osso 0.0.3.1 → 0.0.3.6
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/.buildkite/pipeline.yml +4 -1
- data/.rubocop.yml +1 -2
- data/Gemfile.lock +3 -1
- data/bin/console +4 -3
- data/config/database.yml +2 -2
- data/db/schema.rb +133 -1
- data/lib/osso.rb +2 -0
- data/lib/osso/db/migrate/20200328143305_create_identity_providers.rb +12 -0
- data/lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb +2 -2
- data/lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb +1 -1
- data/lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_accounts_and_identity_providers.rb +6 -0
- data/lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb +17 -0
- data/lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb +6 -0
- data/lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb +5 -0
- data/lib/osso/graphql/mutation.rb +10 -5
- data/lib/osso/graphql/mutations.rb +5 -2
- data/lib/osso/graphql/mutations/base_mutation.rb +29 -14
- data/lib/osso/graphql/mutations/configure_identity_provider.rb +19 -18
- data/lib/osso/graphql/mutations/create_enterprise_account.rb +25 -0
- data/lib/osso/graphql/mutations/create_identity_provider.rb +22 -16
- data/lib/osso/graphql/mutations/set_identity_provider.rb +27 -0
- data/lib/osso/graphql/query.rb +19 -22
- data/lib/osso/graphql/resolvers.rb +5 -1
- data/lib/osso/graphql/resolvers/enterprise_account.rb +16 -12
- data/lib/osso/graphql/resolvers/enterprise_accounts.rb +10 -6
- data/lib/osso/graphql/resolvers/oauth_clients.rb +9 -5
- data/lib/osso/graphql/schema.rb +23 -19
- data/lib/osso/graphql/types.rb +4 -1
- data/lib/osso/graphql/types/base_enum.rb +6 -2
- data/lib/osso/graphql/types/base_input_object.rb +10 -0
- data/lib/osso/graphql/types/base_object.rb +6 -2
- data/lib/osso/graphql/types/enterprise_account.rb +19 -19
- data/lib/osso/graphql/types/identity_provider.rb +19 -27
- data/lib/osso/graphql/types/identity_provider_service.rb +8 -4
- data/lib/osso/graphql/types/oauth_client.rb +13 -9
- data/lib/osso/graphql/types/user.rb +10 -5
- data/lib/osso/helpers/auth.rb +53 -49
- data/lib/osso/helpers/helpers.rb +3 -1
- data/lib/osso/lib/app_config.rb +1 -1
- data/lib/osso/lib/route_map.rb +28 -0
- data/lib/osso/models/enterprise_account.rb +4 -4
- data/lib/osso/models/identity_provider.rb +48 -0
- data/lib/osso/models/models.rb +1 -1
- data/lib/osso/models/oauth_client.rb +2 -2
- data/lib/osso/models/saml_provider.rb +13 -16
- data/lib/osso/models/saml_providers/azure_saml_provider.rb +2 -2
- data/lib/osso/models/saml_providers/okta_saml_provider.rb +1 -1
- data/lib/osso/models/user.rb +3 -3
- data/lib/osso/routes/admin.rb +18 -15
- data/lib/osso/routes/auth.rb +30 -27
- data/lib/osso/routes/oauth.rb +50 -45
- data/lib/osso/version.rb +1 -1
- data/osso-rb.gemspec +3 -3
- data/spec/factories/enterprise_account.rb +5 -4
- data/spec/factories/identity_providers.rb +49 -0
- data/spec/factories/user.rb +1 -1
- data/spec/graphql/mutations/configure_identity_provider_spec.rb +65 -0
- data/spec/graphql/mutations/create_enterprise_account_spec.rb +68 -0
- data/spec/graphql/mutations/create_identity_provider_spec.rb +104 -0
- data/spec/graphql/query/enterprise_account_spec.rb +68 -0
- data/spec/graphql/query/enterprise_accounts_spec.rb +44 -0
- data/spec/graphql/query/identity_provider_spec.rb +62 -0
- data/spec/graphql/query/oauth_clients_account_spec.rb +48 -0
- data/spec/models/azure_saml_provider_spec.rb +14 -14
- data/spec/models/identity_provider_spec.rb +17 -0
- data/spec/models/okta_saml_provider_spec.rb +15 -15
- data/spec/routes/admin_spec.rb +2 -0
- data/spec/routes/auth_spec.rb +9 -9
- data/spec/routes/oauth_spec.rb +1 -1
- data/spec/spec_helper.rb +4 -5
- data/spec/support/spec_app.rb +9 -0
- data/spec/support/views/{public/index.erb → admin.erb} +0 -0
- metadata +37 -13
- data/lib/osso/db/migrate/20200411144528_create_saml_providers.rb +0 -13
- data/lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb +0 -5
- data/lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb +0 -7
- data/lib/osso/db/migrate/20200501204047_drop_acs_url.rb +0 -5
- data/lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb +0 -5
- data/lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb +0 -7
- data/lib/osso/db/schema.rb +0 -132
- data/lib/osso/graphql/mutations/set_saml_provider.rb +0 -23
- data/spec/factories/saml_providers.rb +0 -46
- data/spec/models/saml_provider_spec.rb +0 -31
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f2d208f60074e354a988dd4f6d1e07409a8c5b9809371f2ab86e952c1cf52cb2
|
|
4
|
+
data.tar.gz: a113355db7bb066f7f87fea0bf8313bc7f60d628380abb8f334fc5de8e7e2d29
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fec8ba8811aa056a367f975f206309cf74148a2bb551f8b37073a5c084a8fdeb86433dcd55862e24fe1199ba0b9ac8f3d166fce74ab7ea61ac5faa0690426baf
|
|
7
|
+
data.tar.gz: 20f63616bfc1619d503357be6cbabc114bd9a9402fdd7cdf3e0caa5415fb19dd4cf22a56dcdc6aa83c0b323cd77f4da529659e1455e3c277f4d4180d97e290d5
|
data/.buildkite/pipeline.yml
CHANGED
data/.rubocop.yml
CHANGED
data/Gemfile.lock
CHANGED
|
@@ -1,8 +1,9 @@
|
|
|
1
1
|
PATH
|
|
2
2
|
remote: .
|
|
3
3
|
specs:
|
|
4
|
-
osso (0.0.3.
|
|
4
|
+
osso (0.0.3.6)
|
|
5
5
|
activesupport (>= 6.0.3.2)
|
|
6
|
+
graphql
|
|
6
7
|
jwt
|
|
7
8
|
omniauth-multi-provider
|
|
8
9
|
omniauth-saml
|
|
@@ -48,6 +49,7 @@ GEM
|
|
|
48
49
|
activesupport (>= 5.0.0)
|
|
49
50
|
faker (2.13.0)
|
|
50
51
|
i18n (>= 1.6, < 2)
|
|
52
|
+
graphql (1.11.1)
|
|
51
53
|
hashdiff (1.0.1)
|
|
52
54
|
hashie (4.1.0)
|
|
53
55
|
httpclient (2.8.3)
|
data/bin/console
CHANGED
data/config/database.yml
CHANGED
|
@@ -2,13 +2,13 @@ development:
|
|
|
2
2
|
adapter: postgresql
|
|
3
3
|
encoding: unicode
|
|
4
4
|
pool: 5
|
|
5
|
-
database:
|
|
5
|
+
database: ossorb-development
|
|
6
6
|
host: ''
|
|
7
7
|
port: 5432
|
|
8
8
|
test:
|
|
9
9
|
adapter: postgresql
|
|
10
10
|
encoding: unicode
|
|
11
11
|
pool: 5
|
|
12
|
-
database:
|
|
12
|
+
database: ossorb-test
|
|
13
13
|
host: ''
|
|
14
14
|
port: 5432
|
data/db/schema.rb
CHANGED
|
@@ -1 +1,133 @@
|
|
|
1
|
-
#
|
|
1
|
+
# This file is auto-generated from the current state of the database. Instead
|
|
2
|
+
# of editing this file, please use the migrations feature of Active Record to
|
|
3
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
|
4
|
+
#
|
|
5
|
+
# This file is the source Rails uses to define your schema when running `rails
|
|
6
|
+
# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
|
|
7
|
+
# be faster and is potentially less error prone than running all of your
|
|
8
|
+
# migrations from scratch. Old migrations may fail to apply correctly if those
|
|
9
|
+
# migrations use external dependencies or application code.
|
|
10
|
+
#
|
|
11
|
+
# It's strongly recommended that you check this file into your version control system.
|
|
12
|
+
|
|
13
|
+
ActiveRecord::Schema.define(version: 2020_07_15_205801) do
|
|
14
|
+
|
|
15
|
+
# These are extensions that must be enabled in order to support this database
|
|
16
|
+
enable_extension "pgcrypto"
|
|
17
|
+
enable_extension "plpgsql"
|
|
18
|
+
|
|
19
|
+
create_table "access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
20
|
+
t.string "token"
|
|
21
|
+
t.datetime "expires_at"
|
|
22
|
+
t.datetime "created_at", precision: 6, null: false
|
|
23
|
+
t.datetime "updated_at", precision: 6, null: false
|
|
24
|
+
t.uuid "user_id"
|
|
25
|
+
t.uuid "oauth_client_id"
|
|
26
|
+
t.index ["oauth_client_id"], name: "index_access_tokens_on_oauth_client_id"
|
|
27
|
+
t.index ["user_id"], name: "index_access_tokens_on_user_id"
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
create_table "authorization_codes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
31
|
+
t.string "token"
|
|
32
|
+
t.string "redirect_uri"
|
|
33
|
+
t.datetime "expires_at"
|
|
34
|
+
t.datetime "created_at", precision: 6, null: false
|
|
35
|
+
t.datetime "updated_at", precision: 6, null: false
|
|
36
|
+
t.uuid "user_id"
|
|
37
|
+
t.uuid "oauth_client_id"
|
|
38
|
+
t.index ["oauth_client_id"], name: "index_authorization_codes_on_oauth_client_id"
|
|
39
|
+
t.index ["token"], name: "index_authorization_codes_on_token", unique: true
|
|
40
|
+
t.index ["user_id"], name: "index_authorization_codes_on_user_id"
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
create_table "enterprise_accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
44
|
+
t.string "domain", null: false
|
|
45
|
+
t.uuid "external_uuid"
|
|
46
|
+
t.integer "external_int_id"
|
|
47
|
+
t.string "external_id"
|
|
48
|
+
t.uuid "oauth_client_id"
|
|
49
|
+
t.string "name", null: false
|
|
50
|
+
t.index ["domain"], name: "index_enterprise_accounts_on_domain", unique: true
|
|
51
|
+
t.index ["oauth_client_id"], name: "index_enterprise_accounts_on_oauth_client_id"
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
create_table "identity_providers", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
55
|
+
t.string "service"
|
|
56
|
+
t.string "domain", null: false
|
|
57
|
+
t.string "sso_url"
|
|
58
|
+
t.text "sso_cert"
|
|
59
|
+
t.uuid "enterprise_account_id"
|
|
60
|
+
t.uuid "oauth_client_id"
|
|
61
|
+
t.index ["domain"], name: "index_identity_providers_on_domain"
|
|
62
|
+
t.index ["enterprise_account_id"], name: "index_identity_providers_on_enterprise_account_id"
|
|
63
|
+
t.index ["oauth_client_id"], name: "index_identity_providers_on_oauth_client_id"
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
create_table "oauth_access_grants", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
67
|
+
t.uuid "resource_owner_id", null: false
|
|
68
|
+
t.uuid "application_id", null: false
|
|
69
|
+
t.string "token", null: false
|
|
70
|
+
t.integer "expires_in", null: false
|
|
71
|
+
t.text "redirect_uri", null: false
|
|
72
|
+
t.datetime "created_at", null: false
|
|
73
|
+
t.datetime "revoked_at"
|
|
74
|
+
t.string "scopes", default: "", null: false
|
|
75
|
+
t.index ["application_id"], name: "index_oauth_access_grants_on_application_id"
|
|
76
|
+
t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
create_table "oauth_access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
80
|
+
t.uuid "resource_owner_id"
|
|
81
|
+
t.uuid "application_id"
|
|
82
|
+
t.string "token", null: false
|
|
83
|
+
t.string "refresh_token"
|
|
84
|
+
t.integer "expires_in"
|
|
85
|
+
t.datetime "revoked_at"
|
|
86
|
+
t.datetime "created_at", null: false
|
|
87
|
+
t.string "scopes"
|
|
88
|
+
t.string "previous_refresh_token", default: "", null: false
|
|
89
|
+
t.index ["application_id"], name: "index_oauth_access_tokens_on_application_id"
|
|
90
|
+
t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
|
|
91
|
+
t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
create_table "oauth_applications", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
95
|
+
t.string "name", null: false
|
|
96
|
+
t.string "secret", null: false
|
|
97
|
+
t.text "redirect_uri", null: false
|
|
98
|
+
t.string "scopes", default: "", null: false
|
|
99
|
+
t.boolean "confidential", default: true, null: false
|
|
100
|
+
t.datetime "created_at", precision: 6, null: false
|
|
101
|
+
t.datetime "updated_at", precision: 6, null: false
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
create_table "oauth_clients", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
105
|
+
t.string "name", null: false
|
|
106
|
+
t.string "secret", null: false
|
|
107
|
+
t.string "identifier", null: false
|
|
108
|
+
t.index ["identifier"], name: "index_oauth_clients_on_identifier", unique: true
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
create_table "redirect_uris", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
112
|
+
t.string "uri", null: false
|
|
113
|
+
t.boolean "primary", default: false, null: false
|
|
114
|
+
t.uuid "oauth_client_id"
|
|
115
|
+
t.index ["oauth_client_id"], name: "index_redirect_uris_on_oauth_client_id"
|
|
116
|
+
t.index ["uri", "primary"], name: "index_redirect_uris_on_uri_and_primary", unique: true
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
create_table "users", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
120
|
+
t.string "email", null: false
|
|
121
|
+
t.string "idp_id", null: false
|
|
122
|
+
t.uuid "identity_provider_id"
|
|
123
|
+
t.uuid "enterprise_account_id"
|
|
124
|
+
t.index ["email", "idp_id"], name: "index_users_on_email_and_idp_id", unique: true
|
|
125
|
+
t.index ["enterprise_account_id"], name: "index_users_on_enterprise_account_id"
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
add_foreign_key "oauth_access_grants", "oauth_applications", column: "application_id"
|
|
129
|
+
add_foreign_key "oauth_access_grants", "users", column: "resource_owner_id"
|
|
130
|
+
add_foreign_key "oauth_access_tokens", "oauth_applications", column: "application_id"
|
|
131
|
+
add_foreign_key "oauth_access_tokens", "users", column: "resource_owner_id"
|
|
132
|
+
add_foreign_key "users", "identity_providers"
|
|
133
|
+
end
|
data/lib/osso.rb
CHANGED
|
@@ -4,6 +4,8 @@ module Osso
|
|
|
4
4
|
require_relative 'osso/helpers/helpers'
|
|
5
5
|
require_relative 'osso/lib/app_config'
|
|
6
6
|
require_relative 'osso/lib/oauth2_token'
|
|
7
|
+
require_relative 'osso/lib/route_map'
|
|
7
8
|
require_relative 'osso/models/models'
|
|
8
9
|
require_relative 'osso/routes/routes'
|
|
10
|
+
require_relative 'osso/graphql/schema'
|
|
9
11
|
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
class CreateIdentityProviders < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
create_table :identity_providers, id: :uuid do |t|
|
|
4
|
+
t.string :service
|
|
5
|
+
t.string :domain, null: false
|
|
6
|
+
t.string :idp_sso_target_url
|
|
7
|
+
t.text :idp_cert
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
add_index :identity_providers, :domain
|
|
11
|
+
end
|
|
12
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class AddProviderIdToUsers < ActiveRecord::Migration[6.0]
|
|
2
2
|
def change
|
|
3
|
-
add_column :users, :
|
|
3
|
+
add_column :users, :identity_provider_id, :uuid
|
|
4
4
|
|
|
5
|
-
add_foreign_key :users, :
|
|
5
|
+
add_foreign_key :users, :identity_providers
|
|
6
6
|
end
|
|
7
7
|
end
|
|
@@ -9,7 +9,7 @@ class CreateEnterpriseAccounts < ActiveRecord::Migration[6.0]
|
|
|
9
9
|
|
|
10
10
|
add_index :enterprise_accounts, :domain, unique: true
|
|
11
11
|
|
|
12
|
-
add_reference :
|
|
12
|
+
add_reference :identity_providers, :enterprise_account, type: :uuid, index: true
|
|
13
13
|
add_reference :users, :enterprise_account, type: :uuid, index: true
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
class AddOauthClientIdToEnterpriseAccountsAndIdentityProviders < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
add_reference :enterprise_accounts, :oauth_client, type: :uuid, index: true
|
|
4
|
+
add_reference :identity_providers, :oauth_client, type: :uuid, index: true
|
|
5
|
+
end
|
|
6
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
class AddIdentityProviderServiceEnum < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
def up
|
|
4
|
+
execute <<-SQL
|
|
5
|
+
CREATE TYPE identity_provider_service AS ENUM ('OKTA', 'AZURE');
|
|
6
|
+
SQL
|
|
7
|
+
chnage_column :identity_providers, :service, :identity_provider_service
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def down
|
|
11
|
+
chnage_column :identity_providers, :service, :text
|
|
12
|
+
execute <<-SQL
|
|
13
|
+
DROP TYPE identity_provider_service;
|
|
14
|
+
SQL
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -2,10 +2,15 @@
|
|
|
2
2
|
|
|
3
3
|
require_relative 'mutations'
|
|
4
4
|
|
|
5
|
-
module
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
5
|
+
module Osso
|
|
6
|
+
module GraphQL
|
|
7
|
+
module Types
|
|
8
|
+
class MutationType < BaseObject
|
|
9
|
+
field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider
|
|
10
|
+
field :create_identity_provider, mutation: Mutations::CreateIdentityProvider
|
|
11
|
+
field :create_enterprise_account, mutation: Mutations::CreateEnterpriseAccount
|
|
12
|
+
field :set_identity_provider, mutation: Mutations::SetSamlProvider
|
|
13
|
+
end
|
|
14
|
+
end
|
|
10
15
|
end
|
|
11
16
|
end
|
|
@@ -1,9 +1,12 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
module
|
|
3
|
+
module Osso
|
|
4
|
+
module Mutations
|
|
5
|
+
end
|
|
4
6
|
end
|
|
5
7
|
|
|
6
8
|
require_relative 'mutations/base_mutation'
|
|
7
9
|
require_relative 'mutations/configure_identity_provider'
|
|
8
10
|
require_relative 'mutations/create_identity_provider'
|
|
9
|
-
require_relative 'mutations/
|
|
11
|
+
require_relative 'mutations/create_enterprise_account'
|
|
12
|
+
require_relative 'mutations/set_identity_provider'
|
|
@@ -1,20 +1,35 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
module
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
10
|
-
|
|
11
|
-
|
|
12
|
-
|
|
13
|
-
|
|
14
|
-
|
|
3
|
+
module Osso
|
|
4
|
+
module GraphQL
|
|
5
|
+
module Mutations
|
|
6
|
+
class BaseMutation < ::GraphQL::Schema::RelayClassicMutation
|
|
7
|
+
object_class Types::BaseObject
|
|
8
|
+
input_object_class Types::BaseInputObject
|
|
9
|
+
|
|
10
|
+
def response_data(data)
|
|
11
|
+
data.merge(errors: [])
|
|
12
|
+
end
|
|
13
|
+
|
|
14
|
+
def response_error(error)
|
|
15
|
+
error.merge(data: nil)
|
|
16
|
+
end
|
|
17
|
+
|
|
18
|
+
def ready?(enterprise_account_id: nil, domain: nil, **args)
|
|
19
|
+
return true if context[:scope] == :admin
|
|
20
|
+
|
|
21
|
+
domain ||= account_domain(enterprise_account_id)
|
|
22
|
+
return true if domain == context[:scope]
|
|
23
|
+
|
|
24
|
+
raise ::GraphQL::ExecutionError, "This user lacks the scope to mutate records belonging to #{args[:domain]}"
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def account_domain(id)
|
|
28
|
+
return false unless id
|
|
15
29
|
|
|
16
|
-
|
|
17
|
-
|
|
30
|
+
Osso::Models::EnterpriseAccount.find(id)&.domain
|
|
31
|
+
end
|
|
32
|
+
end
|
|
18
33
|
end
|
|
19
34
|
end
|
|
20
35
|
end
|
|
@@ -1,26 +1,27 @@
|
|
|
1
1
|
# frozen_string_literal: true
|
|
2
2
|
|
|
3
|
-
module
|
|
4
|
-
|
|
5
|
-
|
|
6
|
-
|
|
7
|
-
|
|
8
|
-
|
|
9
|
-
|
|
3
|
+
module Osso
|
|
4
|
+
module GraphQL
|
|
5
|
+
module Mutations
|
|
6
|
+
class ConfigureIdentityProvider < BaseMutation
|
|
7
|
+
null false
|
|
8
|
+
argument :id, ID, required: true
|
|
9
|
+
argument :service, Types::IdentityProviderService, required: false
|
|
10
|
+
argument :sso_url, String, required: false
|
|
11
|
+
argument :sso_cert, String, required: false
|
|
10
12
|
|
|
11
|
-
|
|
12
|
-
|
|
13
|
+
field :identity_provider, Types::IdentityProvider, null: false
|
|
14
|
+
field :errors, [String], null: false
|
|
13
15
|
|
|
14
|
-
|
|
15
|
-
|
|
16
|
-
provider.update(
|
|
17
|
-
idp_cert: sso_cert,
|
|
18
|
-
idp_sso_target_url: sso_url,
|
|
19
|
-
)
|
|
16
|
+
def resolve(id:, **args)
|
|
17
|
+
provider = Osso::Models::IdentityProvider.find(id)
|
|
20
18
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
19
|
+
return unauthorized unless authorized?
|
|
20
|
+
return response_data(identity_provider: provider) if provider.update(args)
|
|
21
|
+
|
|
22
|
+
response_error(errors: provder.errors.messages)
|
|
23
|
+
end
|
|
24
|
+
end
|
|
24
25
|
end
|
|
25
26
|
end
|
|
26
27
|
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Osso
|
|
4
|
+
module GraphQL
|
|
5
|
+
module Mutations
|
|
6
|
+
class CreateEnterpriseAccount < BaseMutation
|
|
7
|
+
null false
|
|
8
|
+
|
|
9
|
+
argument :domain, String, required: true
|
|
10
|
+
argument :name, String, required: true
|
|
11
|
+
|
|
12
|
+
field :enterprise_account, Types::EnterpriseAccount, null: false
|
|
13
|
+
field :errors, [String], null: false
|
|
14
|
+
|
|
15
|
+
def resolve(**args)
|
|
16
|
+
enterprise_account = Osso::Models::EnterpriseAccount.new(args)
|
|
17
|
+
|
|
18
|
+
return response_data(enterprise_account: enterprise_account) if enterprise_account.save
|
|
19
|
+
|
|
20
|
+
response_error(errors: enterprise_account.errors.full_messages)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|