Skip to content

Commit 333bf25

Browse files
sgtojsgtoj
authored
Merge pull request #22 from cruxstack/oktav6
feat: upgrade to okta sdk v6
2 parents 0abd258 + 2ee348b commit 333bf25

File tree

6 files changed

+221
-108
lines changed

6 files changed

+221
-108
lines changed

README.md

Lines changed: 15 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -214,21 +214,21 @@ CMD ["/server"]
214214
## How It Works
215215

216216
```
217-
┌────────────┐ ┌─────────────────────────────────────┐ ┌────────────┐
218-
GitHub │────▶│ github-ops-app │────▶│ Slack
219-
webhooks alerts
220-
└────────────┘ │ ┌───────────────────────────────┐ │ └────────────┘
221-
│ │ PR Compliance Check │ │
222-
┌────────────┐ │ │ • Verify branch protection │ │ ┌────────────┐
223-
Okta │────▶│ │ • Detect bypasses │ │────▶│ GitHub
224-
groups │ └───────────────────────────────┘ │ Teams API
225-
└────────────┘ └────────────┘
226-
│ ┌───────────────────────────────┐ │
227-
│ │ Okta Sync Engine │ │
228-
│ │ • Map groups to teams │ │
229-
│ │ • Sync membership │ │
230-
│ └───────────────────────────────┘ │
231-
└─────────────────────────────────────┘
217+
+------------+ +------------------------------------+ +-----------+
218+
| GitHub | ---> | github-ops-app | ---> | Slack |
219+
| webhooks | | | | alerts |
220+
+------------+ | +------------------------------+ | +-----------+
221+
| | PR Compliance Check | |
222+
+------------+ | | - verify branch protection | | +-----------+
223+
| Okta | ---> | | - detect bypasses | | ---> | GitHub |
224+
| groups | | +------------------------------+ | | Teams API |
225+
+------------+ | | +-----------+
226+
| +------------------------------+ |
227+
| | Okta Sync Engine | |
228+
| | - map groups to teams | |
229+
| | - sync membership | |
230+
| +------------------------------+ |
231+
+------------------------------------+
232232
```
233233

234234
### Okta Sync Flow

fixtures/scenarios.json

Lines changed: 19 additions & 19 deletions
Original file line numberDiff line numberDiff line change
@@ -69,15 +69,15 @@
6969
"method": "GET",
7070
"path": "/api/v1/groups",
7171
"status_code": 200,
72-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
72+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
7373
"description": "fetch all okta groups (returns engineering group)"
7474
},
7575
{
7676
"service": "okta",
7777
"method": "GET",
7878
"path": "/api/v1/groups/00g1234567890abcdef/users",
7979
"status_code": 200,
80-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}}]",
80+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}]",
8181
"description": "fetch users in engineering group (returns alice-gh)"
8282
},
8383
{
@@ -571,15 +571,15 @@
571571
"method": "GET",
572572
"path": "/api/v1/groups",
573573
"status_code": 200,
574-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
574+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
575575
"description": "fetch all okta groups (returns engineering group)"
576576
},
577577
{
578578
"service": "okta",
579579
"method": "GET",
580580
"path": "/api/v1/groups/00g1234567890abcdef/users",
581581
"status_code": 200,
582-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}},{\"id\":\"00u2222222222222222\",\"status\":\"SUSPENDED\",\"profile\":{\"email\":\"suspended@example.com\",\"githubUsername\":\"suspended-user\"}},{\"id\":\"00u3333333333333333\",\"status\":\"DEPROVISIONED\",\"profile\":{\"email\":\"inactive@example.com\",\"githubUsername\":\"inactive-user\"}}]",
582+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}, {\"id\": \"00u2222222222222222\", \"status\": \"SUSPENDED\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"suspended@example.com\", \"githubUsername\": \"suspended-user\"}}, {\"id\": \"00u3333333333333333\", \"status\": \"DEPROVISIONED\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"inactive@example.com\", \"githubUsername\": \"inactive-user\"}}]",
583583
"description": "fetch users in engineering group (active, suspended, deprovisioned statuses)"
584584
},
585585
{
@@ -667,15 +667,15 @@
667667
"method": "GET",
668668
"path": "/api/v1/groups",
669669
"status_code": 200,
670-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
670+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
671671
"description": "fetch all okta groups (returns engineering group)"
672672
},
673673
{
674674
"service": "okta",
675675
"method": "GET",
676676
"path": "/api/v1/groups/00g1234567890abcdef/users",
677677
"status_code": 200,
678-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}}]",
678+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}]",
679679
"description": "fetch users in engineering group (only alice-gh)"
680680
},
681681
{
@@ -750,7 +750,7 @@
750750
"method": "GET",
751751
"path": "/api/v1/groups",
752752
"status_code": 200,
753-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
753+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
754754
"description": "fetch all okta groups (returns engineering group)"
755755
},
756756
{
@@ -808,7 +808,7 @@
808808
"method": "GET",
809809
"path": "/api/v1/groups",
810810
"status_code": 200,
811-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
811+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
812812
"description": "fetch all okta groups (returns engineering group)"
813813
},
814814
{
@@ -883,15 +883,15 @@
883883
"method": "GET",
884884
"path": "/api/v1/groups",
885885
"status_code": 200,
886-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
886+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
887887
"description": "fetch all okta groups (returns engineering group)"
888888
},
889889
{
890890
"service": "okta",
891891
"method": "GET",
892892
"path": "/api/v1/groups/00g1234567890abcdef/users",
893893
"status_code": 200,
894-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}}]",
894+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}]",
895895
"description": "fetch users in engineering group (returns alice-gh)"
896896
},
897897
{
@@ -998,15 +998,15 @@
998998
"method": "GET",
999999
"path": "/api/v1/groups",
10001000
"status_code": 200,
1001-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
1001+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
10021002
"description": "fetch all okta groups (returns engineering group)"
10031003
},
10041004
{
10051005
"service": "okta",
10061006
"method": "GET",
10071007
"path": "/api/v1/groups/00g1234567890abcdef/users",
10081008
"status_code": 200,
1009-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}}]",
1009+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}]",
10101010
"description": "fetch users in engineering group (returns only alice-gh)"
10111011
},
10121012
{
@@ -1105,15 +1105,15 @@
11051105
"method": "GET",
11061106
"path": "/api/v1/groups",
11071107
"status_code": 200,
1108-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
1108+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
11091109
"description": "fetch all okta groups (returns engineering group)"
11101110
},
11111111
{
11121112
"service": "okta",
11131113
"method": "GET",
11141114
"path": "/api/v1/groups/00g1234567890abcdef/users",
11151115
"status_code": 200,
1116-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}},{\"id\":\"00u2222222222222222\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"bob@example.com\",\"githubUsername\":\"bob-gh\"}}]",
1116+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}, {\"id\": \"00u2222222222222222\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"bob@example.com\", \"githubUsername\": \"bob-gh\"}}]",
11171117
"description": "fetch users in engineering group (returns alice-gh and bob-gh)"
11181118
},
11191119
{
@@ -1191,15 +1191,15 @@
11911191
"method": "GET",
11921192
"path": "/api/v1/groups",
11931193
"status_code": 200,
1194-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
1194+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
11951195
"description": "fetch all okta groups (returns engineering group)"
11961196
},
11971197
{
11981198
"service": "okta",
11991199
"method": "GET",
12001200
"path": "/api/v1/groups/00g1234567890abcdef/users",
12011201
"status_code": 200,
1202-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}}]",
1202+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}]",
12031203
"description": "fetch users in engineering group (returns alice-gh)"
12041204
},
12051205
{
@@ -1287,15 +1287,15 @@
12871287
"method": "GET",
12881288
"path": "/api/v1/groups",
12891289
"status_code": 200,
1290-
"body": "[{\"id\":\"00g1234567890abcdef\",\"profile\":{\"name\":\"Engineering\",\"description\":\"Engineering team\"}}]",
1290+
"body": "[{\"id\": \"00g1234567890abcdef\", \"created\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"lastMembershipUpdated\": \"2020-01-01T00:00:00.000Z\", \"objectClass\": [\"okta:user_group\"], \"type\": \"OKTA_GROUP\", \"profile\": {\"name\": \"Engineering\", \"description\": \"Engineering team\"}}]",
12911291
"description": "fetch all okta groups (returns engineering group)"
12921292
},
12931293
{
12941294
"service": "okta",
12951295
"method": "GET",
12961296
"path": "/api/v1/groups/00g1234567890abcdef/users",
12971297
"status_code": 200,
1298-
"body": "[{\"id\":\"00u1111111111111111\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"alice@example.com\",\"githubUsername\":\"alice-gh\"}},{\"id\":\"00u2222222222222222\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"bob@example.com\"}},{\"id\":\"00u3333333333333333\",\"status\":\"ACTIVE\",\"profile\":{\"email\":\"charlie@example.com\",\"githubUsername\":\"\"}}]",
1298+
"body": "[{\"id\": \"00u1111111111111111\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"alice@example.com\", \"githubUsername\": \"alice-gh\"}}, {\"id\": \"00u2222222222222222\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"bob@example.com\"}}, {\"id\": \"00u3333333333333333\", \"status\": \"ACTIVE\", \"created\": \"2020-01-01T00:00:00.000Z\", \"activated\": \"2020-01-01T00:00:00.000Z\", \"statusChanged\": \"2020-01-01T00:00:00.000Z\", \"lastLogin\": \"2020-01-01T00:00:00.000Z\", \"lastUpdated\": \"2020-01-01T00:00:00.000Z\", \"passwordChanged\": \"2020-01-01T00:00:00.000Z\", \"type\": {\"id\": \"oty1234567890\"}, \"profile\": {\"email\": \"charlie@example.com\", \"githubUsername\": \"\"}}]",
12991299
"description": "fetch users in engineering group (alice has gh username, bob and charlie do not)"
13001300
},
13011301
{
@@ -1308,4 +1308,4 @@
13081308
}
13091309
]
13101310
}
1311-
]
1311+
]

0 commit comments

Comments
 (0)