zitadel/internal/query/oidc_settings.go

133 lines
4.3 KiB
Go
Raw Normal View History

package query
import (
"context"
"database/sql"
errs "errors"
"time"
sq "github.com/Masterminds/squirrel"
"github.com/zitadel/zitadel/internal/api/authz"
"github.com/zitadel/zitadel/internal/api/call"
"github.com/zitadel/zitadel/internal/errors"
"github.com/zitadel/zitadel/internal/query/projection"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
)
var (
oidcSettingsTable = table{
name: projection.OIDCSettingsProjectionTable,
instanceIDCol: projection.OIDCSettingsColumnInstanceID,
}
OIDCSettingsColumnAggregateID = Column{
name: projection.OIDCSettingsColumnAggregateID,
table: oidcSettingsTable,
}
OIDCSettingsColumnCreationDate = Column{
name: projection.OIDCSettingsColumnCreationDate,
table: oidcSettingsTable,
}
OIDCSettingsColumnChangeDate = Column{
name: projection.OIDCSettingsColumnChangeDate,
table: oidcSettingsTable,
}
OIDCSettingsColumnResourceOwner = Column{
name: projection.OIDCSettingsColumnResourceOwner,
table: oidcSettingsTable,
}
OIDCSettingsColumnInstanceID = Column{
name: projection.OIDCSettingsColumnInstanceID,
table: oidcSettingsTable,
}
OIDCSettingsColumnSequence = Column{
name: projection.OIDCSettingsColumnSequence,
table: oidcSettingsTable,
}
OIDCSettingsColumnAccessTokenLifetime = Column{
name: projection.OIDCSettingsColumnAccessTokenLifetime,
table: oidcSettingsTable,
}
OIDCSettingsColumnIdTokenLifetime = Column{
name: projection.OIDCSettingsColumnIdTokenLifetime,
table: oidcSettingsTable,
}
OIDCSettingsColumnRefreshTokenIdleExpiration = Column{
name: projection.OIDCSettingsColumnRefreshTokenIdleExpiration,
table: oidcSettingsTable,
}
OIDCSettingsColumnRefreshTokenExpiration = Column{
name: projection.OIDCSettingsColumnRefreshTokenExpiration,
table: oidcSettingsTable,
}
)
type OIDCSettings struct {
AggregateID string
CreationDate time.Time
ChangeDate time.Time
ResourceOwner string
Sequence uint64
AccessTokenLifetime time.Duration `json:"access_token_lifetime,omitempty"`
IdTokenLifetime time.Duration `json:"id_token_lifetime,omitempty"`
RefreshTokenIdleExpiration time.Duration `json:"refresh_token_idle_expiration,omitempty"`
RefreshTokenExpiration time.Duration `json:"refresh_token_expiration,omitempty"`
}
func (q *Queries) OIDCSettingsByAggID(ctx context.Context, aggregateID string) (settings *OIDCSettings, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
stmt, scan := prepareOIDCSettingsQuery(ctx, q.client)
query, args, err := stmt.Where(sq.Eq{
OIDCSettingsColumnAggregateID.identifier(): aggregateID,
feat: handle instance from context (#3382) * commander * commander * selber! * move to packages * fix(errors): implement Is interface * test: command * test: commands * add init steps * setup tenant * add default step yaml * possibility to set password * merge v2 into v2-commander * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: rename iam command side to instance * fix: search query builder can filter events in memory * fix: filters for add member * fix(setup): add `ExternalSecure` to config * chore: name iam to instance * fix: matching * remove unsued func * base url * base url * test(command): filter funcs * test: commands * fix: rename orgiampolicy to domain policy * start from init * commands * config * fix indexes and add constraints * fixes * fix: merge conflicts * fix: protos * fix: md files * setup * add deprecated org iam policy again * typo * fix search query * fix filter * Apply suggestions from code review * remove custom org from org setup * add todos for verification * change apps creation * simplify package structure * fix error * move preparation helper for tests * fix unique constraints * fix config mapping in setup * fix error handling in encryption_keys.go * fix projection config * fix query from old views to projection * fix setup of mgmt api * set iam project and fix instance projection * fix tokens view * fix steps.yaml and defaults.yaml * fix projections * change instance context to interface * instance interceptors and additional events in setup * cleanup * tests for interceptors * fix label policy * add todo * single api endpoint in environment.json Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-29 11:53:19 +02:00
OIDCSettingsColumnInstanceID.identifier(): authz.GetInstance(ctx).InstanceID(),
}).ToSql()
if err != nil {
return nil, errors.ThrowInternal(err, "QUERY-s9nle", "Errors.Query.SQLStatment")
}
err = q.client.QueryRowContext(ctx, func(row *sql.Row) error {
settings, err = scan(row)
return err
}, query, args...)
return settings, err
}
func prepareOIDCSettingsQuery(ctx context.Context, db prepareDatabase) (sq.SelectBuilder, func(*sql.Row) (*OIDCSettings, error)) {
return sq.Select(
OIDCSettingsColumnAggregateID.identifier(),
OIDCSettingsColumnCreationDate.identifier(),
OIDCSettingsColumnChangeDate.identifier(),
OIDCSettingsColumnResourceOwner.identifier(),
OIDCSettingsColumnSequence.identifier(),
OIDCSettingsColumnAccessTokenLifetime.identifier(),
OIDCSettingsColumnIdTokenLifetime.identifier(),
OIDCSettingsColumnRefreshTokenIdleExpiration.identifier(),
OIDCSettingsColumnRefreshTokenExpiration.identifier()).
From(oidcSettingsTable.identifier() + db.Timetravel(call.Took(ctx))).
PlaceholderFormat(sq.Dollar),
func(row *sql.Row) (*OIDCSettings, error) {
oidcSettings := new(OIDCSettings)
err := row.Scan(
&oidcSettings.AggregateID,
&oidcSettings.CreationDate,
&oidcSettings.ChangeDate,
&oidcSettings.ResourceOwner,
&oidcSettings.Sequence,
&oidcSettings.AccessTokenLifetime,
&oidcSettings.IdTokenLifetime,
&oidcSettings.RefreshTokenIdleExpiration,
&oidcSettings.RefreshTokenExpiration,
)
if err != nil {
if errs.Is(err, sql.ErrNoRows) {
return nil, errors.ThrowNotFound(err, "QUERY-s9nlw", "Errors.OIDCSettings.NotFound")
}
return nil, errors.ThrowInternal(err, "QUERY-9bf8s", "Errors.Internal")
}
return oidcSettings, nil
}
}