Skip to content

Commit

Permalink
ESD-40358: add userID attribute type for AzureAD connections
Browse files Browse the repository at this point in the history
  • Loading branch information
@acwest
acwest committed Sep 19, 2024
1 parent 86c7e2f commit 790b84f
Show file tree
Hide file tree
Showing 97 changed files with 1,053 additions and 1,033 deletions.
1 change: 1 addition & 0 deletions management/connection.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1277,6 +1277,7 @@ type ConnectionOptionsAzureAD struct {
CertRolloverNotification *string `json:"cert_rollover_notification,omitempty"`
Granted *bool `json:"granted,omitempty"`
TenantID *string `json:"tenantId,omitempty"`
UserIDAttribute *string `json:"user_id_attribute,omitempty"`
}

// Scopes returns the scopes for ConnectionOptionsAzureAD.
Expand Down
1 change: 1 addition & 0 deletions management/connection_test.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,7 @@ ZsUkLw2I7zI/dNlWdB8Xp7v+3w9sX5N3J/WuJ1KOO5m26kRlHQo7EzT3974g
TenantDomain: auth0.String("example.onmicrosoft.com"),
ClientID: auth0.String("123456"),
ClientSecret: auth0.String("123456"),
UserIDAttribute: auth0.String("userName"),
UpstreamParams: map[string]interface{}{
"screen_name": map[string]interface{}{
"alias": "login_hint",
Expand Down
8 changes: 8 additions & 0 deletions management/management.gen.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 10 additions & 0 deletions management/management.gen_test.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 6 additions & 6 deletions ...recordings/TestConnectionManager_Create/It_can_successfully_create_a_ADFS_Connection.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-ADFS-Connection-1726595088","strategy":"adfs","options":{"strategy_version":2,"fedMetadataXml":"\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003cEntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"\u003e\n \u003cRoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\"\u003e\n \u003cfed:TargetScopes\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:TargetScopes\u003e\n \u003cfed:ApplicationServiceEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:ApplicationServiceEndpoint\u003e\n \u003cfed:PassiveRequestorEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:PassiveRequestorEndpoint\u003e\n \u003c/RoleDescriptor\u003e\n \u003cIDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"\u003e\n \u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/\u003e\n \u003cSingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/\u003e\n \u003c/IDPSSODescriptor\u003e\n\u003c/EntityDescriptor\u003e\n","upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-ADFS-Connection-1726765770","strategy":"adfs","options":{"strategy_version":2,"fedMetadataXml":"\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003cEntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"\u003e\n \u003cRoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\"\u003e\n \u003cfed:TargetScopes\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:TargetScopes\u003e\n \u003cfed:ApplicationServiceEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:ApplicationServiceEndpoint\u003e\n \u003cfed:PassiveRequestorEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:PassiveRequestorEndpoint\u003e\n \u003c/RoleDescriptor\u003e\n \u003cIDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"\u003e\n \u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/\u003e\n \u003cSingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/\u003e\n \u003c/IDPSSODescriptor\u003e\n\u003c/EntityDescriptor\u003e\n","upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: -1
uncompressed: false
body: '{"id":"con_SfOKu7OhKTHFEVLh","options":{"strategy_version":2,"fedMetadataXml":"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<EntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n <RoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\">\n <fed:TargetScopes>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/</wsa:Address>\n </wsa:EndpointReference>\n </fed:TargetScopes>\n <fed:ApplicationServiceEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:ApplicationServiceEndpoint>\n <fed:PassiveRequestorEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:PassiveRequestorEndpoint>\n </RoleDescriptor>\n <IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n <SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/>\n <SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/>\n </IDPSSODescriptor>\n</EntityDescriptor>\n","upstream_params":{"screen_name":{"alias":"login_hint"}},"thumbprints":[],"signInEndpoint":"https://adfs.provider/wsfed","should_trust_email_verified_connection":"always_set_emails_as_verified"},"strategy":"adfs","name":"Test-ADFS-Connection-1726595088","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/adfs/62MnfgMO","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-ADFS-Connection-1726595088"]}'
body: '{"id":"con_Y7LemdCR6UEa0qGA","options":{"strategy_version":2,"fedMetadataXml":"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<EntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n <RoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\">\n <fed:TargetScopes>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/</wsa:Address>\n </wsa:EndpointReference>\n </fed:TargetScopes>\n <fed:ApplicationServiceEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:ApplicationServiceEndpoint>\n <fed:PassiveRequestorEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:PassiveRequestorEndpoint>\n </RoleDescriptor>\n <IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n <SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/>\n <SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/>\n </IDPSSODescriptor>\n</EntityDescriptor>\n","upstream_params":{"screen_name":{"alias":"login_hint"}},"thumbprints":[],"signInEndpoint":"https://adfs.provider/wsfed","should_trust_email_verified_connection":"always_set_emails_as_verified"},"strategy":"adfs","name":"Test-ADFS-Connection-1726765770","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/adfs/L5ofK2fE","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-ADFS-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 177.862417ms
duration: 177.838916ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_SfOKu7OhKTHFEVLh
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_Y7LemdCR6UEa0qGA
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:59.127Z"}'
body: '{"deleted_at":"2024-09-19T17:09:40.572Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 152.907208ms
duration: 175.825958ms
12 changes: 6 additions & 6 deletions ...a/recordings/TestConnectionManager_Create/It_can_successfully_create_a_AD_Connection.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-AD-Connection-1726595088","strategy":"ad","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-AD-Connection-1726765770","strategy":"ad","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: 428
uncompressed: false
body: '{"id":"con_pkhhFJ36e4IwW54D","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"ips":null,"brute_force_protection":true},"strategy":"ad","name":"Test-AD-Connection-1726595088","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/ad/KR3seEszrwbcYuLOteUWV7qmdtBkxlep","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-AD-Connection-1726595088"]}'
body: '{"id":"con_XCw6yNNo2liNyEYU","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"ips":null,"brute_force_protection":true},"strategy":"ad","name":"Test-AD-Connection-1726765770","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/ad/Eb8B4R7OrRTL0jYHFrtWoUBq8X1JNE8s","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-AD-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 168.473584ms
duration: 187.741875ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_pkhhFJ36e4IwW54D
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_XCw6yNNo2liNyEYU
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:58.786Z"}'
body: '{"deleted_at":"2024-09-19T17:09:40.222Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 153.991917ms
duration: 172.200125ms
12 changes: 6 additions & 6 deletions ...ecordings/TestConnectionManager_Create/It_can_successfully_create_a_Apple_Connection.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-Apple-Connection-1726595088","strategy":"apple","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-Apple-Connection-1726765770","strategy":"apple","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: 255
uncompressed: false
body: '{"id":"con_pzfojOjVYOdDjxFw","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}},"strategy":"apple","name":"Test-Apple-Connection-1726595088","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Apple-Connection-1726595088"]}'
body: '{"id":"con_KAhLtRNvDbAcZMBj","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}},"strategy":"apple","name":"Test-Apple-Connection-1726765770","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Apple-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 165.993708ms
duration: 163.526125ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_pzfojOjVYOdDjxFw
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_KAhLtRNvDbAcZMBj
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:59.787Z"}'
body: '{"deleted_at":"2024-09-19T17:09:41.293Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 150.8965ms
duration: 207.708875ms
12 changes: 6 additions & 6 deletions ...ecordings/TestConnectionManager_Create/It_can_successfully_create_a_Auth0_Connection.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-Auth0-Connection-1726595088","strategy":"auth0","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-Auth0-Connection-1726765770","strategy":"auth0","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: 577
uncompressed: false
body: '{"id":"con_355aN8eKLWbxIXYL","options":{"mfa":{"active":true,"return_enroll_settings":true},"passwordPolicy":"good","strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"authentication_methods":{"password":{"enabled":true},"passkey":{"enabled":false}},"passkey_options":{"challenge_ui":"both","progressive_enrollment_enabled":true,"local_enrollment_enabled":true},"brute_force_protection":true},"strategy":"auth0","name":"Test-Auth0-Connection-1726595088","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Auth0-Connection-1726595088"]}'
body: '{"id":"con_zMu8RDPcczLUT7LZ","options":{"mfa":{"active":true,"return_enroll_settings":true},"passwordPolicy":"good","strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"authentication_methods":{"password":{"enabled":true},"passkey":{"enabled":false}},"passkey_options":{"challenge_ui":"both","progressive_enrollment_enabled":true,"local_enrollment_enabled":true},"brute_force_protection":true},"strategy":"auth0","name":"Test-Auth0-Connection-1726765770","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Auth0-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 427.618208ms
duration: 527.935709ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_355aN8eKLWbxIXYL
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_zMu8RDPcczLUT7LZ
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:49.248Z"}'
body: '{"deleted_at":"2024-09-19T17:09:31.501Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 164.585417ms
duration: 167.63275ms
Loading

0 comments on commit 790b84f

Please sign in to comment.