diff --git a/management/connection.go b/management/connection.go index c1494b26..19a14dc9 100644 --- a/management/connection.go +++ b/management/connection.go @@ -157,6 +157,101 @@ type Connection struct { ShowAsButton *bool `json:"show_as_button,omitempty"` } +// SCIMConfiguration represents the SCIM configuration for a connection. +// This struct is used primarily for enterprise connections. +type SCIMConfiguration struct { + // ConnectionID is the connection's identifier. + ConnectionID *string `json:"connection_id,omitempty"` + + // ConnectionName is the connection's name. + ConnectionName *string `json:"connection_name,omitempty"` + + // Strategy is the connection's strategy. + Strategy *string `json:"strategy,omitempty"` + + // TenantName is the tenant's name. + TenantName *string `json:"tenant_name,omitempty"` + + // UserIDAttribute is the user ID attribute for generating unique user IDs. + // Optional. Defaults depend on the connection type (SAML, OIDC). + UserIDAttribute *string `json:"user_id_attribute,omitempty"` + + // CreatedAt is the date and time when the SCIM configuration was created. + CreatedAt *string `json:"created_at,omitempty"` + + // UpdatedAt is the date and time when the SCIM configuration was last updated. + UpdatedAt *string `json:"updated_at,omitempty"` + + // Mapping is the user-provided mapping between Auth0 and SCIM fields. + // Optional. If not provided, defaults based on connection type. + Mapping *[]SCIMConfigurationMapping `json:"mapping,omitempty"` +} + +// SCIMConfigurationMapping represents the mapping between Auth0 and SCIM fields. +// This struct is used primarily for enterprise connections. +type SCIMConfigurationMapping struct { + // Auth0 is the field location in the Auth0 schema. + Auth0 *string `json:"auth0,omitempty"` + + // SCIM is the field location in the SCIM schema. + SCIM *string `json:"scim,omitempty"` +} + +// MarshalJSON implements the json.Marshaler interface. +func (sc *SCIMConfiguration) MarshalJSON() ([]byte, error) { + type SCIMConfigurationSubset struct { + UserIDAttribute *string `json:"user_id_attribute,omitempty"` + Mapping *[]SCIMConfigurationMapping `json:"mapping,omitempty"` + } + + return json.Marshal(&SCIMConfigurationSubset{ + UserIDAttribute: sc.UserIDAttribute, + Mapping: sc.Mapping, + }) +} + +// SCIMTokens represents the SCIM tokens for a connection. +// This struct is used primarily for enterprise connections. +type SCIMTokens *[]SCIMToken + +// SCIMToken represents the SCIM token used by the client. +// This struct is used primarily for enterprise connections. +type SCIMToken struct { + // TokenID is the identifier associated with the token. + TokenID *string `json:"token_id,omitempty"` + + // Token is the actual token value used for authentication. + Token *string `json:"token,omitempty"` + + // Scopes is an array of strings representing the scopes that the token provides. + Scopes *[]string `json:"scopes,omitempty"` + + // CreatedAt is the ISO8601 standard date string indicating when the token was created. + CreatedAt *string `json:"created_at,omitempty"` + + // ValidUntil is the ISO8601 standard date string indicating when the token will expire. + ValidUntil *string `json:"valid_until,omitempty"` + + // TokenLifeTime is the lifetime of the token in seconds. It must be greater than 900. + TokenLifeTime *int `json:"token_lifetime,omitempty"` + + // LastUsedAt is the ISO8601 standard date string that says when the token was used. If never used it won’t be returned. + LastUsedAt *string `json:"last_used_at,omitempty"` +} + +// MarshalJSON implements the json.Marshaler interface. +func (st *SCIMToken) MarshalJSON() ([]byte, error) { + type SCIMTokenSubset struct { + Scopes *[]string `json:"scopes,omitempty"` + TokenLifeTime *int `json:"token_lifetime,omitempty"` + } + + return json.Marshal(&SCIMTokenSubset{ + Scopes: st.Scopes, + TokenLifeTime: st.TokenLifeTime, + }) +} + // MarshalJSON implements the json.Marshaler interface. func (c *Connection) MarshalJSON() ([]byte, error) { type connection Connection @@ -1346,3 +1441,88 @@ func (m *ConnectionManager) ReadByName(ctx context.Context, name string, opts .. } return nil, &managementError{404, "Not Found", "Connection not found"} } + +// CreateSCIMConfiguration creates a SCIM configuration for a connection by its connection ID. +// +// Note: This method only works with the following enterprise connections: +// - Authentication > Enterprise > SAML +// - Authentication > Enterprise > OpenID Connect +// - Authentication > Enterprise > Okta Workforce +// - Authentication > Enterprise > Microsoft Azure AD +// +// Parameters: +// - scimConfig (optional): The SCIM configuration details. Only `mapping` and `user_id_attribute` fields are used. +// This parameter can be passed as nil or empty. +// +// `mapping`: Specifies a mapping between SCIM protocol user schema and Auth0 user schema. +// If not provided, a default mapping based on the connection type (e.g., Okta, SAML) will be used. +// +// `user_id_attribute`: Specifies the SCIM attribute containing the unique user identifier +// presented in the SAML assertion or ID token during user login. If not provided, it defaults to +// `userName` for SAML connections and `externalId` for OIDC connections. +// +// For more details, see: https://auth0.com/docs/api/management/v2/connections/post-scim-configuration +func (m *ConnectionManager) CreateSCIMConfiguration(ctx context.Context, id string, scimConfig *SCIMConfiguration, opts ...RequestOption) error { + return m.management.Request(ctx, "POST", m.management.URI("connections", id, "scim-configuration"), scimConfig, opts...) +} + +// ReadSCIMConfiguration retrieves the SCIM configuration for a connection by its connection ID. +// This method only works with enterprise connections. +// +// See: https://auth0.com/docs/api/management/v2/connections/get-scim-configuration +func (m *ConnectionManager) ReadSCIMConfiguration(ctx context.Context, id string, opts ...RequestOption) (scim *SCIMConfiguration, err error) { + err = m.management.Request(ctx, "GET", m.management.URI("connections", id, "scim-configuration"), &scim, opts...) + return +} + +// UpdateSCIMConfiguration updates the SCIM configuration for a connection by its connection ID. +// This method only works with enterprise connections. +// +// See: https://auth0.com/docs/api/management/v2/connections/patch-scim-configuration +func (m *ConnectionManager) UpdateSCIMConfiguration(ctx context.Context, id string, scimConfig *SCIMConfiguration, opts ...RequestOption) error { + return m.management.Request(ctx, "PATCH", m.management.URI("connections", id, "scim-configuration"), scimConfig, opts...) +} + +// DeleteSCIMConfiguration deletes the SCIM configuration for a connection by its connection ID. +// This method only works with enterprise connections. +// +// See: https://auth0.com/docs/api/management/v2/connections/delete-scim-configuration +func (m *ConnectionManager) DeleteSCIMConfiguration(ctx context.Context, id string, opts ...RequestOption) error { + return m.management.Request(ctx, "DELETE", m.management.URI("connections", id, "scim-configuration"), nil, opts...) +} + +// ReadSCIMDefaultConfiguration retrieves a SCIM configuration's default mapping by its connection ID. +// This method only works with enterprise connections. +// +// https://auth0.com/docs/api/management/v2/connections/get-default-mapping +func (m *ConnectionManager) ReadSCIMDefaultConfiguration(ctx context.Context, id string, opts ...RequestOption) (scim *SCIMConfiguration, err error) { + err = m.management.Request(ctx, "GET", m.management.URI("connections", id, "scim-configuration", "default-mapping"), &scim, opts...) + return +} + +// CreateSCIMToken create a SCIM token for a scim client. +// This method only works with enterprise connections. +// +// See: https://auth0.com/docs/api/management/v2/connections/post-scim-token +func (m *ConnectionManager) CreateSCIMToken(ctx context.Context, id string, scimToken *SCIMToken, opts ...RequestOption) (err error) { + err = m.management.Request(ctx, "POST", m.management.URI("connections", id, "scim-configuration", "tokens"), scimToken, opts...) + return +} + +// ListSCIMToken retrieves all SCIM tokens by its connection ID. +// This method only works with enterprise connections. +// +// See: https://auth0.com/docs/api/management/v2/connections/get-scim-tokens +func (m *ConnectionManager) ListSCIMToken(ctx context.Context, id string, opts ...RequestOption) (scimTokens []*SCIMToken, err error) { + err = m.management.Request(ctx, "GET", m.management.URI("connections", id, "scim-configuration", "tokens"), &scimTokens, opts...) + return +} + +// DeleteSCIMToken deletes a SCIM token by its connection ID and token id. +// This method only works with enterprise connections. +// +// See: https://auth0.com/docs/api/management/v2/connections/delete-scim-token +func (m *ConnectionManager) DeleteSCIMToken(ctx context.Context, id, tokenID string, opts ...RequestOption) (err error) { + err = m.management.Request(ctx, "DELETE", m.management.URI("connections", id, "scim-configuration", "tokens", tokenID), nil, opts...) + return +} diff --git a/management/connection_test.go b/management/connection_test.go index 9a1e25fe..c560a004 100644 --- a/management/connection_test.go +++ b/management/connection_test.go @@ -382,7 +382,7 @@ ZsUkLw2I7zI/dNlWdB8Xp7v+3w9sX5N3J/WuJ1KOO5m26kRlHQo7EzT3974g AuthorizationEndpoint: auth0.String("https://example.com"), JWKSURI: auth0.String("https://example.com/jwks"), Type: auth0.String("front_channel"), - DiscoveryURL: auth0.String("https://example.com//.well-known/openid-configuration"), + DiscoveryURL: auth0.String("https://www.paypalobjects.com/.well-known/openid-configuration"), UpstreamParams: map[string]interface{}{ "screen_name": map[string]interface{}{ "alias": "login_hint", @@ -627,6 +627,209 @@ func TestConnectionOptionsScopes(t *testing.T) { }) } +func TestConnectionManager_CreateSCIMConfiguration(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + expectedSCIMConfig := &SCIMConfiguration{ + Mapping: &[]SCIMConfigurationMapping{ + {SCIM: auth0.String("userName"), Auth0: auth0.String("username")}, + {SCIM: auth0.String("email"), Auth0: auth0.String("email")}, + }, + UserIDAttribute: auth0.String("userName"), + } + err := api.Connection.CreateSCIMConfiguration(context.Background(), expectedConnection.GetID(), expectedSCIMConfig) + assert.NoError(t, err) + + actualSCIMConfiguration, err := api.Connection.ReadSCIMConfiguration(context.Background(), expectedConnection.GetID()) + assert.NoError(t, err) + assert.Equal(t, expectedConnection.GetID(), actualSCIMConfiguration.GetConnectionID()) + assert.IsType(t, &SCIMConfiguration{}, actualSCIMConfiguration) + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_CreateSCIMConfigurationWithoutBody(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + expectedSCIMConfig := &SCIMConfiguration{} + err := api.Connection.CreateSCIMConfiguration(context.Background(), expectedConnection.GetID(), expectedSCIMConfig) + assert.NoError(t, err) + + actualSCIMConfiguration, err := api.Connection.ReadSCIMConfiguration(context.Background(), expectedConnection.GetID()) + assert.NoError(t, err) + assert.Equal(t, expectedConnection.GetID(), actualSCIMConfiguration.GetConnectionID()) + assert.IsType(t, &SCIMConfiguration{}, actualSCIMConfiguration) + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_UpdateSCIMConfiguration(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + expectedSCIMConfig := givenASCIMConfiguration(t, expectedConnection.GetID()) + assert.Equal(t, expectedConnection.GetID(), expectedSCIMConfig.GetConnectionID()) + expectedSCIMConfig = &SCIMConfiguration{ + Mapping: &[]SCIMConfigurationMapping{ + {SCIM: auth0.String("userName"), Auth0: auth0.String("username")}, + {SCIM: auth0.String("email"), Auth0: auth0.String("email")}, + }, + UserIDAttribute: auth0.String("userName"), + } + + err := api.Connection.UpdateSCIMConfiguration(context.Background(), expectedConnection.GetID(), expectedSCIMConfig) + assert.NoError(t, err) + + actualSCIMConfiguration, err := api.Connection.ReadSCIMConfiguration(context.Background(), expectedConnection.GetID()) + assert.NoError(t, err) + assert.Equal(t, expectedSCIMConfig, actualSCIMConfiguration) + assert.Equal(t, expectedConnection.GetID(), actualSCIMConfiguration.GetConnectionID()) + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_DeleteSCIMConfiguration(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + + expectedSCIMConfiguration := givenASCIMConfiguration(t, expectedConnection.GetID()) + + err := api.Connection.DeleteSCIMConfiguration(context.Background(), expectedSCIMConfiguration.GetConnectionID()) + assert.NoError(t, err) + + actualSCIMConfiguration, err := api.Connection.ReadSCIMConfiguration(context.Background(), expectedSCIMConfiguration.GetConnectionID()) + assert.Nil(t, actualSCIMConfiguration) + assert.Error(t, err) + assert.Equal(t, http.StatusNotFound, err.(Error).Status()) +} + +func TestConnectionManager_ReadSCIMConfiguration(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + + expectedSCIMConfig := &SCIMConfiguration{ + Mapping: &[]SCIMConfigurationMapping{ + {SCIM: auth0.String("userName"), Auth0: auth0.String("username")}, + {SCIM: auth0.String("email"), Auth0: auth0.String("email")}, + }, + UserIDAttribute: auth0.String("userName"), + } + err := api.Connection.CreateSCIMConfiguration(context.Background(), expectedConnection.GetID(), expectedSCIMConfig) + assert.NoError(t, err) + + actualSCIMConfiguration, err := api.Connection.ReadSCIMConfiguration(context.Background(), expectedSCIMConfig.GetConnectionID()) + assert.NoError(t, err) + assert.Equal(t, expectedConnection.GetID(), actualSCIMConfiguration.GetConnectionID()) + assert.Equal(t, expectedSCIMConfig, actualSCIMConfiguration) + + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_ReadSCIMDefaultConfiguration(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + + expectedSCIMConfig := &SCIMConfiguration{} + err := api.Connection.CreateSCIMConfiguration(context.Background(), expectedConnection.GetID(), expectedSCIMConfig) + assert.NoError(t, err) + + actualSCIMConfiguration, err := api.Connection.ReadSCIMDefaultConfiguration(context.Background(), expectedSCIMConfig.GetConnectionID()) + assert.NoError(t, err) + assert.Equal(t, expectedSCIMConfig.GetMapping(), actualSCIMConfiguration.GetMapping()) + + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_CreateSCIMToken(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + expectedSCIMConfig := givenASCIMConfiguration(t, expectedConnection.GetID()) + + SCIMTokenPayload := &SCIMToken{ + Scopes: &[]string{"get:users", "post:users", "put:users", "patch:users"}, + } + + err := api.Connection.CreateSCIMToken(context.Background(), expectedSCIMConfig.GetConnectionID(), SCIMTokenPayload) + assert.NoError(t, err) + + assert.NotEmpty(t, SCIMTokenPayload.GetToken()) + + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_ListSCIMTokens(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + + expectedSCIMConfig := givenASCIMConfiguration(t, expectedConnection.GetID()) + + SCIMTokenPayload := &SCIMToken{ + Scopes: &[]string{"get:users", "post:users", "put:users", "patch:users"}, + } + + err := api.Connection.CreateSCIMToken(context.Background(), expectedSCIMConfig.GetConnectionID(), SCIMTokenPayload) + assert.NoError(t, err) + + SCIMTokenPayload.Token = nil + + actualSCIMTokens, err := api.Connection.ListSCIMToken(context.Background(), expectedConnection.GetID()) + assert.NoError(t, err) + + assert.Contains(t, actualSCIMTokens, SCIMTokenPayload) + + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + +func TestConnectionManager_DeleteSCIMToken(t *testing.T) { + configureHTTPTestRecordings(t) + + expectedConnection := givenAOktaConnection(t) + expectedSCIMConfig := givenASCIMConfiguration(t, expectedConnection.GetID()) + + expectedSCIMToken := &SCIMToken{ + Scopes: &[]string{"get:users", "post:users", "put:users", "patch:users"}, + } + + err := api.Connection.CreateSCIMToken(context.Background(), expectedSCIMConfig.GetConnectionID(), expectedSCIMToken) + assert.NoError(t, err) + + expectedSCIMToken.Token = nil + + actualSCIMTokens, err := api.Connection.ListSCIMToken(context.Background(), expectedSCIMConfig.GetConnectionID()) + assert.NoError(t, err) + + assert.Contains(t, actualSCIMTokens, expectedSCIMToken) + + err = api.Connection.DeleteSCIMToken(context.Background(), expectedSCIMConfig.GetConnectionID(), expectedSCIMToken.GetTokenID()) + assert.NoError(t, err) + + actualSCIMTokens, err = api.Connection.ListSCIMToken(context.Background(), expectedSCIMConfig.GetConnectionID()) + assert.NoError(t, err) + assert.Empty(t, actualSCIMTokens) + + t.Cleanup(func() { + cleanupSCIMConfig(t, expectedConnection.GetID()) + }) +} + func TestOAuth2Connection_MarshalJSON(t *testing.T) { for connection, expected := range map[*ConnectionOptionsOAuth2]string{ {Scope: auth0.String("foo bar baz")}: `{"authorizationURL":null,"tokenURL":null,"scope":["foo","bar","baz"]}`, @@ -696,6 +899,13 @@ func cleanupConnection(t *testing.T, connectionID string) { require.NoError(t, err) } +func cleanupSCIMConfig(t *testing.T, connectionID string) { + t.Helper() + + err := api.Connection.DeleteSCIMConfiguration(context.Background(), connectionID) + require.NoError(t, err) +} + func givenAConnection(t *testing.T, testCase connectionTestCase) *Connection { t.Helper() @@ -711,3 +921,42 @@ func givenAConnection(t *testing.T, testCase connectionTestCase) *Connection { return &connection } + +func givenASCIMConfiguration(t *testing.T, connectionID string) *SCIMConfiguration { + t.Helper() + + expectedSCIMConfig := &SCIMConfiguration{} + + err := api.Connection.CreateSCIMConfiguration(context.Background(), connectionID, expectedSCIMConfig) + require.NoError(t, err) + + t.Cleanup(func() { + cleanupSCIMConfig(t, connectionID) + }) + + return expectedSCIMConfig +} + +func givenAOktaConnection(t *testing.T) *Connection { + t.Helper() + return givenAConnection(t, connectionTestCase{ + connection: Connection{ + Name: auth0.Stringf("Test-Okta-Connection-%d", time.Now().Unix()), + Strategy: auth0.String("okta"), + }, + options: &ConnectionOptionsOkta{ + ClientID: auth0.String("4ef8d976-71bd-4473-a7ce-087d3f0fafd8"), + ClientSecret: auth0.String("mySecret"), + Scope: auth0.String("openid"), + Domain: auth0.String("domain.okta.com"), + Issuer: auth0.String("https://example.com"), + AuthorizationEndpoint: auth0.String("https://example.com"), + JWKSURI: auth0.String("https://example.com/jwks"), + UpstreamParams: map[string]interface{}{ + "screen_name": map[string]interface{}{ + "alias": "login_hint", + }, + }, + }, + }) +} diff --git a/management/http_recordings_test.go b/management/http_recordings_test.go index 07534ef0..906475af 100644 --- a/management/http_recordings_test.go +++ b/management/http_recordings_test.go @@ -59,6 +59,7 @@ func removeSensitiveDataFromRecordings(t *testing.T, recorderTransport *recorder redactSensitiveDataInClient(t, i) redactSensitiveDataInResourceServer(t, i) redactSensitiveDataInLogs(t, i) + redactSensitiveDataInConnectionSCIMToken(t, i) // Redact domain should always be ran last redactDomain(i, domain) @@ -168,6 +169,24 @@ func redactSensitiveDataInSigningKey(t *testing.T, i *cassette.Interaction) { } } +func redactSensitiveDataInConnectionSCIMToken(t *testing.T, i *cassette.Interaction) { + isTokenURL := strings.Contains(i.Request.URL, "https://"+domain+"/api/v2/connections") && strings.Contains(i.Request.URL, "scim-configuration/tokens") + create := isTokenURL && i.Request.Method == http.MethodPost + if create { + var token SCIMToken + err := json.Unmarshal([]byte(i.Response.Body), &token) + require.NoError(t, err) + + redacted := "[REDACTED]" + token.Token = &redacted + + tokenBody, err := json.Marshal(token) + require.NoError(t, err) + + i.Response.Body = string(tokenBody) + } +} + func redactSensitiveDataInClient(t *testing.T, i *cassette.Interaction) { isClientURL := strings.Contains(i.Request.URL, "https://"+domain+"/api/v2/clients") create := isClientURL && i.Request.Method == http.MethodPost diff --git a/management/management.gen.go b/management/management.gen.go index 12274c67..8c64196a 100644 --- a/management/management.gen.go +++ b/management/management.gen.go @@ -8925,6 +8925,157 @@ func (s *SAPAPIClientAddon) String() string { return Stringify(s) } +// GetConnectionID returns the ConnectionID field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetConnectionID() string { + if s == nil || s.ConnectionID == nil { + return "" + } + return *s.ConnectionID +} + +// GetConnectionName returns the ConnectionName field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetConnectionName() string { + if s == nil || s.ConnectionName == nil { + return "" + } + return *s.ConnectionName +} + +// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetCreatedAt() string { + if s == nil || s.CreatedAt == nil { + return "" + } + return *s.CreatedAt +} + +// GetMapping returns the Mapping field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetMapping() []SCIMConfigurationMapping { + if s == nil || s.Mapping == nil { + return nil + } + return *s.Mapping +} + +// GetStrategy returns the Strategy field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetStrategy() string { + if s == nil || s.Strategy == nil { + return "" + } + return *s.Strategy +} + +// GetTenantName returns the TenantName field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetTenantName() string { + if s == nil || s.TenantName == nil { + return "" + } + return *s.TenantName +} + +// GetUpdatedAt returns the UpdatedAt field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetUpdatedAt() string { + if s == nil || s.UpdatedAt == nil { + return "" + } + return *s.UpdatedAt +} + +// GetUserIDAttribute returns the UserIDAttribute field if it's non-nil, zero value otherwise. +func (s *SCIMConfiguration) GetUserIDAttribute() string { + if s == nil || s.UserIDAttribute == nil { + return "" + } + return *s.UserIDAttribute +} + +// String returns a string representation of SCIMConfiguration. +func (s *SCIMConfiguration) String() string { + return Stringify(s) +} + +// GetAuth0 returns the Auth0 field if it's non-nil, zero value otherwise. +func (s *SCIMConfigurationMapping) GetAuth0() string { + if s == nil || s.Auth0 == nil { + return "" + } + return *s.Auth0 +} + +// GetSCIM returns the SCIM field if it's non-nil, zero value otherwise. +func (s *SCIMConfigurationMapping) GetSCIM() string { + if s == nil || s.SCIM == nil { + return "" + } + return *s.SCIM +} + +// String returns a string representation of SCIMConfigurationMapping. +func (s *SCIMConfigurationMapping) String() string { + return Stringify(s) +} + +// GetCreatedAt returns the CreatedAt field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetCreatedAt() string { + if s == nil || s.CreatedAt == nil { + return "" + } + return *s.CreatedAt +} + +// GetLastUsedAt returns the LastUsedAt field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetLastUsedAt() string { + if s == nil || s.LastUsedAt == nil { + return "" + } + return *s.LastUsedAt +} + +// GetScopes returns the Scopes field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetScopes() []string { + if s == nil || s.Scopes == nil { + return nil + } + return *s.Scopes +} + +// GetToken returns the Token field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetToken() string { + if s == nil || s.Token == nil { + return "" + } + return *s.Token +} + +// GetTokenID returns the TokenID field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetTokenID() string { + if s == nil || s.TokenID == nil { + return "" + } + return *s.TokenID +} + +// GetTokenLifeTime returns the TokenLifeTime field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetTokenLifeTime() int { + if s == nil || s.TokenLifeTime == nil { + return 0 + } + return *s.TokenLifeTime +} + +// GetValidUntil returns the ValidUntil field if it's non-nil, zero value otherwise. +func (s *SCIMToken) GetValidUntil() string { + if s == nil || s.ValidUntil == nil { + return "" + } + return *s.ValidUntil +} + +// String returns a string representation of SCIMToken. +func (s *SCIMToken) String() string { + return Stringify(s) +} + // GetBaseURL returns the BaseURL field if it's non-nil, zero value otherwise. func (s *SentryClientAddon) GetBaseURL() string { if s == nil || s.BaseURL == nil { diff --git a/management/management.gen_test.go b/management/management.gen_test.go index 5e9d09d3..420bbca1 100644 --- a/management/management.gen_test.go +++ b/management/management.gen_test.go @@ -11246,6 +11246,200 @@ func TestSAPAPIClientAddon_String(t *testing.T) { } } +func TestSCIMConfiguration_GetConnectionID(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{ConnectionID: &zeroValue} + s.GetConnectionID() + s = &SCIMConfiguration{} + s.GetConnectionID() + s = nil + s.GetConnectionID() +} + +func TestSCIMConfiguration_GetConnectionName(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{ConnectionName: &zeroValue} + s.GetConnectionName() + s = &SCIMConfiguration{} + s.GetConnectionName() + s = nil + s.GetConnectionName() +} + +func TestSCIMConfiguration_GetCreatedAt(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{CreatedAt: &zeroValue} + s.GetCreatedAt() + s = &SCIMConfiguration{} + s.GetCreatedAt() + s = nil + s.GetCreatedAt() +} + +func TestSCIMConfiguration_GetMapping(tt *testing.T) { + var zeroValue []SCIMConfigurationMapping + s := &SCIMConfiguration{Mapping: &zeroValue} + s.GetMapping() + s = &SCIMConfiguration{} + s.GetMapping() + s = nil + s.GetMapping() +} + +func TestSCIMConfiguration_GetStrategy(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{Strategy: &zeroValue} + s.GetStrategy() + s = &SCIMConfiguration{} + s.GetStrategy() + s = nil + s.GetStrategy() +} + +func TestSCIMConfiguration_GetTenantName(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{TenantName: &zeroValue} + s.GetTenantName() + s = &SCIMConfiguration{} + s.GetTenantName() + s = nil + s.GetTenantName() +} + +func TestSCIMConfiguration_GetUpdatedAt(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{UpdatedAt: &zeroValue} + s.GetUpdatedAt() + s = &SCIMConfiguration{} + s.GetUpdatedAt() + s = nil + s.GetUpdatedAt() +} + +func TestSCIMConfiguration_GetUserIDAttribute(tt *testing.T) { + var zeroValue string + s := &SCIMConfiguration{UserIDAttribute: &zeroValue} + s.GetUserIDAttribute() + s = &SCIMConfiguration{} + s.GetUserIDAttribute() + s = nil + s.GetUserIDAttribute() +} + +func TestSCIMConfiguration_String(t *testing.T) { + var rawJSON json.RawMessage + v := &SCIMConfiguration{} + if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil { + t.Errorf("failed to produce a valid json") + } +} + +func TestSCIMConfigurationMapping_GetAuth0(tt *testing.T) { + var zeroValue string + s := &SCIMConfigurationMapping{Auth0: &zeroValue} + s.GetAuth0() + s = &SCIMConfigurationMapping{} + s.GetAuth0() + s = nil + s.GetAuth0() +} + +func TestSCIMConfigurationMapping_GetSCIM(tt *testing.T) { + var zeroValue string + s := &SCIMConfigurationMapping{SCIM: &zeroValue} + s.GetSCIM() + s = &SCIMConfigurationMapping{} + s.GetSCIM() + s = nil + s.GetSCIM() +} + +func TestSCIMConfigurationMapping_String(t *testing.T) { + var rawJSON json.RawMessage + v := &SCIMConfigurationMapping{} + if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil { + t.Errorf("failed to produce a valid json") + } +} + +func TestSCIMToken_GetCreatedAt(tt *testing.T) { + var zeroValue string + s := &SCIMToken{CreatedAt: &zeroValue} + s.GetCreatedAt() + s = &SCIMToken{} + s.GetCreatedAt() + s = nil + s.GetCreatedAt() +} + +func TestSCIMToken_GetLastUsedAt(tt *testing.T) { + var zeroValue string + s := &SCIMToken{LastUsedAt: &zeroValue} + s.GetLastUsedAt() + s = &SCIMToken{} + s.GetLastUsedAt() + s = nil + s.GetLastUsedAt() +} + +func TestSCIMToken_GetScopes(tt *testing.T) { + var zeroValue []string + s := &SCIMToken{Scopes: &zeroValue} + s.GetScopes() + s = &SCIMToken{} + s.GetScopes() + s = nil + s.GetScopes() +} + +func TestSCIMToken_GetToken(tt *testing.T) { + var zeroValue string + s := &SCIMToken{Token: &zeroValue} + s.GetToken() + s = &SCIMToken{} + s.GetToken() + s = nil + s.GetToken() +} + +func TestSCIMToken_GetTokenID(tt *testing.T) { + var zeroValue string + s := &SCIMToken{TokenID: &zeroValue} + s.GetTokenID() + s = &SCIMToken{} + s.GetTokenID() + s = nil + s.GetTokenID() +} + +func TestSCIMToken_GetTokenLifeTime(tt *testing.T) { + var zeroValue int + s := &SCIMToken{TokenLifeTime: &zeroValue} + s.GetTokenLifeTime() + s = &SCIMToken{} + s.GetTokenLifeTime() + s = nil + s.GetTokenLifeTime() +} + +func TestSCIMToken_GetValidUntil(tt *testing.T) { + var zeroValue string + s := &SCIMToken{ValidUntil: &zeroValue} + s.GetValidUntil() + s = &SCIMToken{} + s.GetValidUntil() + s = nil + s.GetValidUntil() +} + +func TestSCIMToken_String(t *testing.T) { + var rawJSON json.RawMessage + v := &SCIMToken{} + if err := json.Unmarshal([]byte(v.String()), &rawJSON); err != nil { + t.Errorf("failed to produce a valid json") + } +} + func TestSentryClientAddon_GetBaseURL(tt *testing.T) { var zeroValue string s := &SentryClientAddon{BaseURL: &zeroValue} diff --git a/test/data/recordings/TestConnectionManager_CreateSCIMConfiguration.yaml b/test/data/recordings/TestConnectionManager_CreateSCIMConfiguration.yaml new file mode 100644 index 00000000..a159e889 --- /dev/null +++ b/test/data/recordings/TestConnectionManager_CreateSCIMConfiguration.yaml @@ -0,0 +1,180 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167754","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_sKiCnDbS29YpkfOx","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167754","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167754"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.968358292s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 117 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"user_id_attribute":"userName","mapping":[{"auth0":"username","scim":"userName"},{"auth0":"email","scim":"email"}]} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_sKiCnDbS29YpkfOx/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 331 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_sKiCnDbS29YpkfOx","connection_name":"Test-Okta-Connection-1720167754","strategy":"okta","mapping":[{"scim":"userName","auth0":"username"},{"scim":"email","auth0":"email"}],"updated_on":"2024-07-05T08:22:37.141Z","created_at":"2024-07-05T08:22:37.141Z","user_id_attribute":"userName"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 382.687208ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_sKiCnDbS29YpkfOx/scim-configuration + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_sKiCnDbS29YpkfOx","connection_name":"Test-Okta-Connection-1720167754","strategy":"okta","mapping":[{"scim":"userName","auth0":"username"},{"scim":"email","auth0":"email"}],"updated_on":"2024-07-05T08:22:37.141Z","created_at":"2024-07-05T08:22:37.141Z","user_id_attribute":"userName"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 450.482666ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_sKiCnDbS29YpkfOx/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 387.303584ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_sKiCnDbS29YpkfOx + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:22:38.334Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 376.519916ms diff --git a/test/data/recordings/TestConnectionManager_CreateSCIMConfigurationWithoutBody.yaml b/test/data/recordings/TestConnectionManager_CreateSCIMConfigurationWithoutBody.yaml new file mode 100644 index 00000000..3068d337 --- /dev/null +++ b/test/data/recordings/TestConnectionManager_CreateSCIMConfigurationWithoutBody.yaml @@ -0,0 +1,180 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167758","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_dJtnEdfawCafBrQK","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167758","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167758"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 577.468458ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_dJtnEdfawCafBrQK/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_dJtnEdfawCafBrQK","connection_name":"Test-Okta-Connection-1720167758","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:22:39.335Z","created_at":"2024-07-05T08:22:39.335Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 393.328ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_dJtnEdfawCafBrQK/scim-configuration + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_dJtnEdfawCafBrQK","connection_name":"Test-Okta-Connection-1720167758","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:22:39.335Z","created_at":"2024-07-05T08:22:39.335Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 518.013375ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_dJtnEdfawCafBrQK/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 386.589334ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_dJtnEdfawCafBrQK + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:22:40.623Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 715.005417ms diff --git a/test/data/recordings/TestConnectionManager_CreateSCIMToken.yaml b/test/data/recordings/TestConnectionManager_CreateSCIMToken.yaml new file mode 100644 index 00000000..bc6fcec3 --- /dev/null +++ b/test/data/recordings/TestConnectionManager_CreateSCIMToken.yaml @@ -0,0 +1,216 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167841","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_C23ekfpZV7drY9xb","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167841","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167841"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.157456s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_C23ekfpZV7drY9xb/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_C23ekfpZV7drY9xb","connection_name":"Test-Okta-Connection-1720167841","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:24:03.407Z","created_at":"2024-07-05T08:24:03.407Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 458.371833ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 64 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"scopes":["get:users","post:users","put:users","patch:users"]} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_C23ekfpZV7drY9xb/scim-configuration/tokens + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 233 + uncompressed: false + body: '{"token_id":"tok_q90xix0LtPBSwffK","token":"[REDACTED]","scopes":["get:users","post:users","put:users","patch:users"],"created_at":"2024-07-05T08:24:03.793Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 360.190209ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_C23ekfpZV7drY9xb/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 415.454167ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_C23ekfpZV7drY9xb/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 351.367292ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_C23ekfpZV7drY9xb + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:24:04.893Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 370.102583ms diff --git a/test/data/recordings/TestConnectionManager_DeleteSCIMConfiguration.yaml b/test/data/recordings/TestConnectionManager_DeleteSCIMConfiguration.yaml new file mode 100644 index 00000000..86033483 --- /dev/null +++ b/test/data/recordings/TestConnectionManager_DeleteSCIMConfiguration.yaml @@ -0,0 +1,215 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167790","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_7FKJwfZDamw0b3r0","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167790","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167790"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.121226709s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_7FKJwfZDamw0b3r0/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_7FKJwfZDamw0b3r0","connection_name":"Test-Okta-Connection-1720167790","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:23:12.233Z","created_at":"2024-07-05T08:23:12.233Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 400.415959ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_7FKJwfZDamw0b3r0/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 381.742375ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_7FKJwfZDamw0b3r0/scim-configuration + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"statusCode":404,"error":"Not Found","message":"Not Found"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 404 Not Found + code: 404 + duration: 365.933125ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_7FKJwfZDamw0b3r0/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 347.860625ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_7FKJwfZDamw0b3r0 + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:23:13.700Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 356.440833ms diff --git a/test/data/recordings/TestConnectionManager_DeleteSCIMToken.yaml b/test/data/recordings/TestConnectionManager_DeleteSCIMToken.yaml new file mode 100644 index 00000000..21991bbf --- /dev/null +++ b/test/data/recordings/TestConnectionManager_DeleteSCIMToken.yaml @@ -0,0 +1,321 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167868","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_r8UGxhSqX9S5uFDx","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167868","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167868"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.347513083s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_r8UGxhSqX9S5uFDx","connection_name":"Test-Okta-Connection-1720167868","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:24:30.750Z","created_at":"2024-07-05T08:24:30.750Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 425.627375ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 64 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"scopes":["get:users","post:users","put:users","patch:users"]} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration/tokens + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 233 + uncompressed: false + body: '{"token_id":"tok_8kIFprg2uwTYLhtu","token":"[REDACTED]","scopes":["get:users","post:users","put:users","patch:users"],"created_at":"2024-07-05T08:24:31.158Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 402.489083ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration/tokens + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '[{"token_id":"tok_8kIFprg2uwTYLhtu","created_at":"2024-07-05T08:24:31.158Z","scopes":["get:users","post:users","put:users","patch:users"]}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 382.78425ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration/tokens/tok_8kIFprg2uwTYLhtu + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 982.439667ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration/tokens + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 2 + uncompressed: false + body: '[]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 777.96525ms + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 1.635244291s + - id: 7 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 421.679875ms + - id: 8 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_r8UGxhSqX9S5uFDx + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:24:35.754Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 409.206125ms diff --git a/test/data/recordings/TestConnectionManager_ListSCIMTokens.yaml b/test/data/recordings/TestConnectionManager_ListSCIMTokens.yaml new file mode 100644 index 00000000..fb081f09 --- /dev/null +++ b/test/data/recordings/TestConnectionManager_ListSCIMTokens.yaml @@ -0,0 +1,251 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167853","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_RlCMapmmuUal6xAk","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167853","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167853"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.036779209s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_RlCMapmmuUal6xAk/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_RlCMapmmuUal6xAk","connection_name":"Test-Okta-Connection-1720167853","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:24:14.833Z","created_at":"2024-07-05T08:24:14.833Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 403.237667ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 64 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"scopes":["get:users","post:users","put:users","patch:users"]} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_RlCMapmmuUal6xAk/scim-configuration/tokens + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 233 + uncompressed: false + body: '{"token_id":"tok_U8zt08XwcbKhI2B4","token":"[REDACTED]","scopes":["get:users","post:users","put:users","patch:users"],"created_at":"2024-07-05T08:24:15.237Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 441.427ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_RlCMapmmuUal6xAk/scim-configuration/tokens + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '[{"token_id":"tok_U8zt08XwcbKhI2B4","created_at":"2024-07-05T08:24:15.237Z","scopes":["get:users","post:users","put:users","patch:users"]}]' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 388.931708ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_RlCMapmmuUal6xAk/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 558.961791ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_RlCMapmmuUal6xAk/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 359.313375ms + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_RlCMapmmuUal6xAk + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:24:17.855Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 1.611060291s diff --git a/test/data/recordings/TestConnectionManager_ReadSCIMConfiguration.yaml b/test/data/recordings/TestConnectionManager_ReadSCIMConfiguration.yaml new file mode 100644 index 00000000..8159ec13 --- /dev/null +++ b/test/data/recordings/TestConnectionManager_ReadSCIMConfiguration.yaml @@ -0,0 +1,180 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167814","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_Fme0t6qWfn5xQTXd","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167814","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167814"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.331656458s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 117 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"user_id_attribute":"userName","mapping":[{"auth0":"username","scim":"userName"},{"auth0":"email","scim":"email"}]} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_Fme0t6qWfn5xQTXd/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 331 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_Fme0t6qWfn5xQTXd","connection_name":"Test-Okta-Connection-1720167814","strategy":"okta","mapping":[{"scim":"userName","auth0":"username"},{"scim":"email","auth0":"email"}],"updated_on":"2024-07-05T08:23:36.545Z","created_at":"2024-07-05T08:23:36.545Z","user_id_attribute":"userName"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 389.935959ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_Fme0t6qWfn5xQTXd/scim-configuration + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_Fme0t6qWfn5xQTXd","connection_name":"Test-Okta-Connection-1720167814","strategy":"okta","mapping":[{"scim":"userName","auth0":"username"},{"scim":"email","auth0":"email"}],"updated_on":"2024-07-05T08:23:36.545Z","created_at":"2024-07-05T08:23:36.545Z","user_id_attribute":"userName"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 357.953584ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_Fme0t6qWfn5xQTXd/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 841.7285ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_Fme0t6qWfn5xQTXd + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:23:38.113Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 376.916458ms diff --git a/test/data/recordings/TestConnectionManager_ReadSCIMDefaultConfiguration.yaml b/test/data/recordings/TestConnectionManager_ReadSCIMDefaultConfiguration.yaml new file mode 100644 index 00000000..b3d7b5ac --- /dev/null +++ b/test/data/recordings/TestConnectionManager_ReadSCIMDefaultConfiguration.yaml @@ -0,0 +1,180 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167818","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_XIM32D2aTcQkfupC","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167818","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167818"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 484.547541ms + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_XIM32D2aTcQkfupC/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_XIM32D2aTcQkfupC","connection_name":"Test-Okta-Connection-1720167818","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:23:39.001Z","created_at":"2024-07-05T08:23:39.001Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 816.32725ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_XIM32D2aTcQkfupC/scim-configuration/default-mapping + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"mapping":[{"auth0":"preferred_username","scim":"userName"},{"auth0":"email","scim":"emails[primary eq true].value"},{"auth0":"app_metadata.external_id","scim":"externalId"},{"auth0":"blocked","scim":"active"},{"auth0":"name","scim":"displayName"},{"auth0":"given_name","scim":"name.givenName"},{"auth0":"family_name","scim":"name.familyName"},{"auth0":"app_metadata.middle_name","scim":"name.middleName"},{"auth0":"app_metadata.honorific_prefix","scim":"name.honorificPrefix"},{"auth0":"app_metadata.honorific_suffix","scim":"name.honorificSuffix"},{"auth0":"nickname","scim":"nickName"},{"auth0":"picture","scim":"photos[type eq \"photo\"].value"},{"auth0":"app_metadata.primary_phone_number","scim":"phoneNumbers[primary eq true].value"},{"auth0":"app_metadata.mobile_phone_number","scim":"phoneNumbers[type eq \"mobile\"].value"},{"auth0":"app_metadata.street_address","scim":"addresses[type eq \"work\"].streetAddress"},{"auth0":"app_metadata.city","scim":"addresses[type eq \"work\"].locality"},{"auth0":"app_metadata.state","scim":"addresses[type eq \"work\"].region"},{"auth0":"app_metadata.postal_code","scim":"addresses[type eq \"work\"].postalCode"},{"auth0":"app_metadata.postal_address","scim":"addresses[type eq \"work\"].formatted"},{"auth0":"app_metadata.country","scim":"addresses[type eq \"work\"].country"},{"auth0":"app_metadata.profile_url","scim":"profileUrl"},{"auth0":"app_metadata.user_type","scim":"userType"},{"auth0":"app_metadata.title","scim":"title"},{"auth0":"app_metadata.language","scim":"preferredLanguage"},{"auth0":"app_metadata.locale","scim":"locale"},{"auth0":"app_metadata.timezone","scim":"timezone"},{"auth0":"app_metadata.employee_id","scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber"},{"auth0":"app_metadata.cost_center","scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter"},{"auth0":"app_metadata.organization","scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization"},{"auth0":"app_metadata.division","scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division"},{"auth0":"app_metadata.department","scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department"},{"auth0":"app_metadata.manager","scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager"}]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 946.554166ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_XIM32D2aTcQkfupC/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 545.354042ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_XIM32D2aTcQkfupC + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:23:41.284Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 403.962875ms diff --git a/test/data/recordings/TestConnectionManager_UpdateSCIMConfiguration.yaml b/test/data/recordings/TestConnectionManager_UpdateSCIMConfiguration.yaml new file mode 100644 index 00000000..87568cdb --- /dev/null +++ b/test/data/recordings/TestConnectionManager_UpdateSCIMConfiguration.yaml @@ -0,0 +1,251 @@ +--- +version: 2 +interactions: + - id: 0 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 415 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"name":"Test-Okta-Connection-1720167775","strategy":"okta","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://example.com","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":null,"token_endpoint":null,"scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}}}} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"id":"con_i41HtvV1tONN0VKC","options":{"client_id":"4ef8d976-71bd-4473-a7ce-087d3f0fafd8","client_secret":"mySecret","domain":"domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","issuer":"https://example.com","jwks_uri":"https://example.com/jwks","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","token_endpoint":"https://domain.okta.com/oauth2/v1/token","scope":"openid","upstream_params":{"screen_name":{"alias":"login_hint"}},"oidc_metadata":{"issuer":"https://domain.okta.com","authorization_endpoint":"https://domain.okta.com/oauth2/v1/authorize","token_endpoint":"https://domain.okta.com/oauth2/v1/token","userinfo_endpoint":"https://domain.okta.com/oauth2/v1/userinfo","registration_endpoint":"https://domain.okta.com/oauth2/v1/clients","jwks_uri":"https://domain.okta.com/oauth2/v1/keys","response_types_supported":["code","id_token","code id_token","code token","id_token token","code id_token token"],"response_modes_supported":["query","fragment","form_post","okta_post_message"],"grant_types_supported":["authorization_code","implicit","refresh_token","password","urn:ietf:params:oauth:grant-type:device_code"],"subject_types_supported":["public"],"id_token_signing_alg_values_supported":["RS256"],"scopes_supported":["openid","email","profile","address","phone","offline_access","groups"],"token_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"claims_supported":["iss","ver","sub","aud","iat","exp","jti","auth_time","amr","idp","nonce","name","nickname","preferred_username","given_name","middle_name","family_name","email","email_verified","profile","zoneinfo","locale","address","phone_number","picture","website","gender","birthdate","updated_at","at_hash","c_hash"],"code_challenge_methods_supported":["S256"],"introspection_endpoint":"https://domain.okta.com/oauth2/v1/introspect","introspection_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"revocation_endpoint":"https://domain.okta.com/oauth2/v1/revoke","revocation_endpoint_auth_methods_supported":["client_secret_basic","client_secret_post","client_secret_jwt","private_key_jwt","none"],"end_session_endpoint":"https://domain.okta.com/oauth2/v1/logout","request_parameter_supported":true,"request_object_signing_alg_values_supported":["HS256","HS384","HS512","RS256","RS384","RS512","ES256","ES384","ES512"],"device_authorization_endpoint":"https://domain.okta.com/oauth2/v1/device/authorize","dpop_signing_alg_values_supported":["RS256","RS384","RS512","ES256","ES384","ES512"]}},"strategy":"okta","name":"Test-Okta-Connection-1720167775","is_domain_connection":false,"show_as_button":false,"enabled_clients":[],"realms":["Test-Okta-Connection-1720167775"]}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 1.10321925s + - id: 1 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 3 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_i41HtvV1tONN0VKC/scim-configuration + method: POST + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: false + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_i41HtvV1tONN0VKC","connection_name":"Test-Okta-Connection-1720167775","strategy":"okta","mapping":[{"scim":"userName","auth0":"preferred_username"},{"scim":"emails[primary eq true].value","auth0":"email"},{"scim":"externalId","auth0":"app_metadata.external_id"},{"scim":"active","auth0":"blocked"},{"scim":"displayName","auth0":"name"},{"scim":"name.givenName","auth0":"given_name"},{"scim":"name.familyName","auth0":"family_name"},{"scim":"name.middleName","auth0":"app_metadata.middle_name"},{"scim":"name.honorificPrefix","auth0":"app_metadata.honorific_prefix"},{"scim":"name.honorificSuffix","auth0":"app_metadata.honorific_suffix"},{"scim":"nickName","auth0":"nickname"},{"scim":"photos[type eq \"photo\"].value","auth0":"picture"},{"scim":"phoneNumbers[primary eq true].value","auth0":"app_metadata.primary_phone_number"},{"scim":"phoneNumbers[type eq \"mobile\"].value","auth0":"app_metadata.mobile_phone_number"},{"scim":"addresses[type eq \"work\"].streetAddress","auth0":"app_metadata.street_address"},{"scim":"addresses[type eq \"work\"].locality","auth0":"app_metadata.city"},{"scim":"addresses[type eq \"work\"].region","auth0":"app_metadata.state"},{"scim":"addresses[type eq \"work\"].postalCode","auth0":"app_metadata.postal_code"},{"scim":"addresses[type eq \"work\"].formatted","auth0":"app_metadata.postal_address"},{"scim":"addresses[type eq \"work\"].country","auth0":"app_metadata.country"},{"scim":"profileUrl","auth0":"app_metadata.profile_url"},{"scim":"userType","auth0":"app_metadata.user_type"},{"scim":"title","auth0":"app_metadata.title"},{"scim":"preferredLanguage","auth0":"app_metadata.language"},{"scim":"locale","auth0":"app_metadata.locale"},{"scim":"timezone","auth0":"app_metadata.timezone"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.employeeNumber","auth0":"app_metadata.employee_id"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.costCenter","auth0":"app_metadata.cost_center"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.organization","auth0":"app_metadata.organization"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.division","auth0":"app_metadata.division"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.department","auth0":"app_metadata.department"},{"scim":"urn:ietf:params:scim:schemas:extension:enterprise:2.0:User.manager","auth0":"app_metadata.manager"}],"updated_on":"2024-07-05T08:22:56.846Z","created_at":"2024-07-05T08:22:56.846Z","user_id_attribute":"externalId"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 201 Created + code: 201 + duration: 403.439583ms + - id: 2 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 117 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: | + {"user_id_attribute":"userName","mapping":[{"auth0":"username","scim":"userName"},{"auth0":"email","scim":"email"}]} + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_i41HtvV1tONN0VKC/scim-configuration + method: PATCH + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_i41HtvV1tONN0VKC","connection_name":"Test-Okta-Connection-1720167775","strategy":"okta","mapping":[{"scim":"userName","auth0":"username"},{"scim":"email","auth0":"email"}],"updated_on":"2024-07-05T08:22:57.242Z","created_at":"2024-07-05T08:22:56.846Z","user_id_attribute":"userName"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 396.691583ms + - id: 3 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_i41HtvV1tONN0VKC/scim-configuration + method: GET + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: -1 + uncompressed: true + body: '{"tenant_name":"go-auth0-dev.eu.auth0.com","connection_id":"con_i41HtvV1tONN0VKC","connection_name":"Test-Okta-Connection-1720167775","strategy":"okta","mapping":[{"scim":"userName","auth0":"username"},{"scim":"email","auth0":"email"}],"updated_on":"2024-07-05T08:22:57.242Z","created_at":"2024-07-05T08:22:56.846Z","user_id_attribute":"userName"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 200 OK + code: 200 + duration: 679.696292ms + - id: 4 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_i41HtvV1tONN0VKC/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 385.37525ms + - id: 5 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_i41HtvV1tONN0VKC/scim-configuration + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 0 + uncompressed: false + body: "" + headers: + Content-Type: + - application/json; charset=utf-8 + status: 204 No Content + code: 204 + duration: 538.981417ms + - id: 6 + request: + proto: HTTP/1.1 + proto_major: 1 + proto_minor: 1 + content_length: 0 + transfer_encoding: [] + trailer: {} + host: go-auth0-dev.eu.auth0.com + remote_addr: "" + request_uri: "" + body: "" + form: {} + headers: + Content-Type: + - application/json + User-Agent: + - Go-Auth0/1.7.0 + url: https://go-auth0-dev.eu.auth0.com/api/v2/connections/con_i41HtvV1tONN0VKC + method: DELETE + response: + proto: HTTP/2.0 + proto_major: 2 + proto_minor: 0 + transfer_encoding: [] + trailer: {} + content_length: 41 + uncompressed: false + body: '{"deleted_at":"2024-07-05T08:22:59.222Z"}' + headers: + Content-Type: + - application/json; charset=utf-8 + status: 202 Accepted + code: 202 + duration: 373.156709ms