diff --git a/apps/dashboard/src/main/java/com/akto/action/user/OktaSsoAction.java b/apps/dashboard/src/main/java/com/akto/action/user/OktaSsoAction.java index ca5c7d88e6..94632d8006 100644 --- a/apps/dashboard/src/main/java/com/akto/action/user/OktaSsoAction.java +++ b/apps/dashboard/src/main/java/com/akto/action/user/OktaSsoAction.java @@ -2,7 +2,7 @@ import java.util.ArrayList; -import org.yaml.snakeyaml.scanner.Constant; +import org.bson.conversions.Bson; import com.akto.action.UserAction; import com.akto.dao.ConfigsDao; @@ -10,7 +10,7 @@ import com.akto.dao.context.Context; import com.akto.dto.Config; import com.akto.dto.User; -import com.akto.dto.Config.ConfigType; +import com.akto.dto.Config.OktaConfig; import com.akto.util.Constants; import com.akto.util.DashboardMode; import com.akto.utils.sso.SsoUtils; @@ -33,7 +33,9 @@ public String addOktaSso() { return ERROR.toUpperCase(); } - Config.OktaConfig oktaConfig = new Config.OktaConfig(); + int accountId = Context.accountId.get(); + + Config.OktaConfig oktaConfig = new Config.OktaConfig(accountId); oktaConfig.setClientId(clientId); oktaConfig.setClientSecret(clientSecret); oktaConfig.setAuthorisationServerId(authorisationServerId); @@ -51,17 +53,9 @@ public String addOktaSso() { } public String deleteOktaSso() { - DeleteResult result; - if(DashboardMode.isOnPremDeployment()) { - result = ConfigsDao.instance.deleteAll(Filters.eq("_id", "OKTA-ankush")); - } else { - result = ConfigsDao.instance.deleteAll( - Filters.and( - Filters.eq("_id", "OKTA-ankush"), - Filters.eq(Config.OktaConfig.ACCOUNT_ID, Context.accountId.get()) - ) - ); - } + int accountId = Context.accountId.get(); + Bson idFilter = Filters.eq(Constants.ID, OktaConfig.getOktaId(accountId)); + DeleteResult result = ConfigsDao.instance.deleteAll(idFilter); if (result.getDeletedCount() > 0) { for (Object obj : UsersDao.instance.getAllUsersInfoForTheAccount(Context.accountId.get())) { @@ -76,14 +70,9 @@ public String deleteOktaSso() { @Override public String execute() throws Exception { - Config.OktaConfig oktaConfig; - if(DashboardMode.isOnPremDeployment()) { - int accountId = Context.accountId.get(); - oktaConfig = (Config.OktaConfig) ConfigsDao.instance.findOne(Constants.ID, ConfigType.OKTA.name() + "_" + accountId); - } else { - String email = getSUser().getLogin(); - oktaConfig = Config.getOktaConfig(email); - } + int accountId = Context.accountId.get(); + Config.OktaConfig oktaConfig = (Config.OktaConfig) ConfigsDao.instance.findOne(Constants.ID, OktaConfig.getOktaId(accountId)); + if (SsoUtils.isAnySsoActive() && oktaConfig == null) { addActionError("A different SSO Integration already exists."); return ERROR.toUpperCase(); diff --git a/apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java b/apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java index c0b1307546..5bf7a2bcc1 100644 --- a/apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java +++ b/apps/dashboard/src/main/java/com/akto/listener/InitializerListener.java @@ -33,6 +33,7 @@ import com.akto.dto.ApiCollectionUsers.CollectionType; import com.akto.dto.Config.AzureConfig; import com.akto.dto.Config.ConfigType; +import com.akto.dto.Config.OktaConfig; import com.akto.dto.RBAC.Role; import com.akto.dto.User.AktoUIMode; import com.akto.dto.data_types.Conditions; @@ -2930,7 +2931,7 @@ private static void moveOktaOidcSSO(BackwardCompatibility backwardCompatibility) Filters.eq(Constants.ID, saltId) ); int accountId = Context.accountId.get(); - oktaConfig.setId(saltId + "_" + accountId); + oktaConfig.setId(OktaConfig.getOktaId(accountId)); ConfigsDao.instance.deleteAll( Filters.eq(Constants.ID, saltId) ); diff --git a/apps/dashboard/src/main/java/com/akto/utils/sso/SsoUtils.java b/apps/dashboard/src/main/java/com/akto/utils/sso/SsoUtils.java index 986e11ba89..4f3e3de1e9 100644 --- a/apps/dashboard/src/main/java/com/akto/utils/sso/SsoUtils.java +++ b/apps/dashboard/src/main/java/com/akto/utils/sso/SsoUtils.java @@ -35,8 +35,8 @@ public static boolean isAnySsoActive(int accountId){ } public static boolean isAnySsoActive(){ + int accountId = Context.accountId.get(); if(DashboardMode.isMetered() && !DashboardMode.isOnPremDeployment()){ - int accountId = Context.accountId.get(); if(!isAnySsoActive(accountId)){ return ConfigsDao.instance.count(Filters.and( Filters.eq(Constants.ID, "OKTA-ankush"), @@ -46,7 +46,8 @@ public static boolean isAnySsoActive(){ return true; } }else{ - List ssoList = Arrays.asList("OKTA-ankush", "GITHUB-ankush", "AZURE-ankush"); + String oktaIdString = OktaConfig.getOktaId(accountId); + List ssoList = Arrays.asList(oktaIdString, "GITHUB-ankush", "AZURE-ankush"); Bson filter = Filters.in("_id", ssoList); return ConfigsDao.instance.count(filter) > 0; } diff --git a/libs/dao/src/main/java/com/akto/dto/Config.java b/libs/dao/src/main/java/com/akto/dto/Config.java index c11d04d60d..63c67da9da 100644 --- a/libs/dao/src/main/java/com/akto/dto/Config.java +++ b/libs/dao/src/main/java/com/akto/dto/Config.java @@ -365,9 +365,17 @@ public static class OktaConfig extends Config { public static final String CONFIG_ID = ConfigType.OKTA.name() + CONFIG_SALT; - public OktaConfig() { + public OktaConfig(){ this.configType = ConfigType.OKTA; - this.id = CONFIG_ID + "_" + this.accountId; + } + + public static String getOktaId(int accountId){ + return CONFIG_ID + "_" + accountId; + } + + public OktaConfig(int id) { + this.configType = ConfigType.OKTA; + this.id = CONFIG_ID + "_" + id; } public String getClientId() { @@ -686,7 +694,7 @@ public static boolean isConfigSSOType(ConfigType configType){ } public static OktaConfig getOktaConfig(int accountId) { - String id = ConfigType.OKTA.name() + CONFIG_SALT + "_" + accountId; + String id = OktaConfig.getOktaId(accountId); OktaConfig config = (OktaConfig) ConfigsDao.instance.findOne( Filters.and( Filters.eq("_id", id),