TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(ldap): adding root ca option to ldap config (#9292)

Browse Source 
# Which Problems Are Solved

Adding ability to add a root CA to LDAP configs

# Additional Context

- Closes https://github.com/zitadel/zitadel/issues/7888

---------

Co-authored-by: Iraq Jaber <IraqJaber@gmail.com>
This commit is contained in:
Iraq
2025-02-18 10:06:50 +00:00
committed by GitHub
parent d7332d1ac4
commit 5bbb953ffb
27 changed files with 418 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

122
internal/query/idp_template_test.go
View File

@@ -98,29 +98,30 @@ var (
` projections.idp_templates6_saml.name_id_format,` +
` projections.idp_templates6_saml.transient_mapping_attribute_name,` +
// ldap
` projections.idp_templates6_ldap2.idp_id,` +
` projections.idp_templates6_ldap2.servers,` +
` projections.idp_templates6_ldap2.start_tls,` +
` projections.idp_templates6_ldap2.base_dn,` +
` projections.idp_templates6_ldap2.bind_dn,` +
` projections.idp_templates6_ldap2.bind_password,` +
` projections.idp_templates6_ldap2.user_base,` +
` projections.idp_templates6_ldap2.user_object_classes,` +
` projections.idp_templates6_ldap2.user_filters,` +
` projections.idp_templates6_ldap2.timeout,` +
` projections.idp_templates6_ldap2.id_attribute,` +
` projections.idp_templates6_ldap2.first_name_attribute,` +
` projections.idp_templates6_ldap2.last_name_attribute,` +
` projections.idp_templates6_ldap2.display_name_attribute,` +
` projections.idp_templates6_ldap2.nick_name_attribute,` +
` projections.idp_templates6_ldap2.preferred_username_attribute,` +
` projections.idp_templates6_ldap2.email_attribute,` +
` projections.idp_templates6_ldap2.email_verified,` +
` projections.idp_templates6_ldap2.phone_attribute,` +
` projections.idp_templates6_ldap2.phone_verified_attribute,` +
` projections.idp_templates6_ldap2.preferred_language_attribute,` +
` projections.idp_templates6_ldap2.avatar_url_attribute,` +
` projections.idp_templates6_ldap2.profile_attribute,` +
` projections.idp_templates6_ldap3.idp_id,` +
` projections.idp_templates6_ldap3.servers,` +
` projections.idp_templates6_ldap3.start_tls,` +
` projections.idp_templates6_ldap3.base_dn,` +
` projections.idp_templates6_ldap3.bind_dn,` +
` projections.idp_templates6_ldap3.bind_password,` +
` projections.idp_templates6_ldap3.user_base,` +
` projections.idp_templates6_ldap3.user_object_classes,` +
` projections.idp_templates6_ldap3.user_filters,` +
` projections.idp_templates6_ldap3.timeout,` +
` projections.idp_templates6_ldap3.rootCA,` +
` projections.idp_templates6_ldap3.id_attribute,` +
` projections.idp_templates6_ldap3.first_name_attribute,` +
` projections.idp_templates6_ldap3.last_name_attribute,` +
` projections.idp_templates6_ldap3.display_name_attribute,` +
` projections.idp_templates6_ldap3.nick_name_attribute,` +
` projections.idp_templates6_ldap3.preferred_username_attribute,` +
` projections.idp_templates6_ldap3.email_attribute,` +
` projections.idp_templates6_ldap3.email_verified,` +
` projections.idp_templates6_ldap3.phone_attribute,` +
` projections.idp_templates6_ldap3.phone_verified_attribute,` +
` projections.idp_templates6_ldap3.preferred_language_attribute,` +
` projections.idp_templates6_ldap3.avatar_url_attribute,` +
` projections.idp_templates6_ldap3.profile_attribute,` +
// apple
` projections.idp_templates6_apple.idp_id,` +
` projections.idp_templates6_apple.client_id,` +
@@ -139,7 +140,7 @@ var (
` LEFT JOIN projections.idp_templates6_gitlab_self_hosted ON projections.idp_templates6.id = projections.idp_templates6_gitlab_self_hosted.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_gitlab_self_hosted.instance_id` +
` LEFT JOIN projections.idp_templates6_google ON projections.idp_templates6.id = projections.idp_templates6_google.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_google.instance_id` +
` LEFT JOIN projections.idp_templates6_saml ON projections.idp_templates6.id = projections.idp_templates6_saml.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_saml.instance_id` +
` LEFT JOIN projections.idp_templates6_ldap2 ON projections.idp_templates6.id = projections.idp_templates6_ldap2.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap2.instance_id` +
` LEFT JOIN projections.idp_templates6_ldap3 ON projections.idp_templates6.id = projections.idp_templates6_ldap3.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap3.instance_id` +
` LEFT JOIN projections.idp_templates6_apple ON projections.idp_templates6.id = projections.idp_templates6_apple.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_apple.instance_id` +
` AS OF SYSTEM TIME '-1 ms'`
idpTemplateCols = []string{
@@ -235,6 +236,7 @@ var (
"user_object_classes",
"user_filters",
"timeout",
"rootCA",
"id_attribute",
"first_name_attribute",
"last_name_attribute",
@@ -338,29 +340,30 @@ var (
` projections.idp_templates6_saml.name_id_format,` +
` projections.idp_templates6_saml.transient_mapping_attribute_name,` +
// ldap
` projections.idp_templates6_ldap2.idp_id,` +
` projections.idp_templates6_ldap2.servers,` +
` projections.idp_templates6_ldap2.start_tls,` +
` projections.idp_templates6_ldap2.base_dn,` +
` projections.idp_templates6_ldap2.bind_dn,` +
` projections.idp_templates6_ldap2.bind_password,` +
` projections.idp_templates6_ldap2.user_base,` +
` projections.idp_templates6_ldap2.user_object_classes,` +
` projections.idp_templates6_ldap2.user_filters,` +
` projections.idp_templates6_ldap2.timeout,` +
` projections.idp_templates6_ldap2.id_attribute,` +
` projections.idp_templates6_ldap2.first_name_attribute,` +
` projections.idp_templates6_ldap2.last_name_attribute,` +
` projections.idp_templates6_ldap2.display_name_attribute,` +
` projections.idp_templates6_ldap2.nick_name_attribute,` +
` projections.idp_templates6_ldap2.preferred_username_attribute,` +
` projections.idp_templates6_ldap2.email_attribute,` +
` projections.idp_templates6_ldap2.email_verified,` +
` projections.idp_templates6_ldap2.phone_attribute,` +
` projections.idp_templates6_ldap2.phone_verified_attribute,` +
` projections.idp_templates6_ldap2.preferred_language_attribute,` +
` projections.idp_templates6_ldap2.avatar_url_attribute,` +
` projections.idp_templates6_ldap2.profile_attribute,` +
` projections.idp_templates6_ldap3.idp_id,` +
` projections.idp_templates6_ldap3.servers,` +
` projections.idp_templates6_ldap3.start_tls,` +
` projections.idp_templates6_ldap3.base_dn,` +
` projections.idp_templates6_ldap3.bind_dn,` +
` projections.idp_templates6_ldap3.bind_password,` +
` projections.idp_templates6_ldap3.user_base,` +
` projections.idp_templates6_ldap3.user_object_classes,` +
` projections.idp_templates6_ldap3.user_filters,` +
` projections.idp_templates6_ldap3.timeout,` +
` projections.idp_templates6_ldap3.rootCA,` +
` projections.idp_templates6_ldap3.id_attribute,` +
` projections.idp_templates6_ldap3.first_name_attribute,` +
` projections.idp_templates6_ldap3.last_name_attribute,` +
` projections.idp_templates6_ldap3.display_name_attribute,` +
` projections.idp_templates6_ldap3.nick_name_attribute,` +
` projections.idp_templates6_ldap3.preferred_username_attribute,` +
` projections.idp_templates6_ldap3.email_attribute,` +
` projections.idp_templates6_ldap3.email_verified,` +
` projections.idp_templates6_ldap3.phone_attribute,` +
` projections.idp_templates6_ldap3.phone_verified_attribute,` +
` projections.idp_templates6_ldap3.preferred_language_attribute,` +
` projections.idp_templates6_ldap3.avatar_url_attribute,` +
` projections.idp_templates6_ldap3.profile_attribute,` +
// apple
` projections.idp_templates6_apple.idp_id,` +
` projections.idp_templates6_apple.client_id,` +
@@ -380,7 +383,7 @@ var (
` LEFT JOIN projections.idp_templates6_gitlab_self_hosted ON projections.idp_templates6.id = projections.idp_templates6_gitlab_self_hosted.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_gitlab_self_hosted.instance_id` +
` LEFT JOIN projections.idp_templates6_google ON projections.idp_templates6.id = projections.idp_templates6_google.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_google.instance_id` +
` LEFT JOIN projections.idp_templates6_saml ON projections.idp_templates6.id = projections.idp_templates6_saml.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_saml.instance_id` +
` LEFT JOIN projections.idp_templates6_ldap2 ON projections.idp_templates6.id = projections.idp_templates6_ldap2.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap2.instance_id` +
` LEFT JOIN projections.idp_templates6_ldap3 ON projections.idp_templates6.id = projections.idp_templates6_ldap3.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_ldap3.instance_id` +
` LEFT JOIN projections.idp_templates6_apple ON projections.idp_templates6.id = projections.idp_templates6_apple.idp_id AND projections.idp_templates6.instance_id = projections.idp_templates6_apple.instance_id` +
` AS OF SYSTEM TIME '-1 ms'`
idpTemplatesCols = []string{
@@ -476,6 +479,7 @@ var (
"user_object_classes",
"user_filters",
"timeout",
"rootCA",
"id_attribute",
"first_name_attribute",
"last_name_attribute",
@@ -642,6 +646,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -792,6 +797,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -940,6 +946,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -1087,6 +1094,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -1233,6 +1241,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -1379,6 +1388,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -1526,6 +1536,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -1672,6 +1683,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -1809,6 +1821,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
database.TextArray[string]{"object"},
database.TextArray[string]{"filter"},
time.Duration(30000000000),
[]byte("certificate"),
"id",
"first",
"last",
@@ -1857,6 +1870,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
Timeout: time.Duration(30000000000),
RootCA: []byte("certificate"),
LDAPAttributes: idp.LDAPAttributes{
IDAttribute: "id",
FirstNameAttribute: "first",
@@ -1988,6 +2002,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
"idp-id",
"client_id",
@@ -2136,6 +2151,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -2299,6 +2315,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
database.TextArray[string]{"object"},
database.TextArray[string]{"filter"},
time.Duration(30000000000),
[]byte("certificate"),
"id",
"first",
"last",
@@ -2353,6 +2370,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
Timeout: time.Duration(30000000000),
RootCA: []byte("certificate"),
LDAPAttributes: idp.LDAPAttributes{
IDAttribute: "id",
FirstNameAttribute: "first",
@@ -2487,6 +2505,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -2623,6 +2642,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
database.TextArray[string]{"object"},
database.TextArray[string]{"filter"},
time.Duration(30000000000),
[]byte("certificate"),
"id",
"first",
"last",
@@ -2750,6 +2770,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -2864,6 +2885,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -2978,6 +3000,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -3092,6 +3115,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -3206,6 +3230,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
nil,
nil,
nil,
nil,
// apple
nil,
nil,
@@ -3247,6 +3272,7 @@ func Test_IDPTemplateTemplatesPrepares(t *testing.T) {
UserObjectClasses: []string{"object"},
UserFilters: []string{"filter"},
Timeout: time.Duration(30000000000),
RootCA: []byte("certificate"),
LDAPAttributes: idp.LDAPAttributes{
IDAttribute: "id",
FirstNameAttribute: "first",