Backwards compatibility for OIDCConnector v2

This also removes the extra boolean flag that was added previously.
gravitational · Jan 21, 2022 · 9abac05 · 9abac05
1 parent 81e534c
commit 9abac05
Show file tree

Hide file tree

Showing 4 changed files with 719 additions and 726 deletions.
diff --git a/api/types/oidc.go b/api/types/oidc.go
@@ -88,10 +88,6 @@ type OIDCConnector interface {
 	// https://developers.google.com/identity/protocols/OAuth2ServiceAccount#delegatingauthority
 	// "Note: Although you can use service accounts in applications that run from a Google Workspace (formerly G Suite) domain, service accounts are not members of your Google Workspace account and aren’t subject to domain policies set by  administrators. For example, a policy set in the Google Workspace admin console to restrict the ability of end users to share documents outside of the domain would not apply to service accounts."
 	GetGoogleAdminEmail() string
-	// GetGoogleTransitiveGroups returns true if the connector is meant to fetch
-	// the list of transitive groups or just the groups that users directly
-	// belong to.
-	GetGoogleTransitiveGroups() bool
 }
 
 // NewOIDCConnector returns a new OIDCConnector based off a name and OIDCConnectorSpecV3.
@@ -147,11 +143,6 @@ func (o *OIDCConnectorV3) GetGoogleAdminEmail() string {
 	return o.Spec.GoogleAdminEmail
 }
 
-// GetGoogleTransitiveGroups returns true if we should fetch transitive groups
-func (o *OIDCConnectorV3) GetGoogleTransitiveGroups() bool {
-	return o.Spec.GoogleTransitiveGroups
-}
-
 // GetVersion returns resource version
 func (o *OIDCConnectorV3) GetVersion() string {
 	return o.Version