fix: reactivate/deactivate idp, remove idp provider (#1348)

* fix: reactivate/deactivate idp, remove idp provider

* fix build

* fix(console): add jwt to selection, idp deactivate reactivate (#1347)

* fix: log error on idp change

* add jwt to method selection

Co-authored-by: Max Peintner <max@caos.ch>
This commit is contained in:
Fabi 2021-02-26 14:48:22 +01:00 committed by GitHub
parent 5333ef10c1
commit c8b9888427
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 61 additions and 28 deletions

View File

@ -5,6 +5,7 @@ import { MatPaginator, PageEvent } from '@angular/material/paginator';
import { MatTableDataSource } from '@angular/material/table';
import { RouterLink } from '@angular/router';
import { TranslateService } from '@ngx-translate/core';
import { Empty } from 'google-protobuf/google/protobuf/empty_pb';
import { BehaviorSubject, Observable } from 'rxjs';
import { IdpSearchResponse as AdminIdpSearchResponse, IdpState, IdpStylingType, IdpView as AdminIdpView } from 'src/app/proto/generated/admin_pb';
import { IdpProviderType, IdpView as MgmtIdpView } from 'src/app/proto/generated/management_pb';
@ -76,22 +77,28 @@ export class IdpTableComponent implements OnInit {
}
public deactivateSelectedIdps(): void {
this.selection.clear();
Promise.all(this.selection.selected.map(value => {
const map: Promise<Empty>[] = this.selection.selected.map(value => {
return this.service.DeactivateIdpConfig(value.id);
})).then(() => {
});
Promise.all(map).then(() => {
this.selection.clear();
this.toast.showInfo('IDP.TOAST.SELECTEDDEACTIVATED', true);
this.refreshPage();
}).catch(error => {
this.toast.showError(error);
});
}
public reactivateSelectedIdps(): void {
this.selection.clear();
Promise.all(this.selection.selected.map(value => {
const map: Promise<Empty>[] = this.selection.selected.map(value => {
return this.service.ReactivateIdpConfig(value.id);
})).then(() => {
});
Promise.all(map).then(() => {
this.selection.clear();
this.toast.showInfo('IDP.TOAST.SELECTEDREACTIVATED', true);
this.refreshPage();
}).catch(error => {
this.toast.showError(error);
});
}

View File

@ -222,7 +222,7 @@ export class LoginPolicyComponent implements OnDestroy {
switch (this.serviceType) {
case PolicyComponentServiceType.MGMT:
(this.service as ManagementService).RemoveIdpProviderFromLoginPolicy(idp.idpConfigId).then(() => {
const index = this.idps.findIndex(temp => temp === idp);
const index = (this.idps as MgmtIdpProviderView.AsObject[]).findIndex(temp => temp === idp);
if (index > -1) {
this.idps.splice(index, 1);
}
@ -230,7 +230,7 @@ export class LoginPolicyComponent implements OnDestroy {
break;
case PolicyComponentServiceType.ADMIN:
(this.service as AdminService).RemoveIdpProviderFromDefaultLoginPolicy(idp.idpConfigId).then(() => {
const index = this.idps.findIndex(temp => temp === idp);
const index = (this.idps as AdminIdpProviderView.AsObject[]).findIndex(temp => temp === idp);
if (index > -1) {
this.idps.splice(index, 1);
}

View File

@ -180,7 +180,7 @@
</cnsl-form-field>
<cnsl-form-field appearance="outline" class="formfield">
<cnsl-label>{{ 'APP.APPTYPE' | translate }}</cnsl-label>
<cnsl-label>{{ 'APP.TYPE' | translate }}</cnsl-label>
<mat-select formControlName="applicationType">
<mat-option *ngFor="let type of oidcAppTypes" [value]="type">
{{ 'APP.OIDC.APPTYPE.'+type | translate }}

View File

@ -77,6 +77,7 @@ export class AppDetailComponent implements OnInit, OnDestroy {
OIDCAuthMethodType.OIDCAUTHMETHODTYPE_BASIC,
OIDCAuthMethodType.OIDCAUTHMETHODTYPE_POST,
OIDCAuthMethodType.OIDCAUTHMETHODTYPE_NONE,
OIDCAuthMethodType.OIDCAUTHMETHODTYPE_PRIVATE_KEY_JWT,
];
public oidcTokenTypes: OIDCTokenType[] = [

View File

@ -90,6 +90,13 @@ func (i *IDPConfig) processIDPConfig(event *es_models.Event) (err error) {
return err
}
err = idp.AppendEvent(iam_model.IDPProviderTypeSystem, event)
case model.IDPConfigDeactivated,
model.IDPConfigReactivated:
idp, err = i.view.IDPConfigByID(idp.IDPConfigID)
if err != nil {
return err
}
err = idp.AppendEvent(iam_model.IDPProviderTypeSystem, event)
case model.IDPConfigRemoved:
err = idp.SetData(event)
if err != nil {

View File

@ -2,6 +2,7 @@ package management
import (
"context"
"github.com/caos/zitadel/internal/api/authz"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes/empty"
)
@ -60,7 +61,7 @@ func (s *Server) AddIdpProviderToLoginPolicy(ctx context.Context, provider *mana
}
func (s *Server) RemoveIdpProviderFromLoginPolicy(ctx context.Context, provider *management.IdpProviderID) (*empty.Empty, error) {
err := s.org.RemoveIDPProviderFromLoginPolicy(ctx, idpProviderToModel(provider))
err := s.org.RemoveIDPProviderFromLoginPolicy(ctx, idpProviderToModel(authz.GetCtxData(ctx).OrgID, provider))
return &empty.Empty{}, err
}

View File

@ -2,6 +2,7 @@ package management
import (
"github.com/caos/logging"
"github.com/caos/zitadel/internal/eventstore/models"
iam_model "github.com/caos/zitadel/internal/iam/model"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes"
@ -70,10 +71,12 @@ func idpProviderSearchResponseFromModel(response *iam_model.IDPProviderSearchRes
}
}
func idpProviderToModel(provider *management.IdpProviderID) *iam_model.IDPProvider {
func idpProviderToModel(orgID string, provider *management.IdpProviderID) *iam_model.IDPProvider {
return &iam_model.IDPProvider{
ObjectRoot: models.ObjectRoot{
AggregateID: orgID,
},
IdpConfigID: provider.IdpConfigId,
Type: iam_model.IDPProviderTypeSystem,
}
}
@ -110,7 +113,7 @@ func idpProviderViewFromModel(provider *iam_model.IDPProviderView) *management.I
return &management.IdpProviderView{
IdpConfigId: provider.IDPConfigID,
Name: provider.Name,
Type: idpConfigTypeToModel(provider.IDPConfigType),
Type: idpProviderTypeFromModel(provider.IDPProviderType),
}
}

View File

@ -95,6 +95,13 @@ func (i *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, eve
return err
}
err = idp.AppendEvent(providerType, event)
case model.IDPConfigDeactivated, iam_es_model.IDPConfigDeactivated,
model.IDPConfigReactivated, iam_es_model.IDPConfigReactivated:
idp, err = i.view.IDPConfigByID(idp.IDPConfigID)
if err != nil {
return err
}
err = idp.AppendEvent(providerType, event)
case model.IDPConfigRemoved, iam_es_model.IDPConfigRemoved:
err = idp.SetData(event)
if err != nil {

View File

@ -95,6 +95,13 @@ func (m *IDPConfig) processIdpConfig(providerType iam_model.IDPProviderType, eve
return err
}
err = idp.AppendEvent(providerType, event)
case model.IDPConfigDeactivated, iam_es_model.IDPConfigDeactivated,
model.IDPConfigReactivated, iam_es_model.IDPConfigReactivated:
idp, err = m.view.IDPConfigByID(idp.IDPConfigID)
if err != nil {
return err
}
err = idp.AppendEvent(providerType, event)
case model.IDPConfigRemoved, iam_es_model.IDPConfigRemoved:
err = idp.SetData(event)
if err != nil {

View File

@ -3426,7 +3426,7 @@ message LoginPolicyView {
message IdpProviderView {
string idp_config_id = 1;
string name = 2;
IdpType type = 3;
IdpProviderType type = 3;
}
enum IdpType {