mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-15 12:27:59 +00:00
ba9b807854
* get key by id and cache them
* userinfo from events for v2 tokens
* improve keyset caching
* concurrent token and client checks
* client and project in single query
* logging and otel
* drop owner_removed column on apps and authN tables
* userinfo and project roles in go routines
* get oidc user info from projections and add actions
* add avatar URL
* some cleanup
* pull oidc work branch
* remove storage from server
* add config flag for experimental introspection
* legacy introspection flag
* drop owner_removed column on user projections
* drop owner_removed column on useer_metadata
* query userinfo unit test
* query introspection client test
* add user_grants to the userinfo query
* handle PAT scopes
* bring triggers back
* test instance keys query
* add userinfo unit tests
* unit test keys
* go mod tidy
* solve some bugs
* fix missing preferred login name
* do not run triggers in go routines, they seem to deadlock
* initialize the trigger handlers late with a sync.OnceValue
* Revert "do not run triggers in go routines, they seem to deadlock"
This reverts commit 2a03da2127
.
* add missing translations
* chore: update go version for linting
* pin oidc version
* parse a global time location for query test
* fix linter complains
* upgrade go lint
* fix more linting issues
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
109 lines
2.5 KiB
Go
109 lines
2.5 KiB
Go
package query
|
|
|
|
import (
|
|
"database/sql"
|
|
"database/sql/driver"
|
|
_ "embed"
|
|
"encoding/json"
|
|
"regexp"
|
|
"testing"
|
|
|
|
"github.com/stretchr/testify/assert"
|
|
"github.com/stretchr/testify/require"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
"github.com/zitadel/zitadel/internal/database"
|
|
)
|
|
|
|
func TestQueries_GetIntrospectionClientByID(t *testing.T) {
|
|
secret := &crypto.CryptoValue{
|
|
CryptoType: crypto.TypeHash,
|
|
Algorithm: "alg",
|
|
KeyID: "keyID",
|
|
Crypted: []byte("secret"),
|
|
}
|
|
encSecret, err := json.Marshal(secret)
|
|
require.NoError(t, err)
|
|
|
|
pubkeys := database.Map[[]byte]{
|
|
"key1": {1, 2, 3},
|
|
"key2": {4, 5, 6},
|
|
}
|
|
encPubkeys, err := pubkeys.Value()
|
|
require.NoError(t, err)
|
|
|
|
expQuery := regexp.QuoteMeta(introspectionClientByIDQuery)
|
|
type args struct {
|
|
clientID string
|
|
getKeys bool
|
|
}
|
|
tests := []struct {
|
|
name string
|
|
args args
|
|
mock sqlExpectation
|
|
want *IntrospectionClient
|
|
wantErr error
|
|
}{
|
|
{
|
|
name: "query error",
|
|
args: args{
|
|
clientID: "clientID",
|
|
getKeys: false,
|
|
},
|
|
mock: mockQueryErr(expQuery, sql.ErrConnDone, "instanceID", "clientID", false),
|
|
wantErr: sql.ErrConnDone,
|
|
},
|
|
{
|
|
name: "success, secret",
|
|
args: args{
|
|
clientID: "clientID",
|
|
getKeys: false,
|
|
},
|
|
mock: mockQuery(expQuery,
|
|
[]string{"client_id", "client_secret", "project_id", "public_keys"},
|
|
[]driver.Value{"clientID", encSecret, "projectID", nil},
|
|
"instanceID", "clientID", false),
|
|
want: &IntrospectionClient{
|
|
ClientID: "clientID",
|
|
ClientSecret: secret,
|
|
ProjectID: "projectID",
|
|
PublicKeys: nil,
|
|
},
|
|
},
|
|
{
|
|
name: "success, keys",
|
|
args: args{
|
|
clientID: "clientID",
|
|
getKeys: true,
|
|
},
|
|
mock: mockQuery(expQuery,
|
|
[]string{"client_id", "client_secret", "project_id", "public_keys"},
|
|
[]driver.Value{"clientID", nil, "projectID", encPubkeys},
|
|
"instanceID", "clientID", true),
|
|
want: &IntrospectionClient{
|
|
ClientID: "clientID",
|
|
ClientSecret: nil,
|
|
ProjectID: "projectID",
|
|
PublicKeys: pubkeys,
|
|
},
|
|
},
|
|
}
|
|
for _, tt := range tests {
|
|
t.Run(tt.name, func(t *testing.T) {
|
|
execMock(t, tt.mock, func(db *sql.DB) {
|
|
q := &Queries{
|
|
client: &database.DB{
|
|
DB: db,
|
|
Database: &prepareDB{},
|
|
},
|
|
}
|
|
ctx := authz.NewMockContext("instanceID", "orgID", "userID")
|
|
got, err := q.GetIntrospectionClientByID(ctx, tt.args.clientID, tt.args.getKeys)
|
|
require.ErrorIs(t, err, tt.wantErr)
|
|
assert.Equal(t, tt.want, got)
|
|
})
|
|
})
|
|
}
|
|
}
|