From 112f6722666ae740878a4e5e70fe10e4ed1f474c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20M=C3=B6hlmann?= Date: Mon, 10 Jul 2023 11:07:10 +0300 Subject: [PATCH] chore: cleanup command/crypto (#5883) * chore: cleanup command/crypto * cleanup unused function mockEmailCode --- internal/command/command.go | 2 +- internal/command/crypto.go | 16 +- internal/command/crypto_test.go | 8 +- internal/command/email.go | 2 +- internal/command/phone.go | 4 +- internal/command/project_application.go | 4 +- internal/command/project_application_api.go | 3 +- internal/command/project_application_oidc.go | 3 +- internal/command/user.go | 4 +- internal/command/user_human.go | 4 +- internal/command/user_human_test.go | 149 ++++--------------- internal/command/user_v2_passkey.go | 7 +- internal/command/user_v2_passkey_test.go | 26 ++-- 13 files changed, 70 insertions(+), 162 deletions(-) diff --git a/internal/command/command.go b/internal/command/command.go index 5065bd2fd2..3080bd31f0 100644 --- a/internal/command/command.go +++ b/internal/command/command.go @@ -110,7 +110,7 @@ func StartCommands( webauthnConfig: webAuthN, httpClient: httpClient, checkPermission: permissionCheck, - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, sessionTokenCreator: sessionTokenCreator(idGenerator, sessionAlg), sessionTokenVerifier: sessionTokenVerifier, } diff --git a/internal/command/crypto.go b/internal/command/crypto.go index e94f664633..8d145f2cc2 100644 --- a/internal/command/crypto.go +++ b/internal/command/crypto.go @@ -10,15 +10,15 @@ import ( "github.com/zitadel/zitadel/internal/errors" ) -type cryptoCodeFunc func(ctx context.Context, filter preparation.FilterToQueryReducer, typ domain.SecretGeneratorType, alg crypto.Crypto) (*CryptoCodeWithExpiry, error) +type cryptoCodeFunc func(ctx context.Context, filter preparation.FilterToQueryReducer, typ domain.SecretGeneratorType, alg crypto.Crypto) (*CryptoCode, error) -type CryptoCodeWithExpiry struct { +type CryptoCode struct { Crypted *crypto.CryptoValue Plain string Expiry time.Duration } -func newCryptoCodeWithExpiry(ctx context.Context, filter preparation.FilterToQueryReducer, typ domain.SecretGeneratorType, alg crypto.Crypto) (*CryptoCodeWithExpiry, error) { +func newCryptoCode(ctx context.Context, filter preparation.FilterToQueryReducer, typ domain.SecretGeneratorType, alg crypto.Crypto) (*CryptoCode, error) { gen, config, err := secretGenerator(ctx, filter, typ, alg) if err != nil { return nil, err @@ -27,7 +27,7 @@ func newCryptoCodeWithExpiry(ctx context.Context, filter preparation.FilterToQue if err != nil { return nil, err } - return &CryptoCodeWithExpiry{ + return &CryptoCode{ Crypted: crypted, Plain: plain, Expiry: config.Expiry, @@ -42,14 +42,6 @@ func verifyCryptoCode(ctx context.Context, filter preparation.FilterToQueryReduc return crypto.VerifyCode(creation, expiry, crypted, plain, gen) } -func newCryptoCodeWithPlain(ctx context.Context, filter preparation.FilterToQueryReducer, typ domain.SecretGeneratorType, alg crypto.Crypto) (value *crypto.CryptoValue, plain string, err error) { - gen, _, err := secretGenerator(ctx, filter, typ, alg) - if err != nil { - return nil, "", err - } - return crypto.NewCode(gen) -} - func secretGenerator(ctx context.Context, filter preparation.FilterToQueryReducer, typ domain.SecretGeneratorType, alg crypto.Crypto) (crypto.Generator, *crypto.GeneratorConfig, error) { config, err := secretGeneratorConfig(ctx, filter, typ) if err != nil { diff --git a/internal/command/crypto_test.go b/internal/command/crypto_test.go index a846ae43a5..66c2c63c5c 100644 --- a/internal/command/crypto_test.go +++ b/internal/command/crypto_test.go @@ -19,8 +19,8 @@ import ( ) func mockCode(code string, exp time.Duration) cryptoCodeFunc { - return func(ctx context.Context, filter preparation.FilterToQueryReducer, _ domain.SecretGeneratorType, alg crypto.Crypto) (*CryptoCodeWithExpiry, error) { - return &CryptoCodeWithExpiry{ + return func(ctx context.Context, filter preparation.FilterToQueryReducer, _ domain.SecretGeneratorType, alg crypto.Crypto) (*CryptoCode, error) { + return &CryptoCode{ Crypted: &crypto.CryptoValue{ CryptoType: crypto.TypeEncryption, Algorithm: "enc", @@ -89,7 +89,7 @@ func Test_newCryptoCode(t *testing.T) { } for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { - got, err := newCryptoCodeWithExpiry(context.Background(), tt.eventstore.Filter, tt.args.typ, tt.args.alg) + got, err := newCryptoCode(context.Background(), tt.eventstore.Filter, tt.args.typ, tt.args.alg) require.ErrorIs(t, err, tt.wantErr) if tt.wantErr == nil { require.NotNil(t, got) @@ -105,7 +105,7 @@ func Test_verifyCryptoCode(t *testing.T) { es := eventstoreExpect(t, expectFilter( eventFromEventPusher(testSecretGeneratorAddedEvent(domain.SecretGeneratorTypeVerifyEmailCode)), )) - code, err := newCryptoCodeWithExpiry(context.Background(), es.Filter, domain.SecretGeneratorTypeVerifyEmailCode, crypto.CreateMockHashAlg(gomock.NewController(t))) + code, err := newCryptoCode(context.Background(), es.Filter, domain.SecretGeneratorTypeVerifyEmailCode, crypto.CreateMockHashAlg(gomock.NewController(t))) require.NoError(t, err) type args struct { diff --git a/internal/command/email.go b/internal/command/email.go index f54b3de8e4..519887af61 100644 --- a/internal/command/email.go +++ b/internal/command/email.go @@ -23,6 +23,6 @@ func (e *Email) Validate() error { return e.Address.Validate() } -func (c *Commands) newEmailCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCodeWithExpiry, error) { +func (c *Commands) newEmailCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCode, error) { return c.newCode(ctx, filter, domain.SecretGeneratorTypeVerifyEmailCode, alg) } diff --git a/internal/command/phone.go b/internal/command/phone.go index 30cabb6fcb..7f550ceeaf 100644 --- a/internal/command/phone.go +++ b/internal/command/phone.go @@ -13,6 +13,6 @@ type Phone struct { Verified bool } -func newPhoneCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCodeWithExpiry, error) { - return newCryptoCodeWithExpiry(ctx, filter, domain.SecretGeneratorTypeVerifyPhoneCode, alg) +func (c *Commands) newPhoneCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCode, error) { + return c.newCode(ctx, filter, domain.SecretGeneratorTypeVerifyPhoneCode, alg) } diff --git a/internal/command/project_application.go b/internal/command/project_application.go index dfab284831..3929be9e74 100644 --- a/internal/command/project_application.go +++ b/internal/command/project_application.go @@ -16,8 +16,8 @@ type AddApp struct { Name string } -func newAppClientSecret(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.HashAlgorithm) (value *crypto.CryptoValue, plain string, err error) { - return newCryptoCodeWithPlain(ctx, filter, domain.SecretGeneratorTypeAppSecret, alg) +func (c *Commands) newAppClientSecret(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.HashAlgorithm) (*CryptoCode, error) { + return c.newCode(ctx, filter, domain.SecretGeneratorTypeAppSecret, alg) } func (c *Commands) ChangeApplication(ctx context.Context, projectID string, appChange domain.Application, resourceOwner string) (*domain.ObjectDetails, error) { diff --git a/internal/command/project_application_api.go b/internal/command/project_application_api.go index 7354e5f99e..7d1fb45468 100644 --- a/internal/command/project_application_api.go +++ b/internal/command/project_application_api.go @@ -44,10 +44,11 @@ func (c *Commands) AddAPIAppCommand(app *addAPIApp, clientSecretAlg crypto.HashA } if app.AuthMethodType == domain.APIAuthMethodTypeBasic { - app.ClientSecret, app.ClientSecretPlain, err = newAppClientSecret(ctx, filter, clientSecretAlg) + code, err := c.newAppClientSecret(ctx, filter, clientSecretAlg) if err != nil { return nil, err } + app.ClientSecret, app.ClientSecretPlain = code.Crypted, code.Plain } return []eventstore.Command{ diff --git a/internal/command/project_application_oidc.go b/internal/command/project_application_oidc.go index 44efd279a1..0128657465 100644 --- a/internal/command/project_application_oidc.go +++ b/internal/command/project_application_oidc.go @@ -77,10 +77,11 @@ func (c *Commands) AddOIDCAppCommand(app *addOIDCApp, clientSecretAlg crypto.Has } if app.AuthMethodType == domain.OIDCAuthMethodTypeBasic || app.AuthMethodType == domain.OIDCAuthMethodTypePost { - app.ClientSecret, app.ClientSecretPlain, err = newAppClientSecret(ctx, filter, clientSecretAlg) + code, err := c.newAppClientSecret(ctx, filter, clientSecretAlg) if err != nil { return nil, err } + app.ClientSecret, app.ClientSecretPlain = code.Crypted, code.Plain } return []eventstore.Command{ diff --git a/internal/command/user.go b/internal/command/user.go index 34ba7c521a..77b9acbcc9 100644 --- a/internal/command/user.go +++ b/internal/command/user.go @@ -439,8 +439,8 @@ func ExistsUser(ctx context.Context, filter preparation.FilterToQueryReducer, id return exists, nil } -func newUserInitCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCodeWithExpiry, error) { - return newCryptoCodeWithExpiry(ctx, filter, domain.SecretGeneratorTypeInitCode, alg) +func (c *Commands) newUserInitCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCode, error) { + return c.newCode(ctx, filter, domain.SecretGeneratorTypeInitCode, alg) } func userWriteModelByID(ctx context.Context, filter preparation.FilterToQueryReducer, userID, resourceOwner string) (*UserWriteModel, error) { diff --git a/internal/command/user_human.go b/internal/command/user_human.go index 061dc22329..6b3015f803 100644 --- a/internal/command/user_human.go +++ b/internal/command/user_human.go @@ -258,7 +258,7 @@ func (c *Commands) addHumanCommandEmail(ctx context.Context, filter preparation. // email not verified or // user not registered and password set if allowInitMail && human.shouldAddInitCode() { - initCode, err := newUserInitCode(ctx, filter, codeAlg) + initCode, err := c.newUserInitCode(ctx, filter, codeAlg) if err != nil { return nil, err } @@ -292,7 +292,7 @@ func (c *Commands) addHumanCommandPhone(ctx context.Context, filter preparation. if human.Phone.Verified { return append(cmds, user.NewHumanPhoneVerifiedEvent(ctx, &a.Aggregate)), nil } - phoneCode, err := newPhoneCode(ctx, filter, codeAlg) + phoneCode, err := c.newPhoneCode(ctx, filter, codeAlg) if err != nil { return nil, err } diff --git a/internal/command/user_human_test.go b/internal/command/user_human_test.go index 5d6f131c27..d996b9768b 100644 --- a/internal/command/user_human_test.go +++ b/internal/command/user_human_test.go @@ -20,14 +20,13 @@ import ( "github.com/zitadel/zitadel/internal/eventstore/v1/models" "github.com/zitadel/zitadel/internal/id" id_mock "github.com/zitadel/zitadel/internal/id/mock" - "github.com/zitadel/zitadel/internal/repository/instance" "github.com/zitadel/zitadel/internal/repository/org" "github.com/zitadel/zitadel/internal/repository/user" ) func TestCommandSide_AddHuman(t *testing.T) { type fields struct { - eventstore *eventstore.Eventstore + eventstore func(t *testing.T) *eventstore.Eventstore idGenerator id.Generator userPasswordAlg crypto.HashAlgorithm codeAlg crypto.EncryptionAlgorithm @@ -48,7 +47,6 @@ func TestCommandSide_AddHuman(t *testing.T) { } userAgg := user.NewAggregate("user1", "org1") - instanceAgg := instance.NewAggregate("instance") tests := []struct { name string @@ -59,9 +57,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "orgid missing, invalid argument error", fields: fields{ - eventstore: eventstoreExpect( - t, - ), + eventstore: expectEventstore(), }, args: args{ ctx: context.Background(), @@ -85,9 +81,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "user invalid, invalid argument error", fields: fields{ - eventstore: eventstoreExpect( - t, - ), + eventstore: expectEventstore(), }, args: args{ ctx: context.Background(), @@ -107,8 +101,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "with id, already exists, precondition error", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter( eventFromEventPusher( newAddHumanEvent("password", true, ""), @@ -141,8 +134,7 @@ func TestCommandSide_AddHuman(t *testing.T) { name: "domain policy not found, precondition error", fields: fields{ idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter(), expectFilter(), @@ -172,8 +164,7 @@ func TestCommandSide_AddHuman(t *testing.T) { name: "password policy not found, precondition error", fields: fields{ idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -214,8 +205,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human (with initial code), ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -227,21 +217,6 @@ func TestCommandSide_AddHuman(t *testing.T) { ), ), ), - expectFilter( - eventFromEventPusher( - instance.NewSecretGeneratorAddedEvent( - context.Background(), - &instanceAgg.Aggregate, - domain.SecretGeneratorTypeInitCode, - 0, - 1*time.Hour, - true, - true, - true, - true, - ), - ), - ), expectPush( []*repository.Event{ eventFromEventPusher( @@ -265,7 +240,7 @@ func TestCommandSide_AddHuman(t *testing.T) { CryptoType: crypto.TypeEncryption, Algorithm: "enc", KeyID: "id", - Crypted: []byte(""), + Crypted: []byte("userinit"), }, time.Hour*1, ), @@ -276,6 +251,7 @@ func TestCommandSide_AddHuman(t *testing.T) { ), idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), codeAlg: crypto.CreateMockEncryptionAlg(gomock.NewController(t)), + newCode: mockCode("userinit", time.Hour), }, args: args{ ctx: context.Background(), @@ -304,8 +280,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human (with password and initial code), ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -329,21 +304,6 @@ func TestCommandSide_AddHuman(t *testing.T) { ), ), ), - expectFilter( - eventFromEventPusher( - instance.NewSecretGeneratorAddedEvent( - context.Background(), - &instanceAgg.Aggregate, - domain.SecretGeneratorTypeInitCode, - 0, - 1*time.Hour, - true, - true, - true, - true, - ), - ), - ), expectPush( []*repository.Event{ eventFromEventPusher( @@ -356,7 +316,7 @@ func TestCommandSide_AddHuman(t *testing.T) { CryptoType: crypto.TypeEncryption, Algorithm: "enc", KeyID: "id", - Crypted: []byte(""), + Crypted: []byte("userinit"), }, 1*time.Hour, ), @@ -368,6 +328,7 @@ func TestCommandSide_AddHuman(t *testing.T) { idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), userPasswordAlg: crypto.CreateMockHashAlg(gomock.NewController(t)), codeAlg: crypto.CreateMockEncryptionAlg(gomock.NewController(t)), + newCode: mockCode("userinit", time.Hour), }, args: args{ ctx: context.Background(), @@ -395,8 +356,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human (with password and email code custom template), ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -475,8 +435,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human (with password and return email code), ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -556,8 +515,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human email verified, ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -626,8 +584,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human email verified, trim spaces, ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -696,8 +653,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human, email verified, userLoginMustBeDomain false, ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -766,8 +722,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human claimed domain, userLoginMustBeDomain false, error", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -819,8 +774,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human domain, userLoginMustBeDomain false, ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -918,8 +872,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human (with phone), ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -943,21 +896,6 @@ func TestCommandSide_AddHuman(t *testing.T) { ), ), ), - expectFilter( - eventFromEventPusher( - instance.NewSecretGeneratorAddedEvent( - context.Background(), - &instanceAgg.Aggregate, - domain.SecretGeneratorTypeVerifyPhoneCode, - 0, - 1*time.Hour, - true, - true, - true, - true, - ), - ), - ), expectPush( []*repository.Event{ eventFromEventPusher( @@ -976,7 +914,7 @@ func TestCommandSide_AddHuman(t *testing.T) { CryptoType: crypto.TypeEncryption, Algorithm: "enc", KeyID: "id", - Crypted: []byte(""), + Crypted: []byte("phonecode"), }, time.Hour*1)), }, @@ -986,6 +924,7 @@ func TestCommandSide_AddHuman(t *testing.T) { idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), userPasswordAlg: crypto.CreateMockHashAlg(gomock.NewController(t)), codeAlg: crypto.CreateMockEncryptionAlg(gomock.NewController(t)), + newCode: mockCode("phonecode", time.Hour), }, args: args{ ctx: context.Background(), @@ -1017,8 +956,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human (with verified phone), ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -1030,21 +968,6 @@ func TestCommandSide_AddHuman(t *testing.T) { ), ), ), - expectFilter( - eventFromEventPusher( - instance.NewSecretGeneratorAddedEvent( - context.Background(), - &instanceAgg.Aggregate, - domain.SecretGeneratorTypeInitCode, - 0, - 1*time.Hour, - true, - true, - true, - true, - ), - ), - ), expectPush( []*repository.Event{ eventFromEventPusher( @@ -1058,7 +981,7 @@ func TestCommandSide_AddHuman(t *testing.T) { CryptoType: crypto.TypeEncryption, Algorithm: "enc", KeyID: "id", - Crypted: []byte(""), + Crypted: []byte("userinit"), }, 1*time.Hour, ), @@ -1075,6 +998,7 @@ func TestCommandSide_AddHuman(t *testing.T) { ), idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), codeAlg: crypto.CreateMockEncryptionAlg(gomock.NewController(t)), + newCode: mockCode("userinit", time.Hour), }, args: args{ ctx: context.Background(), @@ -1105,8 +1029,7 @@ func TestCommandSide_AddHuman(t *testing.T) { { name: "add human with metadata, ok", fields: fields{ - eventstore: eventstoreExpect( - t, + eventstore: expectEventstore( expectFilter(), expectFilter( eventFromEventPusher( @@ -1118,21 +1041,6 @@ func TestCommandSide_AddHuman(t *testing.T) { ), ), ), - expectFilter( - eventFromEventPusher( - instance.NewSecretGeneratorAddedEvent( - context.Background(), - &instanceAgg.Aggregate, - domain.SecretGeneratorTypeInitCode, - 0, - 1*time.Hour, - true, - true, - true, - true, - ), - ), - ), expectPush( []*repository.Event{ eventFromEventPusher( @@ -1146,7 +1054,7 @@ func TestCommandSide_AddHuman(t *testing.T) { CryptoType: crypto.TypeEncryption, Algorithm: "enc", KeyID: "id", - Crypted: []byte(""), + Crypted: []byte("userinit"), }, 1*time.Hour, ), @@ -1165,6 +1073,7 @@ func TestCommandSide_AddHuman(t *testing.T) { ), idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "user1"), codeAlg: crypto.CreateMockEncryptionAlg(gomock.NewController(t)), + newCode: mockCode("userinit", time.Hour), }, args: args{ ctx: context.Background(), @@ -1198,7 +1107,7 @@ func TestCommandSide_AddHuman(t *testing.T) { for _, tt := range tests { t.Run(tt.name, func(t *testing.T) { r := &Commands{ - eventstore: tt.fields.eventstore, + eventstore: tt.fields.eventstore(t), userPasswordAlg: tt.fields.userPasswordAlg, userEncryption: tt.fields.codeAlg, idGenerator: tt.fields.idGenerator, diff --git a/internal/command/user_v2_passkey.go b/internal/command/user_v2_passkey.go index f08a0632ca..47af8c134e 100644 --- a/internal/command/user_v2_passkey.go +++ b/internal/command/user_v2_passkey.go @@ -7,6 +7,7 @@ import ( "github.com/zitadel/logging" "github.com/zitadel/zitadel/internal/api/authz" + "github.com/zitadel/zitadel/internal/command/preparation" "github.com/zitadel/zitadel/internal/crypto" "github.com/zitadel/zitadel/internal/domain" caos_errs "github.com/zitadel/zitadel/internal/errors" @@ -132,7 +133,7 @@ func (c *Commands) addUserPasskeyCode(ctx context.Context, userID, resourceOwner if err != nil { return nil, err } - code, err := c.newCode(ctx, c.eventstore.Filter, domain.SecretGeneratorTypePasswordlessInitCode, alg) + code, err := c.newPasskeyCode(ctx, c.eventstore.Filter, alg) if err != nil { return nil, err } @@ -154,3 +155,7 @@ func (c *Commands) addUserPasskeyCode(ctx context.Context, userID, resourceOwner Code: code.Plain, }, nil } + +func (c *Commands) newPasskeyCode(ctx context.Context, filter preparation.FilterToQueryReducer, alg crypto.EncryptionAlgorithm) (*CryptoCode, error) { + return c.newCode(ctx, filter, domain.SecretGeneratorTypePasswordlessInitCode, alg) +} diff --git a/internal/command/user_v2_passkey_test.go b/internal/command/user_v2_passkey_test.go index 1885f6ab27..8a96d4a213 100644 --- a/internal/command/user_v2_passkey_test.go +++ b/internal/command/user_v2_passkey_test.go @@ -139,7 +139,7 @@ func TestCommands_RegisterUserPasskeyWithCode(t *testing.T) { es := eventstoreExpect(t, expectFilter(eventFromEventPusher(testSecretGeneratorAddedEvent(domain.SecretGeneratorTypePasswordlessInitCode))), ) - code, err := newCryptoCodeWithExpiry(ctx, es.Filter, domain.SecretGeneratorTypePasswordlessInitCode, alg) + code, err := newCryptoCode(ctx, es.Filter, domain.SecretGeneratorTypePasswordlessInitCode, alg) require.NoError(t, err) userAgg := &user.NewAggregate("user1", "org1").Aggregate type fields struct { @@ -237,7 +237,7 @@ func TestCommands_verifyUserPasskeyCode(t *testing.T) { es := eventstoreExpect(t, expectFilter(eventFromEventPusher(testSecretGeneratorAddedEvent(domain.SecretGeneratorTypePasswordlessInitCode))), ) - code, err := newCryptoCodeWithExpiry(ctx, es.Filter, domain.SecretGeneratorTypePasswordlessInitCode, alg) + code, err := newCryptoCode(ctx, es.Filter, domain.SecretGeneratorTypePasswordlessInitCode, alg) require.NoError(t, err) userAgg := &user.NewAggregate("user1", "org1").Aggregate @@ -463,7 +463,7 @@ func TestCommands_AddUserPasskeyCode(t *testing.T) { userAgg := &user.NewAggregate("user1", "org1").Aggregate type fields struct { newCode cryptoCodeFunc - eventstore *eventstore.Eventstore + eventstore func(t *testing.T) *eventstore.Eventstore idGenerator id.Generator } type args struct { @@ -480,8 +480,8 @@ func TestCommands_AddUserPasskeyCode(t *testing.T) { { name: "id generator error", fields: fields{ - newCode: newCryptoCodeWithExpiry, - eventstore: eventstoreExpect(t), + newCode: mockCode("passkey1", time.Hour), + eventstore: expectEventstore(), idGenerator: id_mock.NewIDGeneratorExpectError(t, io.ErrClosedPipe), }, args: args{ @@ -494,7 +494,7 @@ func TestCommands_AddUserPasskeyCode(t *testing.T) { name: "success", fields: fields{ newCode: mockCode("passkey1", time.Minute), - eventstore: eventstoreExpect(t, + eventstore: expectEventstore( expectFilter(eventFromEventPusher( user.NewHumanAddedEvent(context.Background(), userAgg, @@ -538,7 +538,7 @@ func TestCommands_AddUserPasskeyCode(t *testing.T) { t.Run(tt.name, func(t *testing.T) { c := &Commands{ newCode: tt.fields.newCode, - eventstore: tt.fields.eventstore, + eventstore: tt.fields.eventstore(t), idGenerator: tt.fields.idGenerator, } got, err := c.AddUserPasskeyCode(context.Background(), tt.args.userID, tt.args.resourceOwner, alg) @@ -572,7 +572,7 @@ func TestCommands_AddUserPasskeyCodeURLTemplate(t *testing.T) { { name: "template error", fields: fields{ - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, eventstore: eventstoreExpect(t), }, args: args{ @@ -585,7 +585,7 @@ func TestCommands_AddUserPasskeyCodeURLTemplate(t *testing.T) { { name: "id generator error", fields: fields{ - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, eventstore: eventstoreExpect(t), idGenerator: id_mock.NewIDGeneratorExpectError(t, io.ErrClosedPipe), }, @@ -680,7 +680,7 @@ func TestCommands_AddUserPasskeyCodeReturn(t *testing.T) { { name: "id generator error", fields: fields{ - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, eventstore: eventstoreExpect(t), idGenerator: id_mock.NewIDGeneratorExpectError(t, io.ErrClosedPipe), }, @@ -774,7 +774,7 @@ func TestCommands_addUserPasskeyCode(t *testing.T) { { name: "id generator error", fields: fields{ - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, eventstore: eventstoreExpect(t), idGenerator: id_mock.NewIDGeneratorExpectError(t, io.ErrClosedPipe), }, @@ -787,7 +787,7 @@ func TestCommands_addUserPasskeyCode(t *testing.T) { { name: "crypto error", fields: fields{ - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, eventstore: eventstoreExpect(t, expectFilterError(io.ErrClosedPipe)), idGenerator: id_mock.NewIDGeneratorExpectIDs(t, "123"), }, @@ -800,7 +800,7 @@ func TestCommands_addUserPasskeyCode(t *testing.T) { { name: "filter query error", fields: fields{ - newCode: newCryptoCodeWithExpiry, + newCode: newCryptoCode, eventstore: eventstoreExpect(t, expectFilter(eventFromEventPusher(testSecretGeneratorAddedEvent(domain.SecretGeneratorTypePasswordlessInitCode))), expectFilterError(io.ErrClosedPipe),