Skip to content

Add provider config management operations. #433

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 21 commits into from
Jun 17, 2020
Merged

Add provider config management operations. #433

merged 21 commits into from
Jun 17, 2020

Conversation

micahstairs
Copy link
Contributor

This adds all of the OIDC and SAML provider config operations, as part of adding multi-tenancy support.

@hiranya911 hiranya911 requested a review from kevinthecheung June 4, 2020 20:20
@hiranya911
Copy link
Contributor

@kevinthecheung can you please review the API docs in following classes:

  • AbstractFirebaseAuth
  • ProviderConfig
  • SamlProviderConfig
  • OidcProviderConfig
  • ListProviderConfigsPage

micahstairs and others added 20 commits June 4, 2020 16:50
@micahstairs
Add OIDC Auth provider config class (#397)
392bf67 
Adds OIDC provider config class and base class. This is part of adding multi-tenancy support (see issue #332).
@micahstairs
Fix CreateRequest chaining and provider ID extraction. (#399)
a2fa782 
This makes the base `CreateRequest` setters return the proper instance type, so that methods can be chained. This also makes it so that the provider ID can be parsed from the resource name.

A package private `getProviderId()` method was also added, which will be needed by the `FirebaseUserManager` class when the provider config operations are added there.

Also renamed `AuthProviderConfig` to `ProviderConfig` since "Auth" is redundant with the package name.

This work is part of adding multi-tenancy support (see issue #332).
@micahstairs
Add operations to create and delete OIDC provider configs. (#400)
db81c06 
This adds an operation to create OIDC provider configs, as well as an operation to delete provider configs. These operations can be performed using either the tenant-aware or standard Firebase client.

This work is part of adding multi-tenancy support (see issue #332).
@micahstairs
Add getOidcProviderConfig operation. (#401)
424d9ce 
This adds an operation to get OIDC provider configs (can be done using either the tenant-aware or standard Firebase client).

This work is part of adding multi-tenancy support (see issue #332).
@micahstairs
Add operation to update OIDC provider configs. (#402)
f728f63 
This adds an operation to update OIDC provider configs (can be done using either the tenant-aware or standard Firebase client).

This work is part of adding multi-tenancy support (see issue #332).
@micahstairs
Add operation to list OIDC provider configs. (#404)
9052434 
This adds an operation to list OIDC provider configs (can be done using either the tenant-aware or standard Firebase client).

This work is part of adding multi-tenancy support (see issue #332).
@micahstairs
Move tenant-aware integration tests to separate class (#405)
580eedd 
Move tenant-aware integration tests to separate class. This simplifies the setup and teardown required for these tests.
@micahstairs
Add missing listOidcProviderConfigs method. (#406)
36c27be 
Each asynchronous method is supposed to have a synchronous counterpart. This was supposed to be included when I initially added the operation to list OIDC provider configs.
@micahstairs
Add validation to provider config ID. (#410)
732a908 
The OIDC Auth provider config ID must begin with "oidc.". This validation is being done in other APIs (e.g. Go), so we should do it here as well.

I've moved assertValidUrl to the base class so that it can be reused for SamlProviderConfig, once that class is added.
@hiranya911 @micahstairs
fix(auth): Ensuring test user account cleanup with a Rule (#409)
c323314 
* fix(auth): Ensuring test user account cleanup with a Rule

* Updated copyright holder
@micahstairs
Rename OIDC delete operation and refactor integration tests. (#411)
7b55045 
I've renamed the delete operation since we need separate methods for deleting OIDC and SAML provider configs.

I've also created a ProviderConfigTestUtils class to house shared logic between TenantAwareFirebaseAuthIT and FirebaseAuthIT, and I've added a TemporaryProviderConfig class to make it easier for provider configs to be cleaned up automatically. I've structured this class in such a way that we can easily tack on logic to cleanup SAML provider configs as well.

I've also decided to remove testGetUserWithMultipleTenantIds. I initially wrote this test to understand how tenant-aware auths and tenant-agnostic auths interacted with one another. In its existing state, it appears to be leaking created users, and in order to resolve this with TemporaryUser, we would need to declare multiple TemporaryUser objects as rules. I think it's better to avoid this complexity and remove this test. After all, this integration test is mainly making assertions about the server's behavior and not our behavior.
@micahstairs
Make Javadoc comments consistent and validate provider ID in CreateRe…
99b07bd 
…quest. (#418)

This makes the formatting of the Javadoc comments more consistent, and it's now more clear when/why IllegalArgumentExceptions get thrown. This also adds validation to the provider ID in the CreateRequest to ensure that it has the correct prefix.'

Improvements were also made to the tests. The JSON string is now more readable, the parameters are now in the correct order for assertEquals calls, and the IllegalArgumentException tests have been properly fleshed out.
@micahstairs
Add class for SAML provider config. (#419)
537b7a7 
Adds a class for the SAML provider config.
@micahstairs
Add operations to create and delete SAML provider configs. (#420)
0751674 
This adds operations to create and delete SAML provider configs.
@micahstairs
Add get operation for SAML provider configs. (#421)
7732833
@micahstairs
Add operation to update SAML provider configs. (#424)
de24a2b
@micahstairs
Add operation to list SAML provider configs. (#426)
638240f 
Adds a list operation for SAML provider configs.

I also set 'suppressLoadErrors' to true to avoid class information error. See https://stackoverflow.com/questions/27938039/unable-to-get-class-information-for-checkstyle for more context.
@micahstairs
Finish implementing SAML provider config. (#428)
aa96da0 
I've implemented addAllX509Certificates and removed the TODOs for the request signing, since we are not ready to expose that yet.

I've also added unit tests for SamlProviderConfig.UpdateRequest, because those were missed in a previous PR.

On an unrelated note, I've also added a comment describing why 'suppressLoadErrors' needs to be set.
@micahstairs
Move check in FirebaseUserManager.updateTenant outside CallableOperat…
0fa48b2 
…ion. (#431)
@micahstairs
Refactor shared code into UserTestUtils. (#432)
d32705a
@hiranya911 hiranya911 requested a review from egilmorez June 10, 2020 21:23
@micahstairs
Copy link
Contributor Author

Alright, thanks for the review! I've addressed your feedback, and I've also rebased this branch so that we don't have any more merge conflicts with tenant-mgt.

@micahstairs micahstairs merged commit b8b18f6 into tenant-mgt Jun 17, 2020
@micahstairs micahstairs deleted the idp-config branch June 17, 2020 17:17
hiranya911 pushed a commit that referenced this pull request Jul 16, 2020
@micahstairs
feat(auth): Add tenant operations, tenant-aware user operations, and …
0a0662e 
…provider config operations (#395)

* Pull parts of FirebaseAuth into an abstract class. (#352)

This moves parts of FirebaseAuth into an abstract class as part of adding multi-tenancy support.

* Add Tenant class and its create and update request classes. (#344)

This pull request adds the Tenant class (including it's create/update inner classes) as part of adding multi-tenancy support.

* Add ListTenantsPage class. (#358)

Add ListTenantsPage and some supporting code as part of adding multi-tenancy support. This code was very largely based off of ListUsersPage and ListUsersPageTest.

* Add updateRequest method to Tenant class and add unit tests. (#361)

Added some things to the Tenant class and added a few unit tests. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Create TenantManager class and wire through listTenants operation. (#369)

Add the TenantManager class and wire through the listTenants operation. Also add unit tests to FirebaseUserManagerTest.

* Add deleteTenant operation to TenantManager. (#372)

This adds deleteTenant to the TenantManager class. I've added the relevant unit tests to FirebaseUserManagerTest. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add getTenant operation to TenantManager. (#371)

Added getTenant to the TenantManager class. Also added the relevant unit tests to FirebaseUserManagerTest. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add createTenant and updateTenant operations. (#377)

Added createTenant and updateTenant to the TenantManager class. Also added the relevant unit tests to FirebaseUserManagerTest. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add integration tests for TenantManager operations. (#385)

This adds some integration testing for all of the tenant operations in TenantManager. Several bugs were uncovered after running the tests, so these have been fixed. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Add firebase auth destroy check before tenant operations. (#386)

This addresses some TODOs left as part of the initiative to add multi-tenancy support (see issue #332).

* Make user operations tenant-aware. (#387)

This makes user operations tenant-aware. I've added some integration tests to ensure that this is working correctly. This is part of the initiative to adding multi-tenancy support (see issue #332).

* Remove unused AutoValue dependency. (#392)

Remove unused AutoValue dependency (and remove Java 8 API dependency which was accidentally introduced).

* Indicate how to get set up for the multitenancy integration tests. (#393)

This documentation is based off of the instructions in https://github.com/firebase/firebase-admin-node/blob/master/CONTRIBUTING.md.

* Add tenant-aware token generation and verification. (#391)

This incorporates the tenant ID into the token generation and validation when using a tenant-aware client. This is part of the initiative to add multi-tenancy support (see issue #332).

* Fix javadoc comment.

* Trigger CI

* Make several Op methods private.

* Move createSessionCookie and verifySessionCookie back to FirebaseAuth.

* Make verifySessionCookieOp private.

* Fix a few javadoc comments.

* Address Kevin's feedback.

* Make TenantAwareFirebaseAuth final.

* chore: Merging master into tenant-mgt (#422)

* Fixed a bad merge

* Add provider config management operations. (#433)

Adds all of the OIDC and SAML provider config operations, related to adding multi-tenancy support.

* Stop using deprecated MockHttpTransport.builder() method.

* Moved tenant management code into a new package (#449)

* Multi-tenancy refactor experiment

* fix(auth): Completed tenant mgt refactor

* Added license header to new class

* Responding to code review comments: Consolidated error codes in AuthHttpClient

* Improve unit test coverage of tenant/provider-related code (#453)

I've improved the unit test coverage of tenant/provider-related code, and I've also removed a number of unused imports.

* Fix integration tests.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@kevinthecheung kevinthecheung kevinthecheung approved these changes

@egilmorez egilmorez Awaiting requested review from egilmorez

Assignees

@micahstairs micahstairs

@kevinthecheung kevinthecheung

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@micahstairs @hiranya911 @kevinthecheung @egilmorez