feat(saml): implementation of saml for ZITADEL v2 (#3618)

2025-08-11 19:07:30 +00:00 · 2022-09-12 17:18:08 +01:00
parent 01a92ba5d9
commit 7a5f7f82cf
134 changed files with 5570 additions and 1293 deletions
--- a/internal/command/project_application_test.go
+++ b/internal/command/project_application_test.go
@@ -5,6 +5,7 @@ import (
 	"testing"

 	"github.com/stretchr/testify/assert"
+
 	"github.com/zitadel/zitadel/internal/domain"
 	caos_errs "github.com/zitadel/zitadel/internal/errors"
 	"github.com/zitadel/zitadel/internal/eventstore"
@@ -580,6 +581,58 @@ func TestCommandSide_RemoveApplication(t *testing.T) {
 				err: caos_errs.IsNotFound,
 			},
 		},
+		{
+			name: "app remove, entityID, ok",
+			fields: fields{
+				eventstore: eventstoreExpect(
+					t,
+					expectFilter(
+						eventFromEventPusher(project.NewApplicationAddedEvent(context.Background(),
+							&project.NewAggregate("project1", "org1").Aggregate,
+							"app1",
+							"app",
+						)),
+					),
+					expectFilter(
+						eventFromEventPusher(project.NewApplicationAddedEvent(context.Background(),
+							&project.NewAggregate("project1", "org1").Aggregate,
+							"app1",
+							"app",
+						)),
+						eventFromEventPusher(project.NewSAMLConfigAddedEvent(context.Background(),
+							&project.NewAggregate("project1", "org1").Aggregate,
+							"app1",
+							"https://test.com/saml/metadata",
+							[]byte("<?xml version=\"1.0\"?>\n<md:EntityDescriptor xmlns:md=\"urn:oasis:names:tc:SAML:2.0:metadata\"\n                     validUntil=\"2022-08-26T14:08:16Z\"\n                     cacheDuration=\"PT604800S\"\n                     entityID=\"https://test.com/saml/metadata\">\n    <md:SPSSODescriptor AuthnRequestsSigned=\"false\" WantAssertionsSigned=\"false\" protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n        <md:NameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified</md:NameIDFormat>\n        <md:AssertionConsumerService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST\"\n                                     Location=\"https://test.com/saml/acs\"\n                                     index=\"1\" />\n        \n    </md:SPSSODescriptor>\n</md:EntityDescriptor>"),
+							"",
+						)),
+					),
+					expectPush(
+						[]*repository.Event{
+							eventFromEventPusher(project.NewApplicationRemovedEvent(context.Background(),
+								&project.NewAggregate("project1", "org1").Aggregate,
+								"app1",
+								"app",
+								"https://test.com/saml/metadata",
+							)),
+						}, /**/
+						uniqueConstraintsFromEventConstraint(project.NewRemoveApplicationUniqueConstraint("app", "project1")),
+						uniqueConstraintsFromEventConstraint(project.NewRemoveSAMLConfigEntityIDUniqueConstraint("https://test.com/saml/metadata")),
+					),
+				),
+			},
+			args: args{
+				ctx:           context.Background(),
+				projectID:     "project1",
+				appID:         "app1",
+				resourceOwner: "org1",
+			},
+			res: res{
+				want: &domain.ObjectDetails{
+					ResourceOwner: "org1",
+				},
+			},
+		},
 		{
 			name: "app remove, ok",
 			fields: fields{
@@ -592,12 +645,15 @@ func TestCommandSide_RemoveApplication(t *testing.T) {
 							"app",
 						)),
 					),
+					// app is not saml, or no saml config available
+					expectFilter(),
 					expectPush(
 						[]*repository.Event{
 							eventFromEventPusher(project.NewApplicationRemovedEvent(context.Background(),
 								&project.NewAggregate("project1", "org1").Aggregate,
 								"app1",
 								"app",
+								"",
 							)),
 						},
 						uniqueConstraintsFromEventConstraint(project.NewRemoveApplicationUniqueConstraint("app", "project1")),