feat(users): setup user authentication methods schema and apis (#4999)

Co-authored-by: hyperswitch-bot[bot] <148525504+hyperswitch-bot[bot]@users.noreply.github.com> Co-authored-by: Mani Chandra Dulam <mani.dchandra@juspay.in>
2025-10-30 17:47:54 +08:00 · 2024-06-21 16:29:17 +05:30
parent 5cde7ee034
commit 2005d3df9f
29 changed files with 888 additions and 16 deletions
--- a/crates/api_models/src/events/user.rs
+++ b/crates/api_models/src/events/user.rs
@ -11,14 +11,15 @@ use crate::user::{
        GetMetaDataRequest, GetMetaDataResponse, GetMultipleMetaDataPayload, SetMetaDataRequest,
    },
    AcceptInviteFromEmailRequest, AuthorizeResponse, BeginTotpResponse, ChangePasswordRequest,
-    ConnectAccountRequest, CreateInternalUserRequest, DashboardEntryResponse,
-    ForgotPasswordRequest, GetUserDetailsResponse, GetUserRoleDetailsRequest,
-    GetUserRoleDetailsResponse, InviteUserRequest, ListUsersResponse, ReInviteUserRequest,
-    RecoveryCodes, ResetPasswordRequest, RotatePasswordRequest, SendVerifyEmailRequest,
-    SignInResponse, SignUpRequest, SignUpWithMerchantIdRequest, SwitchMerchantIdRequest,
-    TokenOrPayloadResponse, TokenResponse, TwoFactorAuthStatusResponse,
-    UpdateUserAccountDetailsRequest, UserFromEmailRequest, UserMerchantCreate, VerifyEmailRequest,
-    VerifyRecoveryCodeRequest, VerifyTotpRequest,
+    ConnectAccountRequest, CreateInternalUserRequest, CreateUserAuthenticationMethodRequest,
+    DashboardEntryResponse, ForgotPasswordRequest, GetUserAuthenticationMethodsRequest,
+    GetUserDetailsResponse, GetUserRoleDetailsRequest, GetUserRoleDetailsResponse,
+    InviteUserRequest, ListUsersResponse, ReInviteUserRequest, RecoveryCodes, ResetPasswordRequest,
+    RotatePasswordRequest, SendVerifyEmailRequest, SignInResponse, SignUpRequest,
+    SignUpWithMerchantIdRequest, SwitchMerchantIdRequest, TokenOrPayloadResponse, TokenResponse,
+    TwoFactorAuthStatusResponse, UpdateUserAccountDetailsRequest,
+    UpdateUserAuthenticationMethodRequest, UserFromEmailRequest, UserMerchantCreate,
+    VerifyEmailRequest, VerifyRecoveryCodeRequest, VerifyTotpRequest,
 };

 impl ApiEventMetric for DashboardEntryResponse {
@ -77,7 +78,10 @@ common_utils::impl_misc_api_event_type!(
    BeginTotpResponse,
    VerifyRecoveryCodeRequest,
    VerifyTotpRequest,
-    RecoveryCodes
+    RecoveryCodes,
+    GetUserAuthenticationMethodsRequest,
+    CreateUserAuthenticationMethodRequest,
+    UpdateUserAuthenticationMethodRequest
 );

 #[cfg(feature = "dummy_connector")]
--- a/crates/api_models/src/user.rs
+++ b/crates/api_models/src/user.rs
@ -280,3 +280,78 @@ pub struct VerifyRecoveryCodeRequest {
 pub struct RecoveryCodes {
    pub recovery_codes: Vec<Secret<String>>,
 }
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+#[serde(tag = "auth_type")]
+#[serde(rename_all = "snake_case")]
+pub enum AuthConfig {
+    OpenIdConnect {
+        private_config: OpenIdConnectPrivateConfig,
+        public_config: OpenIdConnectPublicConfig,
+    },
+    MagicLink,
+    Password,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)]
+pub struct OpenIdConnectPrivateConfig {
+    pub base_url: String,
+    pub client_id: Secret<String>,
+    pub client_secret: Secret<String>,
+    pub private_key: Option<Secret<String>>,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)]
+pub struct OpenIdConnectPublicConfig {
+    pub name: OpenIdProvider,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize, Clone)]
+#[serde(rename_all = "snake_case")]
+pub enum OpenIdProvider {
+    Okta,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct OpenIdConnect {
+    pub name: OpenIdProvider,
+    pub base_url: String,
+    pub client_id: String,
+    pub client_secret: Secret<String>,
+    pub private_key: Option<Secret<String>>,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct CreateUserAuthenticationMethodRequest {
+    pub owner_id: String,
+    pub owner_type: common_enums::Owner,
+    pub auth_method: AuthConfig,
+    pub allow_signup: bool,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct UpdateUserAuthenticationMethodRequest {
+    pub id: String,
+    // TODO: When adding more fields make config and new fields option
+    pub auth_method: AuthConfig,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct GetUserAuthenticationMethodsRequest {
+    pub auth_id: String,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct UserAuthenticationMethodResponse {
+    pub id: String,
+    pub auth_id: String,
+    pub auth_method: AuthMethodDetails,
+    pub allow_signup: bool,
+}
+
+#[derive(Debug, serde::Deserialize, serde::Serialize)]
+pub struct AuthMethodDetails {
+    #[serde(rename = "type")]
+    pub auth_type: common_enums::UserAuthType,
+    pub name: Option<OpenIdProvider>,
+}