From 5ed2f543984cf779d3cca4e1fdd090ee5403ce51 Mon Sep 17 00:00:00 2001 From: Iraq Jaber Date: Wed, 30 Jul 2025 12:15:56 +0100 Subject: [PATCH] fixup! fixup! fixup! fixup! fixup! fixup! added first event --- backend/v3/domain/azuretenanttype_enumer.go | 82 +++++++ backend/v3/domain/id_provider.go | 42 +++- backend/v3/domain/idptype_enumer.go | 58 ++--- .../003_identity_providers_table/up.sql | 1 + .../events_testing/id_provider_test.go | 166 +++++++++++++- .../database/repository/id_provider.go | 44 ++++ .../projection/idp_template_relational.go | 210 +++++++++--------- 7 files changed, 465 insertions(+), 138 deletions(-) create mode 100644 backend/v3/domain/azuretenanttype_enumer.go diff --git a/backend/v3/domain/azuretenanttype_enumer.go b/backend/v3/domain/azuretenanttype_enumer.go new file mode 100644 index 0000000000..0a083ba6d5 --- /dev/null +++ b/backend/v3/domain/azuretenanttype_enumer.go @@ -0,0 +1,82 @@ +// Code generated by "enumer -type AzureTenantType -transform lower -trimprefix AzureTenantType"; DO NOT EDIT. + +package domain + +import ( + "fmt" + "strings" +) + +const _AzureTenantTypeName = "commonorganizationsconsumers" + +var _AzureTenantTypeIndex = [...]uint8{0, 6, 19, 28} + +const _AzureTenantTypeLowerName = "commonorganizationsconsumers" + +func (i AzureTenantType) String() string { + if i >= AzureTenantType(len(_AzureTenantTypeIndex)-1) { + return fmt.Sprintf("AzureTenantType(%d)", i) + } + return _AzureTenantTypeName[_AzureTenantTypeIndex[i]:_AzureTenantTypeIndex[i+1]] +} + +// An "invalid array index" compiler error signifies that the constant values have changed. +// Re-run the stringer command to generate them again. +func _AzureTenantTypeNoOp() { + var x [1]struct{} + _ = x[AzureTenantTypeCommon-(0)] + _ = x[AzureTenantTypeOrganizations-(1)] + _ = x[AzureTenantTypeConsumers-(2)] +} + +var _AzureTenantTypeValues = []AzureTenantType{AzureTenantTypeCommon, AzureTenantTypeOrganizations, AzureTenantTypeConsumers} + +var _AzureTenantTypeNameToValueMap = map[string]AzureTenantType{ + _AzureTenantTypeName[0:6]: AzureTenantTypeCommon, + _AzureTenantTypeLowerName[0:6]: AzureTenantTypeCommon, + _AzureTenantTypeName[6:19]: AzureTenantTypeOrganizations, + _AzureTenantTypeLowerName[6:19]: AzureTenantTypeOrganizations, + _AzureTenantTypeName[19:28]: AzureTenantTypeConsumers, + _AzureTenantTypeLowerName[19:28]: AzureTenantTypeConsumers, +} + +var _AzureTenantTypeNames = []string{ + _AzureTenantTypeName[0:6], + _AzureTenantTypeName[6:19], + _AzureTenantTypeName[19:28], +} + +// AzureTenantTypeString retrieves an enum value from the enum constants string name. +// Throws an error if the param is not part of the enum. +func AzureTenantTypeString(s string) (AzureTenantType, error) { + if val, ok := _AzureTenantTypeNameToValueMap[s]; ok { + return val, nil + } + + if val, ok := _AzureTenantTypeNameToValueMap[strings.ToLower(s)]; ok { + return val, nil + } + return 0, fmt.Errorf("%s does not belong to AzureTenantType values", s) +} + +// AzureTenantTypeValues returns all values of the enum +func AzureTenantTypeValues() []AzureTenantType { + return _AzureTenantTypeValues +} + +// AzureTenantTypeStrings returns a slice of all String values of the enum +func AzureTenantTypeStrings() []string { + strs := make([]string, len(_AzureTenantTypeNames)) + copy(strs, _AzureTenantTypeNames) + return strs +} + +// IsAAzureTenantType returns "true" if the value is listed in the enum definition. "false" otherwise +func (i AzureTenantType) IsAAzureTenantType() bool { + for _, v := range _AzureTenantTypeValues { + if i == v { + return true + } + } + return false +} diff --git a/backend/v3/domain/id_provider.go b/backend/v3/domain/id_provider.go index 1e1de76924..c6c72bc2a7 100644 --- a/backend/v3/domain/id_provider.go +++ b/backend/v3/domain/id_provider.go @@ -17,7 +17,7 @@ const ( IDPTypeJWT IDPTypeOAuth IDPTypeLDAP - IDPTypeAzureAD + IDPTypeAzure IDPTypeGitHub IDPTypeGitHubEnterprise IDPTypeGitLab @@ -123,6 +123,43 @@ type IDPOAuth struct { OAuth } +//go:generate enumer -type AzureTenantType -transform lower -trimprefix AzureTenantType +type AzureTenantType uint8 + +const ( + AzureTenantTypeCommon AzureTenantType = iota + AzureTenantTypeOrganizations + AzureTenantTypeConsumers +) + +type Azure struct { + ID string `json:"id,omitempty"` + Name string `json:"name,omitempty"` + ClientID string `json:"client_id,omitempty"` + ClientSecret *crypto.CryptoValue `json:"client_secret,omitempty"` + Scopes []string `json:"scopes,omitempty"` + Tenant string `json:"tenant,omitempty"` + IsEmailVerified bool `json:"isEmailVerified,omitempty"` +} + +type IDPOAzureAD struct { + *IdentityProvider + Azure +} + +type Google struct { + ID string `json:"id"` + Name string `json:"name,omitempty"` + ClientID string `json:"clientId"` + ClientSecret *crypto.CryptoValue `json:"clientSecret"` + Scopes []string `json:"scopes,omitempty"` +} + +type IDPGoogle struct { + *IdentityProvider + Google +} + // IDPIdentifierCondition is used to help specify a single identity_provider, // it will either be used as the identity_provider ID or identity_provider name, // as identity_provider can be identified either using (instanceID + OrgID + ID) OR (instanceID + OrgID + name) @@ -195,4 +232,7 @@ type IDProviderRepository interface { GetJWT(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string) (*IDPJWT, error) GetOAuth(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string) (*IDPOAuth, error) + + GetOAzureAD(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string) (*IDPOAzureAD, error) + GetGoogle(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string) (*IDPGoogle, error) } diff --git a/backend/v3/domain/idptype_enumer.go b/backend/v3/domain/idptype_enumer.go index 881fd893f8..10d1ce9a0b 100644 --- a/backend/v3/domain/idptype_enumer.go +++ b/backend/v3/domain/idptype_enumer.go @@ -7,11 +7,11 @@ import ( "strings" ) -const _IDPTypeName = "unspecifiedoidcjwtoauthldapazureadgithubgithubenterprisegitlabgitlabselfhostedgoogleapplesaml" +const _IDPTypeName = "unspecifiedoidcjwtoauthldapazuregithubgithubenterprisegitlabgitlabselfhostedgoogleapplesaml" -var _IDPTypeIndex = [...]uint8{0, 11, 15, 18, 23, 27, 34, 40, 56, 62, 78, 84, 89, 93} +var _IDPTypeIndex = [...]uint8{0, 11, 15, 18, 23, 27, 32, 38, 54, 60, 76, 82, 87, 91} -const _IDPTypeLowerName = "unspecifiedoidcjwtoauthldapazureadgithubgithubenterprisegitlabgitlabselfhostedgoogleapplesaml" +const _IDPTypeLowerName = "unspecifiedoidcjwtoauthldapazuregithubgithubenterprisegitlabgitlabselfhostedgoogleapplesaml" func (i IDPType) String() string { if i >= IDPType(len(_IDPTypeIndex)-1) { @@ -29,7 +29,7 @@ func _IDPTypeNoOp() { _ = x[IDPTypeJWT-(2)] _ = x[IDPTypeOAuth-(3)] _ = x[IDPTypeLDAP-(4)] - _ = x[IDPTypeAzureAD-(5)] + _ = x[IDPTypeAzure-(5)] _ = x[IDPTypeGitHub-(6)] _ = x[IDPTypeGitHubEnterprise-(7)] _ = x[IDPTypeGitLab-(8)] @@ -39,7 +39,7 @@ func _IDPTypeNoOp() { _ = x[IDPTypeSAML-(12)] } -var _IDPTypeValues = []IDPType{IDPTypeUnspecified, IDPTypeOIDC, IDPTypeJWT, IDPTypeOAuth, IDPTypeLDAP, IDPTypeAzureAD, IDPTypeGitHub, IDPTypeGitHubEnterprise, IDPTypeGitLab, IDPTypeGitLabSelfHosted, IDPTypeGoogle, IDPTypeApple, IDPTypeSAML} +var _IDPTypeValues = []IDPType{IDPTypeUnspecified, IDPTypeOIDC, IDPTypeJWT, IDPTypeOAuth, IDPTypeLDAP, IDPTypeAzure, IDPTypeGitHub, IDPTypeGitHubEnterprise, IDPTypeGitLab, IDPTypeGitLabSelfHosted, IDPTypeGoogle, IDPTypeApple, IDPTypeSAML} var _IDPTypeNameToValueMap = map[string]IDPType{ _IDPTypeName[0:11]: IDPTypeUnspecified, @@ -52,22 +52,22 @@ var _IDPTypeNameToValueMap = map[string]IDPType{ _IDPTypeLowerName[18:23]: IDPTypeOAuth, _IDPTypeName[23:27]: IDPTypeLDAP, _IDPTypeLowerName[23:27]: IDPTypeLDAP, - _IDPTypeName[27:34]: IDPTypeAzureAD, - _IDPTypeLowerName[27:34]: IDPTypeAzureAD, - _IDPTypeName[34:40]: IDPTypeGitHub, - _IDPTypeLowerName[34:40]: IDPTypeGitHub, - _IDPTypeName[40:56]: IDPTypeGitHubEnterprise, - _IDPTypeLowerName[40:56]: IDPTypeGitHubEnterprise, - _IDPTypeName[56:62]: IDPTypeGitLab, - _IDPTypeLowerName[56:62]: IDPTypeGitLab, - _IDPTypeName[62:78]: IDPTypeGitLabSelfHosted, - _IDPTypeLowerName[62:78]: IDPTypeGitLabSelfHosted, - _IDPTypeName[78:84]: IDPTypeGoogle, - _IDPTypeLowerName[78:84]: IDPTypeGoogle, - _IDPTypeName[84:89]: IDPTypeApple, - _IDPTypeLowerName[84:89]: IDPTypeApple, - _IDPTypeName[89:93]: IDPTypeSAML, - _IDPTypeLowerName[89:93]: IDPTypeSAML, + _IDPTypeName[27:32]: IDPTypeAzure, + _IDPTypeLowerName[27:32]: IDPTypeAzure, + _IDPTypeName[32:38]: IDPTypeGitHub, + _IDPTypeLowerName[32:38]: IDPTypeGitHub, + _IDPTypeName[38:54]: IDPTypeGitHubEnterprise, + _IDPTypeLowerName[38:54]: IDPTypeGitHubEnterprise, + _IDPTypeName[54:60]: IDPTypeGitLab, + _IDPTypeLowerName[54:60]: IDPTypeGitLab, + _IDPTypeName[60:76]: IDPTypeGitLabSelfHosted, + _IDPTypeLowerName[60:76]: IDPTypeGitLabSelfHosted, + _IDPTypeName[76:82]: IDPTypeGoogle, + _IDPTypeLowerName[76:82]: IDPTypeGoogle, + _IDPTypeName[82:87]: IDPTypeApple, + _IDPTypeLowerName[82:87]: IDPTypeApple, + _IDPTypeName[87:91]: IDPTypeSAML, + _IDPTypeLowerName[87:91]: IDPTypeSAML, } var _IDPTypeNames = []string{ @@ -76,14 +76,14 @@ var _IDPTypeNames = []string{ _IDPTypeName[15:18], _IDPTypeName[18:23], _IDPTypeName[23:27], - _IDPTypeName[27:34], - _IDPTypeName[34:40], - _IDPTypeName[40:56], - _IDPTypeName[56:62], - _IDPTypeName[62:78], - _IDPTypeName[78:84], - _IDPTypeName[84:89], - _IDPTypeName[89:93], + _IDPTypeName[27:32], + _IDPTypeName[32:38], + _IDPTypeName[38:54], + _IDPTypeName[54:60], + _IDPTypeName[60:76], + _IDPTypeName[76:82], + _IDPTypeName[82:87], + _IDPTypeName[87:91], } // IDPTypeString retrieves an enum value from the enum constants string name. diff --git a/backend/v3/storage/database/dialect/postgres/migration/003_identity_providers_table/up.sql b/backend/v3/storage/database/dialect/postgres/migration/003_identity_providers_table/up.sql index 35d2fa4acc..bdcd033604 100644 --- a/backend/v3/storage/database/dialect/postgres/migration/003_identity_providers_table/up.sql +++ b/backend/v3/storage/database/dialect/postgres/migration/003_identity_providers_table/up.sql @@ -10,6 +10,7 @@ CREATE TYPE zitadel.idp_type AS ENUM ( 'saml', 'ldap', 'github', + 'azure', 'google', 'microsoft', 'apple' diff --git a/backend/v3/storage/database/events_testing/id_provider_test.go b/backend/v3/storage/database/events_testing/id_provider_test.go index f80825a4e6..359ec3c159 100644 --- a/backend/v3/storage/database/events_testing/id_provider_test.go +++ b/backend/v3/storage/database/events_testing/id_provider_test.go @@ -37,8 +37,8 @@ func TestServer_TestIDProviderReduces(t *testing.T) { UsernameMapping: idp.OIDCMappingField_OIDC_MAPPING_FIELD_EMAIL, AutoRegister: true, }) - require.NoError(t, err) afterCreate := time.Now() + require.NoError(t, err) idpRepo := repository.IDProviderRepository(pool) @@ -773,4 +773,168 @@ func TestServer_TestIDProviderReduces(t *testing.T) { assert.WithinRange(t, updateOIDC.UpdatedAt, beforeCreate, afterCreate) }, retryDuration, tick) }) + + t.Run("test instance idp oidc migrated azure migration reduces", func(t *testing.T) { + name := gofakeit.Name() + + // create OIDC + addOIDC, err := AdminClient.AddGenericOIDCProvider(CTX, &admin.AddGenericOIDCProviderRequest{ + Name: name, + ClientId: "clientId", + ClientSecret: "clientSecret", + Scopes: []string{"scope"}, + Issuer: "issuer", + ProviderOptions: &idp_grpc.Options{ + IsLinkingAllowed: false, + IsCreationAllowed: false, + IsAutoCreation: false, + IsAutoUpdate: false, + AutoLinking: idp.AutoLinkingOption_AUTO_LINKING_OPTION_EMAIL, + }, + IsIdTokenMapping: false, + UsePkce: false, + }) + require.NoError(t, err) + + idpRepo := repository.IDProviderRepository(pool) + + var oidc *domain.IDPOIDC + retryDuration, tick := integration.WaitForAndTickWithMaxDuration(CTX, time.Second*5) + assert.EventuallyWithT(t, func(t *assert.CollectT) { + oidc, err = idpRepo.GetOIDC(CTX, idpRepo.IDCondition(addOIDC.Id), instanceID, nil) + require.NoError(t, err) + assert.Equal(t, domain.IDPTypeOIDC.String(), oidc.Type) + }, retryDuration, tick) + + beforeCreate := time.Now() + _, err = AdminClient.MigrateGenericOIDCProvider(CTX, &admin.MigrateGenericOIDCProviderRequest{ + Id: addOIDC.Id, + Template: &admin.MigrateGenericOIDCProviderRequest_Azure{ + Azure: &admin.AddAzureADProviderRequest{ + Name: name, + ClientId: "new_clientId", + ClientSecret: "new_clientSecret", + Tenant: &idp_grpc.AzureADTenant{ + Type: &idp_grpc.AzureADTenant_TenantType{ + TenantType: idp.AzureADTenantType_AZURE_AD_TENANT_TYPE_ORGANISATIONS, + }, + }, + EmailVerified: true, + Scopes: []string{"new_scope"}, + ProviderOptions: &idp_grpc.Options{ + IsLinkingAllowed: true, + IsCreationAllowed: true, + IsAutoCreation: true, + IsAutoUpdate: true, + AutoLinking: idp.AutoLinkingOption_AUTO_LINKING_OPTION_USERNAME, + }, + }, + }, + }) + afterCreate := time.Now() + require.NoError(t, err) + + retryDuration, tick = integration.WaitForAndTickWithMaxDuration(CTX, time.Second*5) + assert.EventuallyWithT(t, func(t *assert.CollectT) { + azure, err := idpRepo.GetOAzureAD(CTX, idpRepo.IDCondition(addOIDC.Id), instanceID, nil) + require.NoError(t, err) + + // event instance.idp.oidc.migrated.azure + // idp + assert.Equal(t, addOIDC.Id, azure.IdentityProvider.ID) + assert.Equal(t, name, azure.IdentityProvider.Name) + + // oidc + assert.Equal(t, "new_clientId", azure.ClientID) + assert.NotEqual(t, oidc.ClientSecret, azure.ClientSecret) + // type = azure + assert.Equal(t, domain.AzureTenantTypeOrganizations.String(), azure.Tenant) + assert.Equal(t, domain.IDPTypeAzure.String(), azure.Type) + assert.Equal(t, true, azure.IsEmailVerified) + assert.Equal(t, []string{"new_scope"}, azure.Scopes) + assert.Equal(t, true, azure.AllowLinking) + assert.Equal(t, true, azure.AllowCreation) + assert.Equal(t, true, azure.AllowAutoUpdate) + assert.Equal(t, domain.IDPAutoLinkingOptionUserName.String(), azure.AllowAutoLinking) + assert.WithinRange(t, azure.UpdatedAt, beforeCreate, afterCreate) + }, retryDuration, tick) + }) + + t.Run("test instance idp oidc migrated google migration reduces", func(t *testing.T) { + name := gofakeit.Name() + + // create OIDC + addOIDC, err := AdminClient.AddGenericOIDCProvider(CTX, &admin.AddGenericOIDCProviderRequest{ + Name: name, + ClientId: "clientId", + ClientSecret: "clientSecret", + Scopes: []string{"scope"}, + Issuer: "issuer", + ProviderOptions: &idp_grpc.Options{ + IsLinkingAllowed: false, + IsCreationAllowed: false, + IsAutoCreation: false, + IsAutoUpdate: false, + AutoLinking: idp.AutoLinkingOption_AUTO_LINKING_OPTION_EMAIL, + }, + IsIdTokenMapping: false, + UsePkce: false, + }) + require.NoError(t, err) + + idpRepo := repository.IDProviderRepository(pool) + + var oidc *domain.IDPOIDC + retryDuration, tick := integration.WaitForAndTickWithMaxDuration(CTX, time.Second*5) + assert.EventuallyWithT(t, func(t *assert.CollectT) { + oidc, err = idpRepo.GetOIDC(CTX, idpRepo.IDCondition(addOIDC.Id), instanceID, nil) + require.NoError(t, err) + assert.Equal(t, domain.IDPTypeOIDC.String(), oidc.Type) + }, retryDuration, tick) + + beforeCreate := time.Now() + _, err = AdminClient.MigrateGenericOIDCProvider(CTX, &admin.MigrateGenericOIDCProviderRequest{ + Id: addOIDC.Id, + Template: &admin.MigrateGenericOIDCProviderRequest_Google{ + Google: &admin.AddGoogleProviderRequest{ + Name: name, + ClientId: "new_clientId", + ClientSecret: "new_clientSecret", + Scopes: []string{"new_scope"}, + ProviderOptions: &idp_grpc.Options{ + IsLinkingAllowed: true, + IsCreationAllowed: true, + IsAutoCreation: true, + IsAutoUpdate: true, + AutoLinking: idp.AutoLinkingOption_AUTO_LINKING_OPTION_USERNAME, + }, + }, + }, + }) + afterCreate := time.Now() + require.NoError(t, err) + + retryDuration, tick = integration.WaitForAndTickWithMaxDuration(CTX, time.Second*5) + assert.EventuallyWithT(t, func(t *assert.CollectT) { + google, err := idpRepo.GetGoogle(CTX, idpRepo.IDCondition(addOIDC.Id), instanceID, nil) + require.NoError(t, err) + + // event instance.idp.oidc.migrated.google + // idp + assert.Equal(t, addOIDC.Id, google.IdentityProvider.ID) + assert.Equal(t, name, google.IdentityProvider.Name) + + // oidc + assert.Equal(t, "new_clientId", google.ClientID) + assert.NotEqual(t, oidc.ClientSecret, google.ClientSecret) + // type = google + assert.Equal(t, domain.IDPTypeGoogle.String(), google.Type) + assert.Equal(t, []string{"new_scope"}, google.Scopes) + assert.Equal(t, true, google.AllowLinking) + assert.Equal(t, true, google.AllowCreation) + assert.Equal(t, true, google.AllowAutoUpdate) + assert.Equal(t, domain.IDPAutoLinkingOptionUserName.String(), google.AllowAutoLinking) + assert.WithinRange(t, google.UpdatedAt, beforeCreate, afterCreate) + }, retryDuration, tick) + }) } diff --git a/backend/v3/storage/database/repository/id_provider.go b/backend/v3/storage/database/repository/id_provider.go index 5671e19d87..7f8453e841 100644 --- a/backend/v3/storage/database/repository/id_provider.go +++ b/backend/v3/storage/database/repository/id_provider.go @@ -185,6 +185,50 @@ func (i *idProvider) GetOAuth(ctx context.Context, id domain.IDPIdentifierCondit return idpOAuth, nil } +func (i *idProvider) GetOAzureAD(ctx context.Context, id domain.IDPIdentifierCondition, instnaceID string, orgID *string) (*domain.IDPOAzureAD, error) { + idpAzure := &domain.IDPOAzureAD{} + var err error + + idpAzure.IdentityProvider, err = i.Get(ctx, id, instnaceID, orgID) + if err != nil { + return nil, err + } + + if idpAzure.Type != domain.IDPTypeAzure.String() { + // TODO + return nil, errors.New("WRONG TYPE") + } + + err = json.Unmarshal([]byte(*idpAzure.Payload), idpAzure) + if err != nil { + return nil, err + } + + return idpAzure, nil +} + +func (i *idProvider) GetGoogle(ctx context.Context, id domain.IDPIdentifierCondition, instnaceID string, orgID *string) (*domain.IDPGoogle, error) { + idpGoogle := &domain.IDPGoogle{} + var err error + + idpGoogle.IdentityProvider, err = i.Get(ctx, id, instnaceID, orgID) + if err != nil { + return nil, err + } + + if idpGoogle.Type != domain.IDPTypeGoogle.String() { + // TODO + return nil, errors.New("WRONG TYPE") + } + + err = json.Unmarshal([]byte(*idpGoogle.Payload), idpGoogle) + if err != nil { + return nil, err + } + + return idpGoogle, nil +} + // ------------------------------------------------------------- // columns // ------------------------------------------------------------- diff --git a/internal/query/projection/idp_template_relational.go b/internal/query/projection/idp_template_relational.go index 26f763321c..3aca34b6d3 100644 --- a/internal/query/projection/idp_template_relational.go +++ b/internal/query/projection/idp_template_relational.go @@ -62,14 +62,14 @@ func (p *idpTemplateRelationalProjection) Reducers() []handler.AggregateReducer Event: instance.OIDCIDPChangedEventType, Reduce: p.reduceOIDCIDPRelationalChanged, }, - // { - // Event: instance.OIDCIDPMigratedAzureADEventType, - // Reduce: p.reduceOIDCIDPMigratedAzureAD, - // }, - // { - // Event: instance.OIDCIDPMigratedGoogleEventType, - // Reduce: p.reduceOIDCIDPMigratedGoogle, - // }, + { + Event: instance.OIDCIDPMigratedAzureADEventType, + Reduce: p.reduceOIDCIDPRelationalMigratedAzureAD, + }, + { + Event: instance.OIDCIDPMigratedGoogleEventType, + Reduce: p.reduceOIDCIDPRelationalMigratedGoogle, + }, // { // Event: instance.JWTIDPAddedEventType, // Reduce: p.reduceJWTIDPAdded, @@ -349,6 +349,7 @@ func (p *idpTemplateRelationalProjection) reduceOAuthIDPRelationalAdded(event ev // default: // } + fmt.Println("@@ >>>>>>>>>>>>>>>>>>>>>>>>>>>> AZURE") e, ok := event.(*instance.OAuthIDPAddedEvent) if !ok { return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-ap9ihb", "reduce.wrong.event.type %v", []eventstore.EventType{org.OAuthIDPAddedEventType, instance.OAuthIDPAddedEventType}) @@ -522,7 +523,6 @@ func (p *idpTemplateRelationalProjection) reduceOIDCIDPRelationalChanged(event e // }, // ), // ) - fmt.Println("@@ >>>>>>>>>>>>>>>>>>>>>>>>>>>> OIDC CHANGED") payload := &oidc.OIDC payloadChanged := reduceOIDCIDPRelationalChangedColumns(payload, &e.OIDCIDPChangedEvent) if payloadChanged { @@ -549,107 +549,103 @@ func (p *idpTemplateRelationalProjection) reduceOIDCIDPRelationalChanged(event e ), nil } -// func (p *idpTemplateProjection) reduceOIDCIDPMigratedAzureAD(event eventstore.Event) (*handler.Statement, error) { -// var idpEvent idp.OIDCIDPMigratedAzureADEvent -// switch e := event.(type) { -// case *org.OIDCIDPMigratedAzureADEvent: -// idpEvent = e.OIDCIDPMigratedAzureADEvent -// case *instance.OIDCIDPMigratedAzureADEvent: -// idpEvent = e.OIDCIDPMigratedAzureADEvent -// default: -// return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-p1582ks", "reduce.wrong.event.type %v", []eventstore.EventType{org.OIDCIDPMigratedAzureADEventType, instance.OIDCIDPMigratedAzureADEventType}) -// } +func (p *idpTemplateRelationalProjection) reduceOIDCIDPRelationalMigratedAzureAD(event eventstore.Event) (*handler.Statement, error) { + // var idpEvent idp.OIDCIDPMigratedAzureADEvent + // switch e := event.(type) { + // case *org.OIDCIDPMigratedAzureADEvent: + // idpEvent = e.OIDCIDPMigratedAzureADEvent + // case *instance.OIDCIDPMigratedAzureADEvent: + // idpEvent = e.OIDCIDPMigratedAzureADEvent + // default: + // return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-p1582ks", "reduce.wrong.event.type %v", []eventstore.EventType{org.OIDCIDPMigratedAzureADEventType, instance.OIDCIDPMigratedAzureADEventType}) + // } -// return handler.NewMultiStatement( -// &idpEvent, -// handler.AddUpdateStatement( -// []handler.Column{ -// handler.NewCol(IDPTemplateChangeDateCol, idpEvent.CreationDate()), -// handler.NewCol(IDPTemplateSequenceCol, idpEvent.Sequence()), -// handler.NewCol(IDPTemplateNameCol, idpEvent.Name), -// handler.NewCol(IDPTemplateTypeCol, domain.IDPTypeAzureAD), -// handler.NewCol(IDPTemplateIsCreationAllowedCol, idpEvent.IsCreationAllowed), -// handler.NewCol(IDPTemplateIsLinkingAllowedCol, idpEvent.IsLinkingAllowed), -// handler.NewCol(IDPTemplateIsAutoCreationCol, idpEvent.IsAutoCreation), -// handler.NewCol(IDPTemplateIsAutoUpdateCol, idpEvent.IsAutoUpdate), -// handler.NewCol(IDPTemplateAutoLinkingCol, idpEvent.AutoLinkingOption), -// }, -// []handler.Condition{ -// handler.NewCond(IDPTemplateIDCol, idpEvent.ID), -// handler.NewCond(IDPTemplateInstanceIDCol, idpEvent.Aggregate().InstanceID), -// }, -// ), -// handler.AddDeleteStatement( -// []handler.Condition{ -// handler.NewCond(OIDCIDCol, idpEvent.ID), -// handler.NewCond(OIDCInstanceIDCol, idpEvent.Aggregate().InstanceID), -// }, -// handler.WithTableSuffix(IDPTemplateOIDCSuffix), -// ), -// handler.AddCreateStatement( -// []handler.Column{ -// handler.NewCol(AzureADIDCol, idpEvent.ID), -// handler.NewCol(AzureADInstanceIDCol, idpEvent.Aggregate().InstanceID), -// handler.NewCol(AzureADClientIDCol, idpEvent.ClientID), -// handler.NewCol(AzureADClientSecretCol, idpEvent.ClientSecret), -// handler.NewCol(AzureADScopesCol, database.TextArray[string](idpEvent.Scopes)), -// handler.NewCol(AzureADTenantCol, idpEvent.Tenant), -// handler.NewCol(AzureADIsEmailVerified, idpEvent.IsEmailVerified), -// }, -// handler.WithTableSuffix(IDPTemplateAzureADSuffix), -// ), -// ), nil -// } + e, ok := event.(*instance.OIDCIDPMigratedAzureADEvent) + if !ok { + return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-p1582ks", "reduce.wrong.event.type %v", []eventstore.EventType{org.OIDCIDPMigratedAzureADEventType, instance.OIDCIDPMigratedAzureADEventType}) + } -// func (p *idpTemplateProjection) reduceOIDCIDPMigratedGoogle(event eventstore.Event) (*handler.Statement, error) { -// var idpEvent idp.OIDCIDPMigratedGoogleEvent -// switch e := event.(type) { -// case *org.OIDCIDPMigratedGoogleEvent: -// idpEvent = e.OIDCIDPMigratedGoogleEvent -// case *instance.OIDCIDPMigratedGoogleEvent: -// idpEvent = e.OIDCIDPMigratedGoogleEvent -// default: -// return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-p1582ks", "reduce.wrong.event.type %v", []eventstore.EventType{org.OIDCIDPMigratedGoogleEventType, instance.OIDCIDPMigratedGoogleEventType}) -// } + azure := domain.Azure{ + ClientID: e.ClientID, + ClientSecret: e.ClientSecret, + Scopes: e.Scopes, + Tenant: e.Tenant, + IsEmailVerified: e.IsEmailVerified, + } -// return handler.NewMultiStatement( -// &idpEvent, -// handler.AddUpdateStatement( -// []handler.Column{ -// handler.NewCol(IDPTemplateChangeDateCol, idpEvent.CreationDate()), -// handler.NewCol(IDPTemplateSequenceCol, idpEvent.Sequence()), -// handler.NewCol(IDPTemplateNameCol, idpEvent.Name), -// handler.NewCol(IDPTemplateTypeCol, domain.IDPTypeGoogle), -// handler.NewCol(IDPTemplateIsCreationAllowedCol, idpEvent.IsCreationAllowed), -// handler.NewCol(IDPTemplateIsLinkingAllowedCol, idpEvent.IsLinkingAllowed), -// handler.NewCol(IDPTemplateIsAutoCreationCol, idpEvent.IsAutoCreation), -// handler.NewCol(IDPTemplateIsAutoUpdateCol, idpEvent.IsAutoUpdate), -// handler.NewCol(IDPTemplateAutoLinkingCol, idpEvent.AutoLinkingOption), -// }, -// []handler.Condition{ -// handler.NewCond(IDPTemplateIDCol, idpEvent.ID), -// handler.NewCond(IDPTemplateInstanceIDCol, idpEvent.Aggregate().InstanceID), -// }, -// ), -// handler.AddDeleteStatement( -// []handler.Condition{ -// handler.NewCond(OIDCIDCol, idpEvent.ID), -// handler.NewCond(OIDCInstanceIDCol, idpEvent.Aggregate().InstanceID), -// }, -// handler.WithTableSuffix(IDPTemplateOIDCSuffix), -// ), -// handler.AddCreateStatement( -// []handler.Column{ -// handler.NewCol(GoogleIDCol, idpEvent.ID), -// handler.NewCol(GoogleInstanceIDCol, idpEvent.Aggregate().InstanceID), -// handler.NewCol(GoogleClientIDCol, idpEvent.ClientID), -// handler.NewCol(GoogleClientSecretCol, idpEvent.ClientSecret), -// handler.NewCol(GoogleScopesCol, database.TextArray[string](idpEvent.Scopes)), -// }, -// handler.WithTableSuffix(IDPTemplateGoogleSuffix), -// ), -// ), nil -// } + payload, err := json.Marshal(azure) + if err != nil { + return nil, err + } + + return handler.NewMultiStatement( + e, + handler.AddUpdateStatement( + []handler.Column{ + handler.NewCol(IDPTemplateNameCol, e.Name), + handler.NewCol(IDPTemplateTypeCol, domain.IDPTypeAzure.String()), + handler.NewCol(IDPRelationalAllowCreationCol, e.IsCreationAllowed), + handler.NewCol(IDPRelationalAllowLinkingCol, e.IsLinkingAllowed), + handler.NewCol(IDPRelationalAllowAutoCreationCol, e.IsAutoCreation), + handler.NewCol(IDPRelationalAllowAutoUpdateCol, e.IsAutoUpdate), + handler.NewCol(IDPRelationalAllowAutoLinkingCol, domain.IDPAutoLinkingOption(e.AutoLinkingOption).String()), + handler.NewCol(IDPRelationalPayloadCol, payload), + }, + []handler.Condition{ + handler.NewCond(IDPTemplateIDCol, e.ID), + handler.NewCond(IDPTemplateInstanceIDCol, e.Aggregate().InstanceID), + }, + ), + ), nil +} + +func (p *idpTemplateRelationalProjection) reduceOIDCIDPRelationalMigratedGoogle(event eventstore.Event) (*handler.Statement, error) { + // var idpEvent idp.OIDCIDPMigratedGoogleEvent + // switch e := event.(type) { + // case *org.OIDCIDPMigratedGoogleEvent: + // idpEvent = e.OIDCIDPMigratedGoogleEvent + // case *instance.OIDCIDPMigratedGoogleEvent: + // idpEvent = e.OIDCIDPMigratedGoogleEvent + // default: + // return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-p1582ks", "reduce.wrong.event.type %v", []eventstore.EventType{org.OIDCIDPMigratedGoogleEventType, instance.OIDCIDPMigratedGoogleEventType}) + // } + + e, ok := event.(*instance.OIDCIDPMigratedGoogleEvent) + if !ok { + return nil, zerrors.ThrowInvalidArgumentf(nil, "HANDL-p1582ks", "reduce.wrong.event.type %v", []eventstore.EventType{org.OIDCIDPMigratedGoogleEventType, instance.OIDCIDPMigratedGoogleEventType}) + } + + azure := domain.Google{ + ClientID: e.ClientID, + ClientSecret: e.ClientSecret, + Scopes: e.Scopes, + } + + payload, err := json.Marshal(azure) + if err != nil { + return nil, err + } + + return handler.NewMultiStatement( + e, + handler.AddUpdateStatement( + []handler.Column{ + handler.NewCol(IDPTemplateNameCol, e.Name), + handler.NewCol(IDPTemplateTypeCol, domain.IDPTypeGoogle.String()), + handler.NewCol(IDPRelationalAllowCreationCol, e.IsCreationAllowed), + handler.NewCol(IDPRelationalAllowLinkingCol, e.IsLinkingAllowed), + handler.NewCol(IDPRelationalAllowAutoCreationCol, e.IsAutoCreation), + handler.NewCol(IDPRelationalAllowAutoUpdateCol, e.IsAutoUpdate), + handler.NewCol(IDPRelationalAllowAutoLinkingCol, domain.IDPAutoLinkingOption(e.AutoLinkingOption).String()), + handler.NewCol(IDPRelationalPayloadCol, payload), + }, + []handler.Condition{ + handler.NewCond(IDPTemplateIDCol, e.ID), + handler.NewCond(IDPTemplateInstanceIDCol, e.Aggregate().InstanceID), + }, + ), + ), nil +} // func (p *idpTemplateProjection) reduceJWTIDPAdded(event eventstore.Event) (*handler.Statement, error) { // var idpEvent idp.JWTIDPAddedEvent