mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 11:04:25 +00:00
b8bec25129
* refactor(domain): add user type * fix(projections): start with login names * fix(login_policy): correct handling of user domain claimed event * fix(projections): add members * refactor: simplify member projections * add migration for members * add metadata to member projections * refactor: login name projection * fix: set correct suffixes on login name projections * test(projections): login name reduces * fix: correct cols in reduce member * test(projections): org, iam, project members * member additional cols and conds as opt, add project grant members * fix(migration): members * fix(migration): correct database name * migration version * migs * better naming for member cond and col * split project and project grant members * prepare member columns * feat(queries): membership query * test(queries): membership prepare * fix(queries): multiple projections for latest sequence * fix(api): use query for membership queries in auth and management * feat: org member queries * fix(api): use query for iam member calls * fix(queries): org members * fix(queries): project members * fix(queries): project grant members * refactor: remove unsued methods in repo-interfaces * start * fix(query): membership * fix(auth): list my project orgs * fix(query): member queries and user avatar column * refactor(auth): MyProjectOrgs * fix(queries): member and membership stmts * fix user test * fix(management): use query for project (-grant) members * fix(admin): use query for member calls * fix(api): add domain to org mapping * remove old idp * membership * refactor: remove old files * idp * refactor: use query for idps and idp user links * refactor(eventstore): rename EventPusher to Command, EventReader to Event, PushEvents to Push and FilterEvents to Filter * gloabl org check for org roles Co-authored-by: Livio Amstutz <livio.a@gmail.com>
158 lines
4.8 KiB
Go
158 lines
4.8 KiB
Go
package admin
|
|
|
|
import (
|
|
idp_grpc "github.com/caos/zitadel/internal/api/grpc/idp"
|
|
"github.com/caos/zitadel/internal/api/grpc/object"
|
|
"github.com/caos/zitadel/internal/domain"
|
|
"github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
|
"github.com/caos/zitadel/internal/query"
|
|
admin_pb "github.com/caos/zitadel/pkg/grpc/admin"
|
|
)
|
|
|
|
func addOIDCIDPRequestToDomain(req *admin_pb.AddOIDCIDPRequest) *domain.IDPConfig {
|
|
return &domain.IDPConfig{
|
|
Name: req.Name,
|
|
OIDCConfig: addOIDCIDPRequestToDomainOIDCIDPConfig(req),
|
|
StylingType: idp_grpc.IDPStylingTypeToDomain(req.StylingType),
|
|
Type: domain.IDPConfigTypeOIDC,
|
|
AutoRegister: req.AutoRegister,
|
|
}
|
|
}
|
|
|
|
func addOIDCIDPRequestToDomainOIDCIDPConfig(req *admin_pb.AddOIDCIDPRequest) *domain.OIDCIDPConfig {
|
|
return &domain.OIDCIDPConfig{
|
|
ClientID: req.ClientId,
|
|
ClientSecretString: req.ClientSecret,
|
|
Issuer: req.Issuer,
|
|
Scopes: req.Scopes,
|
|
IDPDisplayNameMapping: idp_grpc.MappingFieldToDomain(req.DisplayNameMapping),
|
|
UsernameMapping: idp_grpc.MappingFieldToDomain(req.UsernameMapping),
|
|
}
|
|
}
|
|
|
|
func addJWTIDPRequestToDomain(req *admin_pb.AddJWTIDPRequest) *domain.IDPConfig {
|
|
return &domain.IDPConfig{
|
|
Name: req.Name,
|
|
JWTConfig: addJWTIDPRequestToDomainJWTIDPConfig(req),
|
|
StylingType: idp_grpc.IDPStylingTypeToDomain(req.StylingType),
|
|
Type: domain.IDPConfigTypeJWT,
|
|
AutoRegister: req.AutoRegister,
|
|
}
|
|
}
|
|
|
|
func addJWTIDPRequestToDomainJWTIDPConfig(req *admin_pb.AddJWTIDPRequest) *domain.JWTIDPConfig {
|
|
return &domain.JWTIDPConfig{
|
|
JWTEndpoint: req.JwtEndpoint,
|
|
Issuer: req.Issuer,
|
|
KeysEndpoint: req.KeysEndpoint,
|
|
HeaderName: req.HeaderName,
|
|
}
|
|
}
|
|
|
|
func updateIDPToDomain(req *admin_pb.UpdateIDPRequest) *domain.IDPConfig {
|
|
return &domain.IDPConfig{
|
|
IDPConfigID: req.IdpId,
|
|
Name: req.Name,
|
|
StylingType: idp_grpc.IDPStylingTypeToDomain(req.StylingType),
|
|
AutoRegister: req.AutoRegister,
|
|
}
|
|
}
|
|
|
|
func updateOIDCConfigToDomain(req *admin_pb.UpdateIDPOIDCConfigRequest) *domain.OIDCIDPConfig {
|
|
return &domain.OIDCIDPConfig{
|
|
IDPConfigID: req.IdpId,
|
|
ClientID: req.ClientId,
|
|
ClientSecretString: req.ClientSecret,
|
|
Issuer: req.Issuer,
|
|
Scopes: req.Scopes,
|
|
IDPDisplayNameMapping: idp_grpc.MappingFieldToDomain(req.DisplayNameMapping),
|
|
UsernameMapping: idp_grpc.MappingFieldToDomain(req.UsernameMapping),
|
|
}
|
|
}
|
|
|
|
func updateJWTConfigToDomain(req *admin_pb.UpdateIDPJWTConfigRequest) *domain.JWTIDPConfig {
|
|
return &domain.JWTIDPConfig{
|
|
IDPConfigID: req.IdpId,
|
|
JWTEndpoint: req.JwtEndpoint,
|
|
Issuer: req.Issuer,
|
|
KeysEndpoint: req.KeysEndpoint,
|
|
HeaderName: req.HeaderName,
|
|
}
|
|
}
|
|
|
|
func listIDPsToModel(req *admin_pb.ListIDPsRequest) (*query.IDPSearchQueries, error) {
|
|
offset, limit, asc := object.ListQueryToModel(req.Query)
|
|
queries, err := idpQueriesToModel(req.Queries)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
iamQuery, err := query.NewIDPResourceOwnerSearchQuery(domain.IAMID)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
queries = append(queries, iamQuery)
|
|
return &query.IDPSearchQueries{
|
|
SearchRequest: query.SearchRequest{
|
|
Offset: offset,
|
|
Limit: limit,
|
|
Asc: asc,
|
|
SortingColumn: idp_grpc.FieldNameToModel(req.SortingColumn),
|
|
},
|
|
Queries: queries,
|
|
}, nil
|
|
}
|
|
|
|
func idpQueriesToModel(queries []*admin_pb.IDPQuery) (q []query.SearchQuery, err error) {
|
|
q = make([]query.SearchQuery, len(queries))
|
|
for i, query := range queries {
|
|
q[i], err = idpQueryToModel(query)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
|
|
return q, nil
|
|
}
|
|
|
|
func idpQueryToModel(idpQuery *admin_pb.IDPQuery) (query.SearchQuery, error) {
|
|
switch q := idpQuery.Query.(type) {
|
|
case *admin_pb.IDPQuery_IdpNameQuery:
|
|
return query.NewIDPNameSearchQuery(object.TextMethodToQuery(q.IdpNameQuery.Method), q.IdpNameQuery.Name)
|
|
case *admin_pb.IDPQuery_IdpIdQuery:
|
|
return query.NewIDPIDSearchQuery(q.IdpIdQuery.Id)
|
|
default:
|
|
return nil, errors.ThrowInvalidArgument(nil, "ADMIN-VmqQu", "List.Query.Invalid")
|
|
}
|
|
}
|
|
|
|
func idpsToDomain(idps []*query.IDP) []*domain.IDPProvider {
|
|
idpProvider := make([]*domain.IDPProvider, len(idps))
|
|
for i, idp := range idps {
|
|
idpProvider[i] = &domain.IDPProvider{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: idp.ResourceOwner,
|
|
},
|
|
IDPConfigID: idp.ID,
|
|
Type: idp.OwnerType,
|
|
}
|
|
}
|
|
return idpProvider
|
|
}
|
|
|
|
func idpUserLinksToDomain(idps []*query.IDPUserLink) []*domain.UserIDPLink {
|
|
externalIDPs := make([]*domain.UserIDPLink, len(idps))
|
|
for i, idp := range idps {
|
|
externalIDPs[i] = &domain.UserIDPLink{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: idp.UserID,
|
|
ResourceOwner: idp.ResourceOwner,
|
|
},
|
|
IDPConfigID: idp.IDPID,
|
|
ExternalUserID: idp.ProvidedUserID,
|
|
DisplayName: idp.ProvidedUsername,
|
|
}
|
|
}
|
|
return externalIDPs
|
|
}
|