osso 0.0.3.5 → 0.0.3.6
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/.buildkite/pipeline.yml +4 -1
- data/Gemfile.lock +1 -1
- data/config/database.yml +2 -2
- data/db/schema.rb +133 -1
- data/lib/osso/db/migrate/20200328143305_create_identity_providers.rb +12 -0
- data/lib/osso/db/migrate/20200411184535_add_provider_id_to_users.rb +2 -2
- data/lib/osso/db/migrate/20200411192645_create_enterprise_accounts.rb +1 -1
- data/lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_accounts_and_identity_providers.rb +6 -0
- data/lib/osso/db/migrate/20200714223226_add_identity_provider_service_enum.rb +17 -0
- data/lib/osso/db/migrate/20200715154211_rename_idp_fields_on_identity_provider_to_sso.rb +6 -0
- data/lib/osso/db/migrate/20200715205801_add_name_to_enterprise_account.rb +5 -0
- data/lib/osso/graphql/mutation.rb +2 -1
- data/lib/osso/graphql/mutations.rb +2 -1
- data/lib/osso/graphql/mutations/base_mutation.rb +18 -7
- data/lib/osso/graphql/mutations/configure_identity_provider.rb +10 -13
- data/lib/osso/graphql/mutations/create_enterprise_account.rb +25 -0
- data/lib/osso/graphql/mutations/create_identity_provider.rb +9 -7
- data/lib/osso/graphql/mutations/{set_saml_provider.rb → set_identity_provider.rb} +4 -4
- data/lib/osso/graphql/query.rb +2 -2
- data/lib/osso/graphql/resolvers/oauth_clients.rb +1 -1
- data/lib/osso/graphql/schema.rb +1 -1
- data/lib/osso/graphql/types.rb +1 -0
- data/lib/osso/graphql/types/base_input_object.rb +10 -0
- data/lib/osso/graphql/types/enterprise_account.rb +1 -5
- data/lib/osso/graphql/types/identity_provider.rb +1 -13
- data/lib/osso/lib/app_config.rb +1 -1
- data/lib/osso/models/enterprise_account.rb +4 -4
- data/lib/osso/models/identity_provider.rb +48 -0
- data/lib/osso/models/models.rb +1 -1
- data/lib/osso/models/oauth_client.rb +1 -1
- data/lib/osso/models/saml_provider.rb +13 -16
- data/lib/osso/models/saml_providers/azure_saml_provider.rb +1 -1
- data/lib/osso/models/saml_providers/okta_saml_provider.rb +1 -1
- data/lib/osso/models/user.rb +3 -3
- data/lib/osso/routes/auth.rb +4 -4
- data/lib/osso/routes/oauth.rb +1 -1
- data/lib/osso/version.rb +1 -1
- data/spec/factories/enterprise_account.rb +5 -4
- data/spec/factories/identity_providers.rb +49 -0
- data/spec/factories/user.rb +1 -1
- data/spec/graphql/mutations/configure_identity_provider_spec.rb +65 -0
- data/spec/graphql/mutations/create_enterprise_account_spec.rb +68 -0
- data/spec/graphql/mutations/create_identity_provider_spec.rb +104 -0
- data/spec/graphql/query/enterprise_account_spec.rb +68 -0
- data/spec/graphql/query/enterprise_accounts_spec.rb +44 -0
- data/spec/graphql/query/identity_provider_spec.rb +62 -0
- data/spec/graphql/query/oauth_clients_account_spec.rb +48 -0
- data/spec/models/azure_saml_provider_spec.rb +14 -14
- data/spec/models/identity_provider_spec.rb +17 -0
- data/spec/models/okta_saml_provider_spec.rb +15 -15
- data/spec/routes/auth_spec.rb +9 -9
- data/spec/routes/oauth_spec.rb +1 -1
- data/spec/spec_helper.rb +1 -0
- metadata +20 -12
- data/lib/osso/db/migrate/20200411144528_create_saml_providers.rb +0 -13
- data/lib/osso/db/migrate/20200413153029_add_oauth_client_reference_to_saml_providers.rb +0 -5
- data/lib/osso/db/migrate/20200501203026_drop_null_constraints_from_saml_provider.rb +0 -7
- data/lib/osso/db/migrate/20200501204047_drop_acs_url.rb +0 -5
- data/lib/osso/db/migrate/20200502135008_add_oauth_client_id_to_enterprise_account.rb +0 -5
- data/lib/osso/db/migrate/20200601131227_drop_null_constraint_from_saml_providers_provider.rb +0 -7
- data/lib/osso/db/schema.rb +0 -132
- data/spec/factories/saml_providers.rb +0 -46
- data/spec/models/saml_provider_spec.rb +0 -31
checksums.yaml
CHANGED
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
---
|
|
2
2
|
SHA256:
|
|
3
|
-
metadata.gz:
|
|
4
|
-
data.tar.gz:
|
|
3
|
+
metadata.gz: f2d208f60074e354a988dd4f6d1e07409a8c5b9809371f2ab86e952c1cf52cb2
|
|
4
|
+
data.tar.gz: a113355db7bb066f7f87fea0bf8313bc7f60d628380abb8f334fc5de8e7e2d29
|
|
5
5
|
SHA512:
|
|
6
|
-
metadata.gz:
|
|
7
|
-
data.tar.gz:
|
|
6
|
+
metadata.gz: fec8ba8811aa056a367f975f206309cf74148a2bb551f8b37073a5c084a8fdeb86433dcd55862e24fe1199ba0b9ac8f3d166fce74ab7ea61ac5faa0690426baf
|
|
7
|
+
data.tar.gz: 20f63616bfc1619d503357be6cbabc114bd9a9402fdd7cdf3e0caa5415fb19dd4cf22a56dcdc6aa83c0b323cd77f4da529659e1455e3c277f4d4180d97e290d5
|
data/.buildkite/pipeline.yml
CHANGED
data/Gemfile.lock
CHANGED
data/config/database.yml
CHANGED
|
@@ -2,13 +2,13 @@ development:
|
|
|
2
2
|
adapter: postgresql
|
|
3
3
|
encoding: unicode
|
|
4
4
|
pool: 5
|
|
5
|
-
database:
|
|
5
|
+
database: ossorb-development
|
|
6
6
|
host: ''
|
|
7
7
|
port: 5432
|
|
8
8
|
test:
|
|
9
9
|
adapter: postgresql
|
|
10
10
|
encoding: unicode
|
|
11
11
|
pool: 5
|
|
12
|
-
database:
|
|
12
|
+
database: ossorb-test
|
|
13
13
|
host: ''
|
|
14
14
|
port: 5432
|
data/db/schema.rb
CHANGED
|
@@ -1 +1,133 @@
|
|
|
1
|
-
#
|
|
1
|
+
# This file is auto-generated from the current state of the database. Instead
|
|
2
|
+
# of editing this file, please use the migrations feature of Active Record to
|
|
3
|
+
# incrementally modify your database, and then regenerate this schema definition.
|
|
4
|
+
#
|
|
5
|
+
# This file is the source Rails uses to define your schema when running `rails
|
|
6
|
+
# db:schema:load`. When creating a new database, `rails db:schema:load` tends to
|
|
7
|
+
# be faster and is potentially less error prone than running all of your
|
|
8
|
+
# migrations from scratch. Old migrations may fail to apply correctly if those
|
|
9
|
+
# migrations use external dependencies or application code.
|
|
10
|
+
#
|
|
11
|
+
# It's strongly recommended that you check this file into your version control system.
|
|
12
|
+
|
|
13
|
+
ActiveRecord::Schema.define(version: 2020_07_15_205801) do
|
|
14
|
+
|
|
15
|
+
# These are extensions that must be enabled in order to support this database
|
|
16
|
+
enable_extension "pgcrypto"
|
|
17
|
+
enable_extension "plpgsql"
|
|
18
|
+
|
|
19
|
+
create_table "access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
20
|
+
t.string "token"
|
|
21
|
+
t.datetime "expires_at"
|
|
22
|
+
t.datetime "created_at", precision: 6, null: false
|
|
23
|
+
t.datetime "updated_at", precision: 6, null: false
|
|
24
|
+
t.uuid "user_id"
|
|
25
|
+
t.uuid "oauth_client_id"
|
|
26
|
+
t.index ["oauth_client_id"], name: "index_access_tokens_on_oauth_client_id"
|
|
27
|
+
t.index ["user_id"], name: "index_access_tokens_on_user_id"
|
|
28
|
+
end
|
|
29
|
+
|
|
30
|
+
create_table "authorization_codes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
31
|
+
t.string "token"
|
|
32
|
+
t.string "redirect_uri"
|
|
33
|
+
t.datetime "expires_at"
|
|
34
|
+
t.datetime "created_at", precision: 6, null: false
|
|
35
|
+
t.datetime "updated_at", precision: 6, null: false
|
|
36
|
+
t.uuid "user_id"
|
|
37
|
+
t.uuid "oauth_client_id"
|
|
38
|
+
t.index ["oauth_client_id"], name: "index_authorization_codes_on_oauth_client_id"
|
|
39
|
+
t.index ["token"], name: "index_authorization_codes_on_token", unique: true
|
|
40
|
+
t.index ["user_id"], name: "index_authorization_codes_on_user_id"
|
|
41
|
+
end
|
|
42
|
+
|
|
43
|
+
create_table "enterprise_accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
44
|
+
t.string "domain", null: false
|
|
45
|
+
t.uuid "external_uuid"
|
|
46
|
+
t.integer "external_int_id"
|
|
47
|
+
t.string "external_id"
|
|
48
|
+
t.uuid "oauth_client_id"
|
|
49
|
+
t.string "name", null: false
|
|
50
|
+
t.index ["domain"], name: "index_enterprise_accounts_on_domain", unique: true
|
|
51
|
+
t.index ["oauth_client_id"], name: "index_enterprise_accounts_on_oauth_client_id"
|
|
52
|
+
end
|
|
53
|
+
|
|
54
|
+
create_table "identity_providers", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
55
|
+
t.string "service"
|
|
56
|
+
t.string "domain", null: false
|
|
57
|
+
t.string "sso_url"
|
|
58
|
+
t.text "sso_cert"
|
|
59
|
+
t.uuid "enterprise_account_id"
|
|
60
|
+
t.uuid "oauth_client_id"
|
|
61
|
+
t.index ["domain"], name: "index_identity_providers_on_domain"
|
|
62
|
+
t.index ["enterprise_account_id"], name: "index_identity_providers_on_enterprise_account_id"
|
|
63
|
+
t.index ["oauth_client_id"], name: "index_identity_providers_on_oauth_client_id"
|
|
64
|
+
end
|
|
65
|
+
|
|
66
|
+
create_table "oauth_access_grants", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
67
|
+
t.uuid "resource_owner_id", null: false
|
|
68
|
+
t.uuid "application_id", null: false
|
|
69
|
+
t.string "token", null: false
|
|
70
|
+
t.integer "expires_in", null: false
|
|
71
|
+
t.text "redirect_uri", null: false
|
|
72
|
+
t.datetime "created_at", null: false
|
|
73
|
+
t.datetime "revoked_at"
|
|
74
|
+
t.string "scopes", default: "", null: false
|
|
75
|
+
t.index ["application_id"], name: "index_oauth_access_grants_on_application_id"
|
|
76
|
+
t.index ["token"], name: "index_oauth_access_grants_on_token", unique: true
|
|
77
|
+
end
|
|
78
|
+
|
|
79
|
+
create_table "oauth_access_tokens", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
80
|
+
t.uuid "resource_owner_id"
|
|
81
|
+
t.uuid "application_id"
|
|
82
|
+
t.string "token", null: false
|
|
83
|
+
t.string "refresh_token"
|
|
84
|
+
t.integer "expires_in"
|
|
85
|
+
t.datetime "revoked_at"
|
|
86
|
+
t.datetime "created_at", null: false
|
|
87
|
+
t.string "scopes"
|
|
88
|
+
t.string "previous_refresh_token", default: "", null: false
|
|
89
|
+
t.index ["application_id"], name: "index_oauth_access_tokens_on_application_id"
|
|
90
|
+
t.index ["refresh_token"], name: "index_oauth_access_tokens_on_refresh_token", unique: true
|
|
91
|
+
t.index ["token"], name: "index_oauth_access_tokens_on_token", unique: true
|
|
92
|
+
end
|
|
93
|
+
|
|
94
|
+
create_table "oauth_applications", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
95
|
+
t.string "name", null: false
|
|
96
|
+
t.string "secret", null: false
|
|
97
|
+
t.text "redirect_uri", null: false
|
|
98
|
+
t.string "scopes", default: "", null: false
|
|
99
|
+
t.boolean "confidential", default: true, null: false
|
|
100
|
+
t.datetime "created_at", precision: 6, null: false
|
|
101
|
+
t.datetime "updated_at", precision: 6, null: false
|
|
102
|
+
end
|
|
103
|
+
|
|
104
|
+
create_table "oauth_clients", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
105
|
+
t.string "name", null: false
|
|
106
|
+
t.string "secret", null: false
|
|
107
|
+
t.string "identifier", null: false
|
|
108
|
+
t.index ["identifier"], name: "index_oauth_clients_on_identifier", unique: true
|
|
109
|
+
end
|
|
110
|
+
|
|
111
|
+
create_table "redirect_uris", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
112
|
+
t.string "uri", null: false
|
|
113
|
+
t.boolean "primary", default: false, null: false
|
|
114
|
+
t.uuid "oauth_client_id"
|
|
115
|
+
t.index ["oauth_client_id"], name: "index_redirect_uris_on_oauth_client_id"
|
|
116
|
+
t.index ["uri", "primary"], name: "index_redirect_uris_on_uri_and_primary", unique: true
|
|
117
|
+
end
|
|
118
|
+
|
|
119
|
+
create_table "users", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
|
|
120
|
+
t.string "email", null: false
|
|
121
|
+
t.string "idp_id", null: false
|
|
122
|
+
t.uuid "identity_provider_id"
|
|
123
|
+
t.uuid "enterprise_account_id"
|
|
124
|
+
t.index ["email", "idp_id"], name: "index_users_on_email_and_idp_id", unique: true
|
|
125
|
+
t.index ["enterprise_account_id"], name: "index_users_on_enterprise_account_id"
|
|
126
|
+
end
|
|
127
|
+
|
|
128
|
+
add_foreign_key "oauth_access_grants", "oauth_applications", column: "application_id"
|
|
129
|
+
add_foreign_key "oauth_access_grants", "users", column: "resource_owner_id"
|
|
130
|
+
add_foreign_key "oauth_access_tokens", "oauth_applications", column: "application_id"
|
|
131
|
+
add_foreign_key "oauth_access_tokens", "users", column: "resource_owner_id"
|
|
132
|
+
add_foreign_key "users", "identity_providers"
|
|
133
|
+
end
|
|
@@ -0,0 +1,12 @@
|
|
|
1
|
+
class CreateIdentityProviders < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
create_table :identity_providers, id: :uuid do |t|
|
|
4
|
+
t.string :service
|
|
5
|
+
t.string :domain, null: false
|
|
6
|
+
t.string :idp_sso_target_url
|
|
7
|
+
t.text :idp_cert
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
add_index :identity_providers, :domain
|
|
11
|
+
end
|
|
12
|
+
end
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
class AddProviderIdToUsers < ActiveRecord::Migration[6.0]
|
|
2
2
|
def change
|
|
3
|
-
add_column :users, :
|
|
3
|
+
add_column :users, :identity_provider_id, :uuid
|
|
4
4
|
|
|
5
|
-
add_foreign_key :users, :
|
|
5
|
+
add_foreign_key :users, :identity_providers
|
|
6
6
|
end
|
|
7
7
|
end
|
|
@@ -9,7 +9,7 @@ class CreateEnterpriseAccounts < ActiveRecord::Migration[6.0]
|
|
|
9
9
|
|
|
10
10
|
add_index :enterprise_accounts, :domain, unique: true
|
|
11
11
|
|
|
12
|
-
add_reference :
|
|
12
|
+
add_reference :identity_providers, :enterprise_account, type: :uuid, index: true
|
|
13
13
|
add_reference :users, :enterprise_account, type: :uuid, index: true
|
|
14
14
|
end
|
|
15
15
|
end
|
|
@@ -0,0 +1,6 @@
|
|
|
1
|
+
class AddOauthClientIdToEnterpriseAccountsAndIdentityProviders < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
add_reference :enterprise_accounts, :oauth_client, type: :uuid, index: true
|
|
4
|
+
add_reference :identity_providers, :oauth_client, type: :uuid, index: true
|
|
5
|
+
end
|
|
6
|
+
end
|
|
@@ -0,0 +1,17 @@
|
|
|
1
|
+
class AddIdentityProviderServiceEnum < ActiveRecord::Migration[6.0]
|
|
2
|
+
def change
|
|
3
|
+
def up
|
|
4
|
+
execute <<-SQL
|
|
5
|
+
CREATE TYPE identity_provider_service AS ENUM ('OKTA', 'AZURE');
|
|
6
|
+
SQL
|
|
7
|
+
chnage_column :identity_providers, :service, :identity_provider_service
|
|
8
|
+
end
|
|
9
|
+
|
|
10
|
+
def down
|
|
11
|
+
chnage_column :identity_providers, :service, :text
|
|
12
|
+
execute <<-SQL
|
|
13
|
+
DROP TYPE identity_provider_service;
|
|
14
|
+
SQL
|
|
15
|
+
end
|
|
16
|
+
end
|
|
17
|
+
end
|
|
@@ -8,7 +8,8 @@ module Osso
|
|
|
8
8
|
class MutationType < BaseObject
|
|
9
9
|
field :configure_identity_provider, mutation: Mutations::ConfigureIdentityProvider
|
|
10
10
|
field :create_identity_provider, mutation: Mutations::CreateIdentityProvider
|
|
11
|
-
field :
|
|
11
|
+
field :create_enterprise_account, mutation: Mutations::CreateEnterpriseAccount
|
|
12
|
+
field :set_identity_provider, mutation: Mutations::SetSamlProvider
|
|
12
13
|
end
|
|
13
14
|
end
|
|
14
15
|
end
|
|
@@ -8,4 +8,5 @@ end
|
|
|
8
8
|
require_relative 'mutations/base_mutation'
|
|
9
9
|
require_relative 'mutations/configure_identity_provider'
|
|
10
10
|
require_relative 'mutations/create_identity_provider'
|
|
11
|
-
require_relative 'mutations/
|
|
11
|
+
require_relative 'mutations/create_enterprise_account'
|
|
12
|
+
require_relative 'mutations/set_identity_provider'
|
|
@@ -4,20 +4,31 @@ module Osso
|
|
|
4
4
|
module GraphQL
|
|
5
5
|
module Mutations
|
|
6
6
|
class BaseMutation < ::GraphQL::Schema::RelayClassicMutation
|
|
7
|
-
# This is used for generating payload types
|
|
8
7
|
object_class Types::BaseObject
|
|
9
|
-
|
|
10
|
-
# field_class Types::BaseField
|
|
11
|
-
# # This is used for generating the `input: { ... }` object type
|
|
12
|
-
# input_object_class Types::BaseInputObject
|
|
8
|
+
input_object_class Types::BaseInputObject
|
|
13
9
|
|
|
14
|
-
def
|
|
10
|
+
def response_data(data)
|
|
15
11
|
data.merge(errors: [])
|
|
16
12
|
end
|
|
17
13
|
|
|
18
|
-
def
|
|
14
|
+
def response_error(error)
|
|
19
15
|
error.merge(data: nil)
|
|
20
16
|
end
|
|
17
|
+
|
|
18
|
+
def ready?(enterprise_account_id: nil, domain: nil, **args)
|
|
19
|
+
return true if context[:scope] == :admin
|
|
20
|
+
|
|
21
|
+
domain ||= account_domain(enterprise_account_id)
|
|
22
|
+
return true if domain == context[:scope]
|
|
23
|
+
|
|
24
|
+
raise ::GraphQL::ExecutionError, "This user lacks the scope to mutate records belonging to #{args[:domain]}"
|
|
25
|
+
end
|
|
26
|
+
|
|
27
|
+
def account_domain(id)
|
|
28
|
+
return false unless id
|
|
29
|
+
|
|
30
|
+
Osso::Models::EnterpriseAccount.find(id)&.domain
|
|
31
|
+
end
|
|
21
32
|
end
|
|
22
33
|
end
|
|
23
34
|
end
|
|
@@ -6,23 +6,20 @@ module Osso
|
|
|
6
6
|
class ConfigureIdentityProvider < BaseMutation
|
|
7
7
|
null false
|
|
8
8
|
argument :id, ID, required: true
|
|
9
|
-
argument :service, Types::IdentityProviderService, required:
|
|
10
|
-
argument :sso_url, String, required:
|
|
11
|
-
argument :sso_cert, String, required:
|
|
9
|
+
argument :service, Types::IdentityProviderService, required: false
|
|
10
|
+
argument :sso_url, String, required: false
|
|
11
|
+
argument :sso_cert, String, required: false
|
|
12
12
|
|
|
13
|
-
field :identity_provider, Types::IdentityProvider, null:
|
|
13
|
+
field :identity_provider, Types::IdentityProvider, null: false
|
|
14
14
|
field :errors, [String], null: false
|
|
15
15
|
|
|
16
|
-
def resolve(id:,
|
|
17
|
-
provider = Osso::Models::
|
|
18
|
-
provider.update(
|
|
19
|
-
idp_cert: sso_cert,
|
|
20
|
-
idp_sso_target_url: sso_url,
|
|
21
|
-
)
|
|
16
|
+
def resolve(id:, **args)
|
|
17
|
+
provider = Osso::Models::IdentityProvider.find(id)
|
|
22
18
|
|
|
23
|
-
|
|
24
|
-
|
|
25
|
-
|
|
19
|
+
return unauthorized unless authorized?
|
|
20
|
+
return response_data(identity_provider: provider) if provider.update(args)
|
|
21
|
+
|
|
22
|
+
response_error(errors: provder.errors.messages)
|
|
26
23
|
end
|
|
27
24
|
end
|
|
28
25
|
end
|
|
@@ -0,0 +1,25 @@
|
|
|
1
|
+
# frozen_string_literal: true
|
|
2
|
+
|
|
3
|
+
module Osso
|
|
4
|
+
module GraphQL
|
|
5
|
+
module Mutations
|
|
6
|
+
class CreateEnterpriseAccount < BaseMutation
|
|
7
|
+
null false
|
|
8
|
+
|
|
9
|
+
argument :domain, String, required: true
|
|
10
|
+
argument :name, String, required: true
|
|
11
|
+
|
|
12
|
+
field :enterprise_account, Types::EnterpriseAccount, null: false
|
|
13
|
+
field :errors, [String], null: false
|
|
14
|
+
|
|
15
|
+
def resolve(**args)
|
|
16
|
+
enterprise_account = Osso::Models::EnterpriseAccount.new(args)
|
|
17
|
+
|
|
18
|
+
return response_data(enterprise_account: enterprise_account) if enterprise_account.save
|
|
19
|
+
|
|
20
|
+
response_error(errors: enterprise_account.errors.full_messages)
|
|
21
|
+
end
|
|
22
|
+
end
|
|
23
|
+
end
|
|
24
|
+
end
|
|
25
|
+
end
|
|
@@ -5,22 +5,24 @@ module Osso
|
|
|
5
5
|
module Mutations
|
|
6
6
|
class CreateIdentityProvider < BaseMutation
|
|
7
7
|
null false
|
|
8
|
+
|
|
8
9
|
argument :enterprise_account_id, ID, required: true
|
|
9
|
-
argument :
|
|
10
|
+
argument :service, Types::IdentityProviderService, required: false
|
|
10
11
|
|
|
11
12
|
field :identity_provider, Types::IdentityProvider, null: false
|
|
12
13
|
field :errors, [String], null: false
|
|
13
14
|
|
|
14
|
-
def resolve(enterprise_account_id:,
|
|
15
|
+
def resolve(enterprise_account_id:, service: nil)
|
|
15
16
|
enterprise_account = Osso::Models::EnterpriseAccount.find(enterprise_account_id)
|
|
16
|
-
identity_provider = enterprise_account.
|
|
17
|
-
|
|
17
|
+
identity_provider = enterprise_account.identity_providers.build(
|
|
18
|
+
enterprise_account_id: enterprise_account_id,
|
|
19
|
+
service: service,
|
|
18
20
|
domain: enterprise_account.domain,
|
|
19
21
|
)
|
|
20
22
|
|
|
21
|
-
|
|
22
|
-
|
|
23
|
-
|
|
23
|
+
return response_data(identity_provider: identity_provider) if identity_provider.save
|
|
24
|
+
|
|
25
|
+
response_error(errors: identity_provider.errors.full_messages)
|
|
24
26
|
end
|
|
25
27
|
end
|
|
26
28
|
end
|
|
@@ -13,11 +13,11 @@ module Osso
|
|
|
13
13
|
field :errors, [String], null: false
|
|
14
14
|
|
|
15
15
|
def resolve(provider:, id:)
|
|
16
|
-
|
|
17
|
-
|
|
18
|
-
|
|
16
|
+
identity_provider = Osso::Models::IdentityProvider.find(id)
|
|
17
|
+
identity_provider.service = provider
|
|
18
|
+
identity_provider.save!
|
|
19
19
|
{
|
|
20
|
-
|
|
20
|
+
identity_provider: identity_provider,
|
|
21
21
|
errors: [],
|
|
22
22
|
}
|
|
23
23
|
end
|
data/lib/osso/graphql/query.rb
CHANGED
|
@@ -7,7 +7,7 @@ module Osso
|
|
|
7
7
|
field :enterprise_accounts, null: true, resolver: Resolvers::EnterpriseAccounts
|
|
8
8
|
field :oauth_clients, null: true, resolver: Resolvers::OAuthClients
|
|
9
9
|
|
|
10
|
-
field :enterprise_account, null:
|
|
10
|
+
field :enterprise_account, null: true, resolver: Resolvers::EnterpriseAccount do
|
|
11
11
|
argument :domain, String, required: true
|
|
12
12
|
end
|
|
13
13
|
|
|
@@ -15,7 +15,7 @@ module Osso
|
|
|
15
15
|
:identity_provider,
|
|
16
16
|
Types::IdentityProvider,
|
|
17
17
|
null: true,
|
|
18
|
-
resolve: ->(_obj, args, _context) { Osso::Models::
|
|
18
|
+
resolve: ->(_obj, args, _context) { Osso::Models::IdentityProvider.find(args[:id]) },
|
|
19
19
|
) do
|
|
20
20
|
argument :id, ID, required: true
|
|
21
21
|
end
|