zitadel/internal/query/certificate_test.go

package query

import (
	"database/sql"
	"database/sql/driver"
	"errors"
	"fmt"
	"regexp"
	"testing"

	"github.com/zitadel/zitadel/internal/crypto"
	"github.com/zitadel/zitadel/internal/domain"
	errs "github.com/zitadel/zitadel/internal/errors"
)

func Test_CertificatePrepares(t *testing.T) {
	type want struct {
		sqlExpectations sqlExpectation
		err             checkErr
	}
	tests := []struct {
		name    string
		prepare interface{}
		want    want
		object  interface{}
	}{
		{
			name:    "prepareCertificateQuery no result",
			prepare: prepareCertificateQuery,
			want: want{
				sqlExpectations: mockQueries(
					regexp.QuoteMeta(`SELECT projections.keys4.id,`+
						` projections.keys4.creation_date,`+
						` projections.keys4.change_date,`+
						` projections.keys4.sequence,`+
						` projections.keys4.resource_owner,`+
						` projections.keys4.algorithm,`+
						` projections.keys4.use,`+
						` projections.keys4_certificate.expiry,`+
						` projections.keys4_certificate.certificate,`+
						` projections.keys4_private.key,`+
						` COUNT(*) OVER ()`+
						` FROM projections.keys4`+
						` LEFT JOIN projections.keys4_certificate ON projections.keys4.id = projections.keys4_certificate.id AND projections.keys4.instance_id = projections.keys4_certificate.instance_id`+
						` LEFT JOIN projections.keys4_private ON projections.keys4.id = projections.keys4_private.id AND projections.keys4.instance_id = projections.keys4_private.instance_id`),
					nil,
					nil,
				),
				err: func(err error) (error, bool) {
					if !errs.IsNotFound(err) {
						return fmt.Errorf("err should be zitadel.NotFoundError got: %w", err), false
					}
					return nil, true
				},
			},
			object: &Certificates{Certificates: []Certificate{}},
		},
		{
			name:    "prepareCertificateQuery found",
			prepare: prepareCertificateQuery,
			want: want{
				sqlExpectations: mockQueries(
					regexp.QuoteMeta(`SELECT projections.keys4.id,`+
						` projections.keys4.creation_date,`+
						` projections.keys4.change_date,`+
						` projections.keys4.sequence,`+
						` projections.keys4.resource_owner,`+
						` projections.keys4.algorithm,`+
						` projections.keys4.use,`+
						` projections.keys4_certificate.expiry,`+
						` projections.keys4_certificate.certificate,`+
						` projections.keys4_private.key,`+
						` COUNT(*) OVER ()`+
						` FROM projections.keys4`+
						` LEFT JOIN projections.keys4_certificate ON projections.keys4.id = projections.keys4_certificate.id AND projections.keys4.instance_id = projections.keys4_certificate.instance_id`+
						` LEFT JOIN projections.keys4_private ON projections.keys4.id = projections.keys4_private.id AND projections.keys4.instance_id = projections.keys4_private.instance_id`),
					[]string{
						"id",
						"creation_date",
						"change_date",
						"sequence",
						"resource_owner",
						"algorithm",
						"use",
						"expiry",
						"certificate",
						"key",
						"count",
					},
					[][]driver.Value{
						{
							"key-id",
							testNow,
							testNow,
							uint64(20211109),
							"ro",
							"",
							1,
							testNow,
							[]byte(`privateKey`),
							[]byte(`{"Algorithm": "enc", "Crypted": "cHJpdmF0ZUtleQ==", "CryptoType": 0, "KeyID": "id"}`),
						},
					},
				),
			},
			object: &Certificates{
				SearchResponse: SearchResponse{
					Count: 1,
				},
				Certificates: []Certificate{
					&rsaCertificate{
						key: key{
							id:            "key-id",
							creationDate:  testNow,
							changeDate:    testNow,
							sequence:      20211109,
							resourceOwner: "ro",
							algorithm:     "",
							use:           domain.KeyUsageSAMLMetadataSigning,
						},
						expiry:      testNow,
						certificate: []byte("privateKey"),
						privateKey: &crypto.CryptoValue{
							CryptoType: crypto.TypeEncryption,
							Algorithm:  "enc",
							KeyID:      "id",
							Crypted:    []byte("privateKey"),
						},
					},
				},
			},
		},
		{
			name:    "prepareCertificateQuery sql err",
			prepare: prepareCertificateQuery,
			want: want{
				sqlExpectations: mockQueryErr(
					regexp.QuoteMeta(`SELECT projections.keys4.id,`+
						` projections.keys4.creation_date,`+
						` projections.keys4.change_date,`+
						` projections.keys4.sequence,`+
						` projections.keys4.resource_owner,`+
						` projections.keys4.algorithm,`+
						` projections.keys4.use,`+
						` projections.keys4_certificate.expiry,`+
						` projections.keys4_certificate.certificate,`+
						` projections.keys4_private.key,`+
						` COUNT(*) OVER ()`+
						` FROM projections.keys4`+
						` LEFT JOIN projections.keys4_certificate ON projections.keys4.id = projections.keys4_certificate.id AND projections.keys4.instance_id = projections.keys4_certificate.instance_id`+
						` LEFT JOIN projections.keys4_private ON projections.keys4.id = projections.keys4_private.id AND projections.keys4.instance_id = projections.keys4_private.instance_id`),
					sql.ErrConnDone,
				),
				err: func(err error) (error, bool) {
					if !errors.Is(err, sql.ErrConnDone) {
						return fmt.Errorf("err should be sql.ErrConnDone got: %w", err), false
					}
					return nil, true
				},
			},
			object: nil,
		},
	}
	for _, tt := range tests {
		t.Run(tt.name, func(t *testing.T) {
			assertPrepare(t, tt.prepare, tt.object, tt.want.sqlExpectations, tt.want.err)
		})
	}
}
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			`package query`

			`import (`
			`"database/sql"`
			`"database/sql/driver"`
			`"errors"`
			`"fmt"`
			`"regexp"`
			`"testing"`

			`"github.com/zitadel/zitadel/internal/crypto"`
			`"github.com/zitadel/zitadel/internal/domain"`
			`errs "github.com/zitadel/zitadel/internal/errors"`
			`)`

			`func Test_CertificatePrepares(t *testing.T) {`
			`type want struct {`
			`sqlExpectations sqlExpectation`
			`err checkErr`
			`}`
			`tests := []struct {`
			`name string`
			`prepare interface{}`
			`want want`
			`object interface{}`
			`}{`
			`{`
			`name: "prepareCertificateQuery no result",`
			`prepare: prepareCertificateQuery,`
			`want: want{`
			`sqlExpectations: mockQueries(`
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			regexp.QuoteMeta(`SELECT projections.keys4.id,`+
			` projections.keys4.creation_date,`+
			` projections.keys4.change_date,`+
			` projections.keys4.sequence,`+
			` projections.keys4.resource_owner,`+
			` projections.keys4.algorithm,`+
			` projections.keys4.use,`+
			` projections.keys4_certificate.expiry,`+
			` projections.keys4_certificate.certificate,`+
			` projections.keys4_private.key,`+
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			` COUNT(*) OVER ()`+
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			` FROM projections.keys4`+
			` LEFT JOIN projections.keys4_certificate ON projections.keys4.id = projections.keys4_certificate.id AND projections.keys4.instance_id = projections.keys4_certificate.instance_id`+
			` LEFT JOIN projections.keys4_private ON projections.keys4.id = projections.keys4_private.id AND projections.keys4.instance_id = projections.keys4_private.instance_id`),
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			`nil,`
			`nil,`
			`),`
			`err: func(err error) (error, bool) {`
			`if !errs.IsNotFound(err) {`
			`return fmt.Errorf("err should be zitadel.NotFoundError got: %w", err), false`
			`}`
			`return nil, true`
			`},`
			`},`
			`object: &Certificates{Certificates: []Certificate{}},`
			`},`
			`{`
			`name: "prepareCertificateQuery found",`
			`prepare: prepareCertificateQuery,`
			`want: want{`
			`sqlExpectations: mockQueries(`
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			regexp.QuoteMeta(`SELECT projections.keys4.id,`+
			` projections.keys4.creation_date,`+
			` projections.keys4.change_date,`+
			` projections.keys4.sequence,`+
			` projections.keys4.resource_owner,`+
			` projections.keys4.algorithm,`+
			` projections.keys4.use,`+
			` projections.keys4_certificate.expiry,`+
			` projections.keys4_certificate.certificate,`+
			` projections.keys4_private.key,`+
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			` COUNT(*) OVER ()`+
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			` FROM projections.keys4`+
			` LEFT JOIN projections.keys4_certificate ON projections.keys4.id = projections.keys4_certificate.id AND projections.keys4.instance_id = projections.keys4_certificate.instance_id`+
			` LEFT JOIN projections.keys4_private ON projections.keys4.id = projections.keys4_private.id AND projections.keys4.instance_id = projections.keys4_private.instance_id`),
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			`[]string{`
			`"id",`
			`"creation_date",`
			`"change_date",`
			`"sequence",`
			`"resource_owner",`
			`"algorithm",`
			`"use",`
			`"expiry",`
			`"certificate",`
			`"key",`
			`"count",`
			`},`
			`[][]driver.Value{`
			`{`
			`"key-id",`
			`testNow,`
			`testNow,`
			`uint64(20211109),`
			`"ro",`
			`"",`
			`1,`
			`testNow,`
			[]byte(`privateKey`),
			[]byte(`{"Algorithm": "enc", "Crypted": "cHJpdmF0ZUtleQ==", "CryptoType": 0, "KeyID": "id"}`),
			`},`
			`},`
			`),`
			`},`
			`object: &Certificates{`
			`SearchResponse: SearchResponse{`
			`Count: 1,`
			`},`
			`Certificates: []Certificate{`
			`&rsaCertificate{`
			`key: key{`
			`id: "key-id",`
			`creationDate: testNow,`
			`changeDate: testNow,`
			`sequence: 20211109,`
			`resourceOwner: "ro",`
			`algorithm: "",`
			`use: domain.KeyUsageSAMLMetadataSigning,`
			`},`
			`expiry: testNow,`
			`certificate: []byte("privateKey"),`
			`privateKey: &crypto.CryptoValue{`
			`CryptoType: crypto.TypeEncryption,`
			`Algorithm: "enc",`
			`KeyID: "id",`
			`Crypted: []byte("privateKey"),`
			`},`
			`},`
			`},`
			`},`
			`},`
			`{`
			`name: "prepareCertificateQuery sql err",`
			`prepare: prepareCertificateQuery,`
			`want: want{`
			`sqlExpectations: mockQueryErr(`
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			regexp.QuoteMeta(`SELECT projections.keys4.id,`+
			` projections.keys4.creation_date,`+
			` projections.keys4.change_date,`+
			` projections.keys4.sequence,`+
			` projections.keys4.resource_owner,`+
			` projections.keys4.algorithm,`+
			` projections.keys4.use,`+
			` projections.keys4_certificate.expiry,`+
			` projections.keys4_certificate.certificate,`+
			` projections.keys4_private.key,`+
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			` COUNT(*) OVER ()`+
feat: remove org (#4148) * feat(command): remove org * refactor: imports, unused code, error handling * reduce org removed in action * add org deletion to projections * add org removal to projections * add org removal to projections * org removed projection * lint import * projections * fix: table names in tests * fix: table names in tests * logging * add org state * fix(domain): add Owner removed to object details * feat(ListQuery): add with owner removed * fix(org-delete): add bool to functions to select with owner removed * fix(org-delete): add bools to user grants with events to determine if dependencies lost owner * fix(org-delete): add unit tests for owner removed and org removed events * fix(org-delete): add handling of org remove for grants and members * fix(org-delete): correction of unit tests for owner removed * fix(org-delete): update projections, unit tests and get functions * fix(org-delete): add change date to authnkeys and owner removed to org metadata * fix(org-delete): include owner removed for login names * fix(org-delete): some column fixes in projections and build for queries with owner removed * indexes * fix(org-delete): include review changes * fix(org-delete): change user projection name after merge * fix(org-delete): include review changes for project grant where no project owner is necessary * fix(org-delete): include auth and adminapi tables with owner removed information * fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed * fix(org-delete): add permissions for org.remove * remove unnecessary unique constraints * fix column order in primary keys * fix(org-delete): include review changes * fix(org-delete): add owner removed indexes and chang setup step to create tables * fix(org-delete): move PK order of instance_id and change added user_grant from review * fix(org-delete): no params for prepareUserQuery * change to step 6 * merge main * fix(org-delete): OldUserName rename to private * fix linting * cleanup * fix: remove org test * create prerelease * chore: delete org-delete as prerelease Co-authored-by: Stefan Benz <stefan@caos.ch> Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com> Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com> 2022-11-30 16:01:17 +00:00			` FROM projections.keys4`+
			` LEFT JOIN projections.keys4_certificate ON projections.keys4.id = projections.keys4_certificate.id AND projections.keys4.instance_id = projections.keys4_certificate.instance_id`+
			` LEFT JOIN projections.keys4_private ON projections.keys4.id = projections.keys4_private.id AND projections.keys4.instance_id = projections.keys4_private.instance_id`),
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 16:18:08 +00:00			`sql.ErrConnDone,`
			`),`
			`err: func(err error) (error, bool) {`
			`if !errors.Is(err, sql.ErrConnDone) {`
			`return fmt.Errorf("err should be sql.ErrConnDone got: %w", err), false`
			`}`
			`return nil, true`
			`},`
			`},`
			`object: nil,`
			`},`
			`}`
			`for _, tt := range tests {`
			`t.Run(tt.name, func(t *testing.T) {`
			`assertPrepare(t, tt.prepare, tt.object, tt.want.sqlExpectations, tt.want.err)`
			`})`
			`}`
			`}`