extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-01-26 07:48:48 +01:00
Code Issues Packages Projects Releases Wiki Activity

Upgrade Okta SDK

Browse Source 
Signed-off-by: bcmmbaga <bethuelmbaga12@gmail.com>
This commit is contained in:
bcmmbaga 2024-12-23 19:28:22 +03:00
parent 215c9047ba
commit b98ca87afe
No known key found for this signature in database
GPG Key ID: 511EED5C928AD547
1 changed files with 33 additions and 44 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

77
management/server/idp/okta.go
View File

@ -4,19 +4,17 @@ import (
"context" "context"
"fmt" "fmt"
"net/http" "net/http"
"net/url"
"strings" "strings"
"time" "time"
"github.com/okta/okta-sdk-golang/v2/okta" "github.com/okta/okta-sdk-golang/v5/okta"
"github.com/okta/okta-sdk-golang/v2/okta/query"
"github.com/netbirdio/netbird/management/server/telemetry" "github.com/netbirdio/netbird/management/server/telemetry"
) )
// OktaManager okta manager client instance. // OktaManager okta manager client instance.
type OktaManager struct { type OktaManager struct {
client *okta.Client client *okta.APIClient
httpClient ManagerHTTPClient httpClient ManagerHTTPClient
credentials ManagerCredentials credentials ManagerCredentials
helper ManagerHelper helper ManagerHelper
@ -68,7 +66,7 @@ func NewOktaManager(config OktaClientConfig, appMetrics telemetry.AppMetrics) (*
return nil, fmt.Errorf("okta IdP configuration is incomplete, GrantType is missing") return nil, fmt.Errorf("okta IdP configuration is incomplete, GrantType is missing")
} }
_, client, err := okta.NewClient(context.Background(), oktaConfig, err := okta.NewConfiguration(
okta.WithOrgUrl(config.Issuer), okta.WithOrgUrl(config.Issuer),
okta.WithToken(config.APIToken), okta.WithToken(config.APIToken),
okta.WithHttpClientPtr(httpClient), okta.WithHttpClientPtr(httpClient),
@ -85,7 +83,7 @@ func NewOktaManager(config OktaClientConfig, appMetrics telemetry.AppMetrics) (*
} }
return &OktaManager{ return &OktaManager{
client: client, client: okta.NewAPIClient(oktaConfig),
httpClient: httpClient, httpClient: httpClient,
credentials: credentials, credentials: credentials,
helper: helper, helper: helper,
@ -103,9 +101,9 @@ func (om *OktaManager) CreateUser(_ context.Context, _, _, _, _ string) (*UserDa
return nil, fmt.Errorf("method CreateUser not implemented") return nil, fmt.Errorf("method CreateUser not implemented")
} }
// GetUserDataByID requests user data from keycloak via ID. // GetUserDataByID requests user data from Okta via ID.
func (om *OktaManager) GetUserDataByID(_ context.Context, userID string, appMetadata AppMetadata) (*UserData, error) { func (om *OktaManager) GetUserDataByID(ctx context.Context, userID string, appMetadata AppMetadata) (*UserData, error) {
user, resp, err := om.client.User.GetUser(context.Background(), userID) user, resp, err := om.client.UserAPI.GetUser(ctx, userID).Execute()
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -133,7 +131,8 @@ func (om *OktaManager) GetUserDataByID(_ context.Context, userID string, appMeta
// GetUserByEmail searches users with a given email. // GetUserByEmail searches users with a given email.
// If no users have been found, this function returns an empty list. // If no users have been found, this function returns an empty list.
func (om *OktaManager) GetUserByEmail(_ context.Context, email string) ([]*UserData, error) { func (om *OktaManager) GetUserByEmail(_ context.Context, email string) ([]*UserData, error) {
user, resp, err := om.client.User.GetUser(context.Background(), url.QueryEscape(email)) filter := fmt.Sprintf("profile.email eq \"%s\"", email)
users, resp, err := om.client.UserAPI.ListUsers(context.Background()).Filter(filter).Execute()
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -149,14 +148,16 @@ func (om *OktaManager) GetUserByEmail(_ context.Context, email string) ([]*UserD
return nil, fmt.Errorf("unable to get user %s, statusCode %d", email, resp.StatusCode) return nil, fmt.Errorf("unable to get user %s, statusCode %d", email, resp.StatusCode)
} }
userData, err := parseOktaUser(user) usersData := make([]*UserData, 0, len(users))
if err != nil { for _, user := range users {
return nil, err userData, err := parseOktaUser(&user)
if err != nil {
return nil, err
}
usersData = append(usersData, userData)
} }
users := make([]*UserData, 0)
users = append(users, userData)
return users, nil return usersData, nil
} }
// GetAccount returns all the users for a given profile. // GetAccount returns all the users for a given profile.
@ -198,8 +199,7 @@ func (om *OktaManager) GetAllAccounts(_ context.Context) (map[string][]*UserData
// getAllUsers returns all users in an Okta account. // getAllUsers returns all users in an Okta account.
func (om *OktaManager) getAllUsers() ([]*UserData, error) { func (om *OktaManager) getAllUsers() ([]*UserData, error) {
qp := query.NewQueryParams(query.WithLimit(200)) userList, resp, err := om.client.UserAPI.ListUsers(context.Background()).Limit(200).Execute()
userList, resp, err := om.client.User.ListUsers(context.Background(), qp)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -212,8 +212,8 @@ func (om *OktaManager) getAllUsers() ([]*UserData, error) {
} }
for resp.HasNextPage() { for resp.HasNextPage() {
paginatedUsers := make([]*okta.User, 0) paginatedUsers := make([]okta.User, 0)
resp, err = resp.Next(context.Background(), &paginatedUsers) resp, err = resp.Next(&paginatedUsers)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -230,7 +230,7 @@ func (om *OktaManager) getAllUsers() ([]*UserData, error) {
users := make([]*UserData, 0, len(userList)) users := make([]*UserData, 0, len(userList))
for _, user := range userList { for _, user := range userList {
userData, err := parseOktaUser(user) userData, err := parseOktaUser(&user)
if err != nil { if err != nil {
return nil, err return nil, err
} }
@ -254,7 +254,7 @@ func (om *OktaManager) InviteUserByID(_ context.Context, _ string) error {
// DeleteUser from Okta // DeleteUser from Okta
func (om *OktaManager) DeleteUser(_ context.Context, userID string) error { func (om *OktaManager) DeleteUser(_ context.Context, userID string) error {
resp, err := om.client.User.DeactivateOrDeleteUser(context.Background(), userID, nil) resp, err := om.client.UserAPI.DeleteUser(context.Background(), userID).Execute()
if err != nil { if err != nil {
return err return err
} }
@ -273,34 +273,23 @@ func (om *OktaManager) DeleteUser(_ context.Context, userID string) error {
return nil return nil
} }
// parseOktaUser parse okta user to UserData. // oktaUser interface for Okta user.
func parseOktaUser(user *okta.User) (*UserData, error) { type oktaUser interface {
var oktaUser struct { GetId() string
Email string `json:"email"` GetProfile() okta.UserProfile
FirstName string `json:"firstName"` }
LastName string `json:"lastName"`
}
// parseOktaUser parse okta user to UserData.
func parseOktaUser(user oktaUser) (*UserData, error) {
if user == nil { if user == nil {
return nil, fmt.Errorf("invalid okta user") return nil, fmt.Errorf("invalid okta user")
} }
if user.Profile != nil { profile := user.GetProfile()
helper := JsonParser{}
buf, err := helper.Marshal(*user.Profile)
if err != nil {
return nil, err
}
err = helper.Unmarshal(buf, &oktaUser)
if err != nil {
return nil, err
}
}
return &UserData{ return &UserData{
Email: oktaUser.Email, Email: profile.GetEmail(),
Name: strings.Join([]string{oktaUser.FirstName, oktaUser.LastName}, " "), Name: strings.Join([]string{profile.GetFirstName(), profile.GetLastName()}, " "),
ID: user.Id, ID: user.GetId(),
}, nil }, nil
} }