From 7e56ace9d9725f40dcc2a8904770e146d47b7496 Mon Sep 17 00:00:00 2001 From: Fabi <38692350+fgerschwiler@users.noreply.github.com> Date: Tue, 20 Oct 2020 14:26:19 +0200 Subject: [PATCH] fix: idp provider handler (#874) * fix: idp provider handler * fix: idp provider search * fix: idp provider search * fix: error handling * fix: error handling * fix: fix read config --- .../eventsourcing/handler/idp_providers.go | 12 +++-- internal/api/grpc/management/idp_config.go | 6 ++- .../grpc/management/idp_config_converter.go | 52 +++++++++++++++---- .../eventsourcing/handler/idp_providers.go | 17 +++--- .../eventsourcing/handler/idp_providers.go | 17 +++--- internal/static/i18n/de.yaml | 2 + internal/static/i18n/en.yaml | 2 + 7 files changed, 81 insertions(+), 27 deletions(-) diff --git a/internal/admin/repository/eventsourcing/handler/idp_providers.go b/internal/admin/repository/eventsourcing/handler/idp_providers.go index ccff618971..0613ae7fa5 100644 --- a/internal/admin/repository/eventsourcing/handler/idp_providers.go +++ b/internal/admin/repository/eventsourcing/handler/idp_providers.go @@ -66,13 +66,17 @@ func (m *IDPProvider) processIdpProvider(event *models.Event) (err error) { } return m.view.DeleteIDPProvider(event.AggregateID, provider.IDPConfigID, event.Sequence) case model.IDPConfigChanged, org_es_model.IDPConfigChanged: - config := new(iam_model.IDPConfig) - config.AppendEvent(event) - providers, err := m.view.IDPProvidersByIdpConfigID(config.IDPConfigID) + esConfig := new(iam_view_model.IDPConfigView) + providerType := iam_model.IDPProviderTypeSystem + if event.AggregateID != m.systemDefaults.IamID { + providerType = iam_model.IDPProviderTypeOrg + } + esConfig.AppendEvent(providerType, event) + providers, err := m.view.IDPProvidersByIdpConfigID(esConfig.IDPConfigID) if err != nil { return err } - config, err = m.iamEvents.GetIDPConfig(context.Background(), provider.AggregateID, config.IDPConfigID) + config, err := m.iamEvents.GetIDPConfig(context.Background(), event.AggregateID, esConfig.IDPConfigID) if err != nil { return err } diff --git a/internal/api/grpc/management/idp_config.go b/internal/api/grpc/management/idp_config.go index bc41f75843..dacc7cc2ff 100644 --- a/internal/api/grpc/management/idp_config.go +++ b/internal/api/grpc/management/idp_config.go @@ -61,7 +61,11 @@ func (s *Server) UpdateOidcIdpConfig(ctx context.Context, request *management.Oi } func (s *Server) SearchIdps(ctx context.Context, request *management.IdpSearchRequest) (*management.IdpSearchResponse, error) { - response, err := s.org.SearchIDPConfigs(ctx, idpConfigSearchRequestToModel(request)) + searchRequest, err := idpConfigSearchRequestToModel(request) + if err != nil { + return nil, err + } + response, err := s.org.SearchIDPConfigs(ctx, searchRequest) if err != nil { return nil, err } diff --git a/internal/api/grpc/management/idp_config_converter.go b/internal/api/grpc/management/idp_config_converter.go index f77dc95410..3b6fe2b712 100644 --- a/internal/api/grpc/management/idp_config_converter.go +++ b/internal/api/grpc/management/idp_config_converter.go @@ -2,9 +2,11 @@ package management import ( "github.com/caos/logging" + caos_errors "github.com/caos/zitadel/internal/errors" iam_model "github.com/caos/zitadel/internal/iam/model" "github.com/caos/zitadel/pkg/grpc/management" "github.com/golang/protobuf/ptypes" + "strconv" ) func createOidcIdpToModel(idp *management.OidcIdpConfigCreate) *iam_model.IDPConfig { @@ -131,29 +133,47 @@ func idpConfigStateFromModel(state iam_model.IDPConfigState) management.IdpState } } -func idpConfigSearchRequestToModel(request *management.IdpSearchRequest) *iam_model.IDPConfigSearchRequest { - return &iam_model.IDPConfigSearchRequest{ - Limit: request.Limit, - Offset: request.Offset, - Queries: idpConfigSearchQueriesToModel(request.Queries), +func idpConfigSearchRequestToModel(request *management.IdpSearchRequest) (*iam_model.IDPConfigSearchRequest, error) { + convertedSearchRequest := &iam_model.IDPConfigSearchRequest{ + Limit: request.Limit, + Offset: request.Offset, } + convertedQueries, err := idpConfigSearchQueriesToModel(request.Queries) + if err != nil { + return nil, err + } + convertedSearchRequest.Queries = convertedQueries + return convertedSearchRequest, nil } -func idpConfigSearchQueriesToModel(queries []*management.IdpSearchQuery) []*iam_model.IDPConfigSearchQuery { +func idpConfigSearchQueriesToModel(queries []*management.IdpSearchQuery) ([]*iam_model.IDPConfigSearchQuery, error) { modelQueries := make([]*iam_model.IDPConfigSearchQuery, len(queries)) for i, query := range queries { - modelQueries[i] = idpConfigSearchQueryToModel(query) + converted, err := idpConfigSearchQueryToModel(query) + if err != nil { + return nil, err + } + modelQueries[i] = converted } - return modelQueries + return modelQueries, nil } -func idpConfigSearchQueryToModel(query *management.IdpSearchQuery) *iam_model.IDPConfigSearchQuery { - return &iam_model.IDPConfigSearchQuery{ +func idpConfigSearchQueryToModel(query *management.IdpSearchQuery) (*iam_model.IDPConfigSearchQuery, error) { + converted := &iam_model.IDPConfigSearchQuery{ Key: idpConfigSearchKeyToModel(query.Key), Method: searchMethodToModel(query.Method), Value: query.Value, } + if query.Key != management.IdpSearchKey_IDPSEARCHKEY_PROVIDER_TYPE { + return converted, nil + } + value, err := idpProviderTypeStringToModel(query.Value) + if err != nil { + return nil, err + } + converted.Value = value + return converted, nil } func idpConfigSearchKeyToModel(key management.IdpSearchKey) iam_model.IDPConfigSearchKey { @@ -229,3 +249,15 @@ func idpConfigStylingTypeToModel(stylingType management.IdpStylingType) iam_mode return iam_model.IDPStylingTypeUnspecified } } + +func idpProviderTypeStringToModel(providerType string) (iam_model.IDPProviderType, error) { + i, _ := strconv.Atoi(providerType) + switch management.IdpProviderType(i) { + case management.IdpProviderType_IDPPROVIDERTYPE_SYSTEM: + return iam_model.IDPProviderTypeSystem, nil + case management.IdpProviderType_IDPPROVIDERTYPE_ORG: + return iam_model.IDPProviderTypeOrg, nil + default: + return 0, caos_errors.ThrowPreconditionFailed(nil, "MGMT-6is9f", "Errors.Org.IDP.InvalidSearchQuery") + } +} diff --git a/internal/auth/repository/eventsourcing/handler/idp_providers.go b/internal/auth/repository/eventsourcing/handler/idp_providers.go index 0261115164..b4c54a2834 100644 --- a/internal/auth/repository/eventsourcing/handler/idp_providers.go +++ b/internal/auth/repository/eventsourcing/handler/idp_providers.go @@ -66,16 +66,21 @@ func (m *IDPProvider) processIdpProvider(event *models.Event) (err error) { } return m.view.DeleteIDPProvider(event.AggregateID, provider.IDPConfigID, event.Sequence) case model.IDPConfigChanged, org_es_model.IDPConfigChanged: - config := new(iam_model.IDPConfig) - config.AppendEvent(event) - providers, err := m.view.IDPProvidersByIDPConfigID(config.IDPConfigID) + esConfig := new(iam_view_model.IDPConfigView) + providerType := iam_model.IDPProviderTypeSystem + if event.AggregateID != m.systemDefaults.IamID { + providerType = iam_model.IDPProviderTypeOrg + } + esConfig.AppendEvent(providerType, event) + providers, err := m.view.IDPProvidersByIDPConfigID(esConfig.IDPConfigID) if err != nil { return err } - if provider.IDPProviderType == int32(iam_model.IDPProviderTypeSystem) { - config, err = m.iamEvents.GetIDPConfig(context.Background(), provider.AggregateID, config.IDPConfigID) + config := new(iam_model.IDPConfig) + if event.AggregateID == m.systemDefaults.IamID { + config, err = m.iamEvents.GetIDPConfig(context.Background(), event.AggregateID, esConfig.IDPConfigID) } else { - config, err = m.orgEvents.GetIDPConfig(context.Background(), provider.AggregateID, provider.IDPConfigID) + config, err = m.orgEvents.GetIDPConfig(context.Background(), event.AggregateID, esConfig.IDPConfigID) } if err != nil { return err diff --git a/internal/management/repository/eventsourcing/handler/idp_providers.go b/internal/management/repository/eventsourcing/handler/idp_providers.go index b5312e5939..56e8fbc7d2 100644 --- a/internal/management/repository/eventsourcing/handler/idp_providers.go +++ b/internal/management/repository/eventsourcing/handler/idp_providers.go @@ -66,16 +66,21 @@ func (m *IDPProvider) processIdpProvider(event *models.Event) (err error) { } return m.view.DeleteIdpProvider(event.AggregateID, provider.IDPConfigID, event.Sequence) case model.IDPConfigChanged, org_es_model.IDPConfigChanged: - config := new(iam_model.IDPConfig) - config.AppendEvent(event) - providers, err := m.view.IdpProvidersByIdpConfigID(event.AggregateID, config.IDPConfigID) + esConfig := new(iam_view_model.IDPConfigView) + providerType := iam_model.IDPProviderTypeSystem + if event.AggregateID != m.systemDefaults.IamID { + providerType = iam_model.IDPProviderTypeOrg + } + esConfig.AppendEvent(providerType, event) + providers, err := m.view.IdpProvidersByIdpConfigID(event.AggregateID, esConfig.IDPConfigID) if err != nil { return err } - if provider.IDPProviderType == int32(iam_model.IDPProviderTypeSystem) { - config, err = m.iamEvents.GetIDPConfig(context.Background(), provider.AggregateID, config.IDPConfigID) + config := new(iam_model.IDPConfig) + if event.AggregateID == m.systemDefaults.IamID { + config, err = m.iamEvents.GetIDPConfig(context.Background(), event.AggregateID, esConfig.IDPConfigID) } else { - config, err = m.orgEvents.GetIDPConfig(context.Background(), provider.AggregateID, provider.IDPConfigID) + config, err = m.orgEvents.GetIDPConfig(context.Background(), event.AggregateID, esConfig.IDPConfigID) } if err != nil { return err diff --git a/internal/static/i18n/de.yaml b/internal/static/i18n/de.yaml index bfebe0a5d8..542d03ea1b 100644 --- a/internal/static/i18n/de.yaml +++ b/internal/static/i18n/de.yaml @@ -83,6 +83,8 @@ Errors: IdpNotExisting: IDP Konfiguration existiert nicht OIDCConfigInvalid: OIDC IDP Konfiguration ist ungültig IdpIsNotOIDC: IDP Konfiguration ist nicht vom Typ OIDC + IDP: + InvalidSearchQuery: Ungültiger Suchparameter LoginPolicy: Invalid: Login Policy ist ungültig NotExisting: Login Policy existiert nicht auf dieser Organisation diff --git a/internal/static/i18n/en.yaml b/internal/static/i18n/en.yaml index c61a7e9120..417c86a569 100644 --- a/internal/static/i18n/en.yaml +++ b/internal/static/i18n/en.yaml @@ -83,6 +83,8 @@ Errors: IdpNotExisting: IDP configuration does not exist OIDCConfigInvalid: OIDC IDP configuration is invalid IdpIsNotOIDC: IDP configuration is not of type oidc + IDP: + InvalidSearchQuery: Ungültiger Suchparameter LoginPolicy: Invalid: Login Policy is invalid NotExisting: Login Policy not existig