mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 09:13:39 +00:00
Adds user sync flag to the Okta plugin settings (#33140)
* Up-revs the Okta plugin settings version Adds a version field to the OktaPlugin settings and updates the associated protocol files and tests. This is in preparation for adding new behaviour to the Okta plugin, and will allow Teleport to determine if a plugin installation was created by the current version of Teleport (and should get the new behaviour), or an old version (which will get no surprising behavioural changes) changing the behaviour of the Okta plugin depending if the plugin is created from a current or old version of Teleport. * revert structure up-rev * Fix spelling * Revert to simple flag * Test tidyup * Update api/types/plugin_test.go Co-authored-by: Forrest <30576607+fspmarshall@users.noreply.github.com> --------- Co-authored-by: Forrest <30576607+fspmarshall@users.noreply.github.com>
This commit is contained in:
parent
d014569faa
commit
033e938031
|
@ -5506,6 +5506,9 @@ message PluginOktaSettings {
|
|||
|
||||
// OrgUrl is the Okta organization URL to use for API communication.
|
||||
string org_url = 1;
|
||||
|
||||
// EnableUserSync controls the user sync in the Okta integration service.
|
||||
bool enable_user_sync = 2;
|
||||
}
|
||||
|
||||
// Defines a set of discord channel IDs
|
||||
|
|
|
@ -201,34 +201,63 @@ func TestPluginOpsgenieValidation(t *testing.T) {
|
|||
}
|
||||
}
|
||||
|
||||
func requireBadParameterWith(msg string) require.ErrorAssertionFunc {
|
||||
return func(t require.TestingT, err error, args ...interface{}) {
|
||||
require.True(t, trace.IsBadParameter(err), "error: %v", err)
|
||||
require.Contains(t, err.Error(), msg)
|
||||
}
|
||||
}
|
||||
|
||||
func TestPluginOktaValidation(t *testing.T) {
|
||||
validSettings := &PluginSpecV1_Okta{
|
||||
Okta: &PluginOktaSettings{
|
||||
OrgUrl: "https://test.okta.com",
|
||||
EnableUserSync: true,
|
||||
},
|
||||
}
|
||||
|
||||
validCreds := &PluginCredentialsV1{
|
||||
Credentials: &PluginCredentialsV1_StaticCredentialsRef{
|
||||
&PluginStaticCredentialsRef{
|
||||
Labels: map[string]string{
|
||||
"label1": "value1",
|
||||
},
|
||||
},
|
||||
},
|
||||
}
|
||||
|
||||
testCases := []struct {
|
||||
name string
|
||||
settings *PluginSpecV1_Okta
|
||||
creds *PluginCredentialsV1
|
||||
assertErr require.ErrorAssertionFunc
|
||||
name string
|
||||
settings *PluginSpecV1_Okta
|
||||
creds *PluginCredentialsV1
|
||||
assertErr require.ErrorAssertionFunc
|
||||
assertValue func(*testing.T, *PluginOktaSettings)
|
||||
}{
|
||||
{
|
||||
name: "valid values are preserved",
|
||||
settings: validSettings,
|
||||
creds: validCreds,
|
||||
assertErr: require.NoError,
|
||||
assertValue: func(t *testing.T, settings *PluginOktaSettings) {
|
||||
require.Equal(t, "https://test.okta.com", settings.OrgUrl)
|
||||
require.True(t, settings.EnableUserSync)
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "no settings",
|
||||
settings: &PluginSpecV1_Okta{
|
||||
Okta: nil,
|
||||
},
|
||||
creds: nil,
|
||||
assertErr: func(t require.TestingT, err error, args ...any) {
|
||||
require.True(t, trace.IsBadParameter(err))
|
||||
require.Contains(t, err.Error(), "missing Okta settings")
|
||||
},
|
||||
creds: validCreds,
|
||||
assertErr: requireBadParameterWith("missing Okta settings"),
|
||||
},
|
||||
{
|
||||
name: "no org URL",
|
||||
settings: &PluginSpecV1_Okta{
|
||||
Okta: &PluginOktaSettings{},
|
||||
},
|
||||
creds: nil,
|
||||
assertErr: func(t require.TestingT, err error, args ...any) {
|
||||
require.True(t, trace.IsBadParameter(err))
|
||||
require.Contains(t, err.Error(), "org_url must be set")
|
||||
},
|
||||
creds: validCreds,
|
||||
assertErr: requireBadParameterWith("org_url must be set"),
|
||||
},
|
||||
{
|
||||
name: "no credentials inner",
|
||||
|
@ -237,11 +266,8 @@ func TestPluginOktaValidation(t *testing.T) {
|
|||
OrgUrl: "https://test.okta.com",
|
||||
},
|
||||
},
|
||||
creds: &PluginCredentialsV1{},
|
||||
assertErr: func(t require.TestingT, err error, args ...any) {
|
||||
require.True(t, trace.IsBadParameter(err))
|
||||
require.Contains(t, err.Error(), "must be used with the static credentials ref type")
|
||||
},
|
||||
creds: &PluginCredentialsV1{},
|
||||
assertErr: requireBadParameterWith("must be used with the static credentials ref type"),
|
||||
},
|
||||
{
|
||||
name: "invalid credential type (oauth2)",
|
||||
|
@ -253,10 +279,7 @@ func TestPluginOktaValidation(t *testing.T) {
|
|||
creds: &PluginCredentialsV1{
|
||||
Credentials: &PluginCredentialsV1_Oauth2AccessToken{},
|
||||
},
|
||||
assertErr: func(t require.TestingT, err error, args ...any) {
|
||||
require.True(t, trace.IsBadParameter(err))
|
||||
require.Contains(t, err.Error(), "must be used with the static credentials ref type")
|
||||
},
|
||||
assertErr: requireBadParameterWith("must be used with the static credentials ref type"),
|
||||
},
|
||||
{
|
||||
name: "invalid credentials (static credentials)",
|
||||
|
@ -272,29 +295,18 @@ func TestPluginOktaValidation(t *testing.T) {
|
|||
},
|
||||
},
|
||||
},
|
||||
assertErr: func(t require.TestingT, err error, args ...any) {
|
||||
require.True(t, trace.IsBadParameter(err))
|
||||
require.Contains(t, err.Error(), "labels must be specified")
|
||||
},
|
||||
},
|
||||
{
|
||||
name: "valid credentials (static credentials)",
|
||||
assertErr: requireBadParameterWith("labels must be specified"),
|
||||
}, {
|
||||
name: "EnableUserSync defaults to false",
|
||||
settings: &PluginSpecV1_Okta{
|
||||
Okta: &PluginOktaSettings{
|
||||
OrgUrl: "https://test.okta.com",
|
||||
},
|
||||
},
|
||||
creds: &PluginCredentialsV1{
|
||||
Credentials: &PluginCredentialsV1_StaticCredentialsRef{
|
||||
&PluginStaticCredentialsRef{
|
||||
Labels: map[string]string{
|
||||
"label1": "value1",
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
assertErr: func(t require.TestingT, err error, args ...any) {
|
||||
require.NoError(t, err)
|
||||
creds: validCreds,
|
||||
assertErr: require.NoError,
|
||||
assertValue: func(t *testing.T, settings *PluginOktaSettings) {
|
||||
require.False(t, settings.EnableUserSync)
|
||||
},
|
||||
},
|
||||
}
|
||||
|
@ -305,6 +317,9 @@ func TestPluginOktaValidation(t *testing.T) {
|
|||
Settings: tc.settings,
|
||||
}, tc.creds)
|
||||
tc.assertErr(t, plugin.CheckAndSetDefaults())
|
||||
if tc.assertValue != nil {
|
||||
tc.assertValue(t, plugin.Spec.GetOkta())
|
||||
}
|
||||
})
|
||||
}
|
||||
}
|
||||
|
|
File diff suppressed because it is too large
Load diff
Loading…
Reference in a new issue