Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Add user_id_attribute support to AzureAD connection options in Connection Manager #445

Merged
merged 1 commit into from
Sep 20, 2024
Merged

Add user_id_attribute support to AzureAD connection options in Connection Manager #445

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
1 change: 1 addition & 0 deletions management/connection.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1277,6 +1277,7 @@ type ConnectionOptionsAzureAD struct {
CertRolloverNotification *string `json:"cert_rollover_notification,omitempty"`
Granted *bool `json:"granted,omitempty"`
TenantID *string `json:"tenantId,omitempty"`
UserIDAttribute *string `json:"user_id_attribute,omitempty"`
}

// Scopes returns the scopes for ConnectionOptionsAzureAD.
Expand Down
1 change: 1 addition & 0 deletions management/connection_test.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -241,6 +241,7 @@ ZsUkLw2I7zI/dNlWdB8Xp7v+3w9sX5N3J/WuJ1KOO5m26kRlHQo7EzT3974g
TenantDomain: auth0.String("example.onmicrosoft.com"),
ClientID: auth0.String("123456"),
ClientSecret: auth0.String("123456"),
UserIDAttribute: auth0.String("userName"),
UpstreamParams: map[string]interface{}{
"screen_name": map[string]interface{}{
"alias": "login_hint",
Expand Down
8 changes: 8 additions & 0 deletions management/management.gen.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

10 changes: 10 additions & 0 deletions management/management.gen_test.go
View file
Open in desktop

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

12 changes: 6 additions & 6 deletions ...recordings/TestConnectionManager_Create/It_can_successfully_create_a_ADFS_Connection.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-ADFS-Connection-1726595088","strategy":"adfs","options":{"strategy_version":2,"fedMetadataXml":"\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003cEntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"\u003e\n \u003cRoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\"\u003e\n \u003cfed:TargetScopes\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:TargetScopes\u003e\n \u003cfed:ApplicationServiceEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:ApplicationServiceEndpoint\u003e\n \u003cfed:PassiveRequestorEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:PassiveRequestorEndpoint\u003e\n \u003c/RoleDescriptor\u003e\n \u003cIDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"\u003e\n \u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/\u003e\n \u003cSingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/\u003e\n \u003c/IDPSSODescriptor\u003e\n\u003c/EntityDescriptor\u003e\n","upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-ADFS-Connection-1726765770","strategy":"adfs","options":{"strategy_version":2,"fedMetadataXml":"\u003c?xml version=\"1.0\" encoding=\"utf-8\"?\u003e\n\u003cEntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\"\u003e\n \u003cRoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\"\u003e\n \u003cfed:TargetScopes\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:TargetScopes\u003e\n \u003cfed:ApplicationServiceEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:ApplicationServiceEndpoint\u003e\n \u003cfed:PassiveRequestorEndpoint\u003e\n \u003cwsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\"\u003e\n \u003cwsa:Address\u003ehttps://adfs.provider/wsfed\u003c/wsa:Address\u003e\n \u003c/wsa:EndpointReference\u003e\n \u003c/fed:PassiveRequestorEndpoint\u003e\n \u003c/RoleDescriptor\u003e\n \u003cIDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\"\u003e\n \u003cSingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/\u003e\n \u003cSingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/\u003e\n \u003c/IDPSSODescriptor\u003e\n\u003c/EntityDescriptor\u003e\n","upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: -1
uncompressed: false
body: '{"id":"con_SfOKu7OhKTHFEVLh","options":{"strategy_version":2,"fedMetadataXml":"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<EntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n <RoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\">\n <fed:TargetScopes>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/</wsa:Address>\n </wsa:EndpointReference>\n </fed:TargetScopes>\n <fed:ApplicationServiceEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:ApplicationServiceEndpoint>\n <fed:PassiveRequestorEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:PassiveRequestorEndpoint>\n </RoleDescriptor>\n <IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n <SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/>\n <SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/>\n </IDPSSODescriptor>\n</EntityDescriptor>\n","upstream_params":{"screen_name":{"alias":"login_hint"}},"thumbprints":[],"signInEndpoint":"https://adfs.provider/wsfed","should_trust_email_verified_connection":"always_set_emails_as_verified"},"strategy":"adfs","name":"Test-ADFS-Connection-1726595088","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/adfs/62MnfgMO","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-ADFS-Connection-1726595088"]}'
body: '{"id":"con_Y7LemdCR6UEa0qGA","options":{"strategy_version":2,"fedMetadataXml":"<?xml version=\"1.0\" encoding=\"utf-8\"?>\n<EntityDescriptor entityID=\"https://example.com\"\n xmlns=\"urn:oasis:names:tc:SAML:2.0:metadata\">\n <RoleDescriptor xsi:type=\"fed:ApplicationServiceType\"\n protocolSupportEnumeration=\"http://docs.oasis-open.org/wsfed/federation/200706\"\n xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\"\n xmlns:fed=\"http://docs.oasis-open.org/wsfed/federation/200706\">\n <fed:TargetScopes>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/</wsa:Address>\n </wsa:EndpointReference>\n </fed:TargetScopes>\n <fed:ApplicationServiceEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:ApplicationServiceEndpoint>\n <fed:PassiveRequestorEndpoint>\n <wsa:EndpointReference xmlns:wsa=\"http://www.w3.org/2005/08/addressing\">\n <wsa:Address>https://adfs.provider/wsfed</wsa:Address>\n </wsa:EndpointReference>\n </fed:PassiveRequestorEndpoint>\n </RoleDescriptor>\n <IDPSSODescriptor protocolSupportEnumeration=\"urn:oasis:names:tc:SAML:2.0:protocol\">\n <SingleLogoutService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_out\"/>\n <SingleSignOnService Binding=\"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect\"\n Location=\"https://adfs.provider/sign_in\"/>\n </IDPSSODescriptor>\n</EntityDescriptor>\n","upstream_params":{"screen_name":{"alias":"login_hint"}},"thumbprints":[],"signInEndpoint":"https://adfs.provider/wsfed","should_trust_email_verified_connection":"always_set_emails_as_verified"},"strategy":"adfs","name":"Test-ADFS-Connection-1726765770","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/adfs/L5ofK2fE","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-ADFS-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 177.862417ms
duration: 177.838916ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_SfOKu7OhKTHFEVLh
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_Y7LemdCR6UEa0qGA
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:59.127Z"}'
body: '{"deleted_at":"2024-09-19T17:09:40.572Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 152.907208ms
duration: 175.825958ms
12 changes: 6 additions & 6 deletions ...a/recordings/TestConnectionManager_Create/It_can_successfully_create_a_AD_Connection.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-AD-Connection-1726595088","strategy":"ad","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-AD-Connection-1726765770","strategy":"ad","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: 428
uncompressed: false
body: '{"id":"con_pkhhFJ36e4IwW54D","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"ips":null,"brute_force_protection":true},"strategy":"ad","name":"Test-AD-Connection-1726595088","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/ad/KR3seEszrwbcYuLOteUWV7qmdtBkxlep","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-AD-Connection-1726595088"]}'
body: '{"id":"con_XCw6yNNo2liNyEYU","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"ips":null,"brute_force_protection":true},"strategy":"ad","name":"Test-AD-Connection-1726765770","provisioning_ticket_url":"https://go-auth0-dev.eu.auth0.com.eu.auth0.com/p/ad/Eb8B4R7OrRTL0jYHFrtWoUBq8X1JNE8s","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-AD-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 168.473584ms
duration: 187.741875ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_pkhhFJ36e4IwW54D
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_XCw6yNNo2liNyEYU
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:58.786Z"}'
body: '{"deleted_at":"2024-09-19T17:09:40.222Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 153.991917ms
duration: 172.200125ms
12 changes: 6 additions & 6 deletions ...ecordings/TestConnectionManager_Create/It_can_successfully_create_a_Apple_Connection.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-Apple-Connection-1726595088","strategy":"apple","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-Apple-Connection-1726765770","strategy":"apple","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: 255
uncompressed: false
body: '{"id":"con_pzfojOjVYOdDjxFw","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}},"strategy":"apple","name":"Test-Apple-Connection-1726595088","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Apple-Connection-1726595088"]}'
body: '{"id":"con_KAhLtRNvDbAcZMBj","options":{"upstream_params":{"screen_name":{"alias":"login_hint"}}},"strategy":"apple","name":"Test-Apple-Connection-1726765770","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Apple-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 165.993708ms
duration: 163.526125ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_pzfojOjVYOdDjxFw
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_KAhLtRNvDbAcZMBj
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:59.787Z"}'
body: '{"deleted_at":"2024-09-19T17:09:41.293Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 150.8965ms
duration: 207.708875ms
12 changes: 6 additions & 6 deletions ...ecordings/TestConnectionManager_Create/It_can_successfully_create_a_Auth0_Connection.yaml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,7 @@ interactions:
remote_addr: ""
request_uri: ""
body: |
{"name":"Test-Auth0-Connection-1726595088","strategy":"auth0","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
{"name":"Test-Auth0-Connection-1726765770","strategy":"auth0","options":{"strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}}}}
form: {}
headers:
Content-Type:
Expand All @@ -30,13 +30,13 @@ interactions:
trailer: {}
content_length: 577
uncompressed: false
body: '{"id":"con_355aN8eKLWbxIXYL","options":{"mfa":{"active":true,"return_enroll_settings":true},"passwordPolicy":"good","strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"authentication_methods":{"password":{"enabled":true},"passkey":{"enabled":false}},"passkey_options":{"challenge_ui":"both","progressive_enrollment_enabled":true,"local_enrollment_enabled":true},"brute_force_protection":true},"strategy":"auth0","name":"Test-Auth0-Connection-1726595088","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Auth0-Connection-1726595088"]}'
body: '{"id":"con_zMu8RDPcczLUT7LZ","options":{"mfa":{"active":true,"return_enroll_settings":true},"passwordPolicy":"good","strategy_version":2,"upstream_params":{"screen_name":{"alias":"login_hint"}},"authentication_methods":{"password":{"enabled":true},"passkey":{"enabled":false}},"passkey_options":{"challenge_ui":"both","progressive_enrollment_enabled":true,"local_enrollment_enabled":true},"brute_force_protection":true},"strategy":"auth0","name":"Test-Auth0-Connection-1726765770","is_domain_connection":false,"enabled_clients":[],"realms":["Test-Auth0-Connection-1726765770"]}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 201 Created
code: 201
duration: 427.618208ms
duration: 527.935709ms
- id: 1
request:
proto: HTTP/1.1
Expand All @@ -55,7 +55,7 @@ interactions:
- application/json
User-Agent:
- Go-Auth0/1.10.0
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_355aN8eKLWbxIXYL
url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_zMu8RDPcczLUT7LZ
method: DELETE
response:
proto: HTTP/2.0
Expand All @@ -65,10 +65,10 @@ interactions:
trailer: {}
content_length: 41
uncompressed: false
body: '{"deleted_at":"2024-09-17T17:44:49.248Z"}'
body: '{"deleted_at":"2024-09-19T17:09:31.501Z"}'
headers:
Content-Type:
- application/json; charset=utf-8
status: 202 Accepted
code: 202
duration: 164.585417ms
duration: 167.63275ms
Loading