TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
ddbea119f1
zitadel/internal/command/instance_idp_test.go

5678 lines
141 KiB
Go
Raw Normal View History

feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
package command
import (
"context"
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
"errors"
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
"testing"
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"time"
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
"github.com/stretchr/testify/assert"
merge main into next
2023-10-19 10:34:00 +00:00
openid "github.com/zitadel/oidc/v3/pkg/oidc"
chore(Makefile): add go generate target (#6944) This change adds a core_generate_all make target. It installs the required tools and runs generate on the complete project. `golang/mock` is no longer maintained and a fork is available from the Uber folks. So the latter is used as tool. All the mock files have been regenerated and are part of the PR. The obsolete `tools` directory has been removed, as all the tools are now part of specific make targets. Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-11-22 10:56:43 +00:00
"go.uber.org/mock/gomock"
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
"github.com/zitadel/zitadel/internal/api/authz"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
caos_errors "github.com/zitadel/zitadel/internal/errors"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/id"
id_mock "github.com/zitadel/zitadel/internal/id/mock"
"github.com/zitadel/zitadel/internal/repository/idp"
"github.com/zitadel/zitadel/internal/repository/instance"
)
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
func TestCommandSide_AddInstanceGenericOAuthIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider GenericOAuthProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-D32ef", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Dbgzf", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid clientSecret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-DF4ga", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid auth endpoint",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-B23bs", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid token endpoint",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-D2gj8", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid user endpoint",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Fb8jk", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
{
"invalid id attribute",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdf3f", ""))
},
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
},
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewOAuthIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
"idAttribute",
nil,
idp.Options{},
),
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
IDAttribute: "idAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewOAuthIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
"idAttribute",
[]string{"user"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
Scopes: []string{"user"},
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
IDAttribute: "idAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceGenericOAuthProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceGenericOAuthIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider GenericOAuthProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOAuthProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAffg", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Sf3gh", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "name",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SHJ3ui", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid auth endpoint",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
Name: "name",
ClientID: "clientID",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SVrgh", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid token endpoint",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-DJKeio", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
{
"invalid user endpoint",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-ILSJi", ""))
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
{
"invalid id attribute",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-JKD3h", ""))
},
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
},
},
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
IDAttribute: "idAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOAuthIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
"idAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
IDAttribute: "idAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOAuthIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
"idAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewOAuthIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.OAuthIDPChanges{
idp.ChangeOAuthName("new name"),
idp.ChangeOAuthClientID("clientID2"),
idp.ChangeOAuthClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newSecret"),
}),
idp.ChangeOAuthAuthorizationEndpoint("new auth"),
idp.ChangeOAuthTokenEndpoint("new token"),
idp.ChangeOAuthUserEndpoint("new user"),
idp.ChangeOAuthScopes([]string{"openid", "profile"}),
idp.ChangeOAuthIDAttribute("newAttribute"),
idp.ChangeOAuthOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOAuthProvider{
Name: "new name",
ClientID: "clientID2",
ClientSecret: "newSecret",
AuthorizationEndpoint: "new auth",
TokenEndpoint: "new token",
UserEndpoint: "new user",
Scopes: []string{"openid", "profile"},
fix: use of generic oauth provider (#5345) Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
IDAttribute: "newAttribute",
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceGenericOAuthProvider(tt.args.ctx, tt.args.id, tt.args.provider)
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
feat: add azure provider templates (#5441) Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 06:48:37 +00:00
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
fix: use idToken for mapping when using old configs (#5458) * fix: use idToken for mapping when using old configs * fix events and add tests
2023-03-16 15:47:22 +00:00
func TestCommandSide_AddInstanceGenericOIDCIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider GenericOIDCProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Sgtj5", ""))
},
},
},
{
"invalid issuer",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Hz6zj", ""))
},
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-fb5jm", ""))
},
},
},
{
"invalid clientSecret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Sfdf4", ""))
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
),
fix: use idToken for mapping when using old configs (#5458) * fix: use idToken for mapping when using old configs * fix events and add tests
2023-03-16 15:47:22 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{openid.ScopeOpenID},
true,
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
fix: use idToken for mapping when using old configs (#5458) * fix: use idToken for mapping when using old configs * fix events and add tests
2023-03-16 15:47:22 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{openid.ScopeOpenID},
IsIDTokenMapping: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceGenericOIDCProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceGenericOIDCIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider GenericOIDCProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GenericOIDCProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAfd3", ""))
},
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOIDCProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Dvf4f", ""))
},
},
},
{
"invalid issuer",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOIDCProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-BDfr3", ""))
},
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Db3bs", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOIDCProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewOIDCIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.OIDCIDPChanges{
idp.ChangeOIDCName("new name"),
idp.ChangeOIDCIssuer("new issuer"),
idp.ChangeOIDCClientID("clientID2"),
idp.ChangeOIDCClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newSecret"),
}),
idp.ChangeOIDCScopes([]string{"openid", "profile"}),
idp.ChangeOIDCIsIDTokenMapping(true),
idp.ChangeOIDCOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
fix: use idToken for mapping when using old configs (#5458) * fix: use idToken for mapping when using old configs * fix events and add tests
2023-03-16 15:47:22 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GenericOIDCProvider{
Name: "new name",
Issuer: "new issuer",
ClientID: "clientID2",
ClientSecret: "newSecret",
Scopes: []string{"openid", "profile"},
IsIDTokenMapping: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceGenericOIDCProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: migrate external idp to other types (#5984) * feat: migrate instance oidc to azureAD * feat: migrate instance oidc to azureAD * feat: migrate org oidc to azureAD * feat: migrate oidc to google * fix: correct idp writemodels * fix: review changes
2023-06-07 22:50:53 +00:00
func TestCommandSide_MigrateInstanceGenericOIDCToAzureADProvider(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider AzureADProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdf3g", ""))
},
},
},
{
"invalid client id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Fhbr2", ""))
},
},
},
{
"invalid client secret",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Dzh3g", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "migrate ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
event := instance.NewOIDCIDPMigratedAzureADEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
"",
false,
idp.Options{},
)
return event
}(),
feat: migrate external idp to other types (#5984) * feat: migrate instance oidc to azureAD * feat: migrate instance oidc to azureAD * feat: migrate org oidc to azureAD * feat: migrate oidc to google * fix: correct idp writemodels * fix: review changes
2023-06-07 22:50:53 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "migrate ok full",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
event := instance.NewOIDCIDPMigratedAzureADEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
"tenant",
true,
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
)
return event
}(),
feat: migrate external idp to other types (#5984) * feat: migrate instance oidc to azureAD * feat: migrate instance oidc to azureAD * feat: migrate org oidc to azureAD * feat: migrate oidc to google * fix: correct idp writemodels * fix: review changes
2023-06-07 22:50:53 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
Tenant: "tenant",
EmailVerified: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.MigrateInstanceGenericOIDCToAzureADProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_MigrateInstanceOIDCToGoogleIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider GoogleProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-D3fvs", ""))
},
},
},
{
"invalid clientSecret",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-W2vqs", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "migrate ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewOIDCIDPMigratedGoogleEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
),
feat: migrate external idp to other types (#5984) * feat: migrate instance oidc to azureAD * feat: migrate instance oidc to azureAD * feat: migrate org oidc to azureAD * feat: migrate oidc to google * fix: correct idp writemodels * fix: review changes
2023-06-07 22:50:53 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "migrate ok full",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewOIDCIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewOIDCIDPMigratedGoogleEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: migrate external idp to other types (#5984) * feat: migrate instance oidc to azureAD * feat: migrate instance oidc to azureAD * feat: migrate org oidc to azureAD * feat: migrate oidc to google * fix: correct idp writemodels * fix: review changes
2023-06-07 22:50:53 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.MigrateInstanceGenericOIDCToGoogleProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add azure provider templates (#5441) Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 06:48:37 +00:00
func TestCommandSide_AddInstanceAzureADIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider AzureADProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdf3g", ""))
},
},
},
{
"invalid client id",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Fhbr2", ""))
},
},
},
{
"invalid client secret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Dzh3g", ""))
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewAzureADIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
"",
false,
idp.Options{},
),
feat: add azure provider templates (#5441) Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 06:48:37 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewAzureADIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
"tenant",
true,
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add azure provider templates (#5441) Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 06:48:37 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
Tenant: "tenant",
EmailVerified: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceAzureADProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceAzureADIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider AzureADProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AzureADProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAgh2", ""))
},
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-fh3h1", ""))
},
},
},
{
"invalid client id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-dmitg", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewAzureADIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
"",
false,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "name",
ClientID: "clientID",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewAzureADIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
"",
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewAzureADIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.AzureADIDPChanges{
idp.ChangeAzureADName("new name"),
idp.ChangeAzureADClientID("new clientID"),
idp.ChangeAzureADClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("new clientSecret"),
}),
idp.ChangeAzureADScopes([]string{"openid", "profile"}),
idp.ChangeAzureADTenant("new tenant"),
idp.ChangeAzureADIsEmailVerified(true),
idp.ChangeAzureADOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add azure provider templates (#5441) Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 06:48:37 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AzureADProvider{
Name: "new name",
ClientID: "new clientID",
ClientSecret: "new clientSecret",
Scopes: []string{"openid", "profile"},
Tenant: "new tenant",
EmailVerified: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceAzureADProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_AddInstanceGitHubIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider GitHubProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid client id",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Jdsgf", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid client secret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubProvider{
ClientID: "clientID",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-dsgz3", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitHubIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
),
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubProvider{
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitHubIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceGitHubProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceGitHubIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider GitHubProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdf4h", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid client id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-fdh5z", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubProvider{
ClientID: "clientID",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGitHubIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubProvider{
ClientID: "clientID",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGitHubIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewGitHubIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.GitHubIDPChanges{
idp.ChangeGitHubName("new name"),
idp.ChangeGitHubClientID("new clientID"),
idp.ChangeGitHubClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("new clientSecret"),
}),
idp.ChangeGitHubScopes([]string{"openid", "profile"}),
idp.ChangeGitHubOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubProvider{
Name: "new name",
ClientID: "new clientID",
ClientSecret: "new clientSecret",
Scopes: []string{"openid", "profile"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceGitHubProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_AddInstanceGitHubEnterpriseIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider GitHubEnterpriseProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Dg4td", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-dgj53", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid clientSecret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Ghjjs", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid auth endpoint",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sani2", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid token endpoint",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-agj42", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid user endpoint",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sd5hn", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitHubEnterpriseIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
nil,
idp.Options{},
),
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitHubEnterpriseIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
[]string{"user"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
ClientSecret: "clientSecret",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
Scopes: []string{"user"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceGitHubEnterpriseProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceGitHubEnterpriseIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider GitHubEnterpriseProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GitHubEnterpriseProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdfh3", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-shj42", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
Name: "name",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdh73", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid auth endpoint",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
Name: "name",
ClientID: "clientID",
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-acx2w", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid token endpoint",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-dgj6q", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
"invalid user endpoint",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-ybj62", ""))
},
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGitHubEnterpriseIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
Name: "name",
ClientID: "clientID",
AuthorizationEndpoint: "auth",
TokenEndpoint: "token",
UserEndpoint: "user",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGitHubEnterpriseIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
"auth",
"token",
"user",
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewGitHubEnterpriseIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.GitHubEnterpriseIDPChanges{
idp.ChangeGitHubEnterpriseName("new name"),
idp.ChangeGitHubEnterpriseClientID("clientID2"),
idp.ChangeGitHubEnterpriseClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newSecret"),
}),
idp.ChangeGitHubEnterpriseAuthorizationEndpoint("new auth"),
idp.ChangeGitHubEnterpriseTokenEndpoint("new token"),
idp.ChangeGitHubEnterpriseUserEndpoint("new user"),
idp.ChangeGitHubEnterpriseScopes([]string{"openid", "profile"}),
idp.ChangeGitHubEnterpriseOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add github provider template (#5334) Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitHubEnterpriseProvider{
Name: "new name",
ClientID: "clientID2",
ClientSecret: "newSecret",
AuthorizationEndpoint: "new auth",
TokenEndpoint: "new token",
UserEndpoint: "new user",
Scopes: []string{"openid", "profile"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceGitHubEnterpriseProvider(tt.args.ctx, tt.args.id, tt.args.provider)
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
func TestCommandSide_AddInstanceGitLabIDP(t *testing.T) {
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider GitLabProvider
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-adsg2", ""))
},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
},
{
"invalid clientSecret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
ClientID: "clientID",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-GD1j2", ""))
},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitLabIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
),
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitLabIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
id, got, err := c.AddInstanceGitLabProvider(tt.args.ctx, tt.args.provider)
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
func TestCommandSide_UpdateInstanceGitLabIDP(t *testing.T) {
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider GitLabProvider
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-HJK91", ""))
},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-D12t6", ""))
},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
ClientID: "clientID",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
instance.NewGitLabIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
ClientID: "clientID",
},
},
res: res{
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
instance.NewGitLabIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewGitLabIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.GitLabIDPChanges{
idp.ChangeGitLabClientID("clientID2"),
idp.ChangeGitLabClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newSecret"),
}),
idp.ChangeGitLabScopes([]string{"openid", "profile"}),
idp.ChangeGitLabOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabProvider{
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
ClientID: "clientID2",
ClientSecret: "newSecret",
Scopes: []string{"openid", "profile"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
got, err := c.UpdateInstanceGitLabProvider(tt.args.ctx, tt.args.id, tt.args.provider)
feat(api): add google provider template (#5247) add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
func TestCommandSide_AddInstanceGitLabSelfHostedIDP(t *testing.T) {
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider GitLabSelfHostedProvider
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-jw4ZT", ""))
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
"invalid issuer",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
Name: "name",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-AST4S", ""))
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
"invalid clientID",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
Name: "name",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
Issuer: "issuer",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-DBZHJ", ""))
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
"invalid clientSecret",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SDGJ4", ""))
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitLabSelfHostedIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
),
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
ClientSecret: "clientSecret",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGitLabSelfHostedIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
id, got, err := c.AddInstanceGitLabSelfHostedProvider(tt.args.ctx, tt.args.provider)
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
func TestCommandSide_UpdateInstanceGitLabSelfHostedIDP(t *testing.T) {
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider GitLabSelfHostedProvider
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAFG4", ""))
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-DG4H", ""))
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
"invalid issuer",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
Name: "name",
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SD4eb", ""))
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
"invalid clientID",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
Name: "name",
Issuer: "issuer",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-GHWE3", ""))
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
args: args{
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
provider: GitLabSelfHostedProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
res: res{
err: caos_errors.IsNotFound,
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGitLabSelfHostedIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitLabSelfHostedProvider{
Name: "name",
Issuer: "issuer",
ClientID: "clientID",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGitLabSelfHostedIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
"issuer",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewGitLabSelfHostedIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.GitLabSelfHostedIDPChanges{
idp.ChangeGitLabSelfHostedClientID("clientID2"),
idp.ChangeGitLabSelfHostedIssuer("newIssuer"),
idp.ChangeGitLabSelfHostedName("newName"),
idp.ChangeGitLabSelfHostedClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newSecret"),
}),
idp.ChangeGitLabSelfHostedScopes([]string{"openid", "profile"}),
idp.ChangeGitLabSelfHostedOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GitLabSelfHostedProvider{
Issuer: "newIssuer",
Name: "newName",
ClientID: "clientID2",
ClientSecret: "newSecret",
Scopes: []string{"openid", "profile"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceGitLabSelfHostedProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_AddInstanceGoogleIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider GoogleProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-D3fvs", ""))
},
},
},
{
"invalid clientSecret",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-W2vqs", ""))
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGoogleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{
ClientID: "clientID",
ClientSecret: "clientSecret",
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewGoogleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
[]string{"openid"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{
ClientID: "clientID",
ClientSecret: "clientSecret",
Scopes: []string{"openid"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceGoogleProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceGoogleIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider GoogleProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: GoogleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-S32t1", ""))
},
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-ds432", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{
ClientID: "clientID",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGoogleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{
ClientID: "clientID",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewGoogleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("clientSecret"),
},
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewGoogleIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.GoogleIDPChanges{
idp.ChangeGoogleClientID("clientID2"),
idp.ChangeGoogleClientSecret(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newSecret"),
}),
idp.ChangeGoogleScopes([]string{"openid", "profile"}),
idp.ChangeGoogleOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: GoogleProvider{
ClientID: "clientID2",
ClientSecret: "newSecret",
Scopes: []string{"openid", "profile"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceGoogleProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_AddInstanceLDAPIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider LDAPProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAfdd", ""))
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid baseDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sv31s", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid bindDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
BaseDN: "baseDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-sdgf4", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid bindPassword",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
Name: "name",
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
BindDN: "binddn",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
BaseDN: "baseDN",
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-AEG2w", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid userBase",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
BindDN: "binddn",
BaseDN: "baseDN",
BindPassword: "password",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAD5n", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid servers",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
BindDN: "binddn",
BaseDN: "baseDN",
BindPassword: "password",
UserBase: "user",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAx905n", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid userObjectClasses",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
Servers: []string{"server"},
BindDN: "binddn",
BaseDN: "baseDN",
BindPassword: "password",
UserBase: "user",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-S1x905n", ""))
},
},
},
{
"invalid userFilters",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
Name: "name",
Servers: []string{"server"},
BindDN: "binddn",
BaseDN: "baseDN",
BindPassword: "password",
UserBase: "user",
UserObjectClasses: []string{"object"},
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-aAx905n", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewLDAPIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]string{"server"},
false,
"baseDN",
"dn",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("password"),
},
"user",
[]string{"object"},
[]string{"filter"},
time.Second*30,
idp.LDAPAttributes{},
idp.Options{},
),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
Servers: []string{"server"},
StartTLS: false,
BaseDN: "baseDN",
BindDN: "dn",
BindPassword: "password",
UserBase: "user",
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
Timeout: time.Second * 30,
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewLDAPIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]string{"server"},
false,
"baseDN",
"dn",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("password"),
},
"user",
[]string{"object"},
[]string{"filter"},
time.Second*30,
idp.LDAPAttributes{
IDAttribute: "id",
FirstNameAttribute: "firstName",
LastNameAttribute: "lastName",
DisplayNameAttribute: "displayName",
NickNameAttribute: "nickName",
PreferredUsernameAttribute: "preferredUsername",
EmailAttribute: "email",
EmailVerifiedAttribute: "emailVerified",
PhoneAttribute: "phone",
PhoneVerifiedAttribute: "phoneVerified",
PreferredLanguageAttribute: "preferredLanguage",
AvatarURLAttribute: "avatarURL",
ProfileAttribute: "profile",
},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
Servers: []string{"server"},
StartTLS: false,
BaseDN: "baseDN",
BindDN: "dn",
BindPassword: "password",
UserBase: "user",
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
Timeout: time.Second * 30,
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
LDAPAttributes: idp.LDAPAttributes{
IDAttribute: "id",
FirstNameAttribute: "firstName",
LastNameAttribute: "lastName",
DisplayNameAttribute: "displayName",
NickNameAttribute: "nickName",
PreferredUsernameAttribute: "preferredUsername",
EmailAttribute: "email",
EmailVerifiedAttribute: "emailVerified",
PhoneAttribute: "phone",
PhoneVerifiedAttribute: "phoneVerified",
PreferredLanguageAttribute: "preferredLanguage",
AvatarURLAttribute: "avatarURL",
ProfileAttribute: "profile",
},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceLDAPProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceLDAPIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider LDAPProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: LDAPProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Dgdbs", ""))
},
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Sffgd", ""))
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid baseDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-vb3ss", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid bindDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
BaseDN: "baseDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-hbere", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid userbase",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
Name: "name",
BaseDN: "baseDN",
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
BindDN: "bindDN",
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
res{
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-DG45z", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid servers",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
BaseDN: "baseDN",
BindDN: "bindDN",
UserBase: "user",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SAx945n", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"invalid userObjectClasses",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
Servers: []string{"server"},
BaseDN: "baseDN",
BindDN: "bindDN",
UserBase: "user",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res{
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
err: func(err error) bool {
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-S1x605n", ""))
},
},
},
{
"invalid userFilters",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
Name: "name",
Servers: []string{"server"},
BaseDN: "baseDN",
BindDN: "bindDN",
UserBase: "user",
UserObjectClasses: []string{"object"},
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-aAx901n", ""))
feat: add gitlab provider templates (#5405) * feat(api): add google provider template * refactor reduce functions * handle removed event * linting * fix projection * feat(api): add generic oauth provider template * feat(api): add github provider templates * feat(api): add github provider templates * fixes * proto comment * fix filtering * requested changes * feat(api): add generic oauth provider template * remove wrongly committed message * increase budget for angular build * fix linting * fixes * fix merge * fix merge * fix projection * fix merge * updates from previous PRs * enable github providers in login * fix merge * fix test and add github styling in login * cleanup * feat(api): add gitlab provider templates * fix: merge * fix display of providers in login * implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it * fix merge * fix merge and add tests for command side * requested changes * requested changes * Update internal/query/idp_template.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix merge * requested changes --------- Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 16:34:29 +00:00
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
Servers: []string{"server"},
BaseDN: "baseDN",
BindDN: "binddn",
BindPassword: "password",
UserBase: "user",
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res: res{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowNotFound(nil, "INST-ASF3F", ""))
},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewLDAPIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
[]string{"server"},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
false,
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"basedn",
"binddn",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("password"),
},
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"user",
[]string{"object"},
[]string{"filter"},
time.Second*30,
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
idp.LDAPAttributes{},
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "name",
Servers: []string{"server"},
StartTLS: false,
BaseDN: "basedn",
BindDN: "binddn",
UserBase: "user",
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
Timeout: time.Second * 30,
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
res: res{
feat(api): add generic oauth provider template (#5260) adds functionality to manage templates based OIDC IDPs
2023-02-24 14:16:06 +00:00
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewLDAPIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
[]string{"server"},
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
false,
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"basedn",
"binddn",
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("password"),
},
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
"user",
[]string{"object"},
[]string{"filter"},
time.Second*30,
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
idp.LDAPAttributes{},
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewLDAPIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.LDAPIDPChanges{
idp.ChangeLDAPName("new name"),
idp.ChangeLDAPServers([]string{"new server"}),
idp.ChangeLDAPStartTLS(true),
idp.ChangeLDAPBaseDN("new basedn"),
idp.ChangeLDAPBindDN("new binddn"),
idp.ChangeLDAPBindPassword(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("new password"),
}),
idp.ChangeLDAPUserBase("new user"),
idp.ChangeLDAPUserObjectClasses([]string{"new object"}),
idp.ChangeLDAPUserFilters([]string{"new filter"}),
idp.ChangeLDAPTimeout(time.Second * 20),
idp.ChangeLDAPAttributes(idp.LDAPAttributeChanges{
IDAttribute: stringPointer("new id"),
FirstNameAttribute: stringPointer("new firstName"),
LastNameAttribute: stringPointer("new lastName"),
DisplayNameAttribute: stringPointer("new displayName"),
NickNameAttribute: stringPointer("new nickName"),
PreferredUsernameAttribute: stringPointer("new preferredUsername"),
EmailAttribute: stringPointer("new email"),
EmailVerifiedAttribute: stringPointer("new emailVerified"),
PhoneAttribute: stringPointer("new phone"),
PhoneVerifiedAttribute: stringPointer("new phoneVerified"),
PreferredLanguageAttribute: stringPointer("new preferredLanguage"),
AvatarURLAttribute: stringPointer("new avatarURL"),
ProfileAttribute: stringPointer("new profile"),
}),
idp.ChangeLDAPOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: LDAPProvider{
feat: ldap provider login (#5448) Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Name: "new name",
Servers: []string{"new server"},
StartTLS: true,
BaseDN: "new basedn",
BindDN: "new binddn",
BindPassword: "new password",
UserBase: "new user",
UserObjectClasses: []string{"new object"},
UserFilters: []string{"new filter"},
Timeout: time.Second * 20,
feat: add management for ldap idp template (#5220) Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future. --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
LDAPAttributes: idp.LDAPAttributes{
IDAttribute: "new id",
FirstNameAttribute: "new firstName",
LastNameAttribute: "new lastName",
DisplayNameAttribute: "new displayName",
NickNameAttribute: "new nickName",
PreferredUsernameAttribute: "new preferredUsername",
EmailAttribute: "new email",
EmailVerifiedAttribute: "new emailVerified",
PhoneAttribute: "new phone",
PhoneVerifiedAttribute: "new phoneVerified",
PreferredLanguageAttribute: "new preferredLanguage",
AvatarURLAttribute: "new avatarURL",
ProfileAttribute: "new profile",
},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceLDAPProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add apple as idp (#6442) * feat: manage apple idp * handle apple idp callback * add tests for provider * basic console implementation * implement flow for login UI and add logos / styling * tests * cleanup * add upload button * begin i18n * apple logo positioning, file upload component * fix add apple instance idp * add missing apple logos for login * update to go 1.21 * fix slice compare * revert permission changes * concrete error messages * translate login apple logo -y-2px * change form parsing * sign in button * fix tests * lint console --------- Co-authored-by: peintnermax <max@caos.ch>
2023-08-31 06:39:16 +00:00
func TestCommandSide_AddInstanceAppleIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
provider AppleProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-jkn3w", "Errors.IDP.ClientIDMissing"))
},
},
},
{
"invalid teamID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Ffg32", "Errors.IDP.TeamIDMissing"))
},
},
},
{
"invalid keyID",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-GDjm5", "Errors.IDP.KeyIDMissing"))
},
},
},
{
"invalid privateKey",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
KeyID: "keyID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-GVD4n", "Errors.IDP.PrivateKeyMissing"))
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewAppleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
"teamID",
"keyID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("privateKey"),
},
nil,
idp.Options{},
),
feat: add apple as idp (#6442) * feat: manage apple idp * handle apple idp callback * add tests for provider * basic console implementation * implement flow for login UI and add logos / styling * tests * cleanup * add upload button * begin i18n * apple logo positioning, file upload component * fix add apple instance idp * add missing apple logos for login * update to go 1.21 * fix slice compare * revert permission changes * concrete error messages * translate login apple logo -y-2px * change form parsing * sign in button * fix tests * lint console --------- Co-authored-by: peintnermax <max@caos.ch>
2023-08-31 06:39:16 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
KeyID: "keyID",
PrivateKey: []byte("privateKey"),
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewAppleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
"teamID",
"keyID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("privateKey"),
},
[]string{"name", "email"},
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add apple as idp (#6442) * feat: manage apple idp * handle apple idp callback * add tests for provider * basic console implementation * implement flow for login UI and add logos / styling * tests * cleanup * add upload button * begin i18n * apple logo positioning, file upload component * fix add apple instance idp * add missing apple logos for login * update to go 1.21 * fix slice compare * revert permission changes * concrete error messages * translate login apple logo -y-2px * change form parsing * sign in button * fix tests * lint console --------- Co-authored-by: peintnermax <max@caos.ch>
2023-08-31 06:39:16 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
KeyID: "keyID",
PrivateKey: []byte("privateKey"),
Scopes: []string{"name", "email"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
}
id, got, err := c.AddInstanceAppleProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceAppleIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider AppleProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: AppleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-FRHBH", "Errors.IDMissing"))
},
},
},
{
"invalid clientID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AppleProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SFm4l", "Errors.IDP.ClientIDMissing"))
},
},
},
{
"invalid teamID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AppleProvider{
ClientID: "clientID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-SG34t", "Errors.IDP.TeamIDMissing"))
},
},
},
{
"invalid keyID",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-Gh4z2", "Errors.IDP.KeyIDMissing"))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
KeyID: "keyID",
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewAppleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
"teamID",
"keyID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("privateKey"),
},
nil,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AppleProvider{
ClientID: "clientID",
TeamID: "teamID",
KeyID: "keyID",
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewAppleIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"",
"clientID",
"teamID",
"keyID",
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("privateKey"),
},
nil,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewAppleIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.AppleIDPChanges{
idp.ChangeAppleClientID("clientID2"),
idp.ChangeAppleTeamID("teamID2"),
idp.ChangeAppleKeyID("keyID2"),
idp.ChangeApplePrivateKey(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("newPrivateKey"),
}),
idp.ChangeAppleScopes([]string{"name", "email"}),
idp.ChangeAppleOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add apple as idp (#6442) * feat: manage apple idp * handle apple idp callback * add tests for provider * basic console implementation * implement flow for login UI and add logos / styling * tests * cleanup * add upload button * begin i18n * apple logo positioning, file upload component * fix add apple instance idp * add missing apple logos for login * update to go 1.21 * fix slice compare * revert permission changes * concrete error messages * translate login apple logo -y-2px * change form parsing * sign in button * fix tests * lint console --------- Co-authored-by: peintnermax <max@caos.ch>
2023-08-31 06:39:16 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: AppleProvider{
ClientID: "clientID2",
TeamID: "teamID2",
KeyID: "keyID2",
PrivateKey: []byte("newPrivateKey"),
Scopes: []string{"name", "email"},
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceAppleProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
feat: add SAML as identity provider (#6454) * feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 09:26:14 +00:00
func TestCommandSide_AddInstanceSAMLIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
idGenerator id.Generator
secretCrypto crypto.EncryptionAlgorithm
certificateAndKeyGenerator func(id string) ([]byte, []byte, error)
}
type args struct {
ctx context.Context
provider SAMLProvider
}
type res struct {
id string
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: SAMLProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-o07zjotgnd", ""))
},
},
},
{
"invalid metadata",
fields{
eventstore: eventstoreExpect(t),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: SAMLProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-3bi3esi16t", "Errors.Invalid.Argument"))
},
},
},
{
name: "ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewSAMLIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]byte("metadata"),
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("key"),
},
[]byte("certificate"),
"",
false,
idp.Options{},
),
feat: add SAML as identity provider (#6454) * feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 09:26:14 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
certificateAndKeyGenerator: func(id string) ([]byte, []byte, error) { return []byte("key"), []byte("certificate"), nil },
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: SAMLProvider{
Name: "name",
Metadata: []byte("metadata"),
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "ok all set",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
instance.NewSAMLIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]byte("metadata"),
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("key"),
},
[]byte("certificate"),
"binding",
true,
idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
),
feat: add SAML as identity provider (#6454) * feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 09:26:14 +00:00
),
),
idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "id1"),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
certificateAndKeyGenerator: func(id string) ([]byte, []byte, error) { return []byte("key"), []byte("certificate"), nil },
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: SAMLProvider{
Name: "name",
Metadata: []byte("metadata"),
Binding: "binding",
WithSignedRequest: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
id: "id1",
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idGenerator: tt.fields.idGenerator,
idpConfigEncryption: tt.fields.secretCrypto,
samlCertificateAndKeyGenerator: tt.fields.certificateAndKeyGenerator,
}
id, got, err := c.AddInstanceSAMLProvider(tt.args.ctx, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.id, id)
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_UpdateInstanceGenericSAMLIDP(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
}
type args struct {
ctx context.Context
id string
provider SAMLProvider
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
provider: SAMLProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-7o3rq1owpm", ""))
},
},
},
{
"invalid name",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: SAMLProvider{},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-q2s9rak7o9", ""))
},
},
},
{
"invalid metadata",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: SAMLProvider{
Name: "name",
},
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-iw1rxnf4sf", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: SAMLProvider{
Name: "name",
Metadata: []byte("metadata"),
},
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "no changes",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewSAMLIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]byte("metadata"),
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("key"),
},
[]byte("certificate"),
"",
false,
idp.Options{},
)),
),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: SAMLProvider{
Name: "name",
Metadata: []byte("metadata"),
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewSAMLIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]byte("metadata"),
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("key"),
},
[]byte("certificate"),
"binding",
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
t := true
event, _ := instance.NewSAMLIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.SAMLIDPChanges{
idp.ChangeSAMLName("new name"),
idp.ChangeSAMLMetadata([]byte("new metadata")),
idp.ChangeSAMLBinding("new binding"),
idp.ChangeSAMLWithSignedRequest(true),
idp.ChangeSAMLOptions(idp.OptionChanges{
IsCreationAllowed: &t,
IsLinkingAllowed: &t,
IsAutoCreation: &t,
IsAutoUpdate: &t,
}),
},
)
return event
}(),
feat: add SAML as identity provider (#6454) * feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 09:26:14 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
provider: SAMLProvider{
Name: "new name",
Metadata: []byte("new metadata"),
Binding: "new binding",
WithSignedRequest: true,
IDPOptions: idp.Options{
IsCreationAllowed: true,
IsLinkingAllowed: true,
IsAutoCreation: true,
IsAutoUpdate: true,
},
},
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
}
got, err := c.UpdateInstanceSAMLProvider(tt.args.ctx, tt.args.id, tt.args.provider)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
func TestCommandSide_RegenerateInstanceSAMLProviderCertificate(t *testing.T) {
type fields struct {
eventstore *eventstore.Eventstore
secretCrypto crypto.EncryptionAlgorithm
certificateAndKeyGenerator func(id string) ([]byte, []byte, error)
}
type args struct {
ctx context.Context
id string
}
type res struct {
want *domain.ObjectDetails
err func(error) bool
}
tests := []struct {
name string
fields fields
args args
res res
}{
{
"invalid id",
fields{
eventstore: eventstoreExpect(t),
},
args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
},
res{
err: func(err error) bool {
return errors.Is(err, caos_errors.ThrowInvalidArgument(nil, "INST-7de108gqya", ""))
},
},
},
{
name: "not found",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(),
),
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
},
res: res{
err: caos_errors.IsNotFound,
},
},
{
name: "change ok",
fields: fields{
eventstore: eventstoreExpect(t,
expectFilter(
eventFromEventPusher(
instance.NewSAMLIDPAddedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
"name",
[]byte("metadata"),
&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("key"),
},
[]byte("certificate"),
"binding",
false,
idp.Options{},
)),
),
expectPush(
feat(eventstore): increase parallel write capabilities (#5940) This implementation increases parallel write capabilities of the eventstore. Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and [06](https://zitadel.com/docs/support/advisory/a10006). The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`. If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 10:19:10 +00:00
func() eventstore.Command {
event, _ := instance.NewSAMLIDPChangedEvent(context.Background(), &instance.NewAggregate("instance1").Aggregate,
"id1",
[]idp.SAMLIDPChanges{
idp.ChangeSAMLKey(&crypto.CryptoValue{
CryptoType: crypto.TypeEncryption,
Algorithm: "enc",
KeyID: "id",
Crypted: []byte("new key"),
}),
idp.ChangeSAMLCertificate([]byte("new certificate")),
},
)
return event
}(),
feat: add SAML as identity provider (#6454) * feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 09:26:14 +00:00
),
),
secretCrypto: crypto.CreateMockEncryptionAlg(gomock.NewController(t)),
certificateAndKeyGenerator: func(id string) ([]byte, []byte, error) {
return []byte("new key"), []byte("new certificate"), nil
},
},
args: args{
ctx: authz.WithInstanceID(context.Background(), "instance1"),
id: "id1",
},
res: res{
want: &domain.ObjectDetails{ResourceOwner: "instance1"},
},
},
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
c := &Commands{
eventstore: tt.fields.eventstore,
idpConfigEncryption: tt.fields.secretCrypto,
samlCertificateAndKeyGenerator: tt.fields.certificateAndKeyGenerator,
}
got, err := c.RegenerateInstanceSAMLProviderCertificate(tt.args.ctx, tt.args.id)
if tt.res.err == nil {
assert.NoError(t, err)
}
if tt.res.err != nil && !tt.res.err(err) {
t.Errorf("got wrong err: %v ", err)
}
if tt.res.err == nil {
assert.Equal(t, tt.res.want, got)
}
})
}
}
Reference in New Issue Copy Permalink