mirror of
https://github.com/gravitational/teleport
synced 2024-10-20 17:23:22 +00:00
d29cc6e797
* Extract entity ID when creating SAML service provider. The entity ID will be parsed from the entity descriptor metadata when the service provider's entity descriptor is set. The motivation of this PR is to do the following: * Extract the entity ID from the entity descriptor during the creation of the SAML IdP service provider. * Prevent the creation of service providers in the backend that have an entity ID that does not match the entity ID represented in the entity descriptor. * When reading or listing service providers, prevent the parsing of every entity descriptor during the listing. The goal here is to make it performant to look up entity descriptors by their entity ID without incurring the cost of parsing every single entity descriptor to determine the entity ID. * Feedback, eliminating the parsing from the object, pushing parsing verification into the local service. * Fix up tests, e_imports. * Fix comment in types.proto. * Remove dead comment. * Deduplicate entity ID in update as well. * Small refactor to move parse out of lock. * Remove XML parsing from type, fix grpcserver test, fix locking boundaries. * Tim's and Edoardo's feedback. * Fix cache test. * Update lib/services/local/saml_idp_service_provider.go Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com> * Expanding the comments on the EntityID field. --------- Co-authored-by: Edoardo Spadolini <edoardo.spadolini@goteleport.com>
56 lines
2.2 KiB
Go
56 lines
2.2 KiB
Go
//go:build eimports
|
|
|
|
// Copyright 2022 Gravitational, Inc
|
|
//
|
|
// Licensed under the Apache License, Version 2.0 (the "License");
|
|
// you may not use this file except in compliance with the License.
|
|
// You may obtain a copy of the License at
|
|
//
|
|
// http://www.apache.org/licenses/LICENSE-2.0
|
|
//
|
|
// Unless required by applicable law or agreed to in writing, software
|
|
// distributed under the License is distributed on an "AS IS" BASIS,
|
|
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
// See the License for the specific language governing permissions and
|
|
// limitations under the License.
|
|
|
|
package teleport
|
|
|
|
// This file should import all non-stdlib, non-teleport packages that are
|
|
// imported by any package in ./e/ but not by packages in the rest of the main
|
|
// teleport module, so tidying that doesn't have access to teleport.e (like
|
|
// Dependabot) doesn't wrongly remove the modules they belong to.
|
|
|
|
// Remember to check that e is up to date and that there is not a go.work file
|
|
// before running the following command to generate the import list. The list of
|
|
// tags that might be needed in e (currently only "piv") can be extracted with a
|
|
// (cd e && git grep //go:build).
|
|
|
|
// TODO(espadolini): turn this into a lint (needs access to teleport.e in CI and
|
|
// ideally a resolution to https://github.com/golang/go/issues/42504 )
|
|
|
|
/*
|
|
comm -13 <(
|
|
go list ./... | sort -u | grep -Ev -e "^github.com/gravitational/teleport/e(/.*)?$" |
|
|
xargs go list -f '{{range .Imports}}{{println .}}{{end}}' |
|
|
sort -u | grep -Ev -e "^github.com/gravitational/teleport(/.*)?$" -e "^C$" |
|
|
xargs go list -f '{{if not .Standard}}{{println .ImportPath}}{{end}}'
|
|
) <(
|
|
go list -f '{{range .Imports}}{{println .}}{{end}}' -tags piv ./e/... |
|
|
sort -u | grep -Ev -e "^github.com/gravitational/teleport(/.*)?$" -e "^C$" |
|
|
xargs go list -f '{{if not .Standard}}{{println .ImportPath}}{{end}}'
|
|
) | awk '{ print "\t_ \"" $1 "\"" }'
|
|
*/
|
|
|
|
import (
|
|
_ "github.com/beevik/etree"
|
|
_ "github.com/coreos/go-oidc/oidc"
|
|
_ "github.com/crewjam/saml/samlidp"
|
|
_ "github.com/go-piv/piv-go/piv"
|
|
_ "github.com/gravitational/form"
|
|
_ "google.golang.org/api/admin/directory/v1"
|
|
_ "google.golang.org/api/cloudidentity/v1"
|
|
_ "google.golang.org/genproto/googleapis/rpc/status"
|
|
_ "gopkg.in/check.v1"
|
|
)
|