osso 0.0.5.pre.iota → 0.0.5

Sign up to get free protection for your applications and to get access to all the features.
Files changed (68) hide show
  1. checksums.yaml +4 -4
  2. data/.buildkite/pipeline.yml +4 -2
  3. data/.rubocop.yml +4 -1
  4. data/Gemfile.lock +41 -23
  5. data/LICENSE +21 -23
  6. data/bin/annotate +3 -1
  7. data/db/schema.rb +41 -3
  8. data/lib/osso/db/migrate/20200929154117_add_users_count_to_identity_providers_and_enterprise_accounts.rb +6 -0
  9. data/lib/osso/db/migrate/20201023142158_add_rodauth_tables.rb +47 -0
  10. data/lib/osso/db/migrate/20201105122026_add_token_index_to_access_tokens.rb +5 -0
  11. data/lib/osso/db/migrate/20201106154936_add_requested_to_authorization_codes_and_access_tokens.rb +6 -0
  12. data/lib/osso/db/migrate/20201109160851_add_sso_issuer_to_identity_providers.rb +12 -0
  13. data/lib/osso/db/migrate/20201110190754_remove_oauth_client_id_from_enterprise_accounts.rb +9 -0
  14. data/lib/osso/db/migrate/20201112160120_add_ping_to_identity_provider_service_enum.rb +28 -0
  15. data/lib/osso/error/account_configuration_error.rb +1 -0
  16. data/lib/osso/error/oauth_error.rb +6 -3
  17. data/lib/osso/graphql/mutation.rb +1 -0
  18. data/lib/osso/graphql/mutations.rb +1 -0
  19. data/lib/osso/graphql/mutations/create_enterprise_account.rb +0 -7
  20. data/lib/osso/graphql/mutations/create_identity_provider.rb +7 -6
  21. data/lib/osso/graphql/mutations/invite_admin_user.rb +43 -0
  22. data/lib/osso/graphql/query.rb +8 -0
  23. data/lib/osso/graphql/resolvers/enterprise_accounts.rb +3 -3
  24. data/lib/osso/graphql/types.rb +2 -2
  25. data/lib/osso/graphql/types/admin_user.rb +9 -0
  26. data/lib/osso/graphql/types/base_object.rb +1 -1
  27. data/lib/osso/graphql/types/enterprise_account.rb +1 -0
  28. data/lib/osso/graphql/types/identity_provider.rb +2 -0
  29. data/lib/osso/graphql/types/identity_provider_service.rb +2 -1
  30. data/lib/osso/lib/route_map.rb +0 -16
  31. data/lib/osso/lib/saml_handler.rb +5 -0
  32. data/lib/osso/models/access_token.rb +4 -2
  33. data/lib/osso/models/account.rb +34 -0
  34. data/lib/osso/models/authorization_code.rb +2 -1
  35. data/lib/osso/models/enterprise_account.rb +3 -1
  36. data/lib/osso/models/identity_provider.rb +18 -4
  37. data/lib/osso/models/models.rb +1 -0
  38. data/lib/osso/models/oauth_client.rb +0 -1
  39. data/lib/osso/models/user.rb +2 -2
  40. data/lib/osso/routes/admin.rb +39 -33
  41. data/lib/osso/routes/auth.rb +9 -9
  42. data/lib/osso/routes/oauth.rb +35 -17
  43. data/lib/osso/version.rb +1 -1
  44. data/lib/osso/views/admin.erb +5 -0
  45. data/lib/osso/views/error.erb +1 -0
  46. data/lib/osso/views/layout.erb +0 -0
  47. data/lib/osso/views/multiple_providers.erb +1 -0
  48. data/lib/osso/views/welcome.erb +0 -0
  49. data/lib/tasks/bootstrap.rake +18 -4
  50. data/osso-rb.gemspec +5 -0
  51. data/spec/factories/account.rb +24 -0
  52. data/spec/factories/enterprise_account.rb +11 -3
  53. data/spec/factories/identity_providers.rb +10 -2
  54. data/spec/factories/user.rb +4 -0
  55. data/spec/graphql/mutations/configure_identity_provider_spec.rb +1 -1
  56. data/spec/graphql/mutations/create_enterprise_account_spec.rb +0 -14
  57. data/spec/graphql/mutations/create_identity_provider_spec.rb +59 -8
  58. data/spec/graphql/query/identity_provider_spec.rb +2 -2
  59. data/spec/models/enterprise_account_spec.rb +18 -0
  60. data/spec/models/identity_provider_spec.rb +24 -3
  61. data/spec/routes/admin_spec.rb +7 -41
  62. data/spec/routes/auth_spec.rb +17 -18
  63. data/spec/routes/oauth_spec.rb +88 -5
  64. data/spec/spec_helper.rb +3 -3
  65. data/spec/support/views/layout.erb +1 -0
  66. data/spec/support/views/multiple_providers.erb +1 -0
  67. metadata +91 -5
  68. data/spec/helpers/auth_spec.rb +0 -269
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA256:
3
- metadata.gz: 235fe13e7b403d95ad9874e9b06d9fa98f57172a079729ee911a00405973613a
4
- data.tar.gz: 1d54deb9b34c9db6a6fe14f04945ed31249dfa48b39c7a8be8b68883db5e0761
3
+ metadata.gz: 13dd15fc9ae37a98f93fdf432534cfb91b04ad6838e799e12e7d77354a90aa0e
4
+ data.tar.gz: de98a03a7d7580e77b8a664c1bbfc6aba64ab95a46cd894bf09cdc7675d890e2
5
5
  SHA512:
6
- metadata.gz: 32e88b6b88fda909b392bfe36a9881745b58c894216f72dd0a876068130fb800b764aee9f21e95ca5aab8b683f864f3b3d4087beedbd340a538ea77e25473201
7
- data.tar.gz: b81e88465da27da4b3b21de5ff159719ac9f6ce7a61495be6a4d2d7ab38a3d41b4ab4453ac29b123181af61445ef78bf558e9a556a1ef7296170155989a29bf1
6
+ metadata.gz: e92e3154859aed2e787d103d473c418aefca93560fb2d23be70fe8bfeef284acbcc9debb8e425ce8cb780ae987d7ef7cea94008400235aff41496af1f5177848
7
+ data.tar.gz: 62e8f00ceab23928294bdbc98f671d480e1c86886de4db9a72c8fadf48e280a250e7860669e33571c0ed761fbad37c51054c5931f06bd009f9bb499fb26f7ccd
@@ -2,8 +2,10 @@ steps:
2
2
  - name: ":rspec:"
3
3
  commands:
4
4
  - bundle install
5
- - bundle exec rake db:drop
6
- - bundle exec rake db:create
5
+ - dropdb ossorb-development --if-exists
6
+ - dropdb ossorb-test --if-exists
7
+ - createdb ossorb-development
8
+ - createdb ossorb-test
7
9
  - RACK_ENV=test bundle exec rake db:migrate
8
10
  - bundle exec rspec
9
11
  artifact_paths:
@@ -79,4 +79,7 @@ Style/Documentation:
79
79
  Enabled: false
80
80
  Exclude:
81
81
  - 'spec/**/*'
82
- - 'db/**.*'
82
+ - 'db/**.*'
83
+
84
+ Gemspec/RequiredRubyVersion:
85
+ Enabled: false
@@ -1,16 +1,21 @@
1
1
  PATH
2
2
  remote: .
3
3
  specs:
4
- osso (0.0.5.pre.theta)
4
+ osso (0.0.5)
5
5
  activesupport (>= 6.0.3.2)
6
+ bcrypt (~> 3.1.13)
6
7
  graphql
7
8
  jwt
9
+ mail (~> 2.7.1)
8
10
  omniauth-multi-provider
9
11
  omniauth-saml
10
12
  rack (>= 2.1.4)
11
13
  rack-contrib
12
14
  rack-oauth2
13
15
  rake
16
+ rodauth (~> 2.5.0)
17
+ sequel (~> 5.37.0)
18
+ sequel-activerecord_connection (~> 0.3)
14
19
  sinatra
15
20
  sinatra-activerecord
16
21
  sinatra-contrib
@@ -18,12 +23,12 @@ PATH
18
23
  GEM
19
24
  remote: https://rubygems.org/
20
25
  specs:
21
- activemodel (6.0.3.3)
22
- activesupport (= 6.0.3.3)
23
- activerecord (6.0.3.3)
24
- activemodel (= 6.0.3.3)
25
- activesupport (= 6.0.3.3)
26
- activesupport (6.0.3.3)
26
+ activemodel (6.0.3.4)
27
+ activesupport (= 6.0.3.4)
28
+ activerecord (6.0.3.4)
29
+ activemodel (= 6.0.3.4)
30
+ activesupport (= 6.0.3.4)
31
+ activesupport (6.0.3.4)
27
32
  concurrent-ruby (~> 1.0, >= 1.0.2)
28
33
  i18n (>= 0.7, < 2)
29
34
  minitest (~> 5.1)
@@ -37,6 +42,7 @@ GEM
37
42
  rake (>= 10.4, < 14.0)
38
43
  ast (2.4.1)
39
44
  attr_required (1.0.1)
45
+ bcrypt (3.1.16)
40
46
  bindata (2.4.8)
41
47
  coderay (1.1.3)
42
48
  concurrent-ruby (1.1.7)
@@ -51,7 +57,7 @@ GEM
51
57
  activesupport (>= 5.0.0)
52
58
  faker (2.14.0)
53
59
  i18n (>= 1.6, < 2)
54
- graphql (1.11.4)
60
+ graphql (1.11.6)
55
61
  hashdiff (1.0.1)
56
62
  hashie (4.1.0)
57
63
  httpclient (2.8.3)
@@ -63,7 +69,10 @@ GEM
63
69
  aes_key_wrap
64
70
  bindata
65
71
  jwt (2.2.2)
72
+ mail (2.7.1)
73
+ mini_mime (>= 0.1.1)
66
74
  method_source (1.0.0)
75
+ mini_mime (1.0.2)
67
76
  mini_portile2 (2.4.0)
68
77
  minitest (5.14.2)
69
78
  multi_json (1.15.0)
@@ -76,11 +85,11 @@ GEM
76
85
  rack (>= 1.6.2, < 3)
77
86
  omniauth-multi-provider (0.2.1)
78
87
  omniauth
79
- omniauth-saml (1.10.2)
88
+ omniauth-saml (1.10.3)
80
89
  omniauth (~> 1.3, >= 1.3.2)
81
90
  ruby-saml (~> 1.9)
82
91
  parallel (1.19.2)
83
- parser (2.7.1.4)
92
+ parser (2.7.2.0)
84
93
  ast (~> 2.4.1)
85
94
  pg (1.2.3)
86
95
  pry (0.13.1)
@@ -102,36 +111,45 @@ GEM
102
111
  rack (>= 1.0, < 3)
103
112
  rainbow (3.0.0)
104
113
  rake (13.0.1)
105
- regexp_parser (1.8.0)
114
+ regexp_parser (1.8.2)
106
115
  rexml (3.2.4)
116
+ roda (3.37.0)
117
+ rack
118
+ rodauth (2.5.0)
119
+ roda (>= 2.6.0)
120
+ sequel (>= 4)
107
121
  rspec (3.9.0)
108
122
  rspec-core (~> 3.9.0)
109
123
  rspec-expectations (~> 3.9.0)
110
124
  rspec-mocks (~> 3.9.0)
111
- rspec-core (3.9.2)
125
+ rspec-core (3.9.3)
112
126
  rspec-support (~> 3.9.3)
113
- rspec-expectations (3.9.2)
127
+ rspec-expectations (3.9.3)
114
128
  diff-lcs (>= 1.2.0, < 2.0)
115
129
  rspec-support (~> 3.9.0)
116
130
  rspec-mocks (3.9.1)
117
131
  diff-lcs (>= 1.2.0, < 2.0)
118
132
  rspec-support (~> 3.9.0)
119
- rspec-support (3.9.3)
120
- rubocop (0.91.0)
133
+ rspec-support (3.9.4)
134
+ rubocop (1.1.0)
121
135
  parallel (~> 1.10)
122
- parser (>= 2.7.1.1)
136
+ parser (>= 2.7.1.5)
123
137
  rainbow (>= 2.2.2, < 4.0)
124
- regexp_parser (>= 1.7)
138
+ regexp_parser (>= 1.8)
125
139
  rexml
126
- rubocop-ast (>= 0.4.0, < 1.0)
140
+ rubocop-ast (>= 1.0.1)
127
141
  ruby-progressbar (~> 1.7)
128
142
  unicode-display_width (>= 1.4.0, < 2.0)
129
- rubocop-ast (0.4.2)
130
- parser (>= 2.7.1.4)
143
+ rubocop-ast (1.1.0)
144
+ parser (>= 2.7.1.5)
131
145
  ruby-progressbar (1.10.1)
132
146
  ruby-saml (1.11.0)
133
147
  nokogiri (>= 1.5.10)
134
148
  ruby2_keywords (0.0.2)
149
+ sequel (5.37.0)
150
+ sequel-activerecord_connection (0.4.1)
151
+ activerecord (>= 4.2, < 7)
152
+ sequel (~> 5.16)
135
153
  simplecov (0.17.0)
136
154
  docile (~> 1.1)
137
155
  json (>= 1.8, < 3)
@@ -142,7 +160,7 @@ GEM
142
160
  rack (~> 2.2)
143
161
  rack-protection (= 2.1.0)
144
162
  tilt (~> 2.0)
145
- sinatra-activerecord (2.0.18)
163
+ sinatra-activerecord (2.0.21)
146
164
  activerecord (>= 4.1)
147
165
  sinatra (>= 1.0)
148
166
  sinatra-contrib (2.1.0)
@@ -156,11 +174,11 @@ GEM
156
174
  tzinfo (1.2.7)
157
175
  thread_safe (~> 0.1)
158
176
  unicode-display_width (1.7.0)
159
- webmock (3.9.1)
177
+ webmock (3.9.3)
160
178
  addressable (>= 2.3.6)
161
179
  crack (>= 0.3.2)
162
180
  hashdiff (>= 0.4.0, < 2.0.0)
163
- zeitwerk (2.4.0)
181
+ zeitwerk (2.4.1)
164
182
 
165
183
  PLATFORMS
166
184
  ruby
data/LICENSE CHANGED
@@ -2,33 +2,31 @@ Business Source License 1.1
2
2
 
3
3
  Parameters
4
4
 
5
- Licensor: Samuel Bauch
5
+ Licensor: EnterpriseOSS, Inc.
6
6
  Licensed Work: osso-rb
7
- The Licensed Work is (c) 2020 Samuel Bauch.
8
- Additional Use Grant: You may make use of the Licensed Work, provided that you do
9
- not use the Licensed Work in a Single Sign On Management
10
- Service.
11
-
12
- A "Single Sign On Management Service" is an offering
13
- (be it free or commercial) that uses the Licensed Work
14
- to allow third parties (other than your employees and
15
- contractors) to access the functionality of the
16
- Licensed Work such that any fourth parties directly
17
- benefit from the authentication, configuration, or
18
- documentation features of the Licensed Work.
19
-
20
- You thus may only use the Licensed Work in a manner
21
- whereby parties who directly benefit from the
22
- authentication, configuration, or documentation features
23
- of the Licensed Work are yourself, your employees or
24
- contractors, and your customers or partners.
25
-
26
- Change Date: 2023-05-01
7
+ The Licensed Work is (c) 2020 EnterpriseOSS, Inc.
8
+
9
+ Additional Use Grant: You and your Authorized Users may make use of the
10
+ Licensed Work for your internal business purposes,
11
+ provided that you do not (i) rent, lease, copy, transfer,
12
+ resell, sublicense, lease, time-share, or otherwise provide
13
+ access to the Licensed Work to a third party (except
14
+ Authorized Users) or (ii) incorporate the Licensed Work
15
+ (or any portion of such) with, or use it with or to provide,
16
+ any site, product, or service, other than on sites/applications
17
+ owned and operated by you.
18
+
19
+ An “Authorized User” is defined as an individual person
20
+ (e.g. your employee, contractor, agent) who is registered and
21
+ permitted by you to use the Licensed Work subject to these
22
+ restrictions.
23
+
24
+ Change Date: 2025-10-01
27
25
 
28
26
  Change License: Apache License, Version 2.0
29
27
 
30
28
  For information about alternative licensing arrangements for the Software,
31
- contact: hello@enterprise-oss.dev
29
+ contact: hello@enterpriseoss.dev
32
30
 
33
31
  Notice
34
32
 
@@ -108,4 +106,4 @@ other recipients of the licensed work to be provided by Licensor:
108
106
 
109
107
  3. To specify a Change Date.
110
108
 
111
- 4. Not to modify this License in any other way.
109
+ 4. Not to modify this License in any other way.
@@ -1 +1,3 @@
1
- annotate --require osso.rb --models --model-dir ./lib/osso/models/ --position bottom -k -i
1
+ #!/bin/sh
2
+
3
+ annotate --require osso.rb --models --model-dir=./lib/osso/models/ --position bottom -k -i
@@ -10,9 +10,10 @@
10
10
  #
11
11
  # It's strongly recommended that you check this file into your version control system.
12
12
 
13
- ActiveRecord::Schema.define(version: 2020_09_13_154919) do
13
+ ActiveRecord::Schema.define(version: 2020_11_12_160120) do
14
14
 
15
15
  # These are extensions that must be enabled in order to support this database
16
+ enable_extension "citext"
16
17
  enable_extension "pgcrypto"
17
18
  enable_extension "plpgsql"
18
19
 
@@ -23,10 +24,44 @@ ActiveRecord::Schema.define(version: 2020_09_13_154919) do
23
24
  t.datetime "updated_at", precision: 6, null: false
24
25
  t.uuid "user_id"
25
26
  t.uuid "oauth_client_id"
27
+ t.jsonb "requested", default: {}
26
28
  t.index ["oauth_client_id"], name: "index_access_tokens_on_oauth_client_id"
29
+ t.index ["token", "expires_at"], name: "index_access_tokens_on_token_and_expires_at", unique: true
27
30
  t.index ["user_id"], name: "index_access_tokens_on_user_id"
28
31
  end
29
32
 
33
+ create_table "account_password_hashes", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
34
+ t.string "password_hash", null: false
35
+ end
36
+
37
+ create_table "account_password_reset_keys", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
38
+ t.string "key", null: false
39
+ t.datetime "deadline", null: false
40
+ t.datetime "email_last_sent", default: -> { "CURRENT_TIMESTAMP" }, null: false
41
+ end
42
+
43
+ create_table "account_remember_keys", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
44
+ t.string "key", null: false
45
+ t.datetime "deadline", null: false
46
+ end
47
+
48
+ create_table "account_verification_keys", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
49
+ t.string "key", null: false
50
+ t.datetime "requested_at", default: -> { "CURRENT_TIMESTAMP" }, null: false
51
+ t.datetime "email_last_sent", default: -> { "CURRENT_TIMESTAMP" }, null: false
52
+ t.uuid "account_id"
53
+ t.index ["account_id"], name: "index_account_verification_keys_on_account_id"
54
+ end
55
+
56
+ create_table "accounts", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
57
+ t.citext "email", null: false
58
+ t.integer "status_id", default: 1, null: false
59
+ t.string "role", default: "admin", null: false
60
+ t.uuid "oauth_client_id"
61
+ t.index ["email"], name: "index_accounts_on_email", unique: true, where: "(status_id = ANY (ARRAY[1, 2]))"
62
+ t.index ["oauth_client_id"], name: "index_accounts_on_oauth_client_id"
63
+ end
64
+
30
65
  create_table "app_configs", id: :uuid, default: -> { "gen_random_uuid()" }, force: :cascade do |t|
31
66
  t.string "contact_email"
32
67
  t.string "logo_url"
@@ -43,6 +78,7 @@ ActiveRecord::Schema.define(version: 2020_09_13_154919) do
43
78
  t.datetime "updated_at", precision: 6, null: false
44
79
  t.uuid "user_id"
45
80
  t.uuid "oauth_client_id"
81
+ t.jsonb "requested", default: {}
46
82
  t.index ["oauth_client_id"], name: "index_authorization_codes_on_oauth_client_id"
47
83
  t.index ["token"], name: "index_authorization_codes_on_token", unique: true
48
84
  t.index ["user_id"], name: "index_authorization_codes_on_user_id"
@@ -53,12 +89,11 @@ ActiveRecord::Schema.define(version: 2020_09_13_154919) do
53
89
  t.uuid "external_uuid"
54
90
  t.integer "external_int_id"
55
91
  t.string "external_id"
56
- t.uuid "oauth_client_id"
57
92
  t.string "name", null: false
58
93
  t.datetime "created_at", null: false
59
94
  t.datetime "updated_at", null: false
95
+ t.integer "users_count", default: 0
60
96
  t.index ["domain"], name: "index_enterprise_accounts_on_domain", unique: true
61
- t.index ["oauth_client_id"], name: "index_enterprise_accounts_on_oauth_client_id"
62
97
  end
63
98
 
64
99
  # Could not dump table "identity_providers" because of following StandardError
@@ -94,5 +129,8 @@ ActiveRecord::Schema.define(version: 2020_09_13_154919) do
94
129
  t.index ["enterprise_account_id"], name: "index_users_on_enterprise_account_id"
95
130
  end
96
131
 
132
+ add_foreign_key "account_password_hashes", "accounts", column: "id"
133
+ add_foreign_key "account_password_reset_keys", "accounts", column: "id"
134
+ add_foreign_key "account_remember_keys", "accounts", column: "id"
97
135
  add_foreign_key "users", "identity_providers"
98
136
  end
@@ -0,0 +1,6 @@
1
+ class AddUsersCountToIdentityProvidersAndEnterpriseAccounts < ActiveRecord::Migration[6.0]
2
+ def change
3
+ add_column :enterprise_accounts, :users_count, :integer, default: 0
4
+ add_column :identity_providers, :users_count, :integer, default: 0
5
+ end
6
+ end
@@ -0,0 +1,47 @@
1
+ require 'rodauth/migrations'
2
+
3
+ class AddRodauthTables < ActiveRecord::Migration[6.0]
4
+ DB = Sequel.postgres(extensions: :activerecord_connection)
5
+
6
+ def change
7
+ enable_extension "citext"
8
+
9
+ create_table :accounts, id: :uuid do |t|
10
+ t.citext :email, null: false, index: { unique: true, where: "status_id IN (1, 2)" }
11
+ t.integer :status_id, null: false, default: 1
12
+ t.string :role, null: false, default: 'admin'
13
+ t.string :oauth_client_id, null: true, index: true
14
+ end
15
+
16
+ create_table :account_password_hashes, id: :uuid do |t|
17
+ t.foreign_key :accounts, column: :id
18
+ t.string :password_hash, null: false
19
+ end
20
+
21
+ Rodauth.create_database_authentication_functions(DB, table_name: "account_password_hashes")
22
+
23
+ # Used by the password reset feature
24
+ create_table :account_password_reset_keys, id: :uuid do |t|
25
+ t.foreign_key :accounts, column: :id
26
+ t.string :key, null: false
27
+ t.datetime :deadline, null: false
28
+ t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
29
+ end
30
+
31
+ # Used by the account verification feature
32
+ create_table :account_verification_keys, id: :uuid do |t|
33
+ t.string :key, null: false
34
+ t.datetime :requested_at, null: false, default: -> { "CURRENT_TIMESTAMP" }
35
+ t.datetime :email_last_sent, null: false, default: -> { "CURRENT_TIMESTAMP" }
36
+ end
37
+
38
+ add_reference :account_verification_keys, :account, type: :uuid, index: true
39
+
40
+ # Used by the remember me feature
41
+ create_table :account_remember_keys, id: :uuid do |t|
42
+ t.foreign_key :accounts, column: :id
43
+ t.string :key, null: false
44
+ t.datetime :deadline, null: false
45
+ end
46
+ end
47
+ end
@@ -0,0 +1,5 @@
1
+ class AddTokenIndexToAccessTokens < ActiveRecord::Migration[6.0]
2
+ def change
3
+ add_index :access_tokens, [:token, :expires_at], unique: true
4
+ end
5
+ end
@@ -0,0 +1,6 @@
1
+ class AddRequestedToAuthorizationCodesAndAccessTokens < ActiveRecord::Migration[6.0]
2
+ def change
3
+ add_column :access_tokens, :requested, :jsonb, default: {}
4
+ add_column :authorization_codes, :requested, :jsonb, default: {}
5
+ end
6
+ end
@@ -0,0 +1,12 @@
1
+ class AddSsoIssuerToIdentityProviders < ActiveRecord::Migration[6.0]
2
+ def change
3
+ add_column :identity_providers, :sso_issuer, :string
4
+
5
+ Osso::Models::IdentityProvider.all.each do |idp|
6
+ idp.sso_issuer = idp.root_url + "/" + idp.domain
7
+ idp.save
8
+ end
9
+
10
+ change_column_null :identity_providers, :sso_issuer, false
11
+ end
12
+ end
@@ -0,0 +1,9 @@
1
+ class RemoveOauthClientIdFromEnterpriseAccounts < ActiveRecord::Migration[6.0]
2
+ def up
3
+ remove_reference :enterprise_accounts, :oauth_client, index: true
4
+ end
5
+
6
+ def down
7
+ add_reference :enterprise_accounts, :oauth_client, type: :uuid, index: true
8
+ end
9
+ end
@@ -0,0 +1,28 @@
1
+ class AddPingToIdentityProviderServiceEnum < ActiveRecord::Migration[6.0]
2
+ disable_ddl_transaction!
3
+
4
+ def up
5
+ execute <<-SQL
6
+ ALTER TYPE identity_provider_service ADD VALUE 'PING';
7
+ SQL
8
+ end
9
+
10
+ def down
11
+ execute <<~SQL
12
+ CREATE TYPE identity_provider_service_new AS ENUM ('AZURE', 'OKTA', 'ONELOGIN', 'GOOGLE');
13
+
14
+ -- Remove values that won't be compatible with new definition
15
+ DELETE FROM identity_providers WHERE service = 'PING';
16
+
17
+ -- Convert to new type, casting via text representation
18
+ ALTER TABLE identity_providers
19
+ ALTER COLUMN service TYPE identity_provider_service_new
20
+ USING (service::text::identity_provider_service_new);
21
+
22
+ -- and swap the types
23
+ DROP TYPE identity_provider_service;
24
+
25
+ ALTER TYPE identity_provider_service_new RENAME TO identity_provider_service;
26
+ SQL
27
+ end
28
+ end