refactor: identity provider service

proto/api/v1/idp_service.proto

@@ -4,6 +4,8 @@ package memos.api.v1;
 
 import "google/api/annotations.proto";
 import "google/api/client.proto";
+import "google/api/field_behavior.proto";
+import "google/api/resource.proto";
 import "google/protobuf/empty.proto";
 import "google/protobuf/field_mask.proto";
 
@@ -14,18 +16,22 @@ service IdentityProviderService {
   rpc ListIdentityProviders(ListIdentityProvidersRequest) returns (ListIdentityProvidersResponse) {
     option (google.api.http) = {get: "/api/v1/identityProviders"};
   }
+
   // GetIdentityProvider gets an identity provider.
   rpc GetIdentityProvider(GetIdentityProviderRequest) returns (IdentityProvider) {
     option (google.api.http) = {get: "/api/v1/{name=identityProviders/*}"};
     option (google.api.method_signature) = "name";
   }
+
   // CreateIdentityProvider creates an identity provider.
   rpc CreateIdentityProvider(CreateIdentityProviderRequest) returns (IdentityProvider) {
     option (google.api.http) = {
       post: "/api/v1/identityProviders"
       body: "identity_provider"
     };
+    option (google.api.method_signature) = "identity_provider";
   }
+
   // UpdateIdentityProvider updates an identity provider.
   rpc UpdateIdentityProvider(UpdateIdentityProviderRequest) returns (IdentityProvider) {
     option (google.api.http) = {
@@ -34,6 +40,7 @@ service IdentityProviderService {
     };
     option (google.api.method_signature) = "identity_provider,update_mask";
   }
+
   // DeleteIdentityProvider deletes an identity provider.
   rpc DeleteIdentityProvider(DeleteIdentityProviderRequest) returns (google.protobuf.Empty) {
     option (google.api.http) = {delete: "/api/v1/{name=identityProviders/*}"};
@@ -42,21 +49,37 @@ service IdentityProviderService {
 }
 
 message IdentityProvider {
-  // The name of the identityProvider.
-  // Format: identityProviders/{id}, id is the system generated auto-incremented id.
-  string name = 1;
+  option (google.api.resource) = {
+    type: "memos.api.v1/IdentityProvider"
+    pattern: "identityProviders/{idp}"
+    name_field: "name"
+    singular: "identityProvider"
+    plural: "identityProviders"
+  };
+
+  // The resource name of the identity provider.
+  // Format: identityProviders/{idp}
+  string name = 1 [(google.api.field_behavior) = IDENTIFIER];
+
+  // Output only. The system generated unique identifier.
+  string uid = 2 [(google.api.field_behavior) = OUTPUT_ONLY];
+
+  // Required. The type of the identity provider.
+  Type type = 3 [(google.api.field_behavior) = REQUIRED];
+
+  // Required. The display title of the identity provider.
+  string title = 4 [(google.api.field_behavior) = REQUIRED];
+
+  // Optional. Filter applied to user identifiers.
+  string identifier_filter = 5 [(google.api.field_behavior) = OPTIONAL];
+
+  // Required. Configuration for the identity provider.
+  IdentityProviderConfig config = 6 [(google.api.field_behavior) = REQUIRED];
 
   enum Type {
     TYPE_UNSPECIFIED = 0;
     OAUTH2 = 1;
   }
-  Type type = 2;
-
-  string title = 3;
-
-  string identifier_filter = 4;
-
-  IdentityProviderConfig config = 5;
 }
 
 message IdentityProviderConfig {
@@ -82,32 +105,54 @@ message OAuth2Config {
   FieldMapping field_mapping = 7;
 }
 
-message ListIdentityProvidersRequest {}
+message ListIdentityProvidersRequest {
+  // Optional. The maximum number of identity providers to return.
+  int32 page_size = 1 [(google.api.field_behavior) = OPTIONAL];
+
+  // Optional. A page token for pagination.
+  string page_token = 2 [(google.api.field_behavior) = OPTIONAL];
+}
 
 message ListIdentityProvidersResponse {
+  // The list of identity providers.
   repeated IdentityProvider identity_providers = 1;
+
+  // A token for the next page of results.
+  string next_page_token = 2;
 }
 
 message GetIdentityProviderRequest {
-  // The name of the identityProvider to get.
-  string name = 1;
+  // Required. The resource name of the identity provider to get.
+  // Format: identityProviders/{idp}
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {type: "memos.api.v1/IdentityProvider"}
+  ];
 }
 
 message CreateIdentityProviderRequest {
-  // The identityProvider to create.
-  IdentityProvider identity_provider = 1;
+  // Required. The identity provider to create.
+  IdentityProvider identity_provider = 1 [(google.api.field_behavior) = REQUIRED];
+
+  // Optional. The ID to use for the identity provider, which will become the final component of the resource name.
+  // If not provided, the system will generate one.
+  string identity_provider_id = 2 [(google.api.field_behavior) = OPTIONAL];
 }
 
 message UpdateIdentityProviderRequest {
-  // The identityProvider to update.
-  IdentityProvider identity_provider = 1;
+  // Required. The identity provider to update.
+  IdentityProvider identity_provider = 1 [(google.api.field_behavior) = REQUIRED];
 
-  // The update mask applies to the resource. Only the top level fields of
+  // Required. The update mask applies to the resource. Only the top level fields of
   // IdentityProvider are supported.
-  google.protobuf.FieldMask update_mask = 2;
+  google.protobuf.FieldMask update_mask = 2 [(google.api.field_behavior) = REQUIRED];
 }
 
 message DeleteIdentityProviderRequest {
-  // The name of the identityProvider to delete.
-  string name = 1;
+  // Required. The resource name of the identity provider to delete.
+  // Format: identityProviders/{idp}
+  string name = 1 [
+    (google.api.field_behavior) = REQUIRED,
+    (google.api.resource_reference) = {type: "memos.api.v1/IdentityProvider"}
+  ];
 }

proto/gen/api/v1/idp_service.pb.gw.go

@@ -35,12 +35,20 @@ var (
 	_ = metadata.Join
 )
 
+var filter_IdentityProviderService_ListIdentityProviders_0 = &utilities.DoubleArray{Encoding: map[string]int{}, Base: []int(nil), Check: []int(nil)}
+
 func request_IdentityProviderService_ListIdentityProviders_0(ctx context.Context, marshaler runtime.Marshaler, client IdentityProviderServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
 	var (
 		protoReq ListIdentityProvidersRequest
 		metadata runtime.ServerMetadata
 	)
 	io.Copy(io.Discard, req.Body)
+	if err := req.ParseForm(); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+	if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_IdentityProviderService_ListIdentityProviders_0); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
 	msg, err := client.ListIdentityProviders(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
 	return msg, metadata, err
 }
@@ -50,6 +58,12 @@ func local_request_IdentityProviderService_ListIdentityProviders_0(ctx context.C
 		protoReq ListIdentityProvidersRequest
 		metadata runtime.ServerMetadata
 	)
+	if err := req.ParseForm(); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+	if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_IdentityProviderService_ListIdentityProviders_0); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
 	msg, err := server.ListIdentityProviders(ctx, &protoReq)
 	return msg, metadata, err
 }
@@ -91,6 +105,8 @@ func local_request_IdentityProviderService_GetIdentityProvider_0(ctx context.Con
 	return msg, metadata, err
 }
 
+var filter_IdentityProviderService_CreateIdentityProvider_0 = &utilities.DoubleArray{Encoding: map[string]int{"identity_provider": 0}, Base: []int{1, 1, 0}, Check: []int{0, 1, 2}}
+
 func request_IdentityProviderService_CreateIdentityProvider_0(ctx context.Context, marshaler runtime.Marshaler, client IdentityProviderServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
 	var (
 		protoReq CreateIdentityProviderRequest
@@ -99,6 +115,12 @@ func request_IdentityProviderService_CreateIdentityProvider_0(ctx context.Contex
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq.IdentityProvider); err != nil && !errors.Is(err, io.EOF) {
 		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
+	if err := req.ParseForm(); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+	if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_IdentityProviderService_CreateIdentityProvider_0); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
 	msg, err := client.CreateIdentityProvider(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
 	return msg, metadata, err
 }
@@ -111,6 +133,12 @@ func local_request_IdentityProviderService_CreateIdentityProvider_0(ctx context.
 	if err := marshaler.NewDecoder(req.Body).Decode(&protoReq.IdentityProvider); err != nil && !errors.Is(err, io.EOF) {
 		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
 	}
+	if err := req.ParseForm(); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
+	if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_IdentityProviderService_CreateIdentityProvider_0); err != nil {
+		return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
+	}
 	msg, err := server.CreateIdentityProvider(ctx, &protoReq)
 	return msg, metadata, err
 }

proto/gen/apidocs.swagger.yaml

@@ -136,6 +136,18 @@ paths:
           description: An unexpected error response.
           schema:
             $ref: '#/definitions/googlerpcStatus'
+      parameters:
+        - name: pageSize
+          description: Optional. The maximum number of identity providers to return.
+          in: query
+          required: false
+          type: integer
+          format: int32
+        - name: pageToken
+          description: Optional. A page token for pagination.
+          in: query
+          required: false
+          type: string
       tags:
         - IdentityProviderService
     post:
@@ -152,11 +164,20 @@ paths:
             $ref: '#/definitions/googlerpcStatus'
       parameters:
         - name: identityProvider
-          description: The identityProvider to create.
+          description: Required. The identity provider to create.
           in: body
           required: true
           schema:
             $ref: '#/definitions/apiv1IdentityProvider'
+            required:
+              - identityProvider
+        - name: identityProviderId
+          description: |-
+            Optional. The ID to use for the identity provider, which will become the final component of the resource name.
+            If not provided, the system will generate one.
+          in: query
+          required: false
+          type: string
       tags:
         - IdentityProviderService
   /api/v1/inboxes:
@@ -722,28 +743,41 @@ paths:
       parameters:
         - name: identityProvider.name
           description: |-
-            The name of the identityProvider.
-            Format: identityProviders/{id}, id is the system generated auto-incremented id.
+            The resource name of the identity provider.
+            Format: identityProviders/{idp}
           in: path
           required: true
           type: string
           pattern: identityProviders/[^/]+
         - name: identityProvider
-          description: The identityProvider to update.
+          description: Required. The identity provider to update.
           in: body
           required: true
           schema:
             type: object
             properties:
+              uid:
+                type: string
+                description: Output only. The system generated unique identifier.
+                readOnly: true
               type:
                 $ref: '#/definitions/apiv1IdentityProviderType'
+                description: Required. The type of the identity provider.
               title:
                 type: string
+                description: Required. The display title of the identity provider.
               identifierFilter:
                 type: string
+                description: Optional. Filter applied to user identifiers.
               config:
                 $ref: '#/definitions/apiv1IdentityProviderConfig'
-            title: The identityProvider to update.
+                description: Required. Configuration for the identity provider.
+            title: Required. The identity provider to update.
+            required:
+              - type
+              - title
+              - config
+              - identityProvider
       tags:
         - IdentityProviderService
   /api/v1/{inbox.name}:
@@ -965,7 +999,9 @@ paths:
             $ref: '#/definitions/googlerpcStatus'
       parameters:
         - name: name_2
-          description: The name of the identityProvider to get.
+          description: |-
+            Required. The resource name of the identity provider to get.
+            Format: identityProviders/{idp}
           in: path
           required: true
           type: string
@@ -987,7 +1023,9 @@ paths:
             $ref: '#/definitions/googlerpcStatus'
       parameters:
         - name: name_2
-          description: The name of the identityProvider to delete.
+          description: |-
+            Required. The resource name of the identity provider to delete.
+            Format: identityProviders/{idp}
           in: path
           required: true
           type: string
@@ -2394,17 +2432,29 @@ definitions:
     properties:
       name:
         type: string
-        description: |-
-          The name of the identityProvider.
-          Format: identityProviders/{id}, id is the system generated auto-incremented id.
+        title: |-
+          The resource name of the identity provider.
+          Format: identityProviders/{idp}
+      uid:
+        type: string
+        description: Output only. The system generated unique identifier.
+        readOnly: true
       type:
         $ref: '#/definitions/apiv1IdentityProviderType'
+        description: Required. The type of the identity provider.
       title:
         type: string
+        description: Required. The display title of the identity provider.
       identifierFilter:
         type: string
+        description: Optional. Filter applied to user identifiers.
       config:
         $ref: '#/definitions/apiv1IdentityProviderConfig'
+        description: Required. Configuration for the identity provider.
+    required:
+      - type
+      - title
+      - config
   apiv1IdentityProviderConfig:
     type: object
     properties:
@@ -3036,6 +3086,10 @@ definitions:
         items:
           type: object
           $ref: '#/definitions/apiv1IdentityProvider'
+        description: The list of identity providers.
+      nextPageToken:
+        type: string
+        description: A token for the next page of results.
   v1ListInboxesResponse:
     type: object
     properties:

server/router/api/v1/idp_service.go

@@ -106,6 +106,7 @@ func (s *APIV1Service) DeleteIdentityProvider(ctx context.Context, request *v1pb
 func convertIdentityProviderFromStore(identityProvider *storepb.IdentityProvider) *v1pb.IdentityProvider {
 	temp := &v1pb.IdentityProvider{
 		Name:             fmt.Sprintf("%s%d", IdentityProviderNamePrefix, identityProvider.Id),
+		Uid:              fmt.Sprintf("%d", identityProvider.Id),
 		Title:            identityProvider.Name,
 		IdentifierFilter: identityProvider.IdentifierFilter,
 		Type:             v1pb.IdentityProvider_Type(v1pb.IdentityProvider_Type_value[identityProvider.Type.String()]),

web/src/components/CreateIdentityProviderDialog.tsx

@@ -12,6 +12,7 @@ import { generateDialog } from "./Dialog";
 const templateList: IdentityProvider[] = [
   {
     name: "",
+    uid: "",
     title: "GitHub",
     type: IdentityProvider_Type.OAUTH2,
     identifierFilter: "",
@@ -33,6 +34,7 @@ const templateList: IdentityProvider[] = [
   },
   {
     name: "",
+    uid: "",
     title: "GitLab",
     type: IdentityProvider_Type.OAUTH2,
     identifierFilter: "",
@@ -54,6 +56,7 @@ const templateList: IdentityProvider[] = [
   },
   {
     name: "",
+    uid: "",
     title: "Google",
     type: IdentityProvider_Type.OAUTH2,
     identifierFilter: "",
@@ -75,6 +78,7 @@ const templateList: IdentityProvider[] = [
   },
   {
     name: "",
+    uid: "",
     title: "Custom",
     type: IdentityProvider_Type.OAUTH2,
     identifierFilter: "",