mirror of
https://github.com/zitadel/zitadel.git
synced 2025-12-03 19:22:28 +00:00
feat(ldap): adding root ca option to ldap config (#9292)
# Which Problems Are Solved Adding ability to add a root CA to LDAP configs # Additional Context - Closes https://github.com/zitadel/zitadel/issues/7888 --------- Co-authored-by: Iraq Jaber <IraqJaber@gmail.com>
This commit is contained in:
Iraq
@@ -142,6 +142,7 @@ type LDAPIDPTemplate struct {
|
||||
UserObjectClasses []string
|
||||
UserFilters []string
|
||||
Timeout time.Duration
|
||||
RootCA []byte
|
||||
idp.LDAPAttributes
|
||||
}
|
||||
|
||||
@@ -580,6 +581,10 @@ var (
|
||||
name: projection.LDAPTimeoutCol,
|
||||
table: ldapIdpTemplateTable,
|
||||
}
|
||||
LDAPRootCACol = Column{
|
||||
name: projection.LDAPRootCACol,
|
||||
table: ldapIdpTemplateTable,
|
||||
}
|
||||
LDAPIDAttributeCol = Column{
|
||||
name: projection.LDAPIDAttributeCol,
|
||||
table: ldapIdpTemplateTable,
|
||||
@@ -943,6 +948,7 @@ func prepareIDPTemplateByIDQuery(ctx context.Context, db prepareDatabase) (sq.Se
|
||||
LDAPUserObjectClassesCol.identifier(),
|
||||
LDAPUserFiltersCol.identifier(),
|
||||
LDAPTimeoutCol.identifier(),
|
||||
LDAPRootCACol.identifier(),
|
||||
LDAPIDAttributeCol.identifier(),
|
||||
LDAPFirstNameAttributeCol.identifier(),
|
||||
LDAPLastNameAttributeCol.identifier(),
|
||||
@@ -1059,6 +1065,7 @@ func prepareIDPTemplateByIDQuery(ctx context.Context, db prepareDatabase) (sq.Se
|
||||
ldapUserObjectClasses := database.TextArray[string]{}
|
||||
ldapUserFilters := database.TextArray[string]{}
|
||||
ldapTimeout := sql.NullInt64{}
|
||||
var ldapRootCA []byte
|
||||
ldapIDAttribute := sql.NullString{}
|
||||
ldapFirstNameAttribute := sql.NullString{}
|
||||
ldapLastNameAttribute := sql.NullString{}
|
||||
@@ -1173,6 +1180,7 @@ func prepareIDPTemplateByIDQuery(ctx context.Context, db prepareDatabase) (sq.Se
|
||||
&ldapUserObjectClasses,
|
||||
&ldapUserFilters,
|
||||
&ldapTimeout,
|
||||
&ldapRootCA,
|
||||
&ldapIDAttribute,
|
||||
&ldapFirstNameAttribute,
|
||||
&ldapLastNameAttribute,
|
||||
@@ -1312,6 +1320,7 @@ func prepareIDPTemplateByIDQuery(ctx context.Context, db prepareDatabase) (sq.Se
|
||||
UserObjectClasses: ldapUserObjectClasses,
|
||||
UserFilters: ldapUserFilters,
|
||||
Timeout: time.Duration(ldapTimeout.Int64),
|
||||
RootCA: ldapRootCA,
|
||||
LDAPAttributes: idp.LDAPAttributes{
|
||||
IDAttribute: ldapIDAttribute.String,
|
||||
FirstNameAttribute: ldapFirstNameAttribute.String,
|
||||
@@ -1438,6 +1447,7 @@ func prepareIDPTemplatesQuery(ctx context.Context, db prepareDatabase) (sq.Selec
|
||||
LDAPUserObjectClassesCol.identifier(),
|
||||
LDAPUserFiltersCol.identifier(),
|
||||
LDAPTimeoutCol.identifier(),
|
||||
LDAPRootCACol.identifier(),
|
||||
LDAPIDAttributeCol.identifier(),
|
||||
LDAPFirstNameAttributeCol.identifier(),
|
||||
LDAPLastNameAttributeCol.identifier(),
|
||||
@@ -1559,6 +1569,7 @@ func prepareIDPTemplatesQuery(ctx context.Context, db prepareDatabase) (sq.Selec
|
||||
ldapUserObjectClasses := database.TextArray[string]{}
|
||||
ldapUserFilters := database.TextArray[string]{}
|
||||
ldapTimeout := sql.NullInt64{}
|
||||
var ldapRootCA []byte
|
||||
ldapIDAttribute := sql.NullString{}
|
||||
ldapFirstNameAttribute := sql.NullString{}
|
||||
ldapLastNameAttribute := sql.NullString{}
|
||||
@@ -1673,6 +1684,7 @@ func prepareIDPTemplatesQuery(ctx context.Context, db prepareDatabase) (sq.Selec
|
||||
&ldapUserObjectClasses,
|
||||
&ldapUserFilters,
|
||||
&ldapTimeout,
|
||||
&ldapRootCA,
|
||||
&ldapIDAttribute,
|
||||
&ldapFirstNameAttribute,
|
||||
&ldapLastNameAttribute,
|
||||
@@ -1811,6 +1823,7 @@ func prepareIDPTemplatesQuery(ctx context.Context, db prepareDatabase) (sq.Selec
|
||||
UserObjectClasses: ldapUserObjectClasses,
|
||||
UserFilters: ldapUserFilters,
|
||||
Timeout: time.Duration(ldapTimeout.Int64),
|
||||
RootCA: ldapRootCA,
|
||||
LDAPAttributes: idp.LDAPAttributes{
|
||||
IDAttribute: ldapIDAttribute.String,
|
||||
FirstNameAttribute: ldapFirstNameAttribute.String,
|
||||
|
||||
@@ -98,29 +98,30 @@ var (
|
||||
` projections.idp_templates6_saml.name_id_format,` +
|
||||
` projections.idp_templates6_saml.transient_mapping_attribute_name,` +
|
||||
// ldap
|
||||
` projections.idp_templates6_ldap2.idp_id,` +
|
||||
` projections.idp_templates6_ldap2.servers,` +
|
||||
` projections.idp_templates6_ldap2.start_tls,` +
|
||||
` projections.idp_templates6_ldap2.base_dn,` +
|
||||
` projections.idp_templates6_ldap2.bind_dn,` +
|
||||
` projections.idp_templates6_ldap2.bind_password,` +
|
||||
` projections.idp_templates6_ldap2.user_base,` +
|
||||
` projections.idp_templates6_ldap2.user_object_classes,` +
|
||||
` projections.idp_templates6_ldap2.user_filters,` +
|
||||
` projections.idp_templates6_ldap2.timeout,` +
|
||||
` projections.idp_templates6_ldap2.id_attribute,` +
|
||||
` projections.idp_templates6_ldap2.first_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.last_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.display_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.nick_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.preferred_username_attribute,` +
|
||||
` projections.idp_templates6_ldap2.email_attribute,` +
|
||||
` projections.idp_templates6_ldap2.email_verified,` +
|
||||
` projections.idp_templates6_ldap2.phone_attribute,` +
|
||||
` projections.idp_templates6_ldap2.phone_verified_attribute,` +
|
||||
` projections.idp_templates6_ldap2.preferred_language_attribute,` +
|
||||
` projections.idp_templates6_ldap2.avatar_url_attribute,` +
|
||||
` projections.idp_templates6_ldap2.profile_attribute,` +
|
||||
` projections.idp_templates6_ldap3.idp_id,` +
|
||||
` projections.idp_templates6_ldap3.servers,` +
|
||||
` projections.idp_templates6_ldap3.start_tls,` +
|
||||
` projections.idp_templates6_ldap3.base_dn,` +
|
||||
` projections.idp_templates6_ldap3.bind_dn,` +
|
||||
` projections.idp_templates6_ldap3.bind_password,` +
|
||||
` projections.idp_templates6_ldap3.user_base,` +
|
||||
` projections.idp_templates6_ldap3.user_object_classes,` +
|
||||
` projections.idp_templates6_ldap3.user_filters,` +
|
||||
` projections.idp_templates6_ldap3.timeout,` +
|
||||
` projections.idp_templates6_ldap3.rootCA,` +
|
||||
` projections.idp_templates6_ldap3.id_attribute,` +
|
||||
` projections.idp_templates6_ldap3.first_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.last_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.display_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.nick_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.preferred_username_attribute,` +
|
||||
` projections.idp_templates6_ldap3.email_attribute,` +
|
||||
` projections.idp_templates6_ldap3.email_verified,` +
|
||||
` projections.idp_templates6_ldap3.phone_attribute,` +
|
||||
` projections.idp_templates6_ldap3.phone_verified_attribute,` +
|
||||
` projections.idp_templates6_ldap3.preferred_language_attribute,` +
|
||||
` projections.idp_templates6_ldap3.avatar_url_attribute,` +
|
||||
` projections.idp_templates6_ldap3.profile_attribute,` +
|
||||
// apple
|
||||
` projections.idp_templates6_apple.idp_id,` +
|
||||
` projections.idp_templates6_apple.client_id,` +
|
||||
@@ -139,7 +140,7 @@ var (
|
||||
` LEFT JOIN projections.idp_templates6_gitlab_self_hosted ON projections.idp_templates6.id = projections.idp_templates6_gitlab_self_hosted.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_gitlab_self_hosted.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_google ON projections.idp_templates6.id = projections.idp_templates6_google.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_google.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_saml ON projections.idp_templates6.id = projections.idp_templates6_saml.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_saml.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_ldap2 ON projections.idp_templates6.id = projections.idp_templates6_ldap2.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap2.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_ldap3 ON projections.idp_templates6.id = projections.idp_templates6_ldap3.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap3.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_apple ON projections.idp_templates6.id = projections.idp_templates6_apple.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_apple.instance_id` +
|
||||
` AS OF SYSTEM TIME '-1 ms'`
|
||||
idpTemplateCols = []string{
|
||||
@@ -235,6 +236,7 @@ var (
|
||||
"user_object_classes",
|
||||
"user_filters",
|
||||
"timeout",
|
||||
"rootCA",
|
||||
"id_attribute",
|
||||
"first_name_attribute",
|
||||
"last_name_attribute",
|
||||
@@ -338,29 +340,30 @@ var (
|
||||
` projections.idp_templates6_saml.name_id_format,` +
|
||||
` projections.idp_templates6_saml.transient_mapping_attribute_name,` +
|
||||
// ldap
|
||||
` projections.idp_templates6_ldap2.idp_id,` +
|
||||
` projections.idp_templates6_ldap2.servers,` +
|
||||
` projections.idp_templates6_ldap2.start_tls,` +
|
||||
` projections.idp_templates6_ldap2.base_dn,` +
|
||||
` projections.idp_templates6_ldap2.bind_dn,` +
|
||||
` projections.idp_templates6_ldap2.bind_password,` +
|
||||
` projections.idp_templates6_ldap2.user_base,` +
|
||||
` projections.idp_templates6_ldap2.user_object_classes,` +
|
||||
` projections.idp_templates6_ldap2.user_filters,` +
|
||||
` projections.idp_templates6_ldap2.timeout,` +
|
||||
` projections.idp_templates6_ldap2.id_attribute,` +
|
||||
` projections.idp_templates6_ldap2.first_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.last_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.display_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.nick_name_attribute,` +
|
||||
` projections.idp_templates6_ldap2.preferred_username_attribute,` +
|
||||
` projections.idp_templates6_ldap2.email_attribute,` +
|
||||
` projections.idp_templates6_ldap2.email_verified,` +
|
||||
` projections.idp_templates6_ldap2.phone_attribute,` +
|
||||
` projections.idp_templates6_ldap2.phone_verified_attribute,` +
|
||||
` projections.idp_templates6_ldap2.preferred_language_attribute,` +
|
||||
` projections.idp_templates6_ldap2.avatar_url_attribute,` +
|
||||
` projections.idp_templates6_ldap2.profile_attribute,` +
|
||||
` projections.idp_templates6_ldap3.idp_id,` +
|
||||
` projections.idp_templates6_ldap3.servers,` +
|
||||
` projections.idp_templates6_ldap3.start_tls,` +
|
||||
` projections.idp_templates6_ldap3.base_dn,` +
|
||||
` projections.idp_templates6_ldap3.bind_dn,` +
|
||||
` projections.idp_templates6_ldap3.bind_password,` +
|
||||
` projections.idp_templates6_ldap3.user_base,` +
|
||||
` projections.idp_templates6_ldap3.user_object_classes,` +
|
||||
` projections.idp_templates6_ldap3.user_filters,` +
|
||||
` projections.idp_templates6_ldap3.timeout,` +
|
||||
` projections.idp_templates6_ldap3.rootCA,` +
|
||||
` projections.idp_templates6_ldap3.id_attribute,` +
|
||||
` projections.idp_templates6_ldap3.first_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.last_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.display_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.nick_name_attribute,` +
|
||||
` projections.idp_templates6_ldap3.preferred_username_attribute,` +
|
||||
` projections.idp_templates6_ldap3.email_attribute,` +
|
||||
` projections.idp_templates6_ldap3.email_verified,` +
|
||||
` projections.idp_templates6_ldap3.phone_attribute,` +
|
||||
` projections.idp_templates6_ldap3.phone_verified_attribute,` +
|
||||
` projections.idp_templates6_ldap3.preferred_language_attribute,` +
|
||||
` projections.idp_templates6_ldap3.avatar_url_attribute,` +
|
||||
` projections.idp_templates6_ldap3.profile_attribute,` +
|
||||
// apple
|
||||
` projections.idp_templates6_apple.idp_id,` +
|
||||
` projections.idp_templates6_apple.client_id,` +
|
||||
@@ -380,7 +383,7 @@ var (
|
||||
` LEFT JOIN projections.idp_templates6_gitlab_self_hosted ON projections.idp_templates6.id = projections.idp_templates6_gitlab_self_hosted.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_gitlab_self_hosted.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_google ON projections.idp_templates6.id = projections.idp_templates6_google.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_google.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_saml ON projections.idp_templates6.id = projections.idp_templates6_saml.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_saml.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_ldap2 ON projections.idp_templates6.id = projections.idp_templates6_ldap2.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap2.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_ldap3 ON projections.idp_templates6.id = projections.idp_templates6_ldap3.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap3.instance_id` +
|
||||
` LEFT JOIN projections.idp_templates6_apple ON projections.idp_templates6.id = projections.idp_templates6_apple.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_apple.instance_id` +
|
||||
` AS OF SYSTEM TIME '-1 ms'`
|
||||
idpTemplatesCols = []string{
|
||||
@@ -476,6 +479,7 @@ var (
|
||||
"user_object_classes",
|
||||
"user_filters",
|
||||
"timeout",
|
||||
"rootCA",
|
||||
"id_attribute",
|
||||
"first_name_attribute",
|
||||
"last_name_attribute",
|
||||
@@ -642,6 +646,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -792,6 +797,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -940,6 +946,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -1087,6 +1094,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -1233,6 +1241,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -1379,6 +1388,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -1526,6 +1536,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -1672,6 +1683,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -1809,6 +1821,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
database.TextArray[string]{"object"},
|
||||
database.TextArray[string]{"filter"},
|
||||
time.Duration(30000000000),
|
||||
[]byte("certificate"),
|
||||
"id",
|
||||
"first",
|
||||
"last",
|
||||
@@ -1857,6 +1870,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
UserObjectClasses: []string{"object"},
|
||||
UserFilters: []string{"filter"},
|
||||
Timeout: time.Duration(30000000000),
|
||||
RootCA: []byte("certificate"),
|
||||
LDAPAttributes: idp.LDAPAttributes{
|
||||
IDAttribute: "id",
|
||||
FirstNameAttribute: "first",
|
||||
@@ -1988,6 +2002,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
"idp-id",
|
||||
"client_id",
|
||||
@@ -2136,6 +2151,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -2299,6 +2315,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
database.TextArray[string]{"object"},
|
||||
database.TextArray[string]{"filter"},
|
||||
time.Duration(30000000000),
|
||||
[]byte("certificate"),
|
||||
"id",
|
||||
"first",
|
||||
"last",
|
||||
@@ -2353,6 +2370,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
UserObjectClasses: []string{"object"},
|
||||
UserFilters: []string{"filter"},
|
||||
Timeout: time.Duration(30000000000),
|
||||
RootCA: []byte("certificate"),
|
||||
LDAPAttributes: idp.LDAPAttributes{
|
||||
IDAttribute: "id",
|
||||
FirstNameAttribute: "first",
|
||||
@@ -2487,6 +2505,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -2623,6 +2642,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
database.TextArray[string]{"object"},
|
||||
database.TextArray[string]{"filter"},
|
||||
time.Duration(30000000000),
|
||||
[]byte("certificate"),
|
||||
"id",
|
||||
"first",
|
||||
"last",
|
||||
@@ -2750,6 +2770,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -2864,6 +2885,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -2978,6 +3000,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -3092,6 +3115,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -3206,6 +3230,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
nil,
|
||||
// apple
|
||||
nil,
|
||||
nil,
|
||||
@@ -3247,6 +3272,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
|
||||
UserObjectClasses: []string{"object"},
|
||||
UserFilters: []string{"filter"},
|
||||
Timeout: time.Duration(30000000000),
|
||||
RootCA: []byte("certificate"),
|
||||
LDAPAttributes: idp.LDAPAttributes{
|
||||
IDAttribute: "id",
|
||||
FirstNameAttribute: "first",
|
||||
|
||||
@@ -40,7 +40,7 @@ const (
|
||||
IDPTemplateGitLabSuffix = "gitlab"
|
||||
IDPTemplateGitLabSelfHostedSuffix = "gitlab_self_hosted"
|
||||
IDPTemplateGoogleSuffix = "google"
|
||||
IDPTemplateLDAPSuffix = "ldap2"
|
||||
IDPTemplateLDAPSuffix = "ldap3"
|
||||
IDPTemplateAppleSuffix = "apple"
|
||||
IDPTemplateSAMLSuffix = "saml"
|
||||
|
||||
@@ -139,6 +139,7 @@ const (
|
||||
LDAPUserObjectClassesCol = "user_object_classes"
|
||||
LDAPUserFiltersCol = "user_filters"
|
||||
LDAPTimeoutCol = "timeout"
|
||||
LDAPRootCACol = "rootCA"
|
||||
LDAPIDAttributeCol = "id_attribute"
|
||||
LDAPFirstNameAttributeCol = "first_name_attribute"
|
||||
LDAPLastNameAttributeCol = "last_name_attribute"
|
||||
@@ -330,6 +331,7 @@ func (*idpTemplateProjection) Init() *old_handler.Check {
|
||||
handler.NewColumn(LDAPUserObjectClassesCol, handler.ColumnTypeTextArray),
|
||||
handler.NewColumn(LDAPUserFiltersCol, handler.ColumnTypeTextArray),
|
||||
handler.NewColumn(LDAPTimeoutCol, handler.ColumnTypeInt64),
|
||||
handler.NewColumn(LDAPRootCACol, handler.ColumnTypeBytes, handler.Nullable()),
|
||||
handler.NewColumn(LDAPIDAttributeCol, handler.ColumnTypeText, handler.Nullable()),
|
||||
handler.NewColumn(LDAPFirstNameAttributeCol, handler.ColumnTypeText, handler.Nullable()),
|
||||
handler.NewColumn(LDAPLastNameAttributeCol, handler.ColumnTypeText, handler.Nullable()),
|
||||
@@ -1896,6 +1898,7 @@ func (p *idpTemplateProjection) reduceLDAPIDPAdded(event eventstore.Event) (*han
|
||||
handler.NewCol(LDAPUserObjectClassesCol, database.TextArray[string](idpEvent.UserObjectClasses)),
|
||||
handler.NewCol(LDAPUserFiltersCol, database.TextArray[string](idpEvent.UserFilters)),
|
||||
handler.NewCol(LDAPTimeoutCol, idpEvent.Timeout),
|
||||
handler.NewCol(LDAPRootCACol, idpEvent.RootCA),
|
||||
handler.NewCol(LDAPIDAttributeCol, idpEvent.IDAttribute),
|
||||
handler.NewCol(LDAPFirstNameAttributeCol, idpEvent.FirstNameAttribute),
|
||||
handler.NewCol(LDAPLastNameAttributeCol, idpEvent.LastNameAttribute),
|
||||
@@ -2421,6 +2424,9 @@ func reduceLDAPIDPChangedColumns(idpEvent idp.LDAPIDPChangedEvent) []handler.Col
|
||||
if idpEvent.Timeout != nil {
|
||||
ldapCols = append(ldapCols, handler.NewCol(LDAPTimeoutCol, *idpEvent.Timeout))
|
||||
}
|
||||
if idpEvent.RootCA != nil {
|
||||
ldapCols = append(ldapCols, handler.NewCol(LDAPRootCACol, idpEvent.RootCA))
|
||||
}
|
||||
if idpEvent.IDAttribute != nil {
|
||||
ldapCols = append(ldapCols, handler.NewCol(LDAPIDAttributeCol, *idpEvent.IDAttribute))
|
||||
}
|
||||
|
||||
@@ -2117,6 +2117,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
"userObjectClasses": ["object"],
|
||||
"userFilters": ["filter"],
|
||||
"timeout": 30000000000,
|
||||
"rootcA": `+stringToJSONByte("certificate")+`,
|
||||
"idAttribute": "id",
|
||||
"firstNameAttribute": "first",
|
||||
"lastNameAttribute": "last",
|
||||
@@ -2165,7 +2166,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
},
|
||||
},
|
||||
{
|
||||
expectedStmt: "INSERT INTO projections.idp_templates6_ldap2 (idp_id, instance_id, servers, start_tls, base_dn, bind_dn, bind_password, user_base, user_object_classes, user_filters, timeout, id_attribute, first_name_attribute, last_name_attribute, display_name_attribute, nick_name_attribute, preferred_username_attribute, email_attribute, email_verified, phone_attribute, phone_verified_attribute, preferred_language_attribute, avatar_url_attribute, profile_attribute) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24)",
|
||||
expectedStmt: "INSERT INTO projections.idp_templates6_ldap3 (idp_id, instance_id, servers, start_tls, base_dn, bind_dn, bind_password, user_base, user_object_classes, user_filters, timeout, rootCA, id_attribute, first_name_attribute, last_name_attribute, display_name_attribute, nick_name_attribute, preferred_username_attribute, email_attribute, email_verified, phone_attribute, phone_verified_attribute, preferred_language_attribute, avatar_url_attribute, profile_attribute) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24, $25)",
|
||||
expectedArgs: []interface{}{
|
||||
"idp-id",
|
||||
"instance-id",
|
||||
@@ -2178,6 +2179,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
database.TextArray[string]{"object"},
|
||||
database.TextArray[string]{"filter"},
|
||||
time.Duration(30000000000),
|
||||
[]byte("certificate"),
|
||||
"id",
|
||||
"first",
|
||||
"last",
|
||||
@@ -2220,6 +2222,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
"userObjectClasses": ["object"],
|
||||
"userFilters": ["filter"],
|
||||
"timeout": 30000000000,
|
||||
"rootcA": `+stringToJSONByte("certificate")+`,
|
||||
"idAttribute": "id",
|
||||
"firstNameAttribute": "first",
|
||||
"lastNameAttribute": "last",
|
||||
@@ -2268,7 +2271,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
},
|
||||
},
|
||||
{
|
||||
expectedStmt: "INSERT INTO projections.idp_templates6_ldap2 (idp_id, instance_id, servers, start_tls, base_dn, bind_dn, bind_password, user_base, user_object_classes, user_filters, timeout, id_attribute, first_name_attribute, last_name_attribute, display_name_attribute, nick_name_attribute, preferred_username_attribute, email_attribute, email_verified, phone_attribute, phone_verified_attribute, preferred_language_attribute, avatar_url_attribute, profile_attribute) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24)",
|
||||
expectedStmt: "INSERT INTO projections.idp_templates6_ldap3 (idp_id, instance_id, servers, start_tls, base_dn, bind_dn, bind_password, user_base, user_object_classes, user_filters, timeout, rootCA, id_attribute, first_name_attribute, last_name_attribute, display_name_attribute, nick_name_attribute, preferred_username_attribute, email_attribute, email_verified, phone_attribute, phone_verified_attribute, preferred_language_attribute, avatar_url_attribute, profile_attribute) VALUES ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23, $24, $25)",
|
||||
expectedArgs: []interface{}{
|
||||
"idp-id",
|
||||
"instance-id",
|
||||
@@ -2281,6 +2284,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
database.TextArray[string]{"object"},
|
||||
database.TextArray[string]{"filter"},
|
||||
time.Duration(30000000000),
|
||||
[]byte("certificate"),
|
||||
"id",
|
||||
"first",
|
||||
"last",
|
||||
@@ -2331,7 +2335,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
},
|
||||
},
|
||||
{
|
||||
expectedStmt: "UPDATE projections.idp_templates6_ldap2 SET base_dn = $1 WHERE (idp_id = $2) AND (instance_id = $3)",
|
||||
expectedStmt: "UPDATE projections.idp_templates6_ldap3 SET base_dn = $1 WHERE (idp_id = $2) AND (instance_id = $3)",
|
||||
expectedArgs: []interface{}{
|
||||
"basedn",
|
||||
"idp-id",
|
||||
@@ -2365,6 +2369,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
"userObjectClasses": ["object"],
|
||||
"userFilters": ["filter"],
|
||||
"timeout": 30000000000,
|
||||
"rootcA": `+stringToJSONByte("certificate")+`,
|
||||
"idAttribute": "id",
|
||||
"firstNameAttribute": "first",
|
||||
"lastNameAttribute": "last",
|
||||
@@ -2408,7 +2413,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
},
|
||||
},
|
||||
{
|
||||
expectedStmt: "UPDATE projections.idp_templates6_ldap2 SET (servers, start_tls, base_dn, bind_dn, bind_password, user_base, user_object_classes, user_filters, timeout, id_attribute, first_name_attribute, last_name_attribute, display_name_attribute, nick_name_attribute, preferred_username_attribute, email_attribute, email_verified, phone_attribute, phone_verified_attribute, preferred_language_attribute, avatar_url_attribute, profile_attribute) = ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22) WHERE (idp_id = $23) AND (instance_id = $24)",
|
||||
expectedStmt: "UPDATE projections.idp_templates6_ldap3 SET (servers, start_tls, base_dn, bind_dn, bind_password, user_base, user_object_classes, user_filters, timeout, rootCA, id_attribute, first_name_attribute, last_name_attribute, display_name_attribute, nick_name_attribute, preferred_username_attribute, email_attribute, email_verified, phone_attribute, phone_verified_attribute, preferred_language_attribute, avatar_url_attribute, profile_attribute) = ($1, $2, $3, $4, $5, $6, $7, $8, $9, $10, $11, $12, $13, $14, $15, $16, $17, $18, $19, $20, $21, $22, $23) WHERE (idp_id = $24) AND (instance_id = $25)",
|
||||
expectedArgs: []interface{}{
|
||||
database.TextArray[string]{"server"},
|
||||
false,
|
||||
@@ -2419,6 +2424,7 @@ func TestIDPTemplateProjection_reducesLDAP(t *testing.T) {
|
||||
database.TextArray[string]{"object"},
|
||||
database.TextArray[string]{"filter"},
|
||||
time.Duration(30000000000),
|
||||
[]byte("certificate"),
|
||||
"id",
|
||||
"first",
|
||||
"last",
|
||||
|
||||
Reference in New Issue
Block a user