mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 11:04:25 +00:00
15fd3045e0
* feat: first implementation for saml sp * fix: add command side instance and org for saml provider * fix: add query side instance and org for saml provider * fix: request handling in event and retrieval of finished intent * fix: add review changes and integration tests * fix: add integration tests for saml idp * fix: correct unit tests with review changes * fix: add saml session unit test * fix: add saml session unit test * fix: add saml session unit test * fix: changes from review * fix: changes from review * fix: proto build error * fix: proto build error * fix: proto build error * fix: proto require metadata oneof * fix: login with saml provider * fix: integration test for saml assertion * lint client.go * fix json tag * fix: linting * fix import * fix: linting * fix saml idp query * fix: linting * lint: try all issues * revert linting config * fix: add regenerate endpoints * fix: translations * fix mk.yaml * ignore acs path for user agent cookie * fix: add AuthFromProvider test for saml * fix: integration test for saml retrieve information --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
124 lines
3.2 KiB
Go
124 lines
3.2 KiB
Go
package command
|
|
|
|
import (
|
|
"net/url"
|
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
"github.com/zitadel/zitadel/internal/repository/idpintent"
|
|
)
|
|
|
|
type IDPIntentWriteModel struct {
|
|
eventstore.WriteModel
|
|
|
|
SuccessURL *url.URL
|
|
FailureURL *url.URL
|
|
IDPID string
|
|
IDPUser []byte
|
|
IDPUserID string
|
|
IDPUserName string
|
|
UserID string
|
|
|
|
IDPAccessToken *crypto.CryptoValue
|
|
IDPIDToken string
|
|
|
|
IDPEntryAttributes map[string][]string
|
|
|
|
RequestID string
|
|
Assertion *crypto.CryptoValue
|
|
|
|
State domain.IDPIntentState
|
|
aggregate *eventstore.Aggregate
|
|
}
|
|
|
|
func NewIDPIntentWriteModel(id, resourceOwner string) *IDPIntentWriteModel {
|
|
return &IDPIntentWriteModel{
|
|
WriteModel: eventstore.WriteModel{
|
|
AggregateID: id,
|
|
ResourceOwner: resourceOwner,
|
|
},
|
|
aggregate: &idpintent.NewAggregate(id, resourceOwner).Aggregate,
|
|
}
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) Reduce() error {
|
|
for _, event := range wm.Events {
|
|
switch e := event.(type) {
|
|
case *idpintent.StartedEvent:
|
|
wm.reduceStartedEvent(e)
|
|
case *idpintent.SucceededEvent:
|
|
wm.reduceOAuthSucceededEvent(e)
|
|
case *idpintent.SAMLSucceededEvent:
|
|
wm.reduceSAMLSucceededEvent(e)
|
|
case *idpintent.SAMLRequestEvent:
|
|
wm.reduceSAMLRequestEvent(e)
|
|
case *idpintent.LDAPSucceededEvent:
|
|
wm.reduceLDAPSucceededEvent(e)
|
|
case *idpintent.FailedEvent:
|
|
wm.reduceFailedEvent(e)
|
|
}
|
|
}
|
|
return wm.WriteModel.Reduce()
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) Query() *eventstore.SearchQueryBuilder {
|
|
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent).
|
|
ResourceOwner(wm.ResourceOwner).
|
|
AddQuery().
|
|
AggregateTypes(idpintent.AggregateType).
|
|
AggregateIDs(wm.AggregateID).
|
|
EventTypes(
|
|
idpintent.StartedEventType,
|
|
idpintent.SucceededEventType,
|
|
idpintent.SAMLSucceededEventType,
|
|
idpintent.SAMLRequestEventType,
|
|
idpintent.LDAPSucceededEventType,
|
|
idpintent.FailedEventType,
|
|
).
|
|
Builder()
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) reduceStartedEvent(e *idpintent.StartedEvent) {
|
|
wm.SuccessURL = e.SuccessURL
|
|
wm.FailureURL = e.FailureURL
|
|
wm.IDPID = e.IDPID
|
|
wm.State = domain.IDPIntentStateStarted
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) reduceSAMLSucceededEvent(e *idpintent.SAMLSucceededEvent) {
|
|
wm.UserID = e.UserID
|
|
wm.IDPUser = e.IDPUser
|
|
wm.IDPUserID = e.IDPUserID
|
|
wm.IDPUserName = e.IDPUserName
|
|
wm.Assertion = e.Assertion
|
|
wm.State = domain.IDPIntentStateSucceeded
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) reduceLDAPSucceededEvent(e *idpintent.LDAPSucceededEvent) {
|
|
wm.UserID = e.UserID
|
|
wm.IDPUser = e.IDPUser
|
|
wm.IDPUserID = e.IDPUserID
|
|
wm.IDPUserName = e.IDPUserName
|
|
wm.IDPEntryAttributes = e.EntryAttributes
|
|
wm.State = domain.IDPIntentStateSucceeded
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) reduceOAuthSucceededEvent(e *idpintent.SucceededEvent) {
|
|
wm.UserID = e.UserID
|
|
wm.IDPUser = e.IDPUser
|
|
wm.IDPUserID = e.IDPUserID
|
|
wm.IDPUserName = e.IDPUserName
|
|
wm.IDPAccessToken = e.IDPAccessToken
|
|
wm.IDPIDToken = e.IDPIDToken
|
|
wm.State = domain.IDPIntentStateSucceeded
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) reduceSAMLRequestEvent(e *idpintent.SAMLRequestEvent) {
|
|
wm.RequestID = e.RequestID
|
|
}
|
|
|
|
func (wm *IDPIntentWriteModel) reduceFailedEvent(e *idpintent.FailedEvent) {
|
|
wm.State = domain.IDPIntentStateFailed
|
|
}
|