/routes/applications/application.test.ts  |  4 ++++
 packages/core/src/routes/applications/application.ts  |  4 ++--
 packages/core/src/routes/applications/utils.ts        | 11 ++++++++++-
 3 files changed, 16 insertions(+), 3 deletions(-)

diff --git a/packages/core/src/routes/applications/application.test.ts b/packages/core/src/routes/applications/application.test.ts
index e2ee1960a..e94403ade 100644
--- a/packages/core/src/routes/applications/application.test.ts
+++ b/packages/core/src/routes/applications/application.test.ts
@@ -110,6 +110,10 @@ describe('application route', () => {
       name,
       type,
       protectedAppMetadata,
+      oidcClientMetadata: {
+        redirectUris: [`https://${protectedAppMetadata?.host ?? ''}/callback`],
+        postLogoutRedirectUris: [`https://${protectedAppMetadata?.host ?? ''}`],
+      },
     });
   });
 
diff --git a/packages/core/src/routes/applications/application.ts b/packages/core/src/routes/applications/application.ts
index 8d6fbe12d..64108d685 100644
--- a/packages/core/src/routes/applications/application.ts
+++ b/packages/core/src/routes/applications/application.ts
@@ -24,7 +24,7 @@ import {
   applicationCreateGuard,
   applicationPatchGuard,
 } from './types.js';
-import { buildProtectedAppMetadata } from './utils.js';
+import { buildProtectedAppData } from './utils.js';
 
 const includesInternalAdminRole = (roles: Readonly<Array<{ role: Role }>>) =>
   roles.some(({ role: { name } }) => name === InternalRole.Admin);
@@ -161,7 +161,7 @@ export default function applicationRoutes<T extends AuthedRouter>(
         ...conditional(
           rest.type === ApplicationType.Protected &&
             protectedAppMetadata &&
-            buildProtectedAppMetadata(protectedAppMetadata)
+            buildProtectedAppData(protectedAppMetadata)
         ),
         ...rest,
       });
diff --git a/packages/core/src/routes/applications/utils.ts b/packages/core/src/routes/applications/utils.ts
index 4ea9b094b..797c35037 100644
--- a/packages/core/src/routes/applications/utils.ts
+++ b/packages/core/src/routes/applications/utils.ts
@@ -1,10 +1,19 @@
 import { defaultProtectedAppPageRules, defaultProtectedAppSessionDuration } from './constants.js';
 
-export const buildProtectedAppMetadata = ({ host, origin }: { host: string; origin: string }) => ({
+/**
+ * Build application data for protected app
+ * generate default protectedAppMetadata based on host and origin
+ * generate redirectUris and postLogoutRedirectUris based on host
+ */
+export const buildProtectedAppData = ({ host, origin }: { host: string; origin: string }) => ({
   protectedAppMetadata: {
     host,
     origin,
     sessionDuration: defaultProtectedAppSessionDuration,
     pageRules: defaultProtectedAppPageRules,
   },
+  oidcClientMetadata: {
+    redirectUris: [`https://${host}/callback`],
+    postLogoutRedirectUris: [`https://${host}`],
+  },
 });