Merge pull request #70 from pmalouin/mfa-313

[MFA-313] feat: add guardian policies, message types and selected provider

README.md

@@ -128,7 +128,7 @@ First create a machine-machine `Application` in your tenant all scopes selected
   "AUTH0_DOMAIN": "YOUR_DOMAIN",
   "AUTH0_CLIENT_ID": "YOUR_CLIENT_ID",
   "AUTH0_CLIENT_SECRET": "YOUR_CLIENT_SECRET",
-  "AUTH0_SCOPES": "read:client_grants create:client_grants delete:client_grants update:client_grants read:clients update:clients delete:clients create:clients read:client_keys update:client_keys delete:client_keys create:client_keys read:connections update:connections delete:connections create:connections read:resource_servers update:resource_servers delete:resource_servers create:resource_servers read:rules update:rules delete:rules create:rules read:rules_configs update:rules_configs delete:rules_configs read:email_provider update:email_provider delete:email_provider create:email_provider read:tenant_settings update:tenant_settings read:grants delete:grants read:guardian_factors update:guardian_factors read:email_templates create:email_templates update:email_templates read:roles update:roles delete:roles create:roles read:hooks update:hooks delete:hooks create:hooks"
+  "AUTH0_SCOPES": "read:client_grants create:client_grants delete:client_grants update:client_grants read:clients update:clients delete:clients create:clients read:client_keys update:client_keys delete:client_keys create:client_keys read:connections update:connections delete:connections create:connections read:resource_servers update:resource_servers delete:resource_servers create:resource_servers read:rules update:rules delete:rules create:rules read:rules_configs update:rules_configs delete:rules_configs read:email_provider update:email_provider delete:email_provider create:email_provider read:tenant_settings update:tenant_settings read:grants delete:grants read:guardian_factors update:guardian_factors read:mfa_policies update:mfa_policies read:email_templates create:email_templates update:email_templates read:roles update:roles delete:roles create:roles read:hooks update:hooks delete:hooks create:hooks"
 }
 ```
 

package.json

@@ -80,12 +80,12 @@
   "dependencies": {
     "@octokit/rest": "^17.1.4",
     "async": "2.1.2",
-    "auth0": "^2.23.0",
+    "auth0": "^2.27.0",
     "auth0-extension-express-tools": "^2.1.0",
     "auth0-extension-tools": "1.4.5",
     "auth0-extension-ui": "^1.0.1",
     "auth0-oauth2-express": "^1.1.8",
-    "auth0-source-control-extension-tools": "^4.0.5",
+    "auth0-source-control-extension-tools": "^4.1.1",
     "axios": "^0.18.0",
     "babel": "^6.5.2",
     "babel-core": "^6.9.1",

server/lib/providers/bitbucket.js

@@ -111,6 +111,7 @@ const getTree = (parsedRepo, branch, sha) => {
     pages: getTreeByDir(params, constants.PAGES_DIRECTORY),
     roles: getTreeByDir(params, constants.ROLES_DIRECTORY),
     emails: getTreeByDir(params, constants.EMAIL_TEMPLATES_DIRECTORY),
+    guardian: getTreeByDir(params, constants.GUARDIAN_DIRECTORY),
     guardianFactors: getTreeByDir(params, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_FACTORS_DIRECTORY)),
     guardianFactorTemplates: getTreeByDir(params, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_TEMPLATES_DIRECTORY)),
     guardianFactorProviders: getTreeByDir(params, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_PROVIDERS_DIRECTORY)),
@@ -127,6 +128,7 @@ const getTree = (parsedRepo, branch, sha) => {
       result.databases,
       result.tenant,
       result.emails,
+      result.guardian,
       result.guardianFactors,
       result.guardianFactorTemplates,
       result.guardianFactorProviders,
@@ -234,28 +236,19 @@ const getHooksOrRules = (parsedRepo, branch, files, shaToken, dir) => {
 };
 
 /*
- * Try to download tenant settings.
+ * Downloads a configurable by exact path.
  */
-const getTenant = (parsedRepo, branch, files, shaToken) => {
-  const tenantFile = { configFile: _.find(files, f => utils.isTenantFile(f.path)) };
-  return downloadConfigurable(parsedRepo, branch, 'tenant', tenantFile, shaToken);
+const getConfigurableByPath = (parsedRepo, branch, files, shaToken, name, filePath) => {
+  const file = { configFile: utils.findFileByPath(files, filePath) };
+  return downloadConfigurable(parsedRepo, branch, name, file, shaToken);
 };
 
 /*
- * Get email provider.
- */
-const getEmailProvider = (parsedRepo, branch, files, shaToken) => {
-  const providerFile = { configFile: _.find(files, f => utils.isEmailProvider(f.path)) };
-  return downloadConfigurable(parsedRepo, branch, 'emailProvider', providerFile, shaToken);
-};
-
-/*
- * Determine if we have the script, the metadata or both.
+ * Downloads all configurables under a certain directory.
  */
 const getConfigurables = (parsedRepo, branch, files, shaToken, directory) => {
   const configurables = utils.getConfigurablesFiles(files, directory);
 
-  // Download all rules.
   return Promise.map(Object.keys(configurables), (key) =>
     downloadConfigurable(parsedRepo, branch, key, configurables[key], shaToken), { concurrency: 2 });
 };
@@ -351,15 +344,18 @@ export function getChanges({ repository, branch, sha, mappings }) {
         })), null, 2)}`);
 
         const promises = {
-          tenant: getTenant(parsedRepo, branch, files, sha),
+          tenant: getConfigurableByPath(parsedRepo, branch, files, sha, 'tenant', 'tenant.json'),
           rules: getHooksOrRules(parsedRepo, branch, files, sha, constants.RULES_DIRECTORY),
           hooks: getHooksOrRules(parsedRepo, branch, files, sha, constants.HOOKS_DIRECTORY),
           databases: getDatabaseData(parsedRepo, branch, files, sha),
-          emailProvider: getEmailProvider(parsedRepo, branch, files, sha),
+          emailProvider: getConfigurableByPath(parsedRepo, branch, files, sha, 'emailProvider', path.join(constants.EMAIL_TEMPLATES_DIRECTORY, 'provider.json')),
           emailTemplates: getHtmlTemplates(parsedRepo, branch, files, sha, constants.EMAIL_TEMPLATES_DIRECTORY, constants.EMAIL_TEMPLATES_NAMES),
           guardianFactors: getConfigurables(parsedRepo, branch, files, sha, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_FACTORS_DIRECTORY)),
           guardianFactorTemplates: getConfigurables(parsedRepo, branch, files, sha, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_TEMPLATES_DIRECTORY)),
           guardianFactorProviders: getConfigurables(parsedRepo, branch, files, sha, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_PROVIDERS_DIRECTORY)),
+          guardianPhoneFactorMessageTypes: getConfigurableByPath(parsedRepo, branch, files, sha, 'guardianPhoneFactorMessageTypes', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorMessageTypes.json')),
+          guardianPhoneFactorSelectedProvider: getConfigurableByPath(parsedRepo, branch, files, sha, 'guardianPhoneFactorSelectedProvider', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorSelectedProvider.json')),
+          guardianPolicies: getConfigurableByPath(parsedRepo, branch, files, sha, 'guardianPolicies', path.join(constants.GUARDIAN_DIRECTORY, 'policies.json')),
           pages: getHtmlTemplates(parsedRepo, branch, files, sha, constants.PAGES_DIRECTORY, constants.PAGE_NAMES),
           roles: getConfigurables(parsedRepo, branch, files, sha, constants.ROLES_DIRECTORY),
           clients: getConfigurables(parsedRepo, branch, files, sha, constants.CLIENTS_DIRECTORY),

server/lib/providers/github.js

@@ -220,30 +220,13 @@ const getHtmlTemplates = (github, repository, branch, files, dir, allowedNames)
     downloadTemplate(github, repository, branch, tplName, templates[tplName]), { concurrency: 2 });
 };
 
-
 /*
- * Get email provider.
+ * Downloads a configurable by exact path.
  */
-const getEmailProvider = (github, repository, branch, files) =>
-  downloadConfigurable(
-    github,
-    repository,
-    branch,
-    'emailProvider',
-    { configFile: _.find(files, f => utils.isEmailProvider(f.path)) }
-    );
-
-/*
- * Get tenant settings.
- */
-const getTenant = (github, repository, branch, files) =>
-  downloadConfigurable(
-    github,
-    repository,
-    branch,
-    'tenant',
-    { configFile: _.find(files, f => utils.isTenantFile(f.path)) }
-    );
+const getConfigurableByPath = (github, repository, branch, files, name, filePath) => {
+  const file = { configFile: utils.findFileByPath(files, filePath) };
+  return downloadConfigurable(github, repository, branch, name, file);
+};
 
 /*
  * Get all configurables (resource servers / clients).
@@ -274,13 +257,16 @@ export const getChanges = ({ repository, branch, sha, mappings }) => {
       const promises = {
         rules: getHooksOrRules(github, repository, branch, files, constants.RULES_DIRECTORY),
         hooks: getHooksOrRules(github, repository, branch, files, constants.HOOKS_DIRECTORY),
-        tenant: getTenant(github, repository, branch, files),
+        tenant: getConfigurableByPath(github, repository, branch, files, 'tenant', 'tenant.json'),
         databases: getDatabaseData(github, repository, branch, files),
-        emailProvider: getEmailProvider(github, repository, branch, files),
+        emailProvider: getConfigurableByPath(github, repository, branch, files, 'emailProvider', path.join(constants.EMAIL_TEMPLATES_DIRECTORY, 'provider.json')),
         emailTemplates: getHtmlTemplates(github, repository, branch, files, constants.EMAIL_TEMPLATES_DIRECTORY, constants.EMAIL_TEMPLATES_NAMES),
         guardianFactors: getConfigurables(github, repository, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_FACTORS_DIRECTORY)),
         guardianFactorTemplates: getConfigurables(github, repository, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_TEMPLATES_DIRECTORY)),
         guardianFactorProviders: getConfigurables(github, repository, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_PROVIDERS_DIRECTORY)),
+        guardianPhoneFactorMessageTypes: getConfigurableByPath(github, repository, branch, files, 'guardianPhoneFactorMessageTypes', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorMessageTypes.json')),
+        guardianPhoneFactorSelectedProvider: getConfigurableByPath(github, repository, branch, files, 'guardianPhoneFactorSelectedProvider', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorSelectedProvider.json')),
+        guardianPolicies: getConfigurableByPath(github, repository, branch, files, 'guardianPolicies', path.join(constants.GUARDIAN_DIRECTORY, 'policies.json')),
         pages: getHtmlTemplates(github, repository, branch, files, constants.PAGES_DIRECTORY, constants.PAGE_NAMES),
         roles: getConfigurables(github, repository, branch, files, constants.ROLES_DIRECTORY),
         clients: getConfigurables(github, repository, branch, files, constants.CLIENTS_DIRECTORY),

server/lib/providers/gitlab.js

@@ -116,6 +116,7 @@ const getTree = (projectId, branch) => {
     hooks: getTreeByPath(projectId, branch, constants.HOOKS_DIRECTORY),
     databases: getDBConnectionsTree(projectId, branch),
     emails: getTreeByPath(projectId, branch, constants.EMAIL_TEMPLATES_DIRECTORY),
+    guardian: getTreeByPath(projectId, branch, constants.GUARDIAN_DIRECTORY),
     guardianFactors: getTreeByPath(projectId, branch, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_FACTORS_DIRECTORY)),
     guardianFactorTemplates: getTreeByPath(projectId, branch, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_TEMPLATES_DIRECTORY)),
     guardianFactorProviders: getTreeByPath(projectId, branch, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_PROVIDERS_DIRECTORY)),
@@ -135,6 +136,7 @@ const getTree = (projectId, branch) => {
       result.hooks,
       result.databases,
       result.emails,
+      result.guardian,
       result.guardianFactors,
       result.guardianFactorTemplates,
       result.guardianFactorProviders,
@@ -229,6 +231,14 @@ const getHooksOrRules = (projectId, branch, files, dir) => {
     downloadRule(projectId, branch, ruleName, rules[ruleName]), { concurrency: 2 });
 };
 
+/*
+ * Downloads a configurable by exact path.
+ */
+const getConfigurableByPath = (projectId, branch, files, name, filePath) => {
+  const file = { configFile: utils.findFileByPath(files, filePath) };
+  return downloadConfigurable(projectId, branch, name, file);
+};
+
 /*
  * Get all configurables from certain directory.
  */
@@ -319,18 +329,6 @@ const getHtmlTemplates = (projectId, branch, files, dir, allowedNames) => {
     downloadTemplate(projectId, branch, name, templates[name]), { concurrency: 2 });
 };
 
-/*
- * Get tenant settings.
- */
-const getTenant = (projectId, branch, files) =>
-  downloadConfigurable(projectId, branch, 'tenant', { configFile: _.find(files, f => utils.isTenantFile(f.path)) });
-
-/*
- * Get email provider.
- */
-const getEmailProvider = (projectId, branch, files) =>
-  downloadConfigurable(projectId, branch, 'emailProvider', { configFile: _.find(files, f => utils.isEmailProvider(f.path)) });
-
 /*
  * Get a list of all changes that need to be applied to rules and database scripts.
  */
@@ -340,15 +338,18 @@ export const getChanges = ({ projectId, branch, mappings }) =>
       logger.debug(`Files in tree: ${JSON.stringify(files.map(file => ({ name: file.path, id: file.id })), null, 2)}`);
 
       const promises = {
-        tenant: getTenant(projectId, branch, files),
+        tenant: getConfigurableByPath(projectId, branch, files, 'tenant', 'tenant.json'),
         rules: getHooksOrRules(projectId, branch, files, constants.RULES_DIRECTORY),
         hooks: getHooksOrRules(projectId, branch, files, constants.HOOKS_DIRECTORY),
         databases: getDatabaseData(projectId, branch, files),
-        emailProvider: getEmailProvider(projectId, branch, files),
+        emailProvider: getConfigurableByPath(projectId, branch, files, 'emailProvider', path.join(constants.EMAIL_TEMPLATES_DIRECTORY, 'provider.json')),
         emailTemplates: getHtmlTemplates(projectId, branch, files, constants.EMAIL_TEMPLATES_DIRECTORY, constants.EMAIL_TEMPLATES_NAMES),
         guardianFactors: getConfigurables(projectId, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_FACTORS_DIRECTORY)),
         guardianFactorTemplates: getConfigurables(projectId, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_TEMPLATES_DIRECTORY)),
         guardianFactorProviders: getConfigurables(projectId, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_PROVIDERS_DIRECTORY)),
+        guardianPhoneFactorMessageTypes: getConfigurableByPath(projectId, branch, files, 'guardianPhoneFactorMessageTypes', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorMessageTypes.json')),
+        guardianPhoneFactorSelectedProvider: getConfigurableByPath(projectId, branch, files, 'guardianPhoneFactorSelectedProvider', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorSelectedProvider.json')),
+        guardianPolicies: getConfigurableByPath(projectId, branch, files, 'guardianPolicies', path.join(constants.GUARDIAN_DIRECTORY, 'policies.json')),
         pages: getHtmlTemplates(projectId, branch, files, constants.PAGES_DIRECTORY, constants.PAGE_NAMES),
         roles: getConfigurables(projectId, branch, files, constants.ROLES_DIRECTORY),
         clients: getConfigurables(projectId, branch, files, constants.CLIENTS_DIRECTORY),

server/lib/providers/tfs-git.js

@@ -198,7 +198,15 @@ const getHooksOrRules = (repositoryId, branch, files, dir) => {
 };
 
 /*
- * Determine if we have the script, the metadata or both.
+ * Downloads a configurable by exact path.
+ */
+const getConfigurableByPath = (repositoryId, branch, files, name, filePath) => {
+  const file = { configFile: utils.findFileByPath(files, filePath) };
+  return downloadConfigurable(repositoryId, branch, name, file);
+};
+
+/*
+ * Downloads all configurables under a certain directory.
  */
 const getConfigurables = (repositoryId, branch, files, directory) => {
   const configurables = utils.getConfigurablesFiles(files, directory);
@@ -285,19 +293,6 @@ const getHtmlTemplates = (repositoryId, branch, files, dir, allowedNames) => {
     downloadTemplate(repositoryId, branch, name, templates[name]), { concurrency: 2 });
 };
 
-/*
- * Get tenant settings.
- */
-const getTenant = (projectId, branch, files) =>
-  downloadConfigurable(projectId, branch, 'tenant', { configFile: _.find(files, f => utils.isTenantFile(f.path)) });
-
-/*
- * Get email provider.
- */
-const getEmailProvider = (projectId, branch, files) =>
-  downloadConfigurable(projectId, branch, 'emailProvider', { configFile: _.find(files, f => utils.isEmailProvider(f.path)) });
-
-
 /*
  * Get a list of all changes that need to be applied to rules and database scripts.
  */
@@ -310,15 +305,18 @@ export const getChanges = ({ repositoryId, branch, mappings }) =>
       })), null, 2)}`);
 
       const promises = {
-        tenant: getTenant(repositoryId, branch, files),
+        tenant: getConfigurableByPath(repositoryId, branch, files, 'tenant', 'tenant.json'),
         rules: getHooksOrRules(repositoryId, branch, files, constants.RULES_DIRECTORY),
         hooks: getHooksOrRules(repositoryId, branch, files, constants.HOOKS_DIRECTORY),
         databases: getDatabaseData(repositoryId, branch, files),
-        emailProvider: getEmailProvider(repositoryId, branch, files),
+        emailProvider: getConfigurableByPath(repositoryId, branch, files, 'emailProvider', path.join(constants.EMAIL_TEMPLATES_DIRECTORY, 'provider.json')),
         emailTemplates: getHtmlTemplates(repositoryId, branch, files, constants.EMAIL_TEMPLATES_DIRECTORY, constants.EMAIL_TEMPLATES_NAMES),
         guardianFactors: getConfigurables(repositoryId, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_FACTORS_DIRECTORY)),
         guardianFactorTemplates: getConfigurables(repositoryId, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_TEMPLATES_DIRECTORY)),
         guardianFactorProviders: getConfigurables(repositoryId, branch, files, path.join(constants.GUARDIAN_DIRECTORY, constants.GUARDIAN_PROVIDERS_DIRECTORY)),
+        guardianPhoneFactorMessageTypes: getConfigurableByPath(repositoryId, branch, files, 'guardianPhoneFactorMessageTypes', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorMessageTypes.json')),
+        guardianPhoneFactorSelectedProvider: getConfigurableByPath(repositoryId, branch, files, 'guardianPhoneFactorSelectedProvider', path.join(constants.GUARDIAN_DIRECTORY, 'phoneFactorSelectedProvider.json')),
+        guardianPolicies: getConfigurableByPath(repositoryId, branch, files, 'guardianPolicies', path.join(constants.GUARDIAN_DIRECTORY, 'policies.json')),
         pages: getHtmlTemplates(repositoryId, branch, files, constants.PAGES_DIRECTORY, constants.PAGE_NAMES),
         roles: getConfigurables(repositoryId, branch, files, constants.ROLES_DIRECTORY),
         clients: getConfigurables(repositoryId, branch, files, constants.CLIENTS_DIRECTORY),