mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-13 11:34:26 +00:00
feat: auth method query side (#3068)
* feat: queries for searching mfas and passwordless * feat: tests for user auth method queries * Update internal/api/grpc/auth/multi_factor.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/grpc/auth/passwordless.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
parent
c3d4db10ac
commit
5c6df06a7c
@ -6,17 +6,28 @@ import (
|
|||||||
"github.com/caos/zitadel/internal/api/authz"
|
"github.com/caos/zitadel/internal/api/authz"
|
||||||
"github.com/caos/zitadel/internal/api/grpc/object"
|
"github.com/caos/zitadel/internal/api/grpc/object"
|
||||||
user_grpc "github.com/caos/zitadel/internal/api/grpc/user"
|
user_grpc "github.com/caos/zitadel/internal/api/grpc/user"
|
||||||
|
"github.com/caos/zitadel/internal/domain"
|
||||||
|
"github.com/caos/zitadel/internal/query"
|
||||||
auth_pb "github.com/caos/zitadel/pkg/grpc/auth"
|
auth_pb "github.com/caos/zitadel/pkg/grpc/auth"
|
||||||
user_pb "github.com/caos/zitadel/pkg/grpc/user"
|
user_pb "github.com/caos/zitadel/pkg/grpc/user"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (s *Server) ListMyAuthFactors(ctx context.Context, _ *auth_pb.ListMyAuthFactorsRequest) (*auth_pb.ListMyAuthFactorsResponse, error) {
|
func (s *Server) ListMyAuthFactors(ctx context.Context, _ *auth_pb.ListMyAuthFactorsRequest) (*auth_pb.ListMyAuthFactorsResponse, error) {
|
||||||
mfas, err := s.repo.MyUserMFAs(ctx)
|
query := new(query.UserAuthMethodSearchQueries)
|
||||||
|
err := query.AppendUserIDQuery(authz.GetCtxData(ctx).UserID)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
err = query.AppendAuthMethodsQuery(domain.UserAuthMethodTypeU2F, domain.UserAuthMethodTypeOTP)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
authMethods, err := s.query.SearchUserAuthMethods(ctx, query)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &auth_pb.ListMyAuthFactorsResponse{
|
return &auth_pb.ListMyAuthFactorsResponse{
|
||||||
Result: user_grpc.AuthFactorsToPb(mfas),
|
Result: user_grpc.AuthMethodsToPb(authMethods),
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -3,6 +3,7 @@ package auth
|
|||||||
import (
|
import (
|
||||||
"context"
|
"context"
|
||||||
|
|
||||||
|
"github.com/caos/zitadel/internal/query"
|
||||||
"google.golang.org/protobuf/types/known/durationpb"
|
"google.golang.org/protobuf/types/known/durationpb"
|
||||||
|
|
||||||
"github.com/caos/zitadel/internal/api/authz"
|
"github.com/caos/zitadel/internal/api/authz"
|
||||||
@ -14,12 +15,21 @@ import (
|
|||||||
)
|
)
|
||||||
|
|
||||||
func (s *Server) ListMyPasswordless(ctx context.Context, _ *auth_pb.ListMyPasswordlessRequest) (*auth_pb.ListMyPasswordlessResponse, error) {
|
func (s *Server) ListMyPasswordless(ctx context.Context, _ *auth_pb.ListMyPasswordlessRequest) (*auth_pb.ListMyPasswordlessResponse, error) {
|
||||||
tokens, err := s.repo.GetMyPasswordless(ctx)
|
query := new(query.UserAuthMethodSearchQueries)
|
||||||
|
err := query.AppendUserIDQuery(authz.GetCtxData(ctx).UserID)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
err = query.AppendAuthMethodQuery(domain.UserAuthMethodTypePasswordless)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
authMethods, err := s.query.SearchUserAuthMethods(ctx, query)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &auth_pb.ListMyPasswordlessResponse{
|
return &auth_pb.ListMyPasswordlessResponse{
|
||||||
Result: user_grpc.WebAuthNTokensViewToPb(tokens),
|
Result: user_grpc.UserAuthMethodsToWebAuthNTokenPb(authMethods),
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -473,12 +473,21 @@ func (s *Server) SendHumanResetPasswordNotification(ctx context.Context, req *mg
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) ListHumanAuthFactors(ctx context.Context, req *mgmt_pb.ListHumanAuthFactorsRequest) (*mgmt_pb.ListHumanAuthFactorsResponse, error) {
|
func (s *Server) ListHumanAuthFactors(ctx context.Context, req *mgmt_pb.ListHumanAuthFactorsRequest) (*mgmt_pb.ListHumanAuthFactorsResponse, error) {
|
||||||
mfas, err := s.user.UserMFAs(ctx, req.UserId)
|
query := new(query.UserAuthMethodSearchQueries)
|
||||||
|
err := query.AppendUserIDQuery(req.UserId)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
err = query.AppendAuthMethodsQuery(domain.UserAuthMethodTypeU2F, domain.UserAuthMethodTypeOTP)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
authMethods, err := s.query.SearchUserAuthMethods(ctx, query)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &mgmt_pb.ListHumanAuthFactorsResponse{
|
return &mgmt_pb.ListHumanAuthFactorsResponse{
|
||||||
Result: user_grpc.AuthFactorsToPb(mfas),
|
Result: user_grpc.AuthMethodsToPb(authMethods),
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -503,12 +512,21 @@ func (s *Server) RemoveHumanAuthFactorU2F(ctx context.Context, req *mgmt_pb.Remo
|
|||||||
}
|
}
|
||||||
|
|
||||||
func (s *Server) ListHumanPasswordless(ctx context.Context, req *mgmt_pb.ListHumanPasswordlessRequest) (*mgmt_pb.ListHumanPasswordlessResponse, error) {
|
func (s *Server) ListHumanPasswordless(ctx context.Context, req *mgmt_pb.ListHumanPasswordlessRequest) (*mgmt_pb.ListHumanPasswordlessResponse, error) {
|
||||||
tokens, err := s.user.GetPasswordless(ctx, req.UserId)
|
query := new(query.UserAuthMethodSearchQueries)
|
||||||
|
err := query.AppendUserIDQuery(req.UserId)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
err = query.AppendAuthMethodQuery(domain.UserAuthMethodTypePasswordless)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
authMethods, err := s.query.SearchUserAuthMethods(ctx, query)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
return nil, err
|
return nil, err
|
||||||
}
|
}
|
||||||
return &mgmt_pb.ListHumanPasswordlessResponse{
|
return &mgmt_pb.ListHumanPasswordlessResponse{
|
||||||
Result: user_grpc.WebAuthNTokensViewToPb(tokens),
|
Result: user_grpc.UserAuthMethodsToWebAuthNTokenPb(authMethods),
|
||||||
}, nil
|
}, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -173,54 +173,54 @@ func GenderToPb(gender model.Gender) user_pb.Gender {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func AuthFactorsToPb(mfas []*model.MultiFactor) []*user_pb.AuthFactor {
|
func AuthMethodsToPb(mfas *query.AuthMethods) []*user_pb.AuthFactor {
|
||||||
factors := make([]*user_pb.AuthFactor, len(mfas))
|
factors := make([]*user_pb.AuthFactor, len(mfas.AuthMethods))
|
||||||
for i, mfa := range mfas {
|
for i, mfa := range mfas.AuthMethods {
|
||||||
factors[i] = AuthFactorToPb(mfa)
|
factors[i] = AuthMethodToPb(mfa)
|
||||||
}
|
}
|
||||||
return factors
|
return factors
|
||||||
}
|
}
|
||||||
|
|
||||||
func AuthFactorToPb(mfa *model.MultiFactor) *user_pb.AuthFactor {
|
func AuthMethodToPb(mfa *query.AuthMethod) *user_pb.AuthFactor {
|
||||||
factor := &user_pb.AuthFactor{
|
factor := &user_pb.AuthFactor{
|
||||||
State: MFAStateToPb(mfa.State),
|
State: MFAStateToPb(mfa.State),
|
||||||
}
|
}
|
||||||
switch mfa.Type {
|
switch mfa.Type {
|
||||||
case model.MFATypeOTP:
|
case domain.UserAuthMethodTypeOTP:
|
||||||
factor.Type = &user_pb.AuthFactor_Otp{
|
factor.Type = &user_pb.AuthFactor_Otp{
|
||||||
Otp: &user_pb.AuthFactorOTP{},
|
Otp: &user_pb.AuthFactorOTP{},
|
||||||
}
|
}
|
||||||
case model.MFATypeU2F:
|
case domain.UserAuthMethodTypeU2F:
|
||||||
factor.Type = &user_pb.AuthFactor_U2F{
|
factor.Type = &user_pb.AuthFactor_U2F{
|
||||||
U2F: &user_pb.AuthFactorU2F{
|
U2F: &user_pb.AuthFactorU2F{
|
||||||
Id: mfa.ID,
|
Id: mfa.TokenID,
|
||||||
Name: mfa.Attribute,
|
Name: mfa.Name,
|
||||||
},
|
},
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return factor
|
return factor
|
||||||
}
|
}
|
||||||
|
|
||||||
func MFAStateToPb(state model.MFAState) user_pb.AuthFactorState {
|
func MFAStateToPb(state domain.MFAState) user_pb.AuthFactorState {
|
||||||
switch state {
|
switch state {
|
||||||
case model.MFAStateNotReady:
|
case domain.MFAStateNotReady:
|
||||||
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_NOT_READY
|
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_NOT_READY
|
||||||
case model.MFAStateReady:
|
case domain.MFAStateReady:
|
||||||
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_READY
|
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_READY
|
||||||
default:
|
default:
|
||||||
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_UNSPECIFIED
|
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_UNSPECIFIED
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func WebAuthNTokensViewToPb(tokens []*model.WebAuthNView) []*user_pb.WebAuthNToken {
|
func UserAuthMethodsToWebAuthNTokenPb(methods *query.AuthMethods) []*user_pb.WebAuthNToken {
|
||||||
t := make([]*user_pb.WebAuthNToken, len(tokens))
|
t := make([]*user_pb.WebAuthNToken, len(methods.AuthMethods))
|
||||||
for i, token := range tokens {
|
for i, token := range methods.AuthMethods {
|
||||||
t[i] = WebAuthNTokenViewToPb(token)
|
t[i] = UserAuthMethodToWebAuthNTokenPb(token)
|
||||||
}
|
}
|
||||||
return t
|
return t
|
||||||
}
|
}
|
||||||
|
|
||||||
func WebAuthNTokenViewToPb(token *model.WebAuthNView) *user_pb.WebAuthNToken {
|
func UserAuthMethodToWebAuthNTokenPb(token *query.AuthMethod) *user_pb.WebAuthNToken {
|
||||||
return &user_pb.WebAuthNToken{
|
return &user_pb.WebAuthNToken{
|
||||||
Id: token.TokenID,
|
Id: token.TokenID,
|
||||||
State: MFAStateToPb(token.State),
|
State: MFAStateToPb(token.State),
|
||||||
@ -228,12 +228,6 @@ func WebAuthNTokenViewToPb(token *model.WebAuthNView) *user_pb.WebAuthNToken {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
func WebAuthNTokenToWebAuthNKeyPb(token *domain.WebAuthNToken) *user_pb.WebAuthNKey {
|
|
||||||
return &user_pb.WebAuthNKey{
|
|
||||||
PublicKey: token.PublicKey,
|
|
||||||
}
|
|
||||||
}
|
|
||||||
|
|
||||||
func ExternalIDPViewsToExternalIDPs(externalIDPs []*query.IDPUserLink) []*domain.UserIDPLink {
|
func ExternalIDPViewsToExternalIDPs(externalIDPs []*query.IDPUserLink) []*domain.UserIDPLink {
|
||||||
idps := make([]*domain.UserIDPLink, len(externalIDPs))
|
idps := make([]*domain.UserIDPLink, len(externalIDPs))
|
||||||
for i, idp := range externalIDPs {
|
for i, idp := range externalIDPs {
|
||||||
|
@ -187,35 +187,6 @@ func (repo *UserRepo) SearchMetadata(ctx context.Context, userID, resourceOwner
|
|||||||
return result, nil
|
return result, nil
|
||||||
}
|
}
|
||||||
|
|
||||||
func (repo *UserRepo) UserMFAs(ctx context.Context, userID string) ([]*usr_model.MultiFactor, error) {
|
|
||||||
user, err := repo.UserByID(ctx, userID)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if user.HumanView == nil {
|
|
||||||
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-xx0hV", "Errors.User.NotHuman")
|
|
||||||
}
|
|
||||||
mfas := make([]*usr_model.MultiFactor, 0)
|
|
||||||
if user.OTPState != usr_model.MFAStateUnspecified {
|
|
||||||
mfas = append(mfas, &usr_model.MultiFactor{Type: usr_model.MFATypeOTP, State: user.OTPState})
|
|
||||||
}
|
|
||||||
for _, u2f := range user.U2FTokens {
|
|
||||||
mfas = append(mfas, &usr_model.MultiFactor{Type: usr_model.MFATypeU2F, State: u2f.State, Attribute: u2f.Name, ID: u2f.TokenID})
|
|
||||||
}
|
|
||||||
return mfas, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (repo *UserRepo) GetPasswordless(ctx context.Context, userID string) ([]*usr_model.WebAuthNView, error) {
|
|
||||||
user, err := repo.UserByID(ctx, userID)
|
|
||||||
if err != nil {
|
|
||||||
return nil, err
|
|
||||||
}
|
|
||||||
if user.HumanView == nil {
|
|
||||||
return nil, errors.ThrowPreconditionFailed(nil, "EVENT-9anf8", "Errors.User.NotHuman")
|
|
||||||
}
|
|
||||||
return user.HumanView.PasswordlessTokens, nil
|
|
||||||
}
|
|
||||||
|
|
||||||
func (repo *UserRepo) ProfileByID(ctx context.Context, userID string) (*usr_model.Profile, error) {
|
func (repo *UserRepo) ProfileByID(ctx context.Context, userID string) (*usr_model.Profile, error) {
|
||||||
user, err := repo.UserByID(ctx, userID)
|
user, err := repo.UserByID(ctx, userID)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
|
@ -24,10 +24,6 @@ type UserRepository interface {
|
|||||||
|
|
||||||
ProfileByID(ctx context.Context, userID string) (*model.Profile, error)
|
ProfileByID(ctx context.Context, userID string) (*model.Profile, error)
|
||||||
|
|
||||||
UserMFAs(ctx context.Context, userID string) ([]*model.MultiFactor, error)
|
|
||||||
|
|
||||||
GetPasswordless(ctx context.Context, userID string) ([]*model.WebAuthNView, error)
|
|
||||||
|
|
||||||
EmailByID(ctx context.Context, userID string) (*model.Email, error)
|
EmailByID(ctx context.Context, userID string) (*model.Email, error)
|
||||||
|
|
||||||
PhoneByID(ctx context.Context, userID string) (*model.Phone, error)
|
PhoneByID(ctx context.Context, userID string) (*model.Phone, error)
|
||||||
|
@ -31,7 +31,7 @@ func NewUserAuthMethodProjection(ctx context.Context, config crdb.StatementHandl
|
|||||||
const (
|
const (
|
||||||
UserAuthMethodTokenIDCol = "token_id"
|
UserAuthMethodTokenIDCol = "token_id"
|
||||||
UserAuthMethodCreationDateCol = "creation_date"
|
UserAuthMethodCreationDateCol = "creation_date"
|
||||||
UserAuthMethodChangeUseCol = "change_date"
|
UserAuthMethodChangeDateCol = "change_date"
|
||||||
UserAuthMethodResourceOwnerCol = "resource_owner"
|
UserAuthMethodResourceOwnerCol = "resource_owner"
|
||||||
UserAuthMethodUserIDCol = "user_id"
|
UserAuthMethodUserIDCol = "user_id"
|
||||||
UserAuthMethodSequenceCol = "sequence"
|
UserAuthMethodSequenceCol = "sequence"
|
||||||
@ -108,7 +108,7 @@ func (p *UserAuthMethodProjection) reduceInitAuthMethod(event eventstore.Event)
|
|||||||
[]handler.Column{
|
[]handler.Column{
|
||||||
handler.NewCol(UserAuthMethodTokenIDCol, tokenID),
|
handler.NewCol(UserAuthMethodTokenIDCol, tokenID),
|
||||||
handler.NewCol(UserAuthMethodCreationDateCol, event.CreationDate()),
|
handler.NewCol(UserAuthMethodCreationDateCol, event.CreationDate()),
|
||||||
handler.NewCol(UserAuthMethodChangeUseCol, event.CreationDate()),
|
handler.NewCol(UserAuthMethodChangeDateCol, event.CreationDate()),
|
||||||
handler.NewCol(UserAuthMethodResourceOwnerCol, event.Aggregate().ResourceOwner),
|
handler.NewCol(UserAuthMethodResourceOwnerCol, event.Aggregate().ResourceOwner),
|
||||||
handler.NewCol(UserAuthMethodUserIDCol, event.Aggregate().ID),
|
handler.NewCol(UserAuthMethodUserIDCol, event.Aggregate().ID),
|
||||||
handler.NewCol(UserAuthMethodSequenceCol, event.Sequence()),
|
handler.NewCol(UserAuthMethodSequenceCol, event.Sequence()),
|
||||||
@ -144,7 +144,7 @@ func (p *UserAuthMethodProjection) reduceActivateEvent(event eventstore.Event) (
|
|||||||
return crdb.NewUpdateStatement(
|
return crdb.NewUpdateStatement(
|
||||||
event,
|
event,
|
||||||
[]handler.Column{
|
[]handler.Column{
|
||||||
handler.NewCol(UserAuthMethodChangeUseCol, event.CreationDate()),
|
handler.NewCol(UserAuthMethodChangeDateCol, event.CreationDate()),
|
||||||
handler.NewCol(UserAuthMethodSequenceCol, event.Sequence()),
|
handler.NewCol(UserAuthMethodSequenceCol, event.Sequence()),
|
||||||
handler.NewCol(UserAuthMethodNameCol, name),
|
handler.NewCol(UserAuthMethodNameCol, name),
|
||||||
handler.NewCol(UserAuthMethodStateCol, domain.MFAStateReady),
|
handler.NewCol(UserAuthMethodStateCol, domain.MFAStateReady),
|
||||||
|
274
internal/query/user_auth_method.go
Normal file
274
internal/query/user_auth_method.go
Normal file
@ -0,0 +1,274 @@
|
|||||||
|
package query
|
||||||
|
|
||||||
|
import (
|
||||||
|
"context"
|
||||||
|
"database/sql"
|
||||||
|
errs "errors"
|
||||||
|
"time"
|
||||||
|
|
||||||
|
sq "github.com/Masterminds/squirrel"
|
||||||
|
"github.com/caos/zitadel/internal/query/projection"
|
||||||
|
|
||||||
|
"github.com/caos/zitadel/internal/domain"
|
||||||
|
"github.com/caos/zitadel/internal/errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
var (
|
||||||
|
userAuthMethodTable = table{
|
||||||
|
name: projection.UserAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnTokenID = Column{
|
||||||
|
name: projection.UserAuthMethodTokenIDCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnCreationDate = Column{
|
||||||
|
name: projection.UserAuthMethodCreationDateCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnChangeDate = Column{
|
||||||
|
name: projection.UserAuthMethodChangeDateCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnResourceOwner = Column{
|
||||||
|
name: projection.UserAuthMethodResourceOwnerCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnUserID = Column{
|
||||||
|
name: projection.UserAuthMethodUserIDCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnSequence = Column{
|
||||||
|
name: projection.UserAuthMethodSequenceCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnName = Column{
|
||||||
|
name: projection.UserAuthMethodNameCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnState = Column{
|
||||||
|
name: projection.UserAuthMethodStateCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
UserAuthMethodColumnMethodType = Column{
|
||||||
|
name: projection.UserAuthMethodTypeCol,
|
||||||
|
table: userAuthMethodTable,
|
||||||
|
}
|
||||||
|
)
|
||||||
|
|
||||||
|
type AuthMethods struct {
|
||||||
|
SearchResponse
|
||||||
|
AuthMethods []*AuthMethod
|
||||||
|
}
|
||||||
|
type AuthMethod struct {
|
||||||
|
UserID string
|
||||||
|
CreationDate time.Time
|
||||||
|
ChangeDate time.Time
|
||||||
|
ResourceOwner string
|
||||||
|
State domain.MFAState
|
||||||
|
Sequence uint64
|
||||||
|
|
||||||
|
TokenID string
|
||||||
|
Name string
|
||||||
|
Type domain.UserAuthMethodType
|
||||||
|
}
|
||||||
|
|
||||||
|
type UserAuthMethodSearchQueries struct {
|
||||||
|
SearchRequest
|
||||||
|
Queries []SearchQuery
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *Queries) UserAuthMethodByIDs(ctx context.Context, userID, tokenID, resourceOwner string, methodType domain.UserAuthMethodType) (*AuthMethod, error) {
|
||||||
|
stmt, scan := prepareUserAuthMethodQuery()
|
||||||
|
query, args, err := stmt.Where(sq.Eq{
|
||||||
|
UserAuthMethodColumnUserID.identifier(): userID,
|
||||||
|
UserAuthMethodColumnTokenID.identifier(): tokenID,
|
||||||
|
UserAuthMethodColumnResourceOwner.identifier(): resourceOwner,
|
||||||
|
UserAuthMethodColumnMethodType.identifier(): methodType,
|
||||||
|
}).ToSql()
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.ThrowInternal(err, "QUERY-2m00Q", "Errors.Query.SQLStatment")
|
||||||
|
}
|
||||||
|
|
||||||
|
row := q.client.QueryRowContext(ctx, query, args...)
|
||||||
|
return scan(row)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *Queries) SearchUserAuthMethods(ctx context.Context, queries *UserAuthMethodSearchQueries) (userAuthMethods *AuthMethods, err error) {
|
||||||
|
query, scan := prepareUserAuthMethodsQuery()
|
||||||
|
stmt, args, err := queries.toQuery(query).ToSql()
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.ThrowInvalidArgument(err, "QUERY-j9NJd", "Errors.Query.InvalidRequest")
|
||||||
|
}
|
||||||
|
|
||||||
|
rows, err := q.client.QueryContext(ctx, stmt, args...)
|
||||||
|
if err != nil {
|
||||||
|
return nil, errors.ThrowInternal(err, "QUERY-3n99f", "Errors.Internal")
|
||||||
|
}
|
||||||
|
userAuthMethods, err = scan(rows)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
userAuthMethods.LatestSequence, err = q.latestSequence(ctx, userAuthMethodTable)
|
||||||
|
return userAuthMethods, err
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserAuthMethodUserIDSearchQuery(value string) (SearchQuery, error) {
|
||||||
|
return NewTextQuery(UserAuthMethodColumnUserID, value, TextEquals)
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserAuthMethodTokenIDSearchQuery(value string) (SearchQuery, error) {
|
||||||
|
return NewTextQuery(UserAuthMethodColumnTokenID, value, TextEquals)
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserAuthMethodResourceOwnerSearchQuery(value string) (SearchQuery, error) {
|
||||||
|
return NewTextQuery(UserAuthMethodColumnResourceOwner, value, TextEquals)
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserAuthMethodTypeSearchQuery(value domain.UserAuthMethodType) (SearchQuery, error) {
|
||||||
|
return NewNumberQuery(UserAuthMethodColumnMethodType, value, NumberEquals)
|
||||||
|
}
|
||||||
|
|
||||||
|
func NewUserAuthMethodTypesSearchQuery(values ...domain.UserAuthMethodType) (SearchQuery, error) {
|
||||||
|
list := make([]interface{}, len(values))
|
||||||
|
for i, value := range values {
|
||||||
|
list[i] = value
|
||||||
|
}
|
||||||
|
return NewListQuery(UserAuthMethodColumnMethodType, list, ListIn)
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *UserAuthMethodSearchQueries) AppendResourceOwnerQuery(orgID string) error {
|
||||||
|
query, err := NewUserAuthMethodResourceOwnerSearchQuery(orgID)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
r.Queries = append(r.Queries, query)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *UserAuthMethodSearchQueries) AppendUserIDQuery(userID string) error {
|
||||||
|
query, err := NewUserAuthMethodUserIDSearchQuery(userID)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
r.Queries = append(r.Queries, query)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *UserAuthMethodSearchQueries) AppendTokenIDQuery(tokenID string) error {
|
||||||
|
query, err := NewUserAuthMethodTokenIDSearchQuery(tokenID)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
r.Queries = append(r.Queries, query)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *UserAuthMethodSearchQueries) AppendAuthMethodQuery(authMethod domain.UserAuthMethodType) error {
|
||||||
|
query, err := NewUserAuthMethodTypeSearchQuery(authMethod)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
r.Queries = append(r.Queries, query)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (r *UserAuthMethodSearchQueries) AppendAuthMethodsQuery(authMethod ...domain.UserAuthMethodType) error {
|
||||||
|
query, err := NewUserAuthMethodTypesSearchQuery(authMethod...)
|
||||||
|
if err != nil {
|
||||||
|
return err
|
||||||
|
}
|
||||||
|
r.Queries = append(r.Queries, query)
|
||||||
|
return nil
|
||||||
|
}
|
||||||
|
|
||||||
|
func (q *UserAuthMethodSearchQueries) toQuery(query sq.SelectBuilder) sq.SelectBuilder {
|
||||||
|
query = q.SearchRequest.toQuery(query)
|
||||||
|
for _, q := range q.Queries {
|
||||||
|
query = q.toQuery(query)
|
||||||
|
}
|
||||||
|
return query
|
||||||
|
}
|
||||||
|
|
||||||
|
func prepareUserAuthMethodQuery() (sq.SelectBuilder, func(*sql.Row) (*AuthMethod, error)) {
|
||||||
|
return sq.Select(
|
||||||
|
UserAuthMethodColumnTokenID.identifier(),
|
||||||
|
UserAuthMethodColumnCreationDate.identifier(),
|
||||||
|
UserAuthMethodColumnChangeDate.identifier(),
|
||||||
|
UserAuthMethodColumnResourceOwner.identifier(),
|
||||||
|
UserAuthMethodColumnUserID.identifier(),
|
||||||
|
UserAuthMethodColumnSequence.identifier(),
|
||||||
|
UserAuthMethodColumnName.identifier(),
|
||||||
|
UserAuthMethodColumnState.identifier(),
|
||||||
|
UserAuthMethodColumnMethodType.identifier()).
|
||||||
|
From(userAuthMethodTable.identifier()).PlaceholderFormat(sq.Dollar),
|
||||||
|
func(row *sql.Row) (*AuthMethod, error) {
|
||||||
|
authMethod := new(AuthMethod)
|
||||||
|
err := row.Scan(
|
||||||
|
&authMethod.TokenID,
|
||||||
|
&authMethod.CreationDate,
|
||||||
|
&authMethod.ChangeDate,
|
||||||
|
&authMethod.ResourceOwner,
|
||||||
|
&authMethod.UserID,
|
||||||
|
&authMethod.Sequence,
|
||||||
|
&authMethod.Name,
|
||||||
|
&authMethod.State,
|
||||||
|
&authMethod.Type,
|
||||||
|
)
|
||||||
|
if err != nil {
|
||||||
|
if errs.Is(err, sql.ErrNoRows) {
|
||||||
|
return nil, errors.ThrowNotFound(err, "QUERY-dniiF", "Errors.AuthMethod.NotFound")
|
||||||
|
}
|
||||||
|
return nil, errors.ThrowInternal(err, "QUERY-3n9Fs", "Errors.Internal")
|
||||||
|
}
|
||||||
|
return authMethod, nil
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
|
func prepareUserAuthMethodsQuery() (sq.SelectBuilder, func(*sql.Rows) (*AuthMethods, error)) {
|
||||||
|
return sq.Select(
|
||||||
|
UserAuthMethodColumnTokenID.identifier(),
|
||||||
|
UserAuthMethodColumnCreationDate.identifier(),
|
||||||
|
UserAuthMethodColumnChangeDate.identifier(),
|
||||||
|
UserAuthMethodColumnResourceOwner.identifier(),
|
||||||
|
UserAuthMethodColumnUserID.identifier(),
|
||||||
|
UserAuthMethodColumnSequence.identifier(),
|
||||||
|
UserAuthMethodColumnName.identifier(),
|
||||||
|
UserAuthMethodColumnState.identifier(),
|
||||||
|
UserAuthMethodColumnMethodType.identifier(),
|
||||||
|
countColumn.identifier()).
|
||||||
|
From(userAuthMethodTable.identifier()).PlaceholderFormat(sq.Dollar),
|
||||||
|
func(rows *sql.Rows) (*AuthMethods, error) {
|
||||||
|
userAuthMethods := make([]*AuthMethod, 0)
|
||||||
|
var count uint64
|
||||||
|
for rows.Next() {
|
||||||
|
authMethod := new(AuthMethod)
|
||||||
|
err := rows.Scan(
|
||||||
|
&authMethod.TokenID,
|
||||||
|
&authMethod.CreationDate,
|
||||||
|
&authMethod.ChangeDate,
|
||||||
|
&authMethod.ResourceOwner,
|
||||||
|
&authMethod.UserID,
|
||||||
|
&authMethod.Sequence,
|
||||||
|
&authMethod.Name,
|
||||||
|
&authMethod.State,
|
||||||
|
&authMethod.Type,
|
||||||
|
&count,
|
||||||
|
)
|
||||||
|
if err != nil {
|
||||||
|
return nil, err
|
||||||
|
}
|
||||||
|
userAuthMethods = append(userAuthMethods, authMethod)
|
||||||
|
}
|
||||||
|
|
||||||
|
if err := rows.Close(); err != nil {
|
||||||
|
return nil, errors.ThrowInternal(err, "QUERY-3n9fl", "Errors.Query.CloseRows")
|
||||||
|
}
|
||||||
|
|
||||||
|
return &AuthMethods{
|
||||||
|
AuthMethods: userAuthMethods,
|
||||||
|
SearchResponse: SearchResponse{
|
||||||
|
Count: count,
|
||||||
|
},
|
||||||
|
}, nil
|
||||||
|
}
|
||||||
|
}
|
331
internal/query/user_auth_method_test.go
Normal file
331
internal/query/user_auth_method_test.go
Normal file
@ -0,0 +1,331 @@
|
|||||||
|
package query
|
||||||
|
|
||||||
|
import (
|
||||||
|
"database/sql"
|
||||||
|
"database/sql/driver"
|
||||||
|
"errors"
|
||||||
|
"fmt"
|
||||||
|
"regexp"
|
||||||
|
"testing"
|
||||||
|
|
||||||
|
"github.com/caos/zitadel/internal/domain"
|
||||||
|
errs "github.com/caos/zitadel/internal/errors"
|
||||||
|
)
|
||||||
|
|
||||||
|
func Test_UserAuthMethodPrepares(t *testing.T) {
|
||||||
|
type want struct {
|
||||||
|
sqlExpectations sqlExpectation
|
||||||
|
err checkErr
|
||||||
|
}
|
||||||
|
tests := []struct {
|
||||||
|
name string
|
||||||
|
prepare interface{}
|
||||||
|
want want
|
||||||
|
object interface{}
|
||||||
|
}{
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodsQuery no result",
|
||||||
|
prepare: prepareUserAuthMethodsQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQueries(
|
||||||
|
regexp.QuoteMeta(`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type,`+
|
||||||
|
` COUNT(*) OVER ()`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`),
|
||||||
|
nil,
|
||||||
|
nil,
|
||||||
|
),
|
||||||
|
},
|
||||||
|
object: &AuthMethods{AuthMethods: []*AuthMethod{}},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodsQuery one result",
|
||||||
|
prepare: prepareUserAuthMethodsQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQueries(
|
||||||
|
regexp.QuoteMeta(`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type,`+
|
||||||
|
` COUNT(*) OVER ()`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`),
|
||||||
|
[]string{
|
||||||
|
"token_id",
|
||||||
|
"creation_date",
|
||||||
|
"change_date",
|
||||||
|
"resource_owner",
|
||||||
|
"user_id",
|
||||||
|
"sequence",
|
||||||
|
"name",
|
||||||
|
"state",
|
||||||
|
"method_type",
|
||||||
|
"count",
|
||||||
|
},
|
||||||
|
[][]driver.Value{
|
||||||
|
{
|
||||||
|
"token_id",
|
||||||
|
testNow,
|
||||||
|
testNow,
|
||||||
|
"ro",
|
||||||
|
"user_id",
|
||||||
|
uint64(20211108),
|
||||||
|
"name",
|
||||||
|
domain.MFAStateReady,
|
||||||
|
domain.UserAuthMethodTypeU2F,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
),
|
||||||
|
},
|
||||||
|
object: &AuthMethods{
|
||||||
|
SearchResponse: SearchResponse{
|
||||||
|
Count: 1,
|
||||||
|
},
|
||||||
|
AuthMethods: []*AuthMethod{
|
||||||
|
{
|
||||||
|
TokenID: "token_id",
|
||||||
|
CreationDate: testNow,
|
||||||
|
ChangeDate: testNow,
|
||||||
|
ResourceOwner: "ro",
|
||||||
|
UserID: "user_id",
|
||||||
|
Sequence: 20211108,
|
||||||
|
Name: "name",
|
||||||
|
State: domain.MFAStateReady,
|
||||||
|
Type: domain.UserAuthMethodTypeU2F,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodsQuery multiple result",
|
||||||
|
prepare: prepareUserAuthMethodsQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQueries(
|
||||||
|
regexp.QuoteMeta(`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type,`+
|
||||||
|
` COUNT(*) OVER ()`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`),
|
||||||
|
[]string{
|
||||||
|
"token_id",
|
||||||
|
"creation_date",
|
||||||
|
"change_date",
|
||||||
|
"resource_owner",
|
||||||
|
"user_id",
|
||||||
|
"sequence",
|
||||||
|
"name",
|
||||||
|
"state",
|
||||||
|
"method_type",
|
||||||
|
"count",
|
||||||
|
},
|
||||||
|
[][]driver.Value{
|
||||||
|
{
|
||||||
|
"token_id",
|
||||||
|
testNow,
|
||||||
|
testNow,
|
||||||
|
"ro",
|
||||||
|
"user_id",
|
||||||
|
uint64(20211108),
|
||||||
|
"name",
|
||||||
|
domain.MFAStateReady,
|
||||||
|
domain.UserAuthMethodTypeU2F,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"token_id-2",
|
||||||
|
testNow,
|
||||||
|
testNow,
|
||||||
|
"ro",
|
||||||
|
"user_id",
|
||||||
|
uint64(20211108),
|
||||||
|
"name-2",
|
||||||
|
domain.MFAStateReady,
|
||||||
|
domain.UserAuthMethodTypePasswordless,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
),
|
||||||
|
},
|
||||||
|
object: &AuthMethods{
|
||||||
|
SearchResponse: SearchResponse{
|
||||||
|
Count: 2,
|
||||||
|
},
|
||||||
|
AuthMethods: []*AuthMethod{
|
||||||
|
{
|
||||||
|
TokenID: "token_id",
|
||||||
|
CreationDate: testNow,
|
||||||
|
ChangeDate: testNow,
|
||||||
|
ResourceOwner: "ro",
|
||||||
|
UserID: "user_id",
|
||||||
|
Sequence: 20211108,
|
||||||
|
Name: "name",
|
||||||
|
State: domain.MFAStateReady,
|
||||||
|
Type: domain.UserAuthMethodTypeU2F,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
TokenID: "token_id-2",
|
||||||
|
CreationDate: testNow,
|
||||||
|
ChangeDate: testNow,
|
||||||
|
ResourceOwner: "ro",
|
||||||
|
UserID: "user_id",
|
||||||
|
Sequence: 20211108,
|
||||||
|
Name: "name-2",
|
||||||
|
State: domain.MFAStateReady,
|
||||||
|
Type: domain.UserAuthMethodTypePasswordless,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodsQuery sql err",
|
||||||
|
prepare: prepareUserAuthMethodsQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQueryErr(
|
||||||
|
regexp.QuoteMeta(`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type,`+
|
||||||
|
` COUNT(*) OVER ()`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`),
|
||||||
|
sql.ErrConnDone,
|
||||||
|
),
|
||||||
|
err: func(err error) (error, bool) {
|
||||||
|
if !errors.Is(err, sql.ErrConnDone) {
|
||||||
|
return fmt.Errorf("err should be sql.ErrConnDone got: %w", err), false
|
||||||
|
}
|
||||||
|
return nil, true
|
||||||
|
},
|
||||||
|
},
|
||||||
|
object: nil,
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodQuery no result",
|
||||||
|
prepare: prepareUserAuthMethodQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQueries(
|
||||||
|
`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`,
|
||||||
|
nil,
|
||||||
|
nil,
|
||||||
|
),
|
||||||
|
err: func(err error) (error, bool) {
|
||||||
|
if !errs.IsNotFound(err) {
|
||||||
|
return fmt.Errorf("err should be zitadel.NotFoundError got: %w", err), false
|
||||||
|
}
|
||||||
|
return nil, true
|
||||||
|
},
|
||||||
|
},
|
||||||
|
object: (*AuthMethod)(nil),
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodQuery found",
|
||||||
|
prepare: prepareUserAuthMethodQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQuery(
|
||||||
|
regexp.QuoteMeta(`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`),
|
||||||
|
[]string{
|
||||||
|
"token_id",
|
||||||
|
"creation_date",
|
||||||
|
"change_date",
|
||||||
|
"resource_owner",
|
||||||
|
"user_id",
|
||||||
|
"sequence",
|
||||||
|
"name",
|
||||||
|
"state",
|
||||||
|
"method_type",
|
||||||
|
},
|
||||||
|
[]driver.Value{
|
||||||
|
"token_id",
|
||||||
|
testNow,
|
||||||
|
testNow,
|
||||||
|
"ro",
|
||||||
|
"user_id",
|
||||||
|
uint64(20211108),
|
||||||
|
"name",
|
||||||
|
domain.MFAStateReady,
|
||||||
|
domain.UserAuthMethodTypeU2F,
|
||||||
|
},
|
||||||
|
),
|
||||||
|
},
|
||||||
|
object: &AuthMethod{
|
||||||
|
TokenID: "token_id",
|
||||||
|
CreationDate: testNow,
|
||||||
|
ChangeDate: testNow,
|
||||||
|
ResourceOwner: "ro",
|
||||||
|
UserID: "user_id",
|
||||||
|
Sequence: 20211108,
|
||||||
|
Name: "name",
|
||||||
|
State: domain.MFAStateReady,
|
||||||
|
Type: domain.UserAuthMethodTypeU2F,
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
name: "prepareUserAuthMethodQuery sql err",
|
||||||
|
prepare: prepareUserAuthMethodQuery,
|
||||||
|
want: want{
|
||||||
|
sqlExpectations: mockQueryErr(
|
||||||
|
regexp.QuoteMeta(`SELECT zitadel.projections.user_auth_methods.token_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.creation_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.change_date,`+
|
||||||
|
` zitadel.projections.user_auth_methods.resource_owner,`+
|
||||||
|
` zitadel.projections.user_auth_methods.user_id,`+
|
||||||
|
` zitadel.projections.user_auth_methods.sequence,`+
|
||||||
|
` zitadel.projections.user_auth_methods.name,`+
|
||||||
|
` zitadel.projections.user_auth_methods.state,`+
|
||||||
|
` zitadel.projections.user_auth_methods.method_type`+
|
||||||
|
` FROM zitadel.projections.user_auth_methods`),
|
||||||
|
sql.ErrConnDone,
|
||||||
|
),
|
||||||
|
err: func(err error) (error, bool) {
|
||||||
|
if !errors.Is(err, sql.ErrConnDone) {
|
||||||
|
return fmt.Errorf("err should be sql.ErrConnDone got: %w", err), false
|
||||||
|
}
|
||||||
|
return nil, true
|
||||||
|
},
|
||||||
|
},
|
||||||
|
object: nil,
|
||||||
|
},
|
||||||
|
}
|
||||||
|
for _, tt := range tests {
|
||||||
|
t.Run(tt.name, func(t *testing.T) {
|
||||||
|
assertPrepare(t, tt.prepare, tt.object, tt.want.sqlExpectations, tt.want.err)
|
||||||
|
})
|
||||||
|
}
|
||||||
|
}
|
Loading…
Reference in New Issue
Block a user