Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

moving okta-sso for new id #1911

Merged
merged 3 commits into from
Jan 3, 2025
Merged
Show file tree
Hide file tree
Changes from 1 commit
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -2,12 +2,16 @@

import java.util.ArrayList;

import org.yaml.snakeyaml.scanner.Constant;

import com.akto.action.UserAction;
import com.akto.dao.ConfigsDao;
import com.akto.dao.UsersDao;
import com.akto.dao.context.Context;
import com.akto.dto.Config;
import com.akto.dto.User;
import com.akto.dto.Config.ConfigType;
import com.akto.util.Constants;
import com.akto.util.DashboardMode;
import com.akto.utils.sso.SsoUtils;
import com.mongodb.BasicDBObject;
Expand Down Expand Up @@ -74,7 +78,8 @@ public String deleteOktaSso() {
public String execute() throws Exception {
Config.OktaConfig oktaConfig;
if(DashboardMode.isOnPremDeployment()) {
oktaConfig = (Config.OktaConfig) ConfigsDao.instance.findOne("_id", "OKTA-ankush");
int accountId = Context.accountId.get();
oktaConfig = (Config.OktaConfig) ConfigsDao.instance.findOne(Constants.ID, ConfigType.OKTA.name() + "_" + accountId);
} else {
String email = getSUser().getLogin();
oktaConfig = Config.getOktaConfig(email);
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -136,6 +136,7 @@
import org.bouncycastle.jcajce.provider.asymmetric.dsa.DSASigner.stdDSA;
import org.bson.conversions.Bson;
import org.bson.types.ObjectId;
import org.checkerframework.checker.units.qual.C;
import org.json.JSONObject;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
Expand Down Expand Up @@ -2922,6 +2923,26 @@ private static void deleteOptionsAPIs(BackwardCompatibility backwardCompatibilit
}
}

private static void moveOktaOidcSSO(BackwardCompatibility backwardCompatibility){
if(backwardCompatibility.getMoveOktaOidcSSO() == 0){
String saltId = ConfigType.OKTA.name() + Config.CONFIG_SALT;
Config.OktaConfig oktaConfig = (Config.OktaConfig) ConfigsDao.instance.findOne(
Filters.eq(Constants.ID, saltId)
);
int accountId = Context.accountId.get();
oktaConfig.setId(saltId + "_" + accountId);
ConfigsDao.instance.deleteAll(
Filters.eq(Constants.ID, saltId)
);

ConfigsDao.instance.insertOne(oktaConfig);
BackwardCompatibilityDao.instance.updateOne(
Filters.eq("_id", backwardCompatibility.getId()),
Updates.set(BackwardCompatibility.MOVE_OKTA_OIDC_SSO, Context.now())
);
}
}

public static void setBackwardCompatibilities(BackwardCompatibility backwardCompatibility){
if (DashboardMode.isMetered()) {
initializeOrganizationAccountBelongsTo(backwardCompatibility);
Expand Down Expand Up @@ -2953,6 +2974,7 @@ public static void setBackwardCompatibilities(BackwardCompatibility backwardComp
dropSpecialCharacterApiCollections(backwardCompatibility);
addDefaultAdvancedFilters(backwardCompatibility);
moveAzureSamlConfig(backwardCompatibility);
moveOktaOidcSSO(backwardCompatibility);
}

public static void printMultipleHosts(int apiCollectionId) {
Expand Down
14 changes: 13 additions & 1 deletion libs/dao/src/main/java/com/akto/dto/BackwardCompatibility.java
Original file line number Diff line number Diff line change
Expand Up @@ -100,6 +100,9 @@ public class BackwardCompatibility {
public static final String DELETE_OPTIONS_API = "deleteOptionsAPIs";
private int deleteOptionsAPIs;

public static final String MOVE_OKTA_OIDC_SSO = "moveOktaOidcSSO";
private int moveOktaOidcSSO;

public BackwardCompatibility(int id, int dropFilterSampleData, int resetSingleTypeInfoCount, int dropWorkflowTestResult,
int readyForNewTestingFramework,int addAktoDataTypes, boolean deploymentStatusUpdated,
int authMechanismData, boolean mirroringLambdaTriggered, int deleteAccessListFromApiToken,
Expand All @@ -109,7 +112,7 @@ public BackwardCompatibility(int id, int dropFilterSampleData, int resetSingleTy
int loginSignupGroups, int vulnerableApiUpdationVersionV1, int riskScoreGroups,
int deactivateCollections, int disableAwsSecretPii, int apiCollectionAutomatedField,
int automatedApiGroups, int addAdminRoleIfAbsent, int dropSpecialCharacterApiCollections, int fixApiAccessType,
int addDefaultFilters, int moveAzureSamlToNormalSaml, int deleteOptionsAPIs) {
int addDefaultFilters, int moveAzureSamlToNormalSaml, int deleteOptionsAPIs, int moveOktaOidcSSO) {
this.id = id;
this.dropFilterSampleData = dropFilterSampleData;
this.resetSingleTypeInfoCount = resetSingleTypeInfoCount;
Expand Down Expand Up @@ -141,6 +144,7 @@ public BackwardCompatibility(int id, int dropFilterSampleData, int resetSingleTy
this.fixApiAccessType = fixApiAccessType;
this.moveAzureSamlToNormalSaml = moveAzureSamlToNormalSaml;
this.deleteOptionsAPIs = deleteOptionsAPIs;
this.moveOktaOidcSSO = moveOktaOidcSSO;
}

public BackwardCompatibility() {
Expand Down Expand Up @@ -425,4 +429,12 @@ public int getDeleteOptionsAPIs() {
public void setDeleteOptionsAPIs(int deleteOptionsAPIs) {
this.deleteOptionsAPIs = deleteOptionsAPIs;
}

public int getMoveOktaOidcSSO() {
return moveOktaOidcSSO;
}

public void setMoveOktaOidcSSO(int moveOktaOidcSSO) {
this.moveOktaOidcSSO = moveOktaOidcSSO;
}
}
5 changes: 3 additions & 2 deletions libs/dao/src/main/java/com/akto/dto/Config.java
Original file line number Diff line number Diff line change
Expand Up @@ -367,7 +367,7 @@ public static class OktaConfig extends Config {

public OktaConfig() {
this.configType = ConfigType.OKTA;
this.id = CONFIG_ID;
this.id = CONFIG_ID + "_" + this.accountId;
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This won't work because the constructor will be called and the id variable will be initialized before the setAccountId method is called so the value will default to 0.

}

public String getClientId() {
Expand Down Expand Up @@ -686,9 +686,10 @@ public static boolean isConfigSSOType(ConfigType configType){
}

public static OktaConfig getOktaConfig(int accountId) {
String id = ConfigType.OKTA.name() + CONFIG_SALT + "_" + accountId;
OktaConfig config = (OktaConfig) ConfigsDao.instance.findOne(
Filters.and(
Filters.eq("_id", "OKTA-ankush"),
Filters.eq("_id", id),
Filters.eq(OktaConfig.ACCOUNT_ID, accountId)
)
);
Expand Down
Loading