@@ -35,7 +35,8 @@ func TestIdentityProviders(t *testing.T) {
35
35
req .NoError (err )
36
36
37
37
var federationSettingsID string
38
- var oidcIdentityProviderID string
38
+ var oidcWorkloadIdpID string
39
+ var oidcIWorkforceIdpID string
39
40
40
41
t .Run ("Describe an org federation settings" , func (t * testing.T ) {
41
42
cmd := exec .Command (cliPath ,
@@ -58,18 +59,33 @@ func TestIdentityProviders(t *testing.T) {
58
59
federationSettingsID = settings .GetId ()
59
60
})
60
61
61
- t .Run ("List OIDC IdPs WORKFORCE" , func (_ * testing.T ) {
62
+ t .Run ("Create OIDC IdP WORKLOAD" , func (t * testing.T ) {
63
+ idpName , err := RandIdentityProviderName ()
64
+ req .NoError (err )
65
+
62
66
cmd := exec .Command (cliPath ,
63
67
federatedAuthenticationEntity ,
64
68
federationSettingsEntity ,
65
69
identityProviderEntity ,
66
- "list" ,
70
+ "create" ,
71
+ "oidc" ,
72
+ idpName ,
67
73
"--federationSettingsId" ,
68
74
federationSettingsID ,
69
- "--protocol" ,
70
- "OIDC" ,
75
+ "--audience" ,
76
+ idpName , // using random as audience also should be unique
77
+ "--authorizationType" ,
78
+ "GROUP" ,
79
+ "--desc" ,
80
+ "CLI TEST Provider" ,
81
+ "--groupsClaim" ,
82
+ "groups" ,
71
83
"--idpType" ,
72
- "WORKFORCE" ,
84
+ "WORKLOAD" ,
85
+ "--issuerUri" ,
86
+ "https://accounts.google.com" ,
87
+ "--userClaim" ,
88
+ "user" ,
73
89
"-o=json" ,
74
90
)
75
91
@@ -79,20 +95,43 @@ func TestIdentityProviders(t *testing.T) {
79
95
80
96
var provider atlasv2.FederationIdentityProvider
81
97
req .NoError (json .Unmarshal (resp , & provider ))
98
+
99
+ assert .NotEmpty (t , provider .GetId ())
100
+ oidcWorkloadIdpID = provider .GetId ()
82
101
})
83
102
84
- t .Run ("List OIDC IdPs WORKLOAD" , func (_ * testing.T ) {
103
+ t .Run ("Create OIDC IdP WORKFORCE" , func (t * testing.T ) {
104
+ idpName , err := RandIdentityProviderName ()
105
+ fmt .Println (idpName )
106
+ req .NoError (err )
107
+
85
108
cmd := exec .Command (cliPath ,
86
109
federatedAuthenticationEntity ,
87
110
federationSettingsEntity ,
88
111
identityProviderEntity ,
89
- "list" ,
112
+ "create" ,
113
+ "oidc" ,
114
+ idpName ,
90
115
"--federationSettingsId" ,
91
116
federationSettingsID ,
92
- "--protocol" ,
93
- "OIDC" ,
117
+ "--audience" ,
118
+ idpName , // using random as audience also should be unique
119
+ "--authorizationType" ,
120
+ "GROUP" ,
121
+ "--clientId" ,
122
+ "cliClients" ,
123
+ "--desc" ,
124
+ "CLI TEST Provider" ,
125
+ "--groupsClaim" ,
126
+ "groups" ,
94
127
"--idpType" ,
95
- "WORKLOAD" ,
128
+ "WORKFORCE" ,
129
+ "--issuerUri" ,
130
+ "https://accounts.google.com" ,
131
+ "--userClaim" ,
132
+ "user" ,
133
+ "--associatedDomain" ,
134
+ "iam-test-domain-dev.com" ,
96
135
"-o=json" ,
97
136
)
98
137
@@ -102,18 +141,20 @@ func TestIdentityProviders(t *testing.T) {
102
141
103
142
var provider atlasv2.FederationIdentityProvider
104
143
req .NoError (json .Unmarshal (resp , & provider ))
144
+
145
+ assert .NotEmpty (t , provider .GetId ())
146
+ oidcIWorkforceIdpID = provider .Id
105
147
})
106
148
107
- t .Run ("List SAML IdPs " , func (_ * testing.T ) {
149
+ t .Run ("Describe OIDC IdP WORKFORCE " , func (t * testing.T ) {
108
150
cmd := exec .Command (cliPath ,
109
151
federatedAuthenticationEntity ,
110
152
federationSettingsEntity ,
111
153
identityProviderEntity ,
112
- "list" ,
154
+ "describe" ,
155
+ oidcIWorkforceIdpID ,
113
156
"--federationSettingsId" ,
114
157
federationSettingsID ,
115
- "--protocol" ,
116
- "SAML" ,
117
158
"-o=json" ,
118
159
)
119
160
@@ -123,58 +164,69 @@ func TestIdentityProviders(t *testing.T) {
123
164
124
165
var provider atlasv2.FederationIdentityProvider
125
166
req .NoError (json .Unmarshal (resp , & provider ))
167
+
168
+ assert .NotEmpty (t , provider .GetId ())
126
169
})
127
170
128
- t .Run ("Create OIDC IdP WORKLOAD" , func (t * testing.T ) {
129
- idpName , err := RandIdentityProviderName ()
130
- req .NoError (err )
171
+ t .Run ("Connect OIDC IdP WORKFORCE" , func (t * testing.T ) {
172
+ cmd := exec .Command (cliPath ,
173
+ federatedAuthenticationEntity ,
174
+ federationSettingsEntity ,
175
+ connectedOrgsConfigsEntity ,
176
+ "connect" ,
177
+ "--identityProviderId" ,
178
+ oidcIWorkforceIdpID ,
179
+ "--federationSettingsId" ,
180
+ federationSettingsID ,
181
+ "-o=json" ,
182
+ )
131
183
184
+ cmd .Env = os .Environ ()
185
+ resp , err := cmd .CombinedOutput ()
186
+ req .NoError (err , string (resp ))
187
+
188
+ var config atlasv2.ConnectedOrgConfig
189
+ req .NoError (json .Unmarshal (resp , & config ))
190
+
191
+ assert .NotEmpty (t , config .DataAccessIdentityProviderIds )
192
+ assert .Contains (t , config .GetDataAccessIdentityProviderIds (), oidcIWorkforceIdpID )
193
+ })
194
+
195
+ t .Run ("Disconnect OIDC IdP WORKFORCE" , func (t * testing.T ) {
132
196
cmd := exec .Command (cliPath ,
133
197
federatedAuthenticationEntity ,
134
198
federationSettingsEntity ,
135
- identityProviderEntity ,
136
- "create " ,
137
- "oidc " ,
138
- idpName ,
199
+ connectedOrgsConfigsEntity ,
200
+ "disconnect " ,
201
+ "--identityProviderId " ,
202
+ oidcIWorkforceIdpID ,
139
203
"--federationSettingsId" ,
140
204
federationSettingsID ,
141
- "--audience" ,
142
- "AtlasCLIAudience" ,
143
- "--authorizationType" ,
144
- "GROUP" ,
145
- "--desc" ,
146
- "CLI TEST Provider" ,
147
- "--groupsClaim" ,
148
- "groups" ,
149
- "--idpType" ,
150
- "WORKLOAD" ,
151
- "--issuerUri" ,
152
- "https://accounts.google.com" ,
153
- "--userClaim" ,
154
- "user" ,
155
205
"-o=json" ,
156
206
)
157
207
158
208
cmd .Env = os .Environ ()
159
209
resp , err := cmd .CombinedOutput ()
160
210
req .NoError (err , string (resp ))
161
211
162
- var provider atlasv2.FederationIdentityProvider
163
- req .NoError (json .Unmarshal (resp , & provider ))
212
+ var config atlasv2.ConnectedOrgConfig
213
+ req .NoError (json .Unmarshal (resp , & config ))
164
214
165
- assert .NotEmpty (t , provider .GetId ())
166
- oidcIdentityProviderID = provider .GetId ()
215
+ assert .NotContains (t , config .GetDataAccessIdentityProviderIds (), oidcIWorkforceIdpID )
167
216
})
168
217
169
- t .Run ("Describe OIDC IdP WORKFORCE" , func (t * testing.T ) {
218
+ t .Run ("List OIDC IdPs WORKFORCE" , func (_ * testing.T ) {
170
219
cmd := exec .Command (cliPath ,
171
220
federatedAuthenticationEntity ,
172
221
federationSettingsEntity ,
173
222
identityProviderEntity ,
174
- "describe" ,
175
- oidcIdentityProviderID ,
223
+ "list" ,
176
224
"--federationSettingsId" ,
177
225
federationSettingsID ,
226
+ "--protocol" ,
227
+ "OIDC" ,
228
+ "--idpType" ,
229
+ "WORKFORCE" ,
178
230
"-o=json" ,
179
231
)
180
232
@@ -184,60 +236,41 @@ func TestIdentityProviders(t *testing.T) {
184
236
185
237
var provider atlasv2.FederationIdentityProvider
186
238
req .NoError (json .Unmarshal (resp , & provider ))
187
-
188
- assert .NotEmpty (t , provider .GetId ())
189
239
})
190
240
191
- t .Run ("Delete OIDC IdP WORKFORCE " , func (_ * testing.T ) {
241
+ t .Run ("List OIDC IdPs WORKLOAD " , func (_ * testing.T ) {
192
242
cmd := exec .Command (cliPath ,
193
243
federatedAuthenticationEntity ,
194
244
federationSettingsEntity ,
195
245
identityProviderEntity ,
196
- "delete" ,
197
- oidcIdentityProviderID ,
246
+ "list" ,
198
247
"--federationSettingsId" ,
199
248
federationSettingsID ,
200
- "--force" ,
249
+ "--protocol" ,
250
+ "OIDC" ,
251
+ "--idpType" ,
252
+ "WORKLOAD" ,
201
253
"-o=json" ,
202
254
)
203
255
204
256
cmd .Env = os .Environ ()
205
257
resp , err := cmd .CombinedOutput ()
206
258
req .NoError (err , string (resp ))
207
- })
208
259
209
- t .Run ("Create OIDC IdP WORKFORCE" , func (t * testing.T ) {
210
- idpName , err := RandIdentityProviderName ()
211
- fmt .Println (idpName )
212
- req .NoError (err )
260
+ var provider atlasv2.FederationIdentityProvider
261
+ req .NoError (json .Unmarshal (resp , & provider ))
262
+ })
213
263
264
+ t .Run ("List SAML IdPs" , func (_ * testing.T ) {
214
265
cmd := exec .Command (cliPath ,
215
266
federatedAuthenticationEntity ,
216
267
federationSettingsEntity ,
217
268
identityProviderEntity ,
218
- "create" ,
219
- "oidc" ,
220
- idpName ,
269
+ "list" ,
221
270
"--federationSettingsId" ,
222
271
federationSettingsID ,
223
- "--audience" ,
224
- "AtlasCLIAudience" ,
225
- "--authorizationType" ,
226
- "GROUP" ,
227
- "--clientId" ,
228
- "cliClients" ,
229
- "--desc" ,
230
- "CLI TEST Provider" ,
231
- "--groupsClaim" ,
232
- "groups" ,
233
- "--idpType" ,
234
- "WORKFORCE" ,
235
- "--issuerUri" ,
236
- "https://accounts.google.com" ,
237
- "--userClaim" ,
238
- "user" ,
239
- "--associatedDomain" ,
240
- "iam-test-domain-dev.com" ,
272
+ "--protocol" ,
273
+ "SAML" ,
241
274
"-o=json" ,
242
275
)
243
276
@@ -247,9 +280,6 @@ func TestIdentityProviders(t *testing.T) {
247
280
248
281
var provider atlasv2.FederationIdentityProvider
249
282
req .NoError (json .Unmarshal (resp , & provider ))
250
-
251
- assert .NotEmpty (t , provider .GetId ())
252
- oidcIdentityProviderID = provider .Id
253
283
})
254
284
255
285
t .Run ("Describe OIDC IdP WORKFORCE" , func (t * testing.T ) {
@@ -258,7 +288,7 @@ func TestIdentityProviders(t *testing.T) {
258
288
federationSettingsEntity ,
259
289
identityProviderEntity ,
260
290
"describe" ,
261
- oidcIdentityProviderID ,
291
+ oidcIWorkforceIdpID ,
262
292
"--federationSettingsId" ,
263
293
federationSettingsID ,
264
294
"-o=json" ,
@@ -279,7 +309,25 @@ func TestIdentityProviders(t *testing.T) {
279
309
federationSettingsEntity ,
280
310
identityProviderEntity ,
281
311
"delete" ,
282
- oidcIdentityProviderID ,
312
+ oidcIWorkforceIdpID ,
313
+ "--federationSettingsId" ,
314
+ federationSettingsID ,
315
+ "--force" ,
316
+ "-o=json" ,
317
+ )
318
+
319
+ cmd .Env = os .Environ ()
320
+ resp , err := cmd .CombinedOutput ()
321
+ req .NoError (err , string (resp ))
322
+ })
323
+
324
+ t .Run ("Delete OIDC IdP WORKLOAD" , func (_ * testing.T ) {
325
+ cmd := exec .Command (cliPath ,
326
+ federatedAuthenticationEntity ,
327
+ federationSettingsEntity ,
328
+ identityProviderEntity ,
329
+ "delete" ,
330
+ oidcWorkloadIdpID ,
283
331
"--federationSettingsId" ,
284
332
federationSettingsID ,
285
333
"--force" ,
0 commit comments