feat(idp_table_relational): adding inital idp tables for relational repository

backend/v3/domain/id_provider.go

@@ -0,0 +1,164 @@
+package domain
+
+import (
+	"context"
+	"time"
+
+	"github.com/zitadel/zitadel/backend/v3/storage/database"
+	"github.com/zitadel/zitadel/internal/crypto"
+)
+
+//go:generate enumer -type IDPType -transform lower -trimprefix IDPType
+type IDPType uint8
+
+const (
+	IDPTypeUnspecified IDPType = iota
+	IDPTypeOIDC
+	IDPTypeJWT
+	IDPTypeOAuth
+	IDPTypeLDAP
+	IDPTypeAzureAD
+	IDPTypeGitHub
+	IDPTypeGitHubEnterprise
+	IDPTypeGitLab
+	IDPTypeGitLabSelfHosted
+	IDPTypeGoogle
+	IDPTypeApple
+	IDPTypeSAML
+)
+
+//go:generate enumer -type IDPState -transform lower -trimprefix IDPState
+type IDPState uint8
+
+const (
+	IDPStateActive IDPState = iota
+	IDPStateInactive
+)
+
+type OIDCMappingField int8
+
+const (
+	OIDCMappingFieldUnspecified OIDCMappingField = iota
+	OIDCMappingFieldPreferredLoginName
+	OIDCMappingFieldEmail
+	// count is for validation purposes
+	oidcMappingFieldCount
+)
+
+type IdentityProvider struct {
+	InstanceID        string    `json:"instanceId,omitempty" db:"instance_id"`
+	OrgID             *string   `json:"orgId,omitempty" db:"org_id"`
+	ID                string    `json:"id,omitempty" db:"id"`
+	State             string    `json:"state,omitempty" db:"state"`
+	Name              string    `json:"name,omitempty" db:"name"`
+	Type              string    `json:"type,omitempty" db:"type"`
+	AllowCreation     bool      `json:"allowCreation,omitempty" db:"allow_creation"`
+	AutoRegister      bool      `json:"autoRegister,omitempty" db:"auto_register"`
+	AllowAutoCreation bool      `json:"allowAutoCreation,omitempty" db:"allow_auto_creation"`
+	AllowAutoUpdate   bool      `json:"allowAutoUpdate,omitempty" db:"allow_auto_update"`
+	AllowLinking      bool      `json:"allowLinking,omitempty" db:"allow_linking"`
+	AllowAutoLinking  bool      `json:"allowAutoLinking,omitempty" db:"allow_auto_linking"`
+	StylingType       int16     `json:"stylingType,omitempty" db:"styling_type"`
+	Payload           *string   `json:"payload,omitempty" db:"payload"`
+	CreatedAt         time.Time `json:"createdAt,omitempty" db:"created_at"`
+	UpdatedAt         time.Time `json:"updatedAt,omitempty" db:"updated_at"`
+}
+
+type OIDC struct {
+	IDPConfigID           string             `json:"idpConfigId"`
+	ClientID              string             `json:"clientId,omitempty"`
+	ClientSecret          crypto.CryptoValue `json:"clientSecret,omitempty"`
+	Issuer                string             `json:"issuer,omitempty"`
+	AuthorizationEndpoint string             `json:"authorizationEndpoint,omitempty"`
+	TokenEndpoint         string             `json:"tokenEndpoint,omitempty"`
+	Scopes                []string           `json:"scopes,omitempty"`
+	IDPDisplayNameMapping OIDCMappingField   `json:"IDPDisplayNameMapping,omitempty"`
+	UserNameMapping       OIDCMappingField   `json:"usernameMapping,omitempty"`
+}
+
+type IDPOIDC struct {
+	*IdentityProvider
+	OIDC
+}
+
+type JWT struct {
+	IDPConfigID  string `json:"idpConfigId"`
+	JWTEndpoint  string `json:"jwtEndpoint,omitempty"`
+	Issuer       string `json:"issuer,omitempty"`
+	KeysEndpoint string `json:"keysEndpoint,omitempty"`
+	HeaderName   string `json:"headerName,omitempty"`
+}
+
+type IDPJWT struct {
+	*IdentityProvider
+	JWT
+}
+
+// IDPIdentifierCondition is used to help specify a single identity_provider,
+// it will either be used as the  identity_provider ID or identity_provider name,
+// as identity_provider can be identified either using (instanceID + OrgID + ID) OR (instanceID + OrgID + name)
+type IDPIdentifierCondition interface {
+	database.Condition
+}
+
+type idProviderColumns interface {
+	InstanceIDColumn() database.Column
+	OrgIDColumn() database.Column
+	IDColumn() database.Column
+	StateColumn() database.Column
+	NameColumn() database.Column
+	TypeColumn() database.Column
+	AllowCreationColumn() database.Column
+	AutoRegisterColumn() database.Column
+	AllowAutoCreationColumn() database.Column
+	AllowAutoUpdateColumn() database.Column
+	AllowLinkingColumn() database.Column
+	AllowAutoLinkingColumn() database.Column
+	StylingTypeColumn() database.Column
+	PayloadColumn() database.Column
+	CreatedAtColumn() database.Column
+	UpdatedAtColumn() database.Column
+}
+
+type idProviderConditions interface {
+	InstanceIDCondition(id string) database.Condition
+	OrgIDCondition(id *string) database.Condition
+	IDCondition(id string) IDPIdentifierCondition
+	StateCondition(state IDPState) database.Condition
+	NameCondition(name string) IDPIdentifierCondition
+	TypeCondition(typee IDPType) database.Condition
+	AutoRegisterCondition(allow bool) database.Condition
+	AllowCreationCondition(allow bool) database.Condition
+	AllowAutoCreationCondition(allow bool) database.Condition
+	AllowAutoUpdateCondition(allow bool) database.Condition
+	AllowLinkingCondition(allow bool) database.Condition
+	AllowAutoLinkingCondition(allow bool) database.Condition
+	StylingTypeCondition(style int16) database.Condition
+	PayloadCondition(payload string) database.Condition
+}
+
+type idProviderChanges interface {
+	SetName(name string) database.Change
+	SetState(state IDPState) database.Change
+	SetAllowCreation(allow bool) database.Change
+	SetAutoRegister(allow bool) database.Change
+	SetAllowAutoCreation(allow bool) database.Change
+	SetAllowAutoUpdate(allow bool) database.Change
+	SetAllowLinking(allow bool) database.Change
+	SetAutoAllowLinking(allow bool) database.Change
+	SetStylingType(stylingType int16) database.Change
+	SetPayload(payload string) database.Change
+}
+
+type IDProviderRepository interface {
+	idProviderColumns
+	idProviderConditions
+	idProviderChanges
+
+	Get(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string) (*IdentityProvider, error)
+	List(ctx context.Context, conditions ...database.Condition) ([]*IdentityProvider, error)
+
+	Create(ctx context.Context, idp *IdentityProvider) error
+	Update(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string, changes ...database.Change) (int64, error)
+	Delete(ctx context.Context, id IDPIdentifierCondition, instanceID string, orgID *string) (int64, error)
+}

backend/v3/domain/idpstate_enumer.go

@@ -0,0 +1,78 @@
+// Code generated by "enumer -type IDPState -transform lower -trimprefix IDPState"; DO NOT EDIT.
+
+package domain
+
+import (
+	"fmt"
+	"strings"
+)
+
+const _IDPStateName = "activeinactive"
+
+var _IDPStateIndex = [...]uint8{0, 6, 14}
+
+const _IDPStateLowerName = "activeinactive"
+
+func (i IDPState) String() string {
+	if i >= IDPState(len(_IDPStateIndex)-1) {
+		return fmt.Sprintf("IDPState(%d)", i)
+	}
+	return _IDPStateName[_IDPStateIndex[i]:_IDPStateIndex[i+1]]
+}
+
+// An "invalid array index" compiler error signifies that the constant values have changed.
+// Re-run the stringer command to generate them again.
+func _IDPStateNoOp() {
+	var x [1]struct{}
+	_ = x[IDPStateActive-(0)]
+	_ = x[IDPStateInactive-(1)]
+}
+
+var _IDPStateValues = []IDPState{IDPStateActive, IDPStateInactive}
+
+var _IDPStateNameToValueMap = map[string]IDPState{
+	_IDPStateName[0:6]:       IDPStateActive,
+	_IDPStateLowerName[0:6]:  IDPStateActive,
+	_IDPStateName[6:14]:      IDPStateInactive,
+	_IDPStateLowerName[6:14]: IDPStateInactive,
+}
+
+var _IDPStateNames = []string{
+	_IDPStateName[0:6],
+	_IDPStateName[6:14],
+}
+
+// IDPStateString retrieves an enum value from the enum constants string name.
+// Throws an error if the param is not part of the enum.
+func IDPStateString(s string) (IDPState, error) {
+	if val, ok := _IDPStateNameToValueMap[s]; ok {
+		return val, nil
+	}
+
+	if val, ok := _IDPStateNameToValueMap[strings.ToLower(s)]; ok {
+		return val, nil
+	}
+	return 0, fmt.Errorf("%s does not belong to IDPState values", s)
+}
+
+// IDPStateValues returns all values of the enum
+func IDPStateValues() []IDPState {
+	return _IDPStateValues
+}
+
+// IDPStateStrings returns a slice of all String values of the enum
+func IDPStateStrings() []string {
+	strs := make([]string, len(_IDPStateNames))
+	copy(strs, _IDPStateNames)
+	return strs
+}
+
+// IsAIDPState returns "true" if the value is listed in the enum definition. "false" otherwise
+func (i IDPState) IsAIDPState() bool {
+	for _, v := range _IDPStateValues {
+		if i == v {
+			return true
+		}
+	}
+	return false
+}

backend/v3/domain/idptype_enumer.go

@@ -0,0 +1,122 @@
+// Code generated by "enumer -type IDPType -transform lower -trimprefix IDPType"; DO NOT EDIT.
+
+package domain
+
+import (
+	"fmt"
+	"strings"
+)
+
+const _IDPTypeName = "unspecifiedoidcjwtoauthldapazureadgithubgithubenterprisegitlabgitlabselfhostedgoogleapplesaml"
+
+var _IDPTypeIndex = [...]uint8{0, 11, 15, 18, 23, 27, 34, 40, 56, 62, 78, 84, 89, 93}
+
+const _IDPTypeLowerName = "unspecifiedoidcjwtoauthldapazureadgithubgithubenterprisegitlabgitlabselfhostedgoogleapplesaml"
+
+func (i IDPType) String() string {
+	if i >= IDPType(len(_IDPTypeIndex)-1) {
+		return fmt.Sprintf("IDPType(%d)", i)
+	}
+	return _IDPTypeName[_IDPTypeIndex[i]:_IDPTypeIndex[i+1]]
+}
+
+// An "invalid array index" compiler error signifies that the constant values have changed.
+// Re-run the stringer command to generate them again.
+func _IDPTypeNoOp() {
+	var x [1]struct{}
+	_ = x[IDPTypeUnspecified-(0)]
+	_ = x[IDPTypeOIDC-(1)]
+	_ = x[IDPTypeJWT-(2)]
+	_ = x[IDPTypeOAuth-(3)]
+	_ = x[IDPTypeLDAP-(4)]
+	_ = x[IDPTypeAzureAD-(5)]
+	_ = x[IDPTypeGitHub-(6)]
+	_ = x[IDPTypeGitHubEnterprise-(7)]
+	_ = x[IDPTypeGitLab-(8)]
+	_ = x[IDPTypeGitLabSelfHosted-(9)]
+	_ = x[IDPTypeGoogle-(10)]
+	_ = x[IDPTypeApple-(11)]
+	_ = x[IDPTypeSAML-(12)]
+}
+
+var _IDPTypeValues = []IDPType{IDPTypeUnspecified, IDPTypeOIDC, IDPTypeJWT, IDPTypeOAuth, IDPTypeLDAP, IDPTypeAzureAD, IDPTypeGitHub, IDPTypeGitHubEnterprise, IDPTypeGitLab, IDPTypeGitLabSelfHosted, IDPTypeGoogle, IDPTypeApple, IDPTypeSAML}
+
+var _IDPTypeNameToValueMap = map[string]IDPType{
+	_IDPTypeName[0:11]:       IDPTypeUnspecified,
+	_IDPTypeLowerName[0:11]:  IDPTypeUnspecified,
+	_IDPTypeName[11:15]:      IDPTypeOIDC,
+	_IDPTypeLowerName[11:15]: IDPTypeOIDC,
+	_IDPTypeName[15:18]:      IDPTypeJWT,
+	_IDPTypeLowerName[15:18]: IDPTypeJWT,
+	_IDPTypeName[18:23]:      IDPTypeOAuth,
+	_IDPTypeLowerName[18:23]: IDPTypeOAuth,
+	_IDPTypeName[23:27]:      IDPTypeLDAP,
+	_IDPTypeLowerName[23:27]: IDPTypeLDAP,
+	_IDPTypeName[27:34]:      IDPTypeAzureAD,
+	_IDPTypeLowerName[27:34]: IDPTypeAzureAD,
+	_IDPTypeName[34:40]:      IDPTypeGitHub,
+	_IDPTypeLowerName[34:40]: IDPTypeGitHub,
+	_IDPTypeName[40:56]:      IDPTypeGitHubEnterprise,
+	_IDPTypeLowerName[40:56]: IDPTypeGitHubEnterprise,
+	_IDPTypeName[56:62]:      IDPTypeGitLab,
+	_IDPTypeLowerName[56:62]: IDPTypeGitLab,
+	_IDPTypeName[62:78]:      IDPTypeGitLabSelfHosted,
+	_IDPTypeLowerName[62:78]: IDPTypeGitLabSelfHosted,
+	_IDPTypeName[78:84]:      IDPTypeGoogle,
+	_IDPTypeLowerName[78:84]: IDPTypeGoogle,
+	_IDPTypeName[84:89]:      IDPTypeApple,
+	_IDPTypeLowerName[84:89]: IDPTypeApple,
+	_IDPTypeName[89:93]:      IDPTypeSAML,
+	_IDPTypeLowerName[89:93]: IDPTypeSAML,
+}
+
+var _IDPTypeNames = []string{
+	_IDPTypeName[0:11],
+	_IDPTypeName[11:15],
+	_IDPTypeName[15:18],
+	_IDPTypeName[18:23],
+	_IDPTypeName[23:27],
+	_IDPTypeName[27:34],
+	_IDPTypeName[34:40],
+	_IDPTypeName[40:56],
+	_IDPTypeName[56:62],
+	_IDPTypeName[62:78],
+	_IDPTypeName[78:84],
+	_IDPTypeName[84:89],
+	_IDPTypeName[89:93],
+}
+
+// IDPTypeString retrieves an enum value from the enum constants string name.
+// Throws an error if the param is not part of the enum.
+func IDPTypeString(s string) (IDPType, error) {
+	if val, ok := _IDPTypeNameToValueMap[s]; ok {
+		return val, nil
+	}
+
+	if val, ok := _IDPTypeNameToValueMap[strings.ToLower(s)]; ok {
+		return val, nil
+	}
+	return 0, fmt.Errorf("%s does not belong to IDPType values", s)
+}
+
+// IDPTypeValues returns all values of the enum
+func IDPTypeValues() []IDPType {
+	return _IDPTypeValues
+}
+
+// IDPTypeStrings returns a slice of all String values of the enum
+func IDPTypeStrings() []string {
+	strs := make([]string, len(_IDPTypeNames))
+	copy(strs, _IDPTypeNames)
+	return strs
+}
+
+// IsAIDPType returns "true" if the value is listed in the enum definition. "false" otherwise
+func (i IDPType) IsAIDPType() bool {
+	for _, v := range _IDPTypeValues {
+		if i == v {
+			return true
+		}
+	}
+	return false
+}

backend/v3/domain/instance.go

@@ -84,7 +84,7 @@ type InstanceRepository interface {
 	// Member() MemberRepository
 
 	Get(ctx context.Context, id string) (*Instance, error)
-	List(ctx context.Context, opts ...database.Condition) ([]*Instance, error)
+	List(ctx context.Context, conditions ...database.Condition) ([]*Instance, error)
 
 	Create(ctx context.Context, instance *Instance) error
 	Update(ctx context.Context, id string, changes ...database.Change) (int64, error)

backend/v3/domain/organization.go

@@ -37,7 +37,7 @@ type organizationColumns interface {
 	IDColumn() database.Column
 	// NameColumn returns the column for the name field.
 	NameColumn() database.Column
-	// InstanceIDColumn returns the column for the default org id field
+	// InstanceIDColumn returns the column for the instance id field
 	InstanceIDColumn() database.Column
 	// StateColumn returns the column for the name field.
 	StateColumn() database.Column

backend/v3/domain/orgstate_enumer.go

@@ -14,7 +14,7 @@ var _OrgStateIndex = [...]uint8{0, 6, 14}
 const _OrgStateLowerName = "activeinactive"
 
 func (i OrgState) String() string {
-	if i < 0 || i >= OrgState(len(_OrgStateIndex)-1) {
+	if i >= OrgState(len(_OrgStateIndex)-1) {
 		return fmt.Sprintf("OrgState(%d)", i)
 	}
 	return _OrgStateName[_OrgStateIndex[i]:_OrgStateIndex[i+1]]