fix: use system secret config if generator type does not exist on instance (#6420)

* fix: use system secret config if generator type does not exist on instance

* remove unused idGenerator

(cherry picked from commit cbd2ef0612)

internal/command/user_human_otp_test.go

@@ -1249,9 +1249,20 @@ func TestCommandSide_RemoveHumanOTPSMS(t *testing.T) {
 
 func TestCommandSide_HumanSendOTPSMS(t *testing.T) {
 	ctx := authz.NewMockContext("inst1", "org1", "user1")
+	defaultGenerators := &SecretGenerators{
+		OTPSMS: &crypto.GeneratorConfig{
+			Length:              8,
+			Expiry:              time.Hour,
+			IncludeLowerLetters: true,
+			IncludeUpperLetters: true,
+			IncludeDigits:       true,
+			IncludeSymbols:      true,
+		},
+	}
 	type fields struct {
-		eventstore     func(*testing.T) *eventstore.Eventstore
-		userEncryption crypto.EncryptionAlgorithm
+		eventstore              func(*testing.T) *eventstore.Eventstore
+		userEncryption          crypto.EncryptionAlgorithm
+		defaultSecretGenerators *SecretGenerators
 	}
 	type (
 		args struct {
@@ -1274,7 +1285,8 @@ func TestCommandSide_HumanSendOTPSMS(t *testing.T) {
 		{
 			name: "userid missing, invalid argument error",
 			fields: fields{
-				eventstore: expectEventstore(),
+				eventstore:              expectEventstore(),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -1291,6 +1303,7 @@ func TestCommandSide_HumanSendOTPSMS(t *testing.T) {
 				eventstore: expectEventstore(
 					expectFilter(),
 				),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -1343,7 +1356,52 @@ func TestCommandSide_HumanSendOTPSMS(t *testing.T) {
 						},
 					),
 				),
-				userEncryption: crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				userEncryption:          crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				defaultSecretGenerators: defaultGenerators,
+			},
+			args: args{
+				ctx:           ctx,
+				userID:        "user1",
+				resourceOwner: "org1",
+			},
+			res: res{
+				want: &domain.ObjectDetails{
+					ResourceOwner: "org1",
+				},
+			},
+		},
+		{
+			name: "successful add (without secret config)",
+			fields: fields{
+				eventstore: expectEventstore(
+					expectFilter(
+						eventFromEventPusher(
+							user.NewHumanOTPSMSAddedEvent(ctx,
+								&user.NewAggregate("user1", "org1").Aggregate,
+							),
+						),
+					),
+					expectFilter(),
+					expectPush(
+						[]*repository.Event{
+							eventFromEventPusherWithInstanceID("inst1",
+								user.NewHumanOTPSMSCodeAddedEvent(ctx,
+									&user.NewAggregate("user1", "org1").Aggregate,
+									&crypto.CryptoValue{
+										CryptoType: crypto.TypeEncryption,
+										Algorithm:  "enc",
+										KeyID:      "id",
+										Crypted:    []byte("12345678"),
+									},
+									time.Hour,
+									nil,
+								),
+							),
+						},
+					),
+				),
+				userEncryption:          crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -1406,7 +1464,8 @@ func TestCommandSide_HumanSendOTPSMS(t *testing.T) {
 						},
 					),
 				),
-				userEncryption: crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				userEncryption:          crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -1432,8 +1491,9 @@ func TestCommandSide_HumanSendOTPSMS(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore:     tt.fields.eventstore(t),
-				userEncryption: tt.fields.userEncryption,
+				eventstore:              tt.fields.eventstore(t),
+				userEncryption:          tt.fields.userEncryption,
+				defaultSecretGenerators: tt.fields.defaultSecretGenerators,
 			}
 			err := r.HumanSendOTPSMS(tt.args.ctx, tt.args.userID, tt.args.resourceOwner, tt.args.authRequest)
 			assert.ErrorIs(t, err, tt.res.err)
@@ -2176,9 +2236,20 @@ func TestCommandSide_RemoveHumanOTPEmail(t *testing.T) {
 
 func TestCommandSide_HumanSendOTPEmail(t *testing.T) {
 	ctx := authz.NewMockContext("inst1", "org1", "user1")
+	defaultGenerators := &SecretGenerators{
+		OTPEmail: &crypto.GeneratorConfig{
+			Length:              8,
+			Expiry:              time.Hour,
+			IncludeLowerLetters: true,
+			IncludeUpperLetters: true,
+			IncludeDigits:       true,
+			IncludeSymbols:      true,
+		},
+	}
 	type fields struct {
-		eventstore     func(*testing.T) *eventstore.Eventstore
-		userEncryption crypto.EncryptionAlgorithm
+		eventstore              func(*testing.T) *eventstore.Eventstore
+		userEncryption          crypto.EncryptionAlgorithm
+		defaultSecretGenerators *SecretGenerators
 	}
 	type (
 		args struct {
@@ -2201,7 +2272,8 @@ func TestCommandSide_HumanSendOTPEmail(t *testing.T) {
 		{
 			name: "userid missing, invalid argument error",
 			fields: fields{
-				eventstore: expectEventstore(),
+				eventstore:              expectEventstore(),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -2218,6 +2290,7 @@ func TestCommandSide_HumanSendOTPEmail(t *testing.T) {
 				eventstore: expectEventstore(
 					expectFilter(),
 				),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -2270,7 +2343,52 @@ func TestCommandSide_HumanSendOTPEmail(t *testing.T) {
 						},
 					),
 				),
-				userEncryption: crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				userEncryption:          crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				defaultSecretGenerators: defaultGenerators,
+			},
+			args: args{
+				ctx:           ctx,
+				userID:        "user1",
+				resourceOwner: "org1",
+			},
+			res: res{
+				want: &domain.ObjectDetails{
+					ResourceOwner: "org1",
+				},
+			},
+		},
+		{
+			name: "successful add (without secret config)",
+			fields: fields{
+				eventstore: expectEventstore(
+					expectFilter(
+						eventFromEventPusher(
+							user.NewHumanOTPEmailAddedEvent(ctx,
+								&user.NewAggregate("user1", "org1").Aggregate,
+							),
+						),
+					),
+					expectFilter(),
+					expectPush(
+						[]*repository.Event{
+							eventFromEventPusherWithInstanceID("inst1",
+								user.NewHumanOTPEmailCodeAddedEvent(ctx,
+									&user.NewAggregate("user1", "org1").Aggregate,
+									&crypto.CryptoValue{
+										CryptoType: crypto.TypeEncryption,
+										Algorithm:  "enc",
+										KeyID:      "id",
+										Crypted:    []byte("12345678"),
+									},
+									time.Hour,
+									nil,
+								),
+							),
+						},
+					),
+				),
+				userEncryption:          crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -2333,7 +2451,8 @@ func TestCommandSide_HumanSendOTPEmail(t *testing.T) {
 						},
 					),
 				),
-				userEncryption: crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				userEncryption:          crypto.CreateMockEncryptionAlgWithCode(gomock.NewController(t), "12345678"),
+				defaultSecretGenerators: defaultGenerators,
 			},
 			args: args{
 				ctx:           ctx,
@@ -2359,8 +2478,9 @@ func TestCommandSide_HumanSendOTPEmail(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			r := &Commands{
-				eventstore:     tt.fields.eventstore(t),
-				userEncryption: tt.fields.userEncryption,
+				eventstore:              tt.fields.eventstore(t),
+				userEncryption:          tt.fields.userEncryption,
+				defaultSecretGenerators: tt.fields.defaultSecretGenerators,
 			}
 			err := r.HumanSendOTPEmail(tt.args.ctx, tt.args.userID, tt.args.resourceOwner, tt.args.authRequest)
 			assert.ErrorIs(t, err, tt.res.err)