chore: add oidc idp for acceptance tests

acceptance/docker-compose.yaml

@@ -1,7 +1,7 @@
 services:
   zitadel:
     user: "${ZITADEL_DEV_UID}"
-    image: "${ZITADEL_IMAGE:-ghcr.io/zitadel/zitadel:dc64e35128108d70471c7a5b9ad1dfc2c7c4c654}"
+    image: "${ZITADEL_IMAGE:-ghcr.io/zitadel/zitadel:02617cf17fdde849378c1a6b5254bbfb2745b164}"
     command: 'start-from-init --masterkey "MasterkeyNeedsToHave32Characters" --tlsMode disabled --config /zitadel.yaml --steps /zitadel.yaml'
     ports:
       - "8080:8080"
@@ -12,7 +12,7 @@ services:
       db:
         condition: "service_healthy"
     extra_hosts:
-      - "host.docker.internal:host-gateway"
+      - "localhost:host-gateway"
 
   db:
     restart: "always"

acceptance/idp/oidc/main.go

@@ -127,7 +127,7 @@ func CreateIDP(apiURL, pat, domain string, issuer, clientID, clientSecret string
 			IsCreationAllowed: true,
 			IsAutoCreation:    true,
 			IsAutoUpdate:      true,
-			AutoLinking:       "AUTO_LINKING_OPTION_UNSPECIFIED",
+			AutoLinking:       "AUTO_LINKING_OPTION_USERNAME",
 		},
 		IsIdTokenMapping: false,
 		UsePkce:          false,

acceptance/idp/saml/main.go

@@ -12,6 +12,7 @@ import (
 	"io"
 	"log"
 	"net/http"
+	"net/http/httptest"
 	"net/url"
 	"os"
 	"os/signal"
@@ -24,6 +25,7 @@ import (
 	xrv "github.com/mattermost/xml-roundtrip-validator"
 	"github.com/zenazn/goji"
 	"github.com/zenazn/goji/bind"
+	"github.com/zenazn/goji/web"
 	"golang.org/x/crypto/bcrypt"
 )
 
@@ -156,18 +158,12 @@ func addService(idpServer *samlidp.Server, spURLStr string) {
 		panic(err)
 	}
 	defer metadataResp.Body.Close()
-	spMetadata, err := getSPMetadata(metadataResp.Body)
-	if err != nil {
-		panic(err)
-	}
 
-	err = idpServer.Store.Put("/services/sp", samlidp.Service{
+	idpServer.HandlePutService(
-		Name:     spURLStr,
+		web.C{URLParams: map[string]string{"id": spURLStr}},
-		Metadata: *spMetadata,
+		httptest.NewRecorder(),
-	})
+		httptest.NewRequest(http.MethodPost, spURLStr, metadataResp.Body),
-	if err != nil {
+	)
-		panic(err)
-	}
 }
 
 func getSPMetadata(r io.Reader) (spMetadata *saml.EntityDescriptor, err error) {
@@ -267,8 +263,8 @@ func CreateIDP(apiURL, pat, domain string, idpMetadata []byte) (string, error) {
 	createIDP := &createIDP{
 		Name:              "CREWJAM",
 		MetadataXml:       string(encoded),
-		Binding:           "SAML_BINDING_POST",
+		Binding:           "SAML_BINDING_REDIRECT",
-		WithSignedRequest: true,
+		WithSignedRequest: false,
 		ProviderOptions: providerOptions{
 			IsLinkingAllowed:  true,
 			IsCreationAllowed: true,

acceptance/tests/saml-username-password.spec.ts

@@ -1,5 +1,5 @@
 import { faker } from "@faker-js/faker";
-import { test as base } from "@playwright/test";
+import {expect, test as base} from "@playwright/test";
 import dotenv from "dotenv";
 import path from "path";
 import { loginname } from "./loginname";
@@ -35,5 +35,5 @@ test("saml username and password login", async ({ user, page }) => {
   await selectNewAccount(page)
   await loginname(page, user.getUsername());
   await password(page, user.getPassword());
-  // currently fails because of issuer problems
+  await expect(page.locator('html')).toContainText(user.getUsername());
 });