mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 01:47:33 +00:00
feat: idp and login policy configurations (#619)
* feat: oidc config * fix: oidc configurations * feat: oidc idp config * feat: add oidc config test * fix: tests * fix: tests * feat: translate new events * feat: idp eventstore * feat: idp eventstore * fix: tests * feat: command side idp * feat: query side idp * feat: idp config on org * fix: tests * feat: authz idp on org * feat: org idps * feat: login policy * feat: login policy * feat: login policy * feat: add idp func on login policy * feat: add validation to loginpolicy and idp provider * feat: add default login policy * feat: login policy on org * feat: login policy on org * fix: id config handlers * fix: id config handlers * fix: create idp on org * fix: create idp on org * fix: not existing idp config * fix: default login policy * fix: add login policy on org * fix: idp provider search on org * fix: test * fix: remove idp on org * fix: test * fix: test * fix: remove admin idp * fix: logo src as byte * fix: migration * fix: tests * Update internal/iam/repository/eventsourcing/iam.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/iam/repository/eventsourcing/iam_test.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/iam/repository/eventsourcing/iam_test.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/iam/repository/eventsourcing/model/login_policy.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/iam/repository/eventsourcing/model/login_policy.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/org/repository/eventsourcing/org_test.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/iam/repository/eventsourcing/model/login_policy_test.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * Update internal/iam/repository/eventsourcing/model/login_policy_test.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix: pr comments * fix: tests * Update types.go * fix: merge request changes * fix: reduce optimization Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi
@@ -9,45 +9,57 @@ import (
|
||||
)
|
||||
|
||||
const (
|
||||
IamVersion = "v1"
|
||||
IAMVersion = "v1"
|
||||
)
|
||||
|
||||
type Iam struct {
|
||||
type IAM struct {
|
||||
es_models.ObjectRoot
|
||||
SetUpStarted bool `json:"-"`
|
||||
SetUpDone bool `json:"-"`
|
||||
GlobalOrgID string `json:"globalOrgId,omitempty"`
|
||||
IamProjectID string `json:"iamProjectId,omitempty"`
|
||||
Members []*IamMember `json:"-"`
|
||||
SetUpStarted bool `json:"-"`
|
||||
SetUpDone bool `json:"-"`
|
||||
GlobalOrgID string `json:"globalOrgId,omitempty"`
|
||||
IAMProjectID string `json:"iamProjectId,omitempty"`
|
||||
Members []*IAMMember `json:"-"`
|
||||
IDPs []*IDPConfig `json:"-"`
|
||||
DefaultLoginPolicy *LoginPolicy `json:"-"`
|
||||
}
|
||||
|
||||
func IamFromModel(iam *model.Iam) *Iam {
|
||||
members := IamMembersFromModel(iam.Members)
|
||||
converted := &Iam{
|
||||
func IAMFromModel(iam *model.IAM) *IAM {
|
||||
members := IAMMembersFromModel(iam.Members)
|
||||
idps := IDPConfigsFromModel(iam.IDPs)
|
||||
converted := &IAM{
|
||||
ObjectRoot: iam.ObjectRoot,
|
||||
SetUpStarted: iam.SetUpStarted,
|
||||
SetUpDone: iam.SetUpDone,
|
||||
GlobalOrgID: iam.GlobalOrgID,
|
||||
IamProjectID: iam.IamProjectID,
|
||||
IAMProjectID: iam.IAMProjectID,
|
||||
Members: members,
|
||||
IDPs: idps,
|
||||
}
|
||||
if iam.DefaultLoginPolicy != nil {
|
||||
converted.DefaultLoginPolicy = LoginPolicyFromModel(iam.DefaultLoginPolicy)
|
||||
}
|
||||
return converted
|
||||
}
|
||||
|
||||
func IamToModel(iam *Iam) *model.Iam {
|
||||
members := IamMembersToModel(iam.Members)
|
||||
converted := &model.Iam{
|
||||
func IAMToModel(iam *IAM) *model.IAM {
|
||||
members := IAMMembersToModel(iam.Members)
|
||||
idps := IDPConfigsToModel(iam.IDPs)
|
||||
converted := &model.IAM{
|
||||
ObjectRoot: iam.ObjectRoot,
|
||||
SetUpStarted: iam.SetUpStarted,
|
||||
SetUpDone: iam.SetUpDone,
|
||||
GlobalOrgID: iam.GlobalOrgID,
|
||||
IamProjectID: iam.IamProjectID,
|
||||
IAMProjectID: iam.IAMProjectID,
|
||||
Members: members,
|
||||
IDPs: idps,
|
||||
}
|
||||
if iam.DefaultLoginPolicy != nil {
|
||||
converted.DefaultLoginPolicy = LoginPolicyToModel(iam.DefaultLoginPolicy)
|
||||
}
|
||||
return converted
|
||||
}
|
||||
|
||||
func (i *Iam) AppendEvents(events ...*es_models.Event) error {
|
||||
func (i *IAM) AppendEvents(events ...*es_models.Event) error {
|
||||
for _, event := range events {
|
||||
if err := i.AppendEvent(event); err != nil {
|
||||
return err
|
||||
@@ -56,27 +68,50 @@ func (i *Iam) AppendEvents(events ...*es_models.Event) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (i *Iam) AppendEvent(event *es_models.Event) (err error) {
|
||||
func (i *IAM) AppendEvent(event *es_models.Event) (err error) {
|
||||
i.ObjectRoot.AppendEvent(event)
|
||||
switch event.Type {
|
||||
case IamSetupStarted:
|
||||
case IAMSetupStarted:
|
||||
i.SetUpStarted = true
|
||||
case IamSetupDone:
|
||||
case IAMSetupDone:
|
||||
i.SetUpDone = true
|
||||
case IamProjectSet,
|
||||
case IAMProjectSet,
|
||||
GlobalOrgSet:
|
||||
err = i.SetData(event)
|
||||
case IamMemberAdded:
|
||||
case IAMMemberAdded:
|
||||
err = i.appendAddMemberEvent(event)
|
||||
case IamMemberChanged:
|
||||
case IAMMemberChanged:
|
||||
err = i.appendChangeMemberEvent(event)
|
||||
case IamMemberRemoved:
|
||||
case IAMMemberRemoved:
|
||||
err = i.appendRemoveMemberEvent(event)
|
||||
case IDPConfigAdded:
|
||||
return i.appendAddIDPConfigEvent(event)
|
||||
case IDPConfigChanged:
|
||||
return i.appendChangeIDPConfigEvent(event)
|
||||
case IDPConfigRemoved:
|
||||
return i.appendRemoveIDPConfigEvent(event)
|
||||
case IDPConfigDeactivated:
|
||||
return i.appendIDPConfigStateEvent(event, model.IDPConfigStateInactive)
|
||||
case IDPConfigReactivated:
|
||||
return i.appendIDPConfigStateEvent(event, model.IDPConfigStateActive)
|
||||
case OIDCIDPConfigAdded:
|
||||
return i.appendAddOIDCIDPConfigEvent(event)
|
||||
case OIDCIDPConfigChanged:
|
||||
return i.appendChangeOIDCIDPConfigEvent(event)
|
||||
case LoginPolicyAdded:
|
||||
return i.appendAddLoginPolicyEvent(event)
|
||||
case LoginPolicyChanged:
|
||||
return i.appendChangeLoginPolicyEvent(event)
|
||||
case LoginPolicyIDPProviderAdded:
|
||||
return i.appendAddIDPProviderToLoginPolicyEvent(event)
|
||||
case LoginPolicyIDPProviderRemoved:
|
||||
return i.appendRemoveIDPProviderFromLoginPolicyEvent(event)
|
||||
}
|
||||
|
||||
return err
|
||||
}
|
||||
|
||||
func (i *Iam) SetData(event *es_models.Event) error {
|
||||
func (i *IAM) SetData(event *es_models.Event) error {
|
||||
i.ObjectRoot.AppendEvent(event)
|
||||
if err := json.Unmarshal(event.Data, i); err != nil {
|
||||
logging.Log("EVEN-9sie4").WithError(err).Error("could not unmarshal event data")
|
||||
|
||||
@@ -7,13 +7,13 @@ import (
|
||||
"github.com/caos/zitadel/internal/iam/model"
|
||||
)
|
||||
|
||||
type IamMember struct {
|
||||
type IAMMember struct {
|
||||
es_models.ObjectRoot
|
||||
UserID string `json:"userId,omitempty"`
|
||||
Roles []string `json:"roles,omitempty"`
|
||||
}
|
||||
|
||||
func GetIamMember(members []*IamMember, id string) (int, *IamMember) {
|
||||
func GetIAMMember(members []*IAMMember, id string) (int, *IAMMember) {
|
||||
for i, m := range members {
|
||||
if m.UserID == id {
|
||||
return i, m
|
||||
@@ -22,40 +22,40 @@ func GetIamMember(members []*IamMember, id string) (int, *IamMember) {
|
||||
return -1, nil
|
||||
}
|
||||
|
||||
func IamMembersToModel(members []*IamMember) []*model.IamMember {
|
||||
convertedMembers := make([]*model.IamMember, len(members))
|
||||
func IAMMembersToModel(members []*IAMMember) []*model.IAMMember {
|
||||
convertedMembers := make([]*model.IAMMember, len(members))
|
||||
for i, m := range members {
|
||||
convertedMembers[i] = IamMemberToModel(m)
|
||||
convertedMembers[i] = IAMMemberToModel(m)
|
||||
}
|
||||
return convertedMembers
|
||||
}
|
||||
|
||||
func IamMembersFromModel(members []*model.IamMember) []*IamMember {
|
||||
convertedMembers := make([]*IamMember, len(members))
|
||||
func IAMMembersFromModel(members []*model.IAMMember) []*IAMMember {
|
||||
convertedMembers := make([]*IAMMember, len(members))
|
||||
for i, m := range members {
|
||||
convertedMembers[i] = IamMemberFromModel(m)
|
||||
convertedMembers[i] = IAMMemberFromModel(m)
|
||||
}
|
||||
return convertedMembers
|
||||
}
|
||||
|
||||
func IamMemberFromModel(member *model.IamMember) *IamMember {
|
||||
return &IamMember{
|
||||
func IAMMemberFromModel(member *model.IAMMember) *IAMMember {
|
||||
return &IAMMember{
|
||||
ObjectRoot: member.ObjectRoot,
|
||||
UserID: member.UserID,
|
||||
Roles: member.Roles,
|
||||
}
|
||||
}
|
||||
|
||||
func IamMemberToModel(member *IamMember) *model.IamMember {
|
||||
return &model.IamMember{
|
||||
func IAMMemberToModel(member *IAMMember) *model.IAMMember {
|
||||
return &model.IAMMember{
|
||||
ObjectRoot: member.ObjectRoot,
|
||||
UserID: member.UserID,
|
||||
Roles: member.Roles,
|
||||
}
|
||||
}
|
||||
|
||||
func (iam *Iam) appendAddMemberEvent(event *es_models.Event) error {
|
||||
member := &IamMember{}
|
||||
func (iam *IAM) appendAddMemberEvent(event *es_models.Event) error {
|
||||
member := &IAMMember{}
|
||||
err := member.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
@@ -65,25 +65,25 @@ func (iam *Iam) appendAddMemberEvent(event *es_models.Event) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *Iam) appendChangeMemberEvent(event *es_models.Event) error {
|
||||
member := &IamMember{}
|
||||
func (iam *IAM) appendChangeMemberEvent(event *es_models.Event) error {
|
||||
member := &IAMMember{}
|
||||
err := member.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if i, m := GetIamMember(iam.Members, member.UserID); m != nil {
|
||||
if i, m := GetIAMMember(iam.Members, member.UserID); m != nil {
|
||||
iam.Members[i] = member
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *Iam) appendRemoveMemberEvent(event *es_models.Event) error {
|
||||
member := &IamMember{}
|
||||
func (iam *IAM) appendRemoveMemberEvent(event *es_models.Event) error {
|
||||
member := &IAMMember{}
|
||||
err := member.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if i, m := GetIamMember(iam.Members, member.UserID); m != nil {
|
||||
if i, m := GetIAMMember(iam.Members, member.UserID); m != nil {
|
||||
iam.Members[i] = iam.Members[len(iam.Members)-1]
|
||||
iam.Members[len(iam.Members)-1] = nil
|
||||
iam.Members = iam.Members[:len(iam.Members)-1]
|
||||
@@ -91,7 +91,7 @@ func (iam *Iam) appendRemoveMemberEvent(event *es_models.Event) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func (m *IamMember) SetData(event *es_models.Event) error {
|
||||
func (m *IAMMember) SetData(event *es_models.Event) error {
|
||||
m.ObjectRoot.AppendEvent(event)
|
||||
if err := json.Unmarshal(event.Data, m); err != nil {
|
||||
logging.Log("EVEN-e4dkp").WithError(err).Error("could not unmarshal event data")
|
||||
|
||||
@@ -8,23 +8,23 @@ import (
|
||||
|
||||
func TestAppendAddMemberEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *Iam
|
||||
member *IamMember
|
||||
iam *IAM
|
||||
member *IAMMember
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *Iam
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append add member event",
|
||||
args: args{
|
||||
iam: &Iam{},
|
||||
member: &IamMember{UserID: "UserID", Roles: []string{"Role"}},
|
||||
iam: &IAM{},
|
||||
member: &IAMMember{UserID: "UserID", Roles: []string{"Role"}},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"Role"}}}},
|
||||
result: &IAM{Members: []*IAMMember{&IAMMember{UserID: "UserID", Roles: []string{"Role"}}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
@@ -46,23 +46,23 @@ func TestAppendAddMemberEvent(t *testing.T) {
|
||||
|
||||
func TestAppendChangeMemberEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *Iam
|
||||
member *IamMember
|
||||
iam *IAM
|
||||
member *IAMMember
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *Iam
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append change member event",
|
||||
args: args{
|
||||
iam: &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"Role"}}}},
|
||||
member: &IamMember{UserID: "UserID", Roles: []string{"ChangedRole"}},
|
||||
iam: &IAM{Members: []*IAMMember{&IAMMember{UserID: "UserID", Roles: []string{"Role"}}}},
|
||||
member: &IAMMember{UserID: "UserID", Roles: []string{"ChangedRole"}},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"ChangedRole"}}}},
|
||||
result: &IAM{Members: []*IAMMember{&IAMMember{UserID: "UserID", Roles: []string{"ChangedRole"}}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
@@ -84,23 +84,23 @@ func TestAppendChangeMemberEvent(t *testing.T) {
|
||||
|
||||
func TestAppendRemoveMemberEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *Iam
|
||||
member *IamMember
|
||||
iam *IAM
|
||||
member *IAMMember
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *Iam
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append remove member event",
|
||||
args: args{
|
||||
iam: &Iam{Members: []*IamMember{&IamMember{UserID: "UserID", Roles: []string{"Role"}}}},
|
||||
member: &IamMember{UserID: "UserID"},
|
||||
iam: &IAM{Members: []*IAMMember{&IAMMember{UserID: "UserID", Roles: []string{"Role"}}}},
|
||||
member: &IAMMember{UserID: "UserID"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &Iam{Members: []*IamMember{}},
|
||||
result: &IAM{Members: []*IAMMember{}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
|
||||
@@ -6,7 +6,7 @@ import (
|
||||
"testing"
|
||||
)
|
||||
|
||||
func mockIamData(iam *Iam) []byte {
|
||||
func mockIamData(iam *IAM) []byte {
|
||||
data, _ := json.Marshal(iam)
|
||||
return data
|
||||
}
|
||||
@@ -14,44 +14,44 @@ func mockIamData(iam *Iam) []byte {
|
||||
func TestProjectRoleAppendEvent(t *testing.T) {
|
||||
type args struct {
|
||||
event *es_models.Event
|
||||
iam *Iam
|
||||
iam *IAM
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *Iam
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append set up start event",
|
||||
args: args{
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IamSetupStarted, ResourceOwner: "OrgID"},
|
||||
iam: &Iam{},
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IAMSetupStarted, ResourceOwner: "OrgID"},
|
||||
iam: &IAM{},
|
||||
},
|
||||
result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
result: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
},
|
||||
{
|
||||
name: "append set up done event",
|
||||
args: args{
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IamSetupDone, ResourceOwner: "OrgID"},
|
||||
iam: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IAMSetupDone, ResourceOwner: "OrgID"},
|
||||
iam: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
},
|
||||
result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, SetUpDone: true},
|
||||
result: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, SetUpDone: true},
|
||||
},
|
||||
{
|
||||
name: "append globalorg event",
|
||||
args: args{
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: GlobalOrgSet, ResourceOwner: "OrgID", Data: mockIamData(&Iam{GlobalOrgID: "GlobalOrg"})},
|
||||
iam: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: GlobalOrgSet, ResourceOwner: "OrgID", Data: mockIamData(&IAM{GlobalOrgID: "GlobalOrg"})},
|
||||
iam: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
},
|
||||
result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, GlobalOrgID: "GlobalOrg"},
|
||||
result: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, GlobalOrgID: "GlobalOrg"},
|
||||
},
|
||||
{
|
||||
name: "append iamproject event",
|
||||
args: args{
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IamProjectSet, ResourceOwner: "OrgID", Data: mockIamData(&Iam{IamProjectID: "IamProject"})},
|
||||
iam: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
event: &es_models.Event{AggregateID: "AggregateID", Sequence: 1, Type: IAMProjectSet, ResourceOwner: "OrgID", Data: mockIamData(&IAM{IAMProjectID: "IamProject"})},
|
||||
iam: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true},
|
||||
},
|
||||
result: &Iam{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, IamProjectID: "IamProject"},
|
||||
result: &IAM{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID"}, SetUpStarted: true, IAMProjectID: "IamProject"},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
@@ -66,8 +66,8 @@ func TestProjectRoleAppendEvent(t *testing.T) {
|
||||
if tt.args.iam.GlobalOrgID != tt.result.GlobalOrgID {
|
||||
t.Errorf("got wrong result GlobalOrgID: expected: %v, actual: %v ", tt.result.GlobalOrgID, tt.args.iam.GlobalOrgID)
|
||||
}
|
||||
if tt.args.iam.IamProjectID != tt.result.IamProjectID {
|
||||
t.Errorf("got wrong result IamProjectID: expected: %v, actual: %v ", tt.result.IamProjectID, tt.args.iam.IamProjectID)
|
||||
if tt.args.iam.IAMProjectID != tt.result.IAMProjectID {
|
||||
t.Errorf("got wrong result IAMProjectID: expected: %v, actual: %v ", tt.result.IAMProjectID, tt.args.iam.IAMProjectID)
|
||||
}
|
||||
})
|
||||
}
|
||||
|
||||
151
internal/iam/repository/eventsourcing/model/idp_config.go
Normal file
151
internal/iam/repository/eventsourcing/model/idp_config.go
Normal file
@@ -0,0 +1,151 @@
|
||||
package model
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"encoding/json"
|
||||
"github.com/caos/logging"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/model"
|
||||
)
|
||||
|
||||
type IDPConfig struct {
|
||||
es_models.ObjectRoot
|
||||
IDPConfigID string `json:"idpConfigId"`
|
||||
State int32 `json:"-"`
|
||||
Name string `json:"name,omitempty"`
|
||||
Type int32 `json:"idpType,omitempty"`
|
||||
LogoSrc []byte `json:"logoSrc,omitempty"`
|
||||
OIDCIDPConfig *OIDCIDPConfig `json:"-"`
|
||||
}
|
||||
|
||||
type IDPConfigID struct {
|
||||
es_models.ObjectRoot
|
||||
IDPConfigID string `json:"idpConfigId"`
|
||||
}
|
||||
|
||||
func GetIDPConfig(idps []*IDPConfig, id string) (int, *IDPConfig) {
|
||||
for i, idp := range idps {
|
||||
if idp.IDPConfigID == id {
|
||||
return i, idp
|
||||
}
|
||||
}
|
||||
return -1, nil
|
||||
}
|
||||
|
||||
func (c *IDPConfig) Changes(changed *IDPConfig) map[string]interface{} {
|
||||
changes := make(map[string]interface{}, 1)
|
||||
changes["idpConfigId"] = c.IDPConfigID
|
||||
if changed.Name != "" && c.Name != changed.Name {
|
||||
changes["name"] = changed.Name
|
||||
}
|
||||
if changed.LogoSrc != nil && bytes.Equal(c.LogoSrc, changed.LogoSrc) {
|
||||
changes["logoSrc"] = changed.LogoSrc
|
||||
}
|
||||
return changes
|
||||
}
|
||||
|
||||
func IDPConfigsToModel(idps []*IDPConfig) []*model.IDPConfig {
|
||||
convertedIDPConfigs := make([]*model.IDPConfig, len(idps))
|
||||
for i, idp := range idps {
|
||||
convertedIDPConfigs[i] = IDPConfigToModel(idp)
|
||||
}
|
||||
return convertedIDPConfigs
|
||||
}
|
||||
|
||||
func IDPConfigsFromModel(idps []*model.IDPConfig) []*IDPConfig {
|
||||
convertedIDPConfigs := make([]*IDPConfig, len(idps))
|
||||
for i, idp := range idps {
|
||||
convertedIDPConfigs[i] = IDPConfigFromModel(idp)
|
||||
}
|
||||
return convertedIDPConfigs
|
||||
}
|
||||
|
||||
func IDPConfigFromModel(idp *model.IDPConfig) *IDPConfig {
|
||||
converted := &IDPConfig{
|
||||
ObjectRoot: idp.ObjectRoot,
|
||||
IDPConfigID: idp.IDPConfigID,
|
||||
Name: idp.Name,
|
||||
State: int32(idp.State),
|
||||
Type: int32(idp.Type),
|
||||
LogoSrc: idp.LogoSrc,
|
||||
}
|
||||
if idp.OIDCConfig != nil {
|
||||
converted.OIDCIDPConfig = OIDCIDPConfigFromModel(idp.OIDCConfig)
|
||||
}
|
||||
return converted
|
||||
}
|
||||
|
||||
func IDPConfigToModel(idp *IDPConfig) *model.IDPConfig {
|
||||
converted := &model.IDPConfig{
|
||||
ObjectRoot: idp.ObjectRoot,
|
||||
IDPConfigID: idp.IDPConfigID,
|
||||
Name: idp.Name,
|
||||
LogoSrc: idp.LogoSrc,
|
||||
State: model.IDPConfigState(idp.State),
|
||||
Type: model.IdpConfigType(idp.Type),
|
||||
}
|
||||
if idp.OIDCIDPConfig != nil {
|
||||
converted.OIDCConfig = OIDCIDPConfigToModel(idp.OIDCIDPConfig)
|
||||
}
|
||||
return converted
|
||||
}
|
||||
|
||||
func (iam *IAM) appendAddIDPConfigEvent(event *es_models.Event) error {
|
||||
idp := new(IDPConfig)
|
||||
err := idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
idp.ObjectRoot.CreationDate = event.CreationDate
|
||||
iam.IDPs = append(iam.IDPs, idp)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *IAM) appendChangeIDPConfigEvent(event *es_models.Event) error {
|
||||
idp := new(IDPConfig)
|
||||
err := idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if i, idpConfig := GetIDPConfig(iam.IDPs, idp.IDPConfigID); idpConfig != nil {
|
||||
iam.IDPs[i].SetData(event)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *IAM) appendRemoveIDPConfigEvent(event *es_models.Event) error {
|
||||
idp := new(IDPConfig)
|
||||
err := idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if i, idpConfig := GetIDPConfig(iam.IDPs, idp.IDPConfigID); idpConfig != nil {
|
||||
iam.IDPs[i] = iam.IDPs[len(iam.IDPs)-1]
|
||||
iam.IDPs[len(iam.IDPs)-1] = nil
|
||||
iam.IDPs = iam.IDPs[:len(iam.IDPs)-1]
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *IAM) appendIDPConfigStateEvent(event *es_models.Event, state model.IDPConfigState) error {
|
||||
idp := new(IDPConfig)
|
||||
err := idp.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if i, idpConfig := GetIDPConfig(iam.IDPs, idp.IDPConfigID); idpConfig != nil {
|
||||
idpConfig.State = int32(state)
|
||||
iam.IDPs[i] = idpConfig
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (c *IDPConfig) SetData(event *es_models.Event) error {
|
||||
c.ObjectRoot.AppendEvent(event)
|
||||
if err := json.Unmarshal(event.Data, c); err != nil {
|
||||
logging.Log("EVEN-Msj9w").WithError(err).Error("could not unmarshal event data")
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
213
internal/iam/repository/eventsourcing/model/idp_config_test.go
Normal file
213
internal/iam/repository/eventsourcing/model/idp_config_test.go
Normal file
@@ -0,0 +1,213 @@
|
||||
package model
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/model"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestIdpConfigChanges(t *testing.T) {
|
||||
type args struct {
|
||||
existing *IDPConfig
|
||||
new *IDPConfig
|
||||
}
|
||||
type res struct {
|
||||
changesLen int
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
res res
|
||||
}{
|
||||
{
|
||||
name: "idp config name changes",
|
||||
args: args{
|
||||
existing: &IDPConfig{IDPConfigID: "IDPConfigID", Name: "Name"},
|
||||
new: &IDPConfig{IDPConfigID: "IDPConfigID", Name: "NameChanged"},
|
||||
},
|
||||
res: res{
|
||||
changesLen: 2,
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "no changes",
|
||||
args: args{
|
||||
existing: &IDPConfig{IDPConfigID: "IDPConfigID", Name: "Name"},
|
||||
new: &IDPConfig{IDPConfigID: "IDPConfigID", Name: "Name"},
|
||||
},
|
||||
res: res{
|
||||
changesLen: 1,
|
||||
},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
changes := tt.args.existing.Changes(tt.args.new)
|
||||
if len(changes) != tt.res.changesLen {
|
||||
t.Errorf("got wrong changes len: expected: %v, actual: %v ", tt.res.changesLen, len(changes))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendAddIdpConfigEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
idp *IDPConfig
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append add idp config event",
|
||||
args: args{
|
||||
iam: &IAM{},
|
||||
idp: &IDPConfig{Name: "IDPConfig"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{&IDPConfig{Name: "IDPConfig"}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.idp != nil {
|
||||
data, _ := json.Marshal(tt.args.idp)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendAddIDPConfigEvent(tt.args.event)
|
||||
if len(tt.args.iam.IDPs) != 1 {
|
||||
t.Errorf("got wrong result should have one idpConfig actual: %v ", len(tt.args.iam.IDPs))
|
||||
}
|
||||
if tt.args.iam.IDPs[0] == tt.result.IDPs[0] {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.IDPs[0], tt.args.iam.IDPs[0])
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendChangeIdpConfigEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
idpConfig *IDPConfig
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append change idp config event",
|
||||
args: args{
|
||||
iam: &IAM{IDPs: []*IDPConfig{&IDPConfig{Name: "IDPConfig"}}},
|
||||
idpConfig: &IDPConfig{Name: "IDPConfig Change"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{&IDPConfig{Name: "IDPConfig Change"}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.idpConfig != nil {
|
||||
data, _ := json.Marshal(tt.args.idpConfig)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendChangeIDPConfigEvent(tt.args.event)
|
||||
if len(tt.args.iam.IDPs) != 1 {
|
||||
t.Errorf("got wrong result should have one idpConfig actual: %v ", len(tt.args.iam.IDPs))
|
||||
}
|
||||
if tt.args.iam.IDPs[0] == tt.result.IDPs[0] {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.IDPs[0], tt.args.iam.IDPs[0])
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendRemoveIDPEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
idp *IDPConfig
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append remove idp config event",
|
||||
args: args{
|
||||
iam: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", Name: "IDPConfig"}}},
|
||||
idp: &IDPConfig{IDPConfigID: "IDPConfigID", Name: "IDPConfig"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.idp != nil {
|
||||
data, _ := json.Marshal(tt.args.idp)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendRemoveIDPConfigEvent(tt.args.event)
|
||||
if len(tt.args.iam.IDPs) != 0 {
|
||||
t.Errorf("got wrong result should have no apps actual: %v ", len(tt.args.iam.IDPs))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendAppStateEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
idp *IDPConfig
|
||||
event *es_models.Event
|
||||
state model.IDPConfigState
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append deactivate application event",
|
||||
args: args{
|
||||
iam: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", Name: "IDPConfig", State: int32(model.IDPConfigStateActive)}}},
|
||||
idp: &IDPConfig{IDPConfigID: "IDPConfigID"},
|
||||
event: &es_models.Event{},
|
||||
state: model.IDPConfigStateInactive,
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", Name: "IDPConfig", State: int32(model.IDPConfigStateInactive)}}},
|
||||
},
|
||||
{
|
||||
name: "append reactivate application event",
|
||||
args: args{
|
||||
iam: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", Name: "IDPConfig", State: int32(model.IDPConfigStateInactive)}}},
|
||||
idp: &IDPConfig{IDPConfigID: "IDPConfigID"},
|
||||
event: &es_models.Event{},
|
||||
state: model.IDPConfigStateActive,
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", Name: "IDPConfig", State: int32(model.IDPConfigStateActive)}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.idp != nil {
|
||||
data, _ := json.Marshal(tt.args.idp)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendIDPConfigStateEvent(tt.args.event, tt.args.state)
|
||||
if len(tt.args.iam.IDPs) != 1 {
|
||||
t.Errorf("got wrong result should have one idpConfig actual: %v ", len(tt.args.iam.IDPs))
|
||||
}
|
||||
if tt.args.iam.IDPs[0] == tt.result.IDPs[0] {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.IDPs[0], tt.args.iam.IDPs[0])
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
164
internal/iam/repository/eventsourcing/model/login_policy.go
Normal file
164
internal/iam/repository/eventsourcing/model/login_policy.go
Normal file
@@ -0,0 +1,164 @@
|
||||
package model
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"github.com/caos/zitadel/internal/errors"
|
||||
"github.com/caos/zitadel/internal/eventstore/models"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
iam_model "github.com/caos/zitadel/internal/iam/model"
|
||||
)
|
||||
|
||||
type LoginPolicy struct {
|
||||
models.ObjectRoot
|
||||
State int32 `json:"-"`
|
||||
AllowUsernamePassword bool `json:"allowUsernamePassword"`
|
||||
AllowRegister bool `json:"allowRegister"`
|
||||
AllowExternalIdp bool `json:"allowExternalIdp"`
|
||||
IDPProviders []*IDPProvider `json:"-"`
|
||||
}
|
||||
|
||||
type IDPProvider struct {
|
||||
models.ObjectRoot
|
||||
Type int32 `json:"idpProviderType"`
|
||||
IDPConfigID string `json:"idpConfigId"`
|
||||
}
|
||||
|
||||
type IDPProviderID struct {
|
||||
IDPConfigID string `json:"idpConfigId"`
|
||||
}
|
||||
|
||||
func GetIDPProvider(providers []*IDPProvider, id string) (int, *IDPProvider) {
|
||||
for i, p := range providers {
|
||||
if p.IDPConfigID == id {
|
||||
return i, p
|
||||
}
|
||||
}
|
||||
return -1, nil
|
||||
}
|
||||
|
||||
func LoginPolicyToModel(policy *LoginPolicy) *iam_model.LoginPolicy {
|
||||
idps := IDPProvidersToModel(policy.IDPProviders)
|
||||
return &iam_model.LoginPolicy{
|
||||
ObjectRoot: policy.ObjectRoot,
|
||||
State: iam_model.PolicyState(policy.State),
|
||||
AllowUsernamePassword: policy.AllowUsernamePassword,
|
||||
AllowRegister: policy.AllowRegister,
|
||||
AllowExternalIdp: policy.AllowExternalIdp,
|
||||
IDPProviders: idps,
|
||||
}
|
||||
}
|
||||
|
||||
func LoginPolicyFromModel(policy *iam_model.LoginPolicy) *LoginPolicy {
|
||||
idps := IDOProvidersFromModel(policy.IDPProviders)
|
||||
return &LoginPolicy{
|
||||
ObjectRoot: policy.ObjectRoot,
|
||||
State: int32(policy.State),
|
||||
AllowUsernamePassword: policy.AllowUsernamePassword,
|
||||
AllowRegister: policy.AllowRegister,
|
||||
AllowExternalIdp: policy.AllowExternalIdp,
|
||||
IDPProviders: idps,
|
||||
}
|
||||
}
|
||||
|
||||
func IDPProvidersToModel(members []*IDPProvider) []*iam_model.IDPProvider {
|
||||
convertedProviders := make([]*iam_model.IDPProvider, len(members))
|
||||
for i, m := range members {
|
||||
convertedProviders[i] = IDPProviderToModel(m)
|
||||
}
|
||||
return convertedProviders
|
||||
}
|
||||
|
||||
func IDOProvidersFromModel(members []*iam_model.IDPProvider) []*IDPProvider {
|
||||
convertedProviders := make([]*IDPProvider, len(members))
|
||||
for i, m := range members {
|
||||
convertedProviders[i] = IDPProviderFromModel(m)
|
||||
}
|
||||
return convertedProviders
|
||||
}
|
||||
|
||||
func IDPProviderToModel(provider *IDPProvider) *iam_model.IDPProvider {
|
||||
return &iam_model.IDPProvider{
|
||||
ObjectRoot: provider.ObjectRoot,
|
||||
Type: iam_model.IDPProviderType(provider.Type),
|
||||
IdpConfigID: provider.IDPConfigID,
|
||||
}
|
||||
}
|
||||
|
||||
func IDPProviderFromModel(provider *iam_model.IDPProvider) *IDPProvider {
|
||||
return &IDPProvider{
|
||||
ObjectRoot: provider.ObjectRoot,
|
||||
Type: int32(provider.Type),
|
||||
IDPConfigID: provider.IdpConfigID,
|
||||
}
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) Changes(changed *LoginPolicy) map[string]interface{} {
|
||||
changes := make(map[string]interface{}, 2)
|
||||
|
||||
if changed.AllowUsernamePassword != p.AllowUsernamePassword {
|
||||
changes["allowUsernamePassword"] = changed.AllowUsernamePassword
|
||||
}
|
||||
if changed.AllowRegister != p.AllowRegister {
|
||||
changes["allowRegister"] = changed.AllowRegister
|
||||
}
|
||||
if changed.AllowExternalIdp != p.AllowExternalIdp {
|
||||
changes["allowExternalIdp"] = changed.AllowExternalIdp
|
||||
}
|
||||
|
||||
return changes
|
||||
}
|
||||
|
||||
func (i *IAM) appendAddLoginPolicyEvent(event *es_models.Event) error {
|
||||
i.DefaultLoginPolicy = new(LoginPolicy)
|
||||
err := i.DefaultLoginPolicy.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
i.DefaultLoginPolicy.ObjectRoot.CreationDate = event.CreationDate
|
||||
return nil
|
||||
}
|
||||
|
||||
func (i *IAM) appendChangeLoginPolicyEvent(event *es_models.Event) error {
|
||||
return i.DefaultLoginPolicy.SetData(event)
|
||||
}
|
||||
|
||||
func (iam *IAM) appendAddIDPProviderToLoginPolicyEvent(event *es_models.Event) error {
|
||||
provider := new(IDPProvider)
|
||||
err := provider.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
provider.ObjectRoot.CreationDate = event.CreationDate
|
||||
iam.DefaultLoginPolicy.IDPProviders = append(iam.DefaultLoginPolicy.IDPProviders, provider)
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *IAM) appendRemoveIDPProviderFromLoginPolicyEvent(event *es_models.Event) error {
|
||||
provider := new(IDPProvider)
|
||||
err := provider.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if i, m := GetIDPProvider(iam.DefaultLoginPolicy.IDPProviders, provider.IDPConfigID); m != nil {
|
||||
iam.DefaultLoginPolicy.IDPProviders[i] = iam.DefaultLoginPolicy.IDPProviders[len(iam.DefaultLoginPolicy.IDPProviders)-1]
|
||||
iam.DefaultLoginPolicy.IDPProviders[len(iam.DefaultLoginPolicy.IDPProviders)-1] = nil
|
||||
iam.DefaultLoginPolicy.IDPProviders = iam.DefaultLoginPolicy.IDPProviders[:len(iam.DefaultLoginPolicy.IDPProviders)-1]
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *LoginPolicy) SetData(event *es_models.Event) error {
|
||||
err := json.Unmarshal(event.Data, p)
|
||||
if err != nil {
|
||||
return errors.ThrowInternal(err, "EVENT-7JS9d", "unable to unmarshal data")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *IDPProvider) SetData(event *es_models.Event) error {
|
||||
err := json.Unmarshal(event.Data, p)
|
||||
if err != nil {
|
||||
return errors.ThrowInternal(err, "EVENT-ldos9", "unable to unmarshal data")
|
||||
}
|
||||
return nil
|
||||
}
|
||||
253
internal/iam/repository/eventsourcing/model/login_policy_test.go
Normal file
253
internal/iam/repository/eventsourcing/model/login_policy_test.go
Normal file
@@ -0,0 +1,253 @@
|
||||
package model
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/model"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestLoginPolicyChanges(t *testing.T) {
|
||||
type args struct {
|
||||
existing *LoginPolicy
|
||||
new *LoginPolicy
|
||||
}
|
||||
type res struct {
|
||||
changesLen int
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
res res
|
||||
}{
|
||||
{
|
||||
name: "loginpolicy all attributes change",
|
||||
args: args{
|
||||
existing: &LoginPolicy{AllowUsernamePassword: false, AllowRegister: false, AllowExternalIdp: false},
|
||||
new: &LoginPolicy{AllowUsernamePassword: true, AllowRegister: true, AllowExternalIdp: true},
|
||||
},
|
||||
res: res{
|
||||
changesLen: 3,
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "no changes",
|
||||
args: args{
|
||||
existing: &LoginPolicy{AllowUsernamePassword: false, AllowRegister: false, AllowExternalIdp: false},
|
||||
new: &LoginPolicy{AllowUsernamePassword: false, AllowRegister: false, AllowExternalIdp: false},
|
||||
},
|
||||
res: res{
|
||||
changesLen: 0,
|
||||
},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
changes := tt.args.existing.Changes(tt.args.new)
|
||||
if len(changes) != tt.res.changesLen {
|
||||
t.Errorf("got wrong changes len: expected: %v, actual: %v ", tt.res.changesLen, len(changes))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendAddLoginPolicyEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
policy *LoginPolicy
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append add login policy event",
|
||||
args: args{
|
||||
iam: new(IAM),
|
||||
policy: &LoginPolicy{AllowUsernamePassword: true, AllowRegister: true, AllowExternalIdp: true},
|
||||
event: new(es_models.Event),
|
||||
},
|
||||
result: &IAM{DefaultLoginPolicy: &LoginPolicy{AllowUsernamePassword: true, AllowRegister: true, AllowExternalIdp: true}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.policy != nil {
|
||||
data, _ := json.Marshal(tt.args.policy)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendAddLoginPolicyEvent(tt.args.event)
|
||||
if tt.result.DefaultLoginPolicy.AllowUsernamePassword != tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowUsernamePassword, tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowRegister != tt.args.iam.DefaultLoginPolicy.AllowRegister {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowRegister, tt.args.iam.DefaultLoginPolicy.AllowRegister)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowExternalIdp != tt.args.iam.DefaultLoginPolicy.AllowExternalIdp {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowExternalIdp, tt.args.iam.DefaultLoginPolicy.AllowExternalIdp)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendChangeLoginPolicyEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
policy *LoginPolicy
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append change login policy event",
|
||||
args: args{
|
||||
iam: &IAM{DefaultLoginPolicy: &LoginPolicy{
|
||||
AllowExternalIdp: false,
|
||||
AllowRegister: false,
|
||||
AllowUsernamePassword: false,
|
||||
}},
|
||||
policy: &LoginPolicy{AllowUsernamePassword: true, AllowRegister: true, AllowExternalIdp: true},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{DefaultLoginPolicy: &LoginPolicy{
|
||||
AllowExternalIdp: true,
|
||||
AllowRegister: true,
|
||||
AllowUsernamePassword: true,
|
||||
}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.policy != nil {
|
||||
data, _ := json.Marshal(tt.args.policy)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendChangeLoginPolicyEvent(tt.args.event)
|
||||
if tt.result.DefaultLoginPolicy.AllowUsernamePassword != tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowUsernamePassword, tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowRegister != tt.args.iam.DefaultLoginPolicy.AllowRegister {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowRegister, tt.args.iam.DefaultLoginPolicy.AllowRegister)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowExternalIdp != tt.args.iam.DefaultLoginPolicy.AllowExternalIdp {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowExternalIdp, tt.args.iam.DefaultLoginPolicy.AllowExternalIdp)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendAddIdpToPolicyEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
provider *IDPProvider
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append add idp to login policy event",
|
||||
args: args{
|
||||
iam: &IAM{DefaultLoginPolicy: &LoginPolicy{AllowExternalIdp: true, AllowRegister: true, AllowUsernamePassword: true}},
|
||||
provider: &IDPProvider{Type: int32(model.IDPProviderTypeSystem), IDPConfigID: "IDPConfigID"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{DefaultLoginPolicy: &LoginPolicy{
|
||||
AllowExternalIdp: true,
|
||||
AllowRegister: true,
|
||||
AllowUsernamePassword: true,
|
||||
IDPProviders: []*IDPProvider{
|
||||
{IDPConfigID: "IDPConfigID", Type: int32(model.IDPProviderTypeSystem)},
|
||||
}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.provider != nil {
|
||||
data, _ := json.Marshal(tt.args.provider)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendAddIDPProviderToLoginPolicyEvent(tt.args.event)
|
||||
if tt.result.DefaultLoginPolicy.AllowUsernamePassword != tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword {
|
||||
t.Errorf("got wrong result AllowUsernamePassword: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowUsernamePassword, tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowRegister != tt.args.iam.DefaultLoginPolicy.AllowRegister {
|
||||
t.Errorf("got wrong result AllowRegister: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowRegister, tt.args.iam.DefaultLoginPolicy.AllowRegister)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowExternalIdp != tt.args.iam.DefaultLoginPolicy.AllowExternalIdp {
|
||||
t.Errorf("got wrong result AllowExternalIDP: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowExternalIdp, tt.args.iam.DefaultLoginPolicy.AllowExternalIdp)
|
||||
}
|
||||
if len(tt.result.DefaultLoginPolicy.IDPProviders) != len(tt.args.iam.DefaultLoginPolicy.IDPProviders) {
|
||||
t.Errorf("got wrong idp provider len: expected: %v, actual: %v ", len(tt.result.DefaultLoginPolicy.IDPProviders), len(tt.args.iam.DefaultLoginPolicy.IDPProviders))
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.IDPProviders[0].Type != tt.args.provider.Type {
|
||||
t.Errorf("got wrong idp provider type: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.IDPProviders[0].Type, tt.args.provider.Type)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.IDPProviders[0].IDPConfigID != tt.args.provider.IDPConfigID {
|
||||
t.Errorf("got wrong idp provider idpconfigid: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.IDPProviders[0].IDPConfigID, tt.args.provider.IDPConfigID)
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestRemoveAddIdpToPolicyEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
provider *IDPProvider
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append add idp to login policy event",
|
||||
args: args{
|
||||
iam: &IAM{
|
||||
DefaultLoginPolicy: &LoginPolicy{
|
||||
AllowExternalIdp: true,
|
||||
AllowRegister: true,
|
||||
AllowUsernamePassword: true,
|
||||
IDPProviders: []*IDPProvider{
|
||||
{IDPConfigID: "IDPConfigID", Type: int32(model.IDPProviderTypeSystem)},
|
||||
}}},
|
||||
provider: &IDPProvider{Type: int32(model.IDPProviderTypeSystem), IDPConfigID: "IDPConfigID"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{DefaultLoginPolicy: &LoginPolicy{
|
||||
AllowExternalIdp: true,
|
||||
AllowRegister: true,
|
||||
AllowUsernamePassword: true,
|
||||
IDPProviders: []*IDPProvider{}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.provider != nil {
|
||||
data, _ := json.Marshal(tt.args.provider)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendRemoveIDPProviderFromLoginPolicyEvent(tt.args.event)
|
||||
if tt.result.DefaultLoginPolicy.AllowUsernamePassword != tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword {
|
||||
t.Errorf("got wrong result AllowUsernamePassword: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowUsernamePassword, tt.args.iam.DefaultLoginPolicy.AllowUsernamePassword)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowRegister != tt.args.iam.DefaultLoginPolicy.AllowRegister {
|
||||
t.Errorf("got wrong result AllowRegister: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowRegister, tt.args.iam.DefaultLoginPolicy.AllowRegister)
|
||||
}
|
||||
if tt.result.DefaultLoginPolicy.AllowExternalIdp != tt.args.iam.DefaultLoginPolicy.AllowExternalIdp {
|
||||
t.Errorf("got wrong result AllowExternalIDP: expected: %v, actual: %v ", tt.result.DefaultLoginPolicy.AllowExternalIdp, tt.args.iam.DefaultLoginPolicy.AllowExternalIdp)
|
||||
}
|
||||
if len(tt.result.DefaultLoginPolicy.IDPProviders) != len(tt.args.iam.DefaultLoginPolicy.IDPProviders) {
|
||||
t.Errorf("got wrong idp provider len: expected: %v, actual: %v ", len(tt.result.DefaultLoginPolicy.IDPProviders), len(tt.args.iam.DefaultLoginPolicy.IDPProviders))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,96 @@
|
||||
package model
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"github.com/caos/logging"
|
||||
"github.com/caos/zitadel/internal/crypto"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"github.com/caos/zitadel/internal/iam/model"
|
||||
"github.com/lib/pq"
|
||||
"reflect"
|
||||
)
|
||||
|
||||
type OIDCIDPConfig struct {
|
||||
es_models.ObjectRoot
|
||||
IDPConfigID string `json:"idpConfigId"`
|
||||
ClientID string `json:"clientId"`
|
||||
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
|
||||
Issuer string `json:"issuer,omitempty"`
|
||||
Scopes pq.StringArray `json:"scopes,omitempty"`
|
||||
}
|
||||
|
||||
func (c *OIDCIDPConfig) Changes(changed *OIDCIDPConfig) map[string]interface{} {
|
||||
changes := make(map[string]interface{}, 1)
|
||||
changes["idpConfigId"] = c.IDPConfigID
|
||||
if c.ClientID != changed.ClientID {
|
||||
changes["clientId"] = changed.ClientID
|
||||
}
|
||||
if c.ClientSecret != nil {
|
||||
changes["clientSecret"] = changed.ClientSecret
|
||||
}
|
||||
if c.Issuer != changed.Issuer {
|
||||
changes["issuer"] = changed.Issuer
|
||||
}
|
||||
if !reflect.DeepEqual(c.Scopes, changed.Scopes) {
|
||||
changes["scopes"] = changed.Scopes
|
||||
}
|
||||
return changes
|
||||
}
|
||||
|
||||
func OIDCIDPConfigFromModel(config *model.OIDCIDPConfig) *OIDCIDPConfig {
|
||||
return &OIDCIDPConfig{
|
||||
ObjectRoot: config.ObjectRoot,
|
||||
IDPConfigID: config.IDPConfigID,
|
||||
ClientID: config.ClientID,
|
||||
ClientSecret: config.ClientSecret,
|
||||
Issuer: config.Issuer,
|
||||
Scopes: config.Scopes,
|
||||
}
|
||||
}
|
||||
|
||||
func OIDCIDPConfigToModel(config *OIDCIDPConfig) *model.OIDCIDPConfig {
|
||||
return &model.OIDCIDPConfig{
|
||||
ObjectRoot: config.ObjectRoot,
|
||||
IDPConfigID: config.IDPConfigID,
|
||||
ClientID: config.ClientID,
|
||||
ClientSecret: config.ClientSecret,
|
||||
Issuer: config.Issuer,
|
||||
Scopes: config.Scopes,
|
||||
}
|
||||
}
|
||||
|
||||
func (iam *IAM) appendAddOIDCIDPConfigEvent(event *es_models.Event) error {
|
||||
config := new(OIDCIDPConfig)
|
||||
err := config.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
config.ObjectRoot.CreationDate = event.CreationDate
|
||||
if i, idpConfig := GetIDPConfig(iam.IDPs, config.IDPConfigID); idpConfig != nil {
|
||||
iam.IDPs[i].Type = int32(model.IDPConfigTypeOIDC)
|
||||
iam.IDPs[i].OIDCIDPConfig = config
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (iam *IAM) appendChangeOIDCIDPConfigEvent(event *es_models.Event) error {
|
||||
config := new(OIDCIDPConfig)
|
||||
err := config.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if i, idpConfig := GetIDPConfig(iam.IDPs, config.IDPConfigID); idpConfig != nil {
|
||||
iam.IDPs[i].OIDCIDPConfig.SetData(event)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (o *OIDCIDPConfig) SetData(event *es_models.Event) error {
|
||||
o.ObjectRoot.AppendEvent(event)
|
||||
if err := json.Unmarshal(event.Data, o); err != nil {
|
||||
logging.Log("EVEN-Msh8s").WithError(err).Error("could not unmarshal event data")
|
||||
return err
|
||||
}
|
||||
return nil
|
||||
}
|
||||
@@ -0,0 +1,156 @@
|
||||
package model
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"github.com/caos/zitadel/internal/crypto"
|
||||
es_models "github.com/caos/zitadel/internal/eventstore/models"
|
||||
"testing"
|
||||
)
|
||||
|
||||
func TestOIDCIdpConfigChanges(t *testing.T) {
|
||||
type args struct {
|
||||
existing *OIDCIDPConfig
|
||||
new *OIDCIDPConfig
|
||||
}
|
||||
type res struct {
|
||||
changesLen int
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
res res
|
||||
}{
|
||||
{
|
||||
name: "all possible values change",
|
||||
args: args{
|
||||
existing: &OIDCIDPConfig{
|
||||
IDPConfigID: "IDPConfigID",
|
||||
ClientID: "ClientID",
|
||||
ClientSecret: &crypto.CryptoValue{KeyID: "KeyID"},
|
||||
Issuer: "Issuer",
|
||||
Scopes: []string{"scope1"},
|
||||
},
|
||||
new: &OIDCIDPConfig{
|
||||
IDPConfigID: "IDPConfigID",
|
||||
ClientID: "ClientID2",
|
||||
ClientSecret: &crypto.CryptoValue{KeyID: "KeyID2"},
|
||||
Issuer: "Issuer2",
|
||||
Scopes: []string{"scope1", "scope2"},
|
||||
},
|
||||
},
|
||||
res: res{
|
||||
changesLen: 5,
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "no changes",
|
||||
args: args{
|
||||
existing: &OIDCIDPConfig{
|
||||
IDPConfigID: "IDPConfigID",
|
||||
ClientID: "ClientID",
|
||||
Issuer: "Issuer",
|
||||
Scopes: []string{"scope1"},
|
||||
},
|
||||
new: &OIDCIDPConfig{
|
||||
IDPConfigID: "IDPConfigID",
|
||||
ClientID: "ClientID",
|
||||
Issuer: "Issuer",
|
||||
Scopes: []string{"scope1"},
|
||||
},
|
||||
},
|
||||
res: res{
|
||||
changesLen: 1,
|
||||
},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
changes := tt.args.existing.Changes(tt.args.new)
|
||||
if len(changes) != tt.res.changesLen {
|
||||
t.Errorf("got wrong changes len: expected: %v, actual: %v ", tt.res.changesLen, len(changes))
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendAddOIDCIdpConfigEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
config *OIDCIDPConfig
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append add oidc idp config event",
|
||||
args: args{
|
||||
iam: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID"}}},
|
||||
config: &OIDCIDPConfig{IDPConfigID: "IDPConfigID", ClientID: "ClientID"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", OIDCIDPConfig: &OIDCIDPConfig{IDPConfigID: "IDPConfigID", ClientID: "ClientID"}}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.config != nil {
|
||||
data, _ := json.Marshal(tt.args.config)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendAddOIDCIDPConfigEvent(tt.args.event)
|
||||
if len(tt.args.iam.IDPs) != 1 {
|
||||
t.Errorf("got wrong result should have one idpConfig actual: %v ", len(tt.args.iam.IDPs))
|
||||
}
|
||||
if tt.args.iam.IDPs[0].OIDCIDPConfig == nil {
|
||||
t.Errorf("got wrong result should have oidc config actual: %v ", tt.args.iam.IDPs[0].OIDCIDPConfig)
|
||||
}
|
||||
if tt.args.iam.IDPs[0] == tt.result.IDPs[0] {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.IDPs[0], tt.args.iam.IDPs[0])
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
func TestAppendChangeOIDCIdpConfigEvent(t *testing.T) {
|
||||
type args struct {
|
||||
iam *IAM
|
||||
config *OIDCIDPConfig
|
||||
event *es_models.Event
|
||||
}
|
||||
tests := []struct {
|
||||
name string
|
||||
args args
|
||||
result *IAM
|
||||
}{
|
||||
{
|
||||
name: "append change oidc idp config event",
|
||||
args: args{
|
||||
iam: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", OIDCIDPConfig: &OIDCIDPConfig{IDPConfigID: "IDPConfigID", ClientID: "ClientID"}}}},
|
||||
config: &OIDCIDPConfig{IDPConfigID: "IDPConfigID", ClientID: "ClientID Changed"},
|
||||
event: &es_models.Event{},
|
||||
},
|
||||
result: &IAM{IDPs: []*IDPConfig{&IDPConfig{IDPConfigID: "IDPConfigID", OIDCIDPConfig: &OIDCIDPConfig{IDPConfigID: "IDPConfigID", ClientID: "ClientID Changed"}}}},
|
||||
},
|
||||
}
|
||||
for _, tt := range tests {
|
||||
t.Run(tt.name, func(t *testing.T) {
|
||||
if tt.args.config != nil {
|
||||
data, _ := json.Marshal(tt.args.config)
|
||||
tt.args.event.Data = data
|
||||
}
|
||||
tt.args.iam.appendChangeOIDCIDPConfigEvent(tt.args.event)
|
||||
if len(tt.args.iam.IDPs) != 1 {
|
||||
t.Errorf("got wrong result should have one idpConfig actual: %v ", len(tt.args.iam.IDPs))
|
||||
}
|
||||
if tt.args.iam.IDPs[0].OIDCIDPConfig == nil {
|
||||
t.Errorf("got wrong result should have oidc config actual: %v ", tt.args.iam.IDPs[0].OIDCIDPConfig)
|
||||
}
|
||||
if tt.args.iam.IDPs[0] == tt.result.IDPs[0] {
|
||||
t.Errorf("got wrong result: expected: %v, actual: %v ", tt.result.IDPs[0], tt.args.iam.IDPs[0])
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
@@ -3,13 +3,31 @@ package model
|
||||
import "github.com/caos/zitadel/internal/eventstore/models"
|
||||
|
||||
const (
|
||||
IamAggregate models.AggregateType = "iam"
|
||||
IAMAggregate models.AggregateType = "iam"
|
||||
|
||||
IamSetupStarted models.EventType = "iam.setup.started"
|
||||
IamSetupDone models.EventType = "iam.setup.done"
|
||||
IAMSetupStarted models.EventType = "iam.setup.started"
|
||||
IAMSetupDone models.EventType = "iam.setup.done"
|
||||
GlobalOrgSet models.EventType = "iam.global.org.set"
|
||||
IamProjectSet models.EventType = "iam.project.iam.set"
|
||||
IamMemberAdded models.EventType = "iam.member.added"
|
||||
IamMemberChanged models.EventType = "iam.member.changed"
|
||||
IamMemberRemoved models.EventType = "iam.member.removed"
|
||||
IAMProjectSet models.EventType = "iam.project.iam.set"
|
||||
IAMMemberAdded models.EventType = "iam.member.added"
|
||||
IAMMemberChanged models.EventType = "iam.member.changed"
|
||||
IAMMemberRemoved models.EventType = "iam.member.removed"
|
||||
|
||||
IDPConfigAdded models.EventType = "iam.idp.config.added"
|
||||
IDPConfigChanged models.EventType = "iam.idp.config.changed"
|
||||
IDPConfigRemoved models.EventType = "iam.idp.config.removed"
|
||||
IDPConfigDeactivated models.EventType = "iam.idp.config.deactivated"
|
||||
IDPConfigReactivated models.EventType = "iam.idp.config.reactivated"
|
||||
|
||||
OIDCIDPConfigAdded models.EventType = "iam.idp.oidc.config.added"
|
||||
OIDCIDPConfigChanged models.EventType = "iam.idp.oidc.config.changed"
|
||||
|
||||
SAMLIDPConfigAdded models.EventType = "iam.idp.saml.config.added"
|
||||
SAMLIDPConfigChanged models.EventType = "iam.idp.saml.config.changed"
|
||||
|
||||
LoginPolicyAdded models.EventType = "iam.policy.login.added"
|
||||
LoginPolicyChanged models.EventType = "iam.policy.login.changed"
|
||||
LoginPolicyIDPProviderAdded models.EventType = "iam.policy.login.idpprovider.added"
|
||||
LoginPolicyIDPProviderRemoved models.EventType = "iam.policy.login.idpprovider.removed"
|
||||
LoginPolicyIDPProviderCascadeRemoved models.EventType = "iam.policy.login.idpprovider.cascade.removed"
|
||||
)
|
||||
|
||||
Reference in New Issue
Block a user