feat: http provider signing key addition (#10641)

# Which Problems Are Solved HTTP Request to HTTP providers for Email or SMS are not signed. # How the Problems Are Solved Add a Signing Key to the HTTP Provider resources, which is then used to generate a header to sign the payload. # Additional Changes Additional tests for query side of the SMTP provider. # Additional Context Closes #10067 --------- Co-authored-by: Marco A. <marco@zitadel.com> (cherry picked from commit 8909b9a2a6)
2025-12-06 18:42:13 +00:00 · 2025-09-08 13:00:04 +02:00
parent d2d94ea088
commit 1a7cd6e1af
36 changed files with 2113 additions and 132 deletions
--- a/internal/query/sms_test.go
+++ b/internal/query/sms_test.go
@@ -32,7 +32,8 @@ var (

 		// http config
 		` projections.sms_configs3_http.sms_id,` +
-		` projections.sms_configs3_http.endpoint` +
+		` projections.sms_configs3_http.endpoint,` +
+		` projections.sms_configs3_http.signing_key` +
 		` FROM projections.sms_configs3` +
 		` LEFT JOIN projections.sms_configs3_twilio ON projections.sms_configs3.id = projections.sms_configs3_twilio.sms_id AND projections.sms_configs3.instance_id = projections.sms_configs3_twilio.instance_id` +
 		` LEFT JOIN projections.sms_configs3_http ON projections.sms_configs3.id = projections.sms_configs3_http.sms_id AND projections.sms_configs3.instance_id = projections.sms_configs3_http.instance_id`)
@@ -55,6 +56,7 @@ var (
 		// http config
 		` projections.sms_configs3_http.sms_id,` +
 		` projections.sms_configs3_http.endpoint,` +
+		` projections.sms_configs3_http.signing_key,` +
 		` COUNT(*) OVER ()` +
 		` FROM projections.sms_configs3` +
 		` LEFT JOIN projections.sms_configs3_twilio ON projections.sms_configs3.id = projections.sms_configs3_twilio.sms_id AND projections.sms_configs3.instance_id = projections.sms_configs3_twilio.instance_id` +
@@ -78,6 +80,7 @@ var (
 		// http config
 		"sms_id",
 		"endpoint",
+		"signing_key",
 	}
 	smsConfigsCols = append(smsConfigCols, "count")
 )
@@ -131,6 +134,7 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 							// http config
 							nil,
 							nil,
+							nil,
 						},
 					},
 				),
@@ -185,6 +189,12 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 							// http config
 							"sms-id",
 							"endpoint",
+							&crypto.CryptoValue{
+								CryptoType: crypto.TypeEncryption,
+								Algorithm:  "alg",
+								KeyID:      "encKey",
+								Crypted:    []byte("crypted"),
+							},
 						},
 					},
 				),
@@ -205,6 +215,12 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 						Description:   "description",
 						HTTPConfig: &HTTP{
 							Endpoint: "endpoint",
+							signingKey: &crypto.CryptoValue{
+								CryptoType: crypto.TypeEncryption,
+								Algorithm:  "alg",
+								KeyID:      "encKey",
+								Crypted:    []byte("crypted"),
+							},
 						},
 					},
 				},
@@ -236,6 +252,7 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 							// http config
 							nil,
 							nil,
+							nil,
 						},
 						{
 							"sms-id2",
@@ -255,6 +272,7 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 							// http config
 							nil,
 							nil,
+							nil,
 						},
 						{
 							"sms-id3",
@@ -274,6 +292,12 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 							// http config
 							"sms-id3",
 							"endpoint3",
+							&crypto.CryptoValue{
+								CryptoType: crypto.TypeEncryption,
+								Algorithm:  "alg",
+								KeyID:      "encKey",
+								Crypted:    []byte("crypted"),
+							},
 						},
 					},
 				),
@@ -326,6 +350,12 @@ func Test_SMSConfigsPrepare(t *testing.T) {
 						Description:   "description",
 						HTTPConfig: &HTTP{
 							Endpoint: "endpoint3",
+							signingKey: &crypto.CryptoValue{
+								CryptoType: crypto.TypeEncryption,
+								Algorithm:  "alg",
+								KeyID:      "encKey",
+								Crypted:    []byte("crypted"),
+							},
 						},
 					},
 				},
@@ -410,6 +440,7 @@ func Test_SMSConfigPrepare(t *testing.T) {
 						// http config
 						nil,
 						nil,
+						nil,
 					},
 				),
 			},
@@ -455,6 +486,12 @@ func Test_SMSConfigPrepare(t *testing.T) {
 						// http config
 						"sms-id",
 						"endpoint",
+						&crypto.CryptoValue{
+							CryptoType: crypto.TypeEncryption,
+							Algorithm:  "alg",
+							KeyID:      "encKey",
+							Crypted:    []byte("crypted"),
+						},
 					},
 				),
 			},
@@ -469,6 +506,12 @@ func Test_SMSConfigPrepare(t *testing.T) {
 				Description:   "description",
 				HTTPConfig: &HTTP{
 					Endpoint: "endpoint",
+					signingKey: &crypto.CryptoValue{
+						CryptoType: crypto.TypeEncryption,
+						Algorithm:  "alg",
+						KeyID:      "encKey",
+						Crypted:    []byte("crypted"),
+					},
 				},
 			},
 		},