feat(auth): make unsafe_find_jwt_provider generic (#2559)

peterpeterparker · web-flow · commit 350b8b984999 · 2026-01-30T12:18:13.000+01:00
diff --git a/src/libs/auth/src/openid/impls.rs b/src/libs/auth/src/openid/impls.rs
@@ -1,4 +1,5 @@
 use crate::openid::jwt::types::cert::Jwks;
+use crate::openid::jwt::types::provider::JwtIssuers;
 use crate::openid::types::provider::{OpenIdCertificate, OpenIdDelegationProvider, OpenIdProvider};
 use junobuild_shared::data::version::next_version;
 use junobuild_shared::ic::api::time;
@@ -48,6 +49,12 @@ impl OpenIdDelegationProvider {
     }
 }
 
+impl JwtIssuers for OpenIdDelegationProvider {
+    fn issuers(&self) -> &[&'static str] {
+        self.issuers()
+    }
+}
+
 impl Versioned for OpenIdCertificate {
     fn version(&self) -> Option<Version> {
         self.version
diff --git a/src/libs/auth/src/openid/jwt/provider.rs b/src/libs/auth/src/openid/jwt/provider.rs
@@ -1,16 +1,19 @@
 use crate::openid::jwt::header::decode_jwt_header;
 use crate::openid::jwt::types::errors::JwtFindProviderError;
+use crate::openid::jwt::types::provider::JwtIssuers;
 use crate::openid::jwt::types::token::UnsafeClaims;
-use crate::openid::types::provider::OpenIdDelegationProvider;
-use crate::state::types::config::{OpenIdAuthProviderConfig, OpenIdAuthProviders};
 use jsonwebtoken::dangerous;
+use std::collections::BTreeMap;
 
 /// ⚠️ **Warning:** This function decodes the JWT payload *without verifying its signature*.
 /// Use only to inspect claims (e.g., `iss`) before performing a verified decode.
-pub fn unsafe_find_jwt_provider<'a>(
-    providers: &'a OpenIdAuthProviders,
+pub fn unsafe_find_jwt_provider<'a, Provider, Config>(
+    providers: &'a BTreeMap<Provider, Config>,
     jwt: &str,
-) -> Result<(OpenIdDelegationProvider, &'a OpenIdAuthProviderConfig), JwtFindProviderError> {
+) -> Result<(Provider, &'a Config), JwtFindProviderError>
+where
+    Provider: Clone + JwtIssuers,
+{
     // 1) Header sanity check
     decode_jwt_header(jwt).map_err(JwtFindProviderError::from)?;
 
diff --git a/src/libs/auth/src/openid/jwt/types.rs b/src/libs/auth/src/openid/jwt/types.rs
@@ -176,3 +176,9 @@ pub(crate) mod errors {
         BadClaim(String),
     }
 }
+
+pub mod provider {
+    pub trait JwtIssuers {
+        fn issuers(&self) -> &[&'static str];
+    }
+}

Original file line number	Diff line number	Diff line change
`@@ -176,3 +176,9 @@ pub(crate) mod errors {`
`176`	`176`	`BadClaim(String),`
`177`	`177`	`}`
`178`	`178`	`}`
	`179`	`+`
	`180`	`+pub mod provider {`
	`181`	`+ pub trait JwtIssuers {`
	`182`	`+ fn issuers(&self) -> &[&'static str];`
	`183`	`+ }`
	`184`	`+}`