* feat: basic sqlite and turso setup
* chore: format code
* chore: explain turso flags
* fix: failing ttl tests for sqlite
* chore: increase key field length, even though sqlite doesn't care
* chore: remove sqlite logging
* fixed order by query (related to precision of current_timestamp which is seconds)
* delete record3 as well
* test: add turso to _dev docker compose and tests
* chore: remove temporary turso engine type
* removed sqlite3 from webpack ignore
* fixed format
* added turso image to ci/cd test
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Fixture add DSync Page
* Tweak fixture, add delete connection method
* Label should be associated with the input
* WIP Test for Azure SCIM
* Tweak helper to work with Azure SCIM query param
* Fixture add switching to users view method and use instance property for tenant/product
* Include Jackson Api key header in SCIM endpoint request
* Simulate a user creation request to SCIM endpoint and assert it in view
* Update sample user to match type
* Fix flaky test by waiting for dom
* Export helpers from index
* Refactor scimOpEndpoint
* Add group and group member
* Add switching to group view in fixture
* Assert group in groups view
* Tweak userName
* Enable webhook events logging
* Refactor
* Add second user, parametrize azureUser
* Set webhook url/secret
* Assert webhook events
* Refactor view switching
* Refactor event inspection
* Delete webhook logs
* Tweak scimEndpoint creation
* Add `deleteGroup`
* Use util method in api helpers
* Add test for user/group deletion
* Bump up assertion timeout
* Try flakiness fix with waiting for api response
* `updateGroupName` e2e helper
* Assert updated group name
* Revert local changes
* Potential fix for failed test
* Try fix
* Add missing await for visibility checks
* Cleanup await inside expect
* Cleanup waiting for response
* Test user update, disabling webhook event logging
* Parametrize test for Okta/Azure
* Cleanup await
* Try removing assertion timeout
* Put back assetion timeout
* WIP
* updated swagger file
* renamed routes
* renamed test folder
* separate section for Identity Federation
* sso-tracer -> sso-traces
* don't change ACS url for SAML federation
* SAMLFederation -> IdentityFederation
* SAMLFederation -> IdentityFederation
* keep api/federated-saml but move to api/identity-federation
* test old route as well
* fixed test
* fixed test
* retry tests 3 times
* updated deployment
* WIP create SAML Fed app
(cherry picked from commit 3d15b20a2d)
* Add Admin Portal SSO via SAML Fed
* Minor tweaks
* Use fixture and login using federated connection
* Cleanup SAML fed connection after test, disable failing assertion for now
* Remove only
* Use MockSAML endpoint from env
* Cleanup SSO connections mapped to SAML Fed
* OIDC Fed spec
* Try with higher timeout
* Mutate on page load
* Put back assertion
* Remove assertion and mutate for now
* SAML Fed App + 2 SAML Providers
* Take in optional tenant/product for fixture method
* SAML Fed + 2 OIDC providers
* SAML Fed test cases for single provider
* Tweak title
* Replace swr with fetch
* Remove only
* Bump up timeout to 100s
* Add more test cases for OIDC Fed
* Refactor fetch with hooks
* locale tweaks
* Also try with the other provider
* Fixture support SAML add via raw metadata
* Add second SAML connection using raw metadata
* Revert "Add second SAML connection using raw metadata"
* Revert "Fixture support SAML add via raw metadata"
---------
Co-authored-by: ukrocks007 <ukrocks.mehta@gmail.com>
Co-authored-by: Aswin V <vaswin91@gmail.com>
* use customer query param instead of domain to fetch all users
* members list doesn't take customer param
* Fix query param in tests
---------
Co-authored-by: Aswin V <vaswin91@gmail.com>
* Handle pagination query params correctly and set response header for pageToken
* Support for pageToken
* Revert tokenmap change for and add comment
* Exclude `log_webhook_events` checkbox while creating
* `pageToken` handling for WebhookLogs
* `pageToken` handling in API route
* Fix unit tests
* Fix test
* Update tokenmap using effect
* Use random id instead of os.hostname
* Remove unused import
* add eventLockKey
* add eventLockKey
* Check for expiry when acquiring lock (wip)
* Add cron interval config
* Add timeout functionality to process events
* Fix index value overwrite
* Fix bulk delete
* Remove console.log
* directory sync add cron
* Refactor event processing and add cron scheduling
* Remove await
* Refactor directory sync worker
* Remove unused import statement
* Fix lockKey initialization in EventProcessor constructor
* cleanup
* take a callback for DSync as NPM option (WIP)
* Fix the unit test
* Fix the webhooks test
* Remove unused import statement
* Fix type
* fixed cron, cleaned up x-access-token. TODO: Fix webhooks batch cron
* grouped dsync index names in one place
* ensure the cron ticks regularly, use setInterval instead of setTimeout
* do the renewal inside EventLock
* lint fix
* improved locking and added check for lock in Google dsync cron
* locking per cron
* refactor
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Default should be true, opt-in via JacksonOption
* Add new env to example file
* Omit profile scope if opted out
* Type update
* Service env processing
* Sync package locks
* Add unit tests
* Update google SCIM authz options
* Sync lock file
* Remove the old option support, should reflect in typings
* Fix failing test
* Sync lock file
* Include google_authorization_url in directory response
* Update internal-ui to use url from directory config
* Update component usage in Jackson UI
* Cleanup example env
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* Add roles attribute to the dsync user profile
* Add roles property to transformed user object
* Add unit tests
* Remove unused import statement
* Fix the property
* Add tests
* `offset` -> `pageOffset`, `limit`-> `pageLimit`
* Be backward compatible in API
* Cleanup types and handle pagination qs
* Cleanup unused code
* Import type
* Cleanup and fix lint error
* Align params for sso-tracer
* Move parsing to a common util function
* pageLimit shouldn't be optional
* Cap pageLimit to max value, split the boolean
* Revert typings and assert non null
* Refactor var name
* Use util function to normalize pagination params across getAll and getByIndex
* Normalize offset/limit for dynamo/mongo
* Update query params in `FederatedSAMLApps`
* Cap to max limit if passed limit is 0
* Sync lock file
* Add a 3rd record and supply opts.pageLimit
* Normalize offset/limit for mem/redis
* Save the 3rd record in the store
* Fix getAll tests
* Give precedence to standard params over legacy
* Use util function
* Parse using util function
* Refactor
* Standardise pagination for `api/v1/dsync/events`
* Standardise pagination for api/admin/connections
* Standardise pagination for api/admin/directory-sync
* Standardise pagination for `api/v1/dsync/groups`
* Standardise pagination for `v1/dsync/users`, `v1/dsync/product`
* Standardise pagination in fetchByProduct APIs
* Update swagger for groups
* Fix pagination params definition, add the params for users api
* More swagger updates
* Swagger spec update for dsync events
* Add pagination params to apis fetching by product
* Update qs in internal-ui
* Remove type assertion
* [Swagger WIP] Fix response format for paginated APIs
* Add dsync events to swagger spec
* Fix swagger spec for sso tracer
* Fix swagger spec for federated-saml apps of a product
* Update pageLimit to 50
* Use pageLimit value from internal-ui
* Update UI SDK
* Cleanup local pagination component
* Update swagger version
* Remove unused keys from locale
* Fix tag for trace api spec
* Fix param name for swagger
* Fix swagger tag for trace
* updated package-lock
* updated package-lock
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* add WellKnownURLs
* Fix translation keys
* Update dependencies and add IdP Configuration
* Update common.json with new translations
* wip
* Update @boxyhq/internal-ui version to 0.0.5
* add internal ui folder
* Fix imports and build
* Refactor internal-ui package structure
* wip shared UI
* Fix the build
* Add new components and hooks for directory sync
* lint fix
* updated swr
* users
* Refactor shared components and fix API endpoints***
***Update directory user page and add new federated SAML app
* Fix lint
* wip
* Add new files and update existing files
* Refactor DirectoryGroups and DirectoryInfo components
* Update localization strings for directory UI
* Update Google Auth URL description in common.json
* Refactor directory tab and add delete functionality to webhook logs
* Delete unused files and update dependencies
* Fix column declaration
* Add internal-ui/dist to .gitignore
* Update page limit and add new dependencies
* wip
* Refactor directory search in user API endpoint
* wip
* Refactor directory retrieval logic in user and group API handlers
* Add API endpoints for retrieving webhook events
* Add query parameters to API URLs in DirectoryGroups
* Add Google authorization status badge and handle pagination in FederatedSAMLApps
* Add router prop to AppsList component and update page header titles
* UI changes
* Add new files and export functions
* Remove unused router prop
* Add PencilIcon to FederatedSAMLApps
* Refactor FederatedSAMLApps and NewFederatedSAMLApp components
* lint fix
* add jose npm to dev dep
* added missing strings
* locale strings fix
* locale strings cleanup
* update package-lock
* Add prepublish step
* Build and publish npm and internal ui
* Refactor install step
* Run npm install (for local) inside internal ui automatically using prepare
* Remove eslint setup for internal-ui
* wip
* Add `--legacy-peer-deps` to prevent installing peer dependencies
* wip
* Fix the types import path
* wip
* wip
* Fix the types
* Format
* Update package-lock
* Cleanup
* Try adding jose library version 5.2.2
* Add new dependencies for @next/swc package
* Fix translation keys and import types
* Update SSOTracers component and common.json localization
* COPY internal-ui before npm install
* COPY internal-ui in builder stage
* fixed sort order for jose
* wip
* wip setuplink
* Add delete link
* Add exclusion for node_modules in files.exclude
* Add error handling and additional functionality to SetupLinks component
* Refactor SetupLinks component and add missing translations
* Add missing translations and update setup link messages
* Remove comment
* update localization strings
* Remove unused key
* Update SSOTracerInfo component title
* Refactor ConfirmationModal component button styling
* Update package.json and ConfirmationModal.tsx
* Update dep
* Refactor setup links API and UI to use query parameters for pagination
* Refactor deleteLink API endpoint and SetupLinks component
* Update package.json paths
* Update dep
* Refactor setup link forms and add new fields
* Update dep
* Update import paths and add new setup links tests
* wip
* Refactor CreateDirectory and DirectoryInfo components
* Add new fields to setup link and directory sync APIs
* Cleanup
* Update package-lock
* Fix link regeneration
* updated package-lock
* Fix and add e2e tests
* Update API documentation with new parameters for setup link creation and update
* Revert
* Update postcss.config.js and SSOForm.tsx
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
Co-authored-by: Aswin V <vaswin91@gmail.com>
* wip ttl
* Add TTL to sso tracer and webhook events
* Fix the unit tests
* Commented out code for secondary indexes with ttl
* Update package-lock.json
* Fix the test
* Control the order of connections in the IdP selection list
* Remove unused import statement
* Fix the sortOrder
* Type fix
* Fix TS error
* Fix build
* Update API version and add sortOrder parameter
* Update swagger specs
* Update swagger
* Add tests
* Add `sortOrder` to GET spec
* Refactor connection retrieval logic and add sorting option
* Fix connection sorting issue
* Fix connection sorting issue
* Update the validation
* Fix the tests
* Filter out connections that are not enabled
---------
Co-authored-by: Aswin V <vaswin91@gmail.com>
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* [typings] OIDC provider clientId/secret is non optional
* try/catch and trace the errors ...
* Fix error message inside `resolveConnection`
* Default for error_description, trace error should be either error or fallback to description
* Attach traceId to OAuth error response
* Add more context to the traces
* [fed-saml] Add relayState to trace context
* Tenant/product can be traced from session.request in case connection is not resolved
* Minor change
* [npm] Rename `saml-tracer` -> `sso-tracer`
* [Admin UI/API] Rename `saml-tracer` -> `sso-tracer`
* [v1 API] Rename `saml-traces` -> `sso-traces` with alias to old path
* Fix assertion type display with fallback to `-`
* Update swagger spec
* Scroll in case text overflows
* updated typeorm
* renamed connection
* updated migration scripts to new TypeORM version (v3)
* typeorm and mongo -migrations and namespace column
* update the mongo migration file
* remove the camelcase
* remove camelcase
* rename the file
* renaming migration files
* folder restructuring and add migrate-mongo package
* correcting path and minor changes
* merging db name with URL
* changing ts to js for mongo
* migration automation with env variable
* using custom scripts for migration
* Dockerfile fixes
* bootstrap script fixes and still need ts-node migrate-mongo in dockerfile
* running migration in CI/CD
* turning down planetscale
* migration related fixes for namespace
* Migration & bootstrap changes
* reverting minor change
* bootstrap.sh will only run in docker env
* bootstrap RUN_MIGRATION env variable will use true
* migration fixes
* migration changes
* removed console logs
* planetscale migration fixes
* copied back old files, tweaks to filenames
* add index for namespace
* restore older migration scripts
* formatting
* aligned timestamps
* updated mysql, mariadb, mssql, planetscale namespace migrations
* We'll run migrate manually as a separate step/container
* forgot to add migrate.sh
* bumped up timestamp
* Enable planetscale testing
* Revert planetscale test and comment config object
* Revert deletions in Dockerfile
* Update maria, mssql, mysql, ps, pg, sql namespace migrations
* Cleanup
* Add runMigration env to support manual run
* Minor tweak
* Ensure sql data migrations run after schema changes
* Fix mssql namespace data migration query
* Sync lock file
* Update mongo timestamp
* Set env for npm mongo migration script
* [sql] Populate namespace column for synchronize: true instances
* Rename `DB_RUN_MIGRATION` -> `DB_MANUAL_MIGRATION`
* [mongo] Populate namespace for already deployed instances
* Cleanup migrate.sh
* [bash -> sh] bash does not work inside docker
* Optimise migration artifacts
* Source packages from global path
* Copy npm from build context - excludes node_modules via .dockerignore
* Remove redundant copy step
* Impl `getCount`
* SQL impl
* Mongo impl
* Sync lock file
* Unit test for `getCount`
* `getCount` should be optional
* Add invocation gaurd against undefined
* updated package-lock
* updated package lock
* Silently fail if getCount is not supported
* [sql] Support count using index query
* [mongo] support count using index query
* Support count by index query on Store/DB abstractions
* Add test for countByIndex
* Add missing step for hashing the index value
* Minor refactor in test to distinguish engine vs type
* Enable getCount for planetscale
* Pass `hint` to countDocuments
* updated package-lock
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
Co-authored-by: Vishal Lodha <vishal@boxyhq.com>
Co-authored-by: Utkarsh Mehta <ukrocks.mehta@gmail.com>
* added close function to close DB connections
* fixed teardown
* test close() separately
* lint fix
* cleanup
* fixed db tests
* turn off tests for close
* Apply suggestions from code review
Co-authored-by: Kiran K <kiran@boxyhq.com>
* fixed tests for close()
---------
Co-authored-by: Kiran K <kiran@boxyhq.com>
* Align expected type with oidc
* Pass through all params to openid-client
* Remove error handling, will be handled by openid-client
* Use `CallbackParamsType` from openid-implementation, cleanup previous type
* Sync lock files
* Fix test type
* Pass `checks.state`
* Remove obsolete type
* Forward `error/error_description` from OIDC provider response
* Fix tests
* Sync lock file
* Pass the okta runscope tests for SCIM
* Fix duplicate group and user creation
* Remove unused const
* Update the tests
* Refactor error response in DirectoryGroups.ts
* Pass along sortOrder and use it in query
* Fix query
* Try with new syntax
* Switch `findBy` (sort order unsupported) to `find`
* Remove square brackets
* Refactor
* Add sort order test for getByIndex
* Fix type
* Support sortOrder for `mem`
* Support sort order for redis (non paginated case covered now)
* Fix e2e test list order
* Revert redis changes
* Exclude redis from test
* Add unit test cases
* Fix displaying the branding
* Remove the license check on the metadata
* Fix the endpoint
* Add e2e
* Fix the tests
* Fix the tests
* Remove unused imports
* Improve the tests
* add BOXYHQ_LICENSE_KEY
* Fix the test
* oidc issuer should match external url where it's hosted
* fixed test
* Fix `issuer` in id_token
* Sync lock file
* Fix test
---------
Co-authored-by: Aswin V <vaswin91@gmail.com>
* Get Federated SAML apps by product
* move to /ee
* Rename method
* Fix APIs
* delete app by tenant + product
* get app by tenant and product
* Fix the params
* Fix the params
* Change API path to /saml-federation
* Update the paths
* use /federated-saml
* Revert
* Add swagger specs
* Fix tests
* Add Google Group API
* Restructure the Group interface
* Rename the methods
* wip
* temp change
* Revert the changes
* Fix the groups from Google
* wip fetch users
* Skip directory check
* Convert to SCIM schema
* Updates to users sync
* Fix the unit test
* Rename folder and merge the files
* add raw to the user payload
* Fix the unit tests
* Optimize the Group sync create ops
* Reorder import
* Remove unused imports
* Add type safety to SCIM Schema
* Fix the users and groups update
* try fixing unit tests
* Fix the file extension
* Delete groups that are not in the directory anymore
* Fix the group update
* Compare and find the delete users
* Add and update group members
* cleanup the test
* Fix the test (temp)
* dont throw error
* Add secondary index if the directory type is `google`
* Rename the file
* wip
* Export functions inline
* Hide the SCIM endpoint and token for non-scim provider
* Update the `dsync` option key to allow multiple providers
* Restructure the folders
* Update folder structure
* Cleanup
* Revert the callback changes
* Fix the type
* Fix the type
* Fix existing unit tests
* add callback
* Fix the internal callback
* Fix the method call
* merge the type files
* add console.info for testing
* Fix the Google OAuth client usage
* Reactor the update method
* Handle no users or group cases
* Refactor the sync method
* Fix the pagination
* Cleanup
* Finish the pagination
* Fix the unit tests
* Fix the lint errors
* Fix the build issues
* Pass directory id to the method
* Pass directoryId while fetching
* apply changes to the UI
* display the Google auth URL
* Fix the type
* add unit tests
* add unit test for syncing users
* add unit tests
* Pass operation to SCIM payload
* unit tests wip 1
* updated
* Test the events deleted
* Test group.user_added events
* Finish the tests
* Revert and cleanup
* update map.js
* Revert
* update the e2e test
* Cleanup
* Revert
* label tweak
* Remove unused import
* Protect the cron job using apiKey
---------
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* add support to activate and deactivate SSO connections
* add unit tests for sso.deactivated and sso.activated
* prevent sso login with deactivated connection
* add deactivate key for directory sync
* update the Badge component to extend react-daisyui
* restructure the status toggle button
* update the connection toggle for directory connection
* wip
* tweak variables
* wip
* cleanup
* delete the connection after each test
* ask for confirmation before sending the request
* use PATCH method
* fix the default value for toggle
* stop sending webhook if connection is disabled
* add the key deactivated to connection object
* fix the unit test
* attempt to fix the test
* update
* allow passing data-testid to ConfirmationModal
* revert the changes
* cleanup
* remove the console.log
* remove unused imports
* sync the state after the status change
* Sync lock file
---------
Co-authored-by: Aswin V <vaswin91@gmail.com>
* wip
* Add deleteMany method to SQL engine
* add deleteMany to mem engine
* add deleteMany to MongoDB
* add deleteMany to Redis engine
* fix the test
* use deleteMany method in dsync
* add delete directory connection API
* add button to delete directory
* add new lang keys
* fix the delete directory connection
* use a limit variable
* fix eslint issues
* attempt to fix the test
* DynamoDB support deleteMany
* check if disabling DYNAMODB_URL can fix the timeout issue
* fix the planetscale impl
* Test GitHub action
* revert the change
* add bulk Delete Batch Size
* deleteAll should accept the directory Id
* fix the deleteMany for mem engine
* fix the tests
* cleanup
* change the order of deletion
* add database transaction to sql
* fix the linting issue
* use the promise
* rename variable
* change the delete order
* added dynamodb-local to docker-compose
* [WIP] Add DynamoDB data source (#947)
wip
Co-authored-by: Deepak Prabhakara <deepak@boxyhq.com>
* WIP
* fixed put, get and delete
* store secondary index
* implemented getAll and delete
* revert changes to test file
* revert test script changes
* added dynamodb-local for testing
* WIP: pagination for DynamoDB
* dynamodb pagination cannot take offset and limit
* fixes for the change from Array to Records type so we can handle pageToken for DynamoDB
* fixed github actions
* trying options instead of command
* try default dynamodb-local command
* lint
* region for dynamodb
* added dummy aws creds
* lint
* getAll can be paginated using pageLimit
* tweaked comments
* Track `pageToken` with `pageOffset`.
* Track the (next)pageToken with offset
* Use the pageToken (from prev page) to get the connection list
* Comment
* Pass along the pageToken
* Type fix
* Relay the `pageToken` header to the response
* Update type for SWR ApiSuccess data
* Remove `marshall`
* Support pageToken for DS
* Support pageToken for SAML Fed
* Fix test
* Support pageToken for SAML Tracer
* Fix test
* Fix test for tracer
* Remove `marshall` in getByIndex
* Support `pageToken` for SetupLinks
* added dynamodb dev script
* move dynamodb options to it's own namespace
* added config for read/write capacity units
---------
Co-authored-by: Michael McDermott <michael.g.mcdermott@gmail.com>
Co-authored-by: Aswin V <vaswin91@gmail.com>
* add webhook retry method
* update the raw user attributes
* remove the webhook retry logic
* add a unit test
* try lodash
* try npx
* Update package.json