From 5190ea667c55bf7634b58865f7e3f4364d84d506 Mon Sep 17 00:00:00 2001
From: rathnapandi <rathnapandi.n@gmail.com>
Date: Thu, 13 Apr 2023 22:31:27 -0700
Subject: [PATCH] add audience field to oauth auth

---
 pkg/cmd/discovery/root.go     | 18 ++++++++----------
 pkg/subscription/provision.go |  9 ++++++++-
 2 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/pkg/cmd/discovery/root.go b/pkg/cmd/discovery/root.go
index 1f1e695..44b34f9 100644
--- a/pkg/cmd/discovery/root.go
+++ b/pkg/cmd/discovery/root.go
@@ -94,18 +94,15 @@ func initConfig(centralConfig corecfg.CentralConfig) (interface{}, error) {
 	oAuthRedirects := getAuthRedirectSchemaPropertyBuilder()
 
 	oAuthServers := provisioning.NewSchemaPropertyBuilder().
-		SetName(subscription.OauthServerField).
-		SetRequired().
-		SetLabel("Oauth Server").
-		IsString().
-		SetEnumValues(servers)
+		SetName(subscription.OauthServerField).SetRequired().SetLabel("Oauth Server").
+		IsString().SetEnumValues(servers)
 
 	oAuthType := provisioning.NewSchemaPropertyBuilder().
-		SetName(subscription.ApplicationTypeField).
-		SetRequired().
-		SetLabel("Application Type").
-		IsString().
-		SetEnumValues([]string{"Confidential", "Public"})
+		SetName(subscription.ApplicationTypeField).SetRequired().SetLabel("Application Type").
+		IsString().SetEnumValues([]string{"Confidential", "Public"}).SetFirstEnumValue("Confidential")
+
+	audience := provisioning.NewSchemaPropertyBuilder().
+		SetName(subscription.AudienceField).SetLabel("Audience").IsString().SetAsTextArea()
 
 	agent.NewAccessRequestBuilder().SetName(subscription.OAuth2AuthType).Register()
 
@@ -114,6 +111,7 @@ func initConfig(centralConfig corecfg.CentralConfig) (interface{}, error) {
 		coreagent.WithCRDOAuthSecret(),
 		coreagent.WithCRDRequestSchemaProperty(oAuthServers),
 		coreagent.WithCRDRequestSchemaProperty(oAuthType),
+		coreagent.WithCRDRequestSchemaProperty(audience),
 		coreagent.WithCRDRequestSchemaProperty(oAuthRedirects),
 		coreagent.WithCRDRequestSchemaProperty(corsProp)).SetName(subscription.OAuth2AuthType).IsRenewable().Register()
 
diff --git a/pkg/subscription/provision.go b/pkg/subscription/provision.go
index 84a7a70..324e93d 100644
--- a/pkg/subscription/provision.go
+++ b/pkg/subscription/provision.go
@@ -24,6 +24,7 @@ const (
 	ApplicationTypeField = "applicationType"
 	// ClientTypeField -
 	ClientTypeField = "clientType"
+	AudienceField   = "audience"
 )
 
 type provisioner struct {
@@ -300,6 +301,11 @@ func getCredProvData(credData map[string]interface{}) credentialMetaData {
 		credMetaData.appType = data.(string)
 	}
 
+	// Audience type field
+	if data, ok := credData[AudienceField]; ok && data != nil {
+		credMetaData.audience = data.(string)
+	}
+
 	return credMetaData
 }
 
@@ -308,6 +314,7 @@ type credentialMetaData struct {
 	redirectURLs    []string
 	oauthServerName string
 	appType         string
+	audience        string
 }
 
 func createOrGetOauthCredential(application webmethods.Application, provData credentialMetaData, p provisioner) (prov.Credential, error) {
@@ -332,7 +339,7 @@ func createOrGetOauthCredential(application webmethods.Application, provData cre
 			Name:            application.Name,
 			Description:     application.Name,
 			AuthServerAlias: provData.oauthServerName,
-			Audience:        "",
+			Audience:        provData.audience,
 			Type:            "OAUTH2",
 			DcrConfig:       dcrconfig,
 		}