Skip to content

Commit

Permalink
SALTO-4116-SupportProvisioningForApps
Browse files Browse the repository at this point in the history
  • Loading branch information
@idoamit8
idoamit8 committed Dec 26, 2024
1 parent 659696a commit 9e86d66
Show file tree
Hide file tree
Showing 2 changed files with 262 additions and 1 deletion.
125 changes: 124 additions & 1 deletion packages/okta-adapter/src/definitions/deploy/deploy.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,14 +483,137 @@ const createCustomizations = (): Record<string, InstanceDeployApiDefinitions> =>
return {
value: {
name,
..._.omit(transformed, [ID_FIELD, LINKS_FIELD, CUSTOM_NAME_FIELD, ...APP_POLICIES]),
..._.omit(transformed, [
ID_FIELD,
LINKS_FIELD,
CUSTOM_NAME_FIELD,
...APP_POLICIES,
'applicationUserProvisioning',
'applicationInboundProvisioning',
'applicationProvisioningUsers',
'applicationProvisioningGeneral',
]),
},
}
},
},
},
},
...createDeployAppPolicyRequests(),
{
condition: {
skipIfIdentical: true,
transformForCheck: {
root: 'applicationUserProvisioning.capabilities',
},
},
request: {
endpoint: {
path: '/api/v1/apps/{id}/features/USER_PROVISIONING',
method: 'put',
},
transformation: {
root: 'applicationUserProvisioning.capabilities',
},
},
},
{
condition: {
skipIfIdentical: true,
transformForCheck: {
root: 'applicationInboundProvisioning.capabilities',
},
},
request: {
endpoint: {
path: '/api/v1/apps/{id}/features/INBOUND_PROVISIONING',
method: 'put',
},
transformation: {
root: 'applicationInboundProvisioning.capabilities',
},
},
},
{
condition: {
custom:
() =>
({ change }) =>
getChangeData(change).value.applicationInboundProvisioning?.status === 'ENABLED',
transformForCheck: {
pick: ['applicationInboundProvisioning.status'],
},
},
request: {
endpoint: {
path: '/api/v1/apps/{id}/connections/default/lifecycle/activate',
method: 'post',
},
transformation: {
root: 'applicationInboundProvisioning.status',
},
},
},
{
condition: {
custom:
() =>
({ change }) =>
getChangeData(change).value.applicationInboundProvisioning?.status === 'DISABLED',
transformForCheck: {
pick: ['applicationInboundProvisioning.status'],
},
},
request: {
endpoint: {
path: '/api/v1/apps/{id}/connections/default/lifecycle/deactivate',
method: 'post',
},
transformation: {
pick: ['applicationInboundProvisioning.status'],
},
},
},
{
condition: {
skipIfIdentical: true,
transformForCheck: {
root: 'applicationProvisioningUsers',
},
},
request: {
endpoint: {
path: '/api/v1/internal/apps/{id}/settings/importMatchRules',
client: 'private',
method: 'post',
},
transformation: {
root: 'applicationProvisioningUsers',
single: false,
},
},
copyFromResponse: {
updateServiceIDs: false,
},
},
{
condition: {
skipIfIdentical: true,
transformForCheck: {
root: 'applicationProvisioningGeneral',
},
},
request: {
endpoint: {
path: '/api/v1/internal/apps/instance/{id}/settings/user-mgmt-general',
client: 'private',
method: 'post',
},
transformation: {
root: 'applicationProvisioningGeneral',
},
},
},
],
remove: [
{
Expand Down
138 changes: 138 additions & 0 deletions packages/okta-adapter/src/definitions/fetch/fetch.ts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -371,6 +371,44 @@ const createCustomizations = ({
},
},
},
applicationUserProvisioning: {
typeName: 'ApplicationUserProvisioning',
conditions: [
{
fromField: 'name',
match: ['^google$', '^office365$', '^okta_org2org$', '^slack$', '^zoomus$', '^zscalerbyz$'],
},
// Provisioning is only available for apps with features, but it's possible for an app to have features without provisioning.
{ fromField: 'features', match: ['.+'] },
],
context: {
args: {
appId: {
root: 'id',
},
},
},
single: true,
},
applicationInboundProvisioning: {
typeName: 'ApplicationInboundProvisioning',
conditions: [
{
fromField: 'name',
match: ['^google$', '^office365$', '^okta_org2org$', '^zoomus$', '^slack$'],
},
// Provisioning is only available for apps with features, but it's possible for an app to have features without provisioning.
{ fromField: 'features', match: ['.+'] },
],
context: {
args: {
appId: {
root: 'id',
},
},
},
single: true,
},
...(usePrivateAPI
? {
GroupPush: {
Expand Down Expand Up @@ -412,6 +450,43 @@ const createCustomizations = ({
},
],
},
applicationProvisioningGeneral: {
typeName: 'ApplicationProvisioningGeneral',
conditions: [
{
fromField: 'name',
match: ['^(?!google$|office365$|okta_org2org$|slack$|zoomus$).*$'],
},
// Provisioning is only available for apps with features, but it's possible for an app to have features without provisioning.
{ fromField: 'features', match: ['.+'] },
],
context: {
args: {
appId: {
root: 'id',
},
},
},
single: true,
},
applicationProvisioningUsers: {
typeName: 'ApplicationProvisioningUsers',
conditions: [
{
fromField: 'name',
match: ['^(?!google$|office365$|okta_org2org$|slack$|zoomus$).*$'],
},
// Provisioning is only available for apps with features, but it's possible for an app to have features without provisioning.
{ fromField: 'features', match: ['.+'] },
],
context: {
args: {
appId: {
root: 'id',
},
},
},
},
}
: {}),
},
Expand Down Expand Up @@ -597,6 +672,69 @@ const createCustomizations = ({
fieldCustomizations: { mappingRuleId: { hide: true } },
},
},
ApplicationUserProvisioning: {
requests: [
{
endpoint: {
path: '/api/v1/apps/{appId}/features/USER_PROVISIONING',
},
transformation: {
omit: ['_links', 'name', 'description', 'status'],
},
},
],
resource: {
directFetch: false,
},
},
ApplicationInboundProvisioning: {
requests: [
{
endpoint: {
path: '/api/v1/apps/{appId}/features/INBOUND_PROVISIONING',
},
transformation: {
omit: ['_links', 'name', 'description'],
},
},
],
resource: {
directFetch: false,
},
},
ApplicationProvisioningGeneral: {
requests: [
{
endpoint: {
path: '/api/v1/internal/apps/instance/{appId}/settings/user-mgmt-general',
client: 'private',
},
transformation: {
pick: ['enabled', 'importSettings.userNameTemplate', 'importSettings.importInterval'],
},
},
],
resource: {
directFetch: false,
},
},
ApplicationProvisioningUsers: {
requests: [
{
endpoint: {
path: '/api/v1/internal/apps/{appId}/settings/importMatchRules',
client: 'private',
},
transformation: {
omit: ['id'],
},
},
],
resource: {
directFetch: false,
serviceIDFields: [], // The default serviceId is 'id' which causes to returned values to be merged since we remove it.
},
},
}
: {}),
ProfileMapping: {
Expand Down

0 comments on commit 9e86d66

Please sign in to comment.