Skip to content

Commit

Permalink
feat(saml): resolving conflicts with master
Browse files Browse the repository at this point in the history
Signed-off-by: sebferrer <[email protected]>

Co-authored-by: ThibaultHerard <[email protected]>
  • Loading branch information
sebferrer and ThibHrrd committed Feb 15, 2023
1 parent cd8689f commit 5636dc0
Show file tree
Hide file tree
Showing 6 changed files with 38 additions and 32 deletions.
10 changes: 4 additions & 6 deletions continuity/manager_relaystate.go
Original file line number Diff line number Diff line change
Expand Up @@ -49,18 +49,16 @@ func (m *ManagerRelayState) Pause(ctx context.Context, w http.ResponseWriter, r
}
c := NewContainer(name, *o)

// We have to put the continuity value in the cookie to ensure that value are passed between API and UI
// It is also useful to pass the value between SP and IDP with POST method because RelayState will take its value from cookie
if err := m.dr.ContinuityPersister().SaveContinuitySession(r.Context(), c); err != nil {
return errors.WithStack(err)
}

if err = x.SessionPersistValues(w, r, m.dc.ContinuityCookieManager(ctx), CookieName, map[string]interface{}{
name: c.ID.String(),
}); err != nil {
return err
}

if err := m.dr.ContinuityPersister().SaveContinuitySession(r.Context(), c); err != nil {
return errors.WithStack(err)
}

return nil
}

Expand Down
6 changes: 3 additions & 3 deletions go.mod
Original file line number Diff line number Diff line change
Expand Up @@ -59,7 +59,6 @@ require (
github.com/hashicorp/golang-lru v0.5.4
github.com/imdario/mergo v0.3.13
github.com/inhies/go-bytesize v0.0.0-20220417184213-4913239db9cf
github.com/instana/testify v1.6.2-0.20200721153833-94b1851f4d65
github.com/jarcoal/httpmock v1.0.5
github.com/jteeuwen/go-bindata v3.0.7+incompatible
github.com/julienschmidt/httprouter v1.3.0
Expand All @@ -85,6 +84,7 @@ require (
github.com/pquerna/otp v1.4.0
github.com/rs/cors v1.8.2
github.com/russellhaering/goxmldsig v1.1.1
github.com/samber/lo v1.37.0
github.com/sirupsen/logrus v1.9.0
github.com/slack-go/slack v0.7.4
github.com/spf13/cobra v1.6.1
Expand All @@ -103,7 +103,7 @@ require (
golang.org/x/oauth2 v0.4.0
golang.org/x/sync v0.1.0
golang.org/x/tools v0.2.0
google.golang.org/grpc v1.50.1
google.golang.org/grpc v1.52.0
gotest.tools v2.2.0+incompatible
)

Expand Down Expand Up @@ -328,7 +328,7 @@ require (
golang.org/x/time v0.1.0 // indirect
golang.org/x/xerrors v0.0.0-20220907171357-04be3eba64a2 // indirect
google.golang.org/appengine v1.6.7 // indirect
google.golang.org/genproto v0.0.0-20221025140454-527a21cfbd71 // indirect
google.golang.org/genproto v0.0.0-20221227171554-f9683d7f8bef // indirect
google.golang.org/protobuf v1.28.1 // indirect
gopkg.in/alecthomas/kingpin.v2 v2.2.6 // indirect
gopkg.in/alexcesaro/quotedprintable.v3 v3.0.0-20150716171945-2caba252f4dc // indirect
Expand Down
22 changes: 12 additions & 10 deletions go.sum
Original file line number Diff line number Diff line change
Expand Up @@ -166,6 +166,8 @@ github.com/aymerick/douceur v0.2.0 h1:Mv+mAeH1Q+n9Fr+oyamOlAkUNPWPlA8PPGR0QAaYuP
github.com/aymerick/douceur v0.2.0/go.mod h1:wlT5vV2O3h55X9m7iVYN0TBM0NH/MmbLnd30/FjWUq4=
github.com/beevik/etree v1.1.0 h1:T0xke/WvNtMoCqgzPhkX2r4rjY3GDZFi+FjpRZY2Jbs=
github.com/beevik/etree v1.1.0/go.mod h1:r8Aw8JqVegEf0w2fDnATrX9VpkMcyFeM0FhwO62wh+A=
github.com/benbjohnson/clock v1.1.0 h1:Q92kusRqC1XV2MjkWETPvjJVqKetz1OzxZB7mHJLju8=
github.com/benbjohnson/clock v1.1.0/go.mod h1:J11/hYXuz8f4ySSvYwY0FKfm+ezbsZBKZxNJlLklBHA=
github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q=
github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8=
github.com/beorn7/perks v1.0.1 h1:VlbKKnNfV8bJzeqoa4cOKqO6bYr3WgKZxO8Z16+hsOM=
Expand Down Expand Up @@ -505,8 +507,8 @@ github.com/gobuffalo/packr/v2 v2.2.0/go.mod h1:CaAwI0GPIAv+5wKLtv8Afwl+Cm78K/I/V
github.com/gobuffalo/plush/v4 v4.1.16/go.mod h1:6t7swVsarJ8qSLw1qyAH/KbrcSTwdun2ASEQkOznakg=
github.com/gobuffalo/plush/v4 v4.1.18 h1:bnPjdMTEUQHqj9TNX2Ck3mxEXYZa+0nrFMNM07kpX9g=
github.com/gobuffalo/plush/v4 v4.1.18/go.mod h1:xi2tJIhFI4UdzIL8sxZtzGYOd2xbBpcFbLZlIPGGZhU=
github.com/gobuffalo/pop/v6 v6.1.2-0.20230124165254-ec9229dbf7d7 h1:lwf/5cRw46IrLrhZnCg8J9NKgskkwMPuVvEOc2Wy72I=
github.com/gobuffalo/pop/v6 v6.1.2-0.20230124165254-ec9229dbf7d7/go.mod h1:1n7jAmI1i7fxuXPZjZb0VBPQDbksRtCoFnrDV5IsvaI=
github.com/gobuffalo/pop/v6 v6.0.8 h1:9+5ShHYh3x9NDFCITfm/gtKDDRSgOwiY7kA0Hf7N9aQ=
github.com/gobuffalo/pop/v6 v6.0.8/go.mod h1:f4JQ4Zvkffcevz+t+XAwBLStD7IQs19DiIGIDFYw1eA=
github.com/gobuffalo/syncx v0.0.0-20190224160051-33c29581e754/go.mod h1:HhnNqWY95UYwwW3uSASeV7vtgYkT2t16hJgV3AEPUpw=
github.com/gobuffalo/tags/v3 v3.1.4 h1:X/ydLLPhgXV4h04Hp2xlbI2oc5MDaa7eub6zw8oHjsM=
github.com/gobuffalo/tags/v3 v3.1.4/go.mod h1:ArRNo3ErlHO8BtdA0REaZxijuWnWzF6PUXngmMXd2I0=
Expand All @@ -521,8 +523,8 @@ github.com/gofrs/flock v0.8.1 h1:+gYjHKf32LDeiEEFhQaotPbLuUXjY5ZqxKgXy7n59aw=
github.com/gofrs/flock v0.8.1/go.mod h1:F1TvTiK9OcQqauNUHlbJvyl9Qa1QvF/gOUDKA14jxHU=
github.com/gofrs/uuid v4.0.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gofrs/uuid v4.2.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gofrs/uuid v4.3.1+incompatible h1:0/KbAdpx3UXAx1kEOWHJeOkpbgRFGHVgv+CFIY7dBJI=
github.com/gofrs/uuid v4.3.1+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gofrs/uuid v4.3.0+incompatible h1:CaSVZxm5B+7o45rtab4jC2G37WGYX1zQfuU2i6DSvnc=
github.com/gofrs/uuid v4.3.0+incompatible/go.mod h1:b2aQJv3Z4Fp6yNu3cdSllBxTCLRxnplIgP/c0N/04lM=
github.com/gogo/googleapis v1.1.0/go.mod h1:gf4bu3Q80BeJ6H1S1vYPm8/ELATdvryBaNFGgqEef3s=
github.com/gogo/protobuf v1.1.1/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
github.com/gogo/protobuf v1.2.0/go.mod h1:r8qH/GZQm5c6nD/R0oafs1akxWv10x8SbQlK7atdtwQ=
Expand Down Expand Up @@ -598,6 +600,7 @@ github.com/google/go-cmp v0.5.4/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/
github.com/google/go-cmp v0.5.5/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.6/go.mod h1:v8dTdLbMG2kIc/vJvl+f65V22dbkXbowE6jgT/gNBxE=
github.com/google/go-cmp v0.5.7/go.mod h1:n+brtR0CgQNWTVd5ZUFpTBC8YFBDLK/h/bpaJ8/DtOE=
github.com/google/go-cmp v0.5.8/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-cmp v0.5.9 h1:O2Tfq5qg4qc4AmwVlvv0oLiVAGB7enBSJ2x2DqQFi38=
github.com/google/go-cmp v0.5.9/go.mod h1:17dUlkBOakJ0+DkrSSNjCkIjxS6bF9zb3elmeNGIjoY=
github.com/google/go-github/v27 v27.0.1 h1:sSMFSShNn4VnqCqs+qhab6TS3uQc+uVR6TD1bW6MavM=
Expand Down Expand Up @@ -785,8 +788,6 @@ github.com/inconshreveable/mousetrap v1.1.0/go.mod h1:vpF70FUmC8bwa3OWnCshd2FqLf
github.com/influxdata/influxdb1-client v0.0.0-20191209144304-8bf82d3c094d/go.mod h1:qj24IKcXYK6Iy9ceXlo3Tc+vtHo9lIhSX5JddghvEPo=
github.com/inhies/go-bytesize v0.0.0-20220417184213-4913239db9cf h1:FtEj8sfIcaaBfAKrE1Cwb61YDtYq9JxChK1c7AKce7s=
github.com/inhies/go-bytesize v0.0.0-20220417184213-4913239db9cf/go.mod h1:yrqSXGoD/4EKfF26AOGzscPOgTTJcyAwM2rpixWT+t4=
github.com/instana/testify v1.6.2-0.20200721153833-94b1851f4d65 h1:T25FL3WEzgmKB0m6XCJNZ65nw09/QIp3T1yXr487D+A=
github.com/instana/testify v1.6.2-0.20200721153833-94b1851f4d65/go.mod h1:nYhEREG/B7HUY7P+LKOrqy53TpIqmJ9JyUShcaEKtGw=
github.com/jackc/chunkreader v1.0.0/go.mod h1:RT6O25fNZIuasFJRyZ4R/Y2BbhasbmZXF9QQ7T3kePo=
github.com/jackc/chunkreader/v2 v2.0.0/go.mod h1:odVSm741yZoC3dpHEUXIqA9tQRhFrgOHwnPIn9lDKlk=
github.com/jackc/chunkreader/v2 v2.0.1 h1:i+RDz65UE+mmpjTfyz0MoVTnzeYxroil2G82ki7MGG8=
Expand Down Expand Up @@ -1119,8 +1120,8 @@ github.com/ory/nosurf v1.2.7/go.mod h1:d4L3ZBa7Amv55bqxCBtCs63wSlyaiCkWVl4vKf3OU
github.com/ory/sessions v1.2.2-0.20220110165800-b09c17334dc2 h1:zm6sDvHy/U9XrGpixwHiuAwpp0Ock6khSVHkrv6lQQU=
github.com/ory/sessions v1.2.2-0.20220110165800-b09c17334dc2/go.mod h1:dk2InVEVJ0sfLlnXv9EAgkf6ecYs/i80K/zI+bUmuGM=
github.com/ory/viper v1.7.5/go.mod h1:ypOuyJmEUb3oENywQZRgeAMwqgOyDqwboO1tj3DjTaM=
github.com/ory/x v0.0.519 h1:T8/LbbQQqm+3P7bfI838T7eECv6+laXlvIyCp0QB+R8=
github.com/ory/x v0.0.519/go.mod h1:xUtRpoiRARyJNPVk/fcCNKzyp25Foxt9GPlj8pd7egY=
github.com/ory/x v0.0.534 h1:hc49pmcOuHdJ6rbHVGtJJ4/LU88dzDCtEQKfgeo/ecU=
github.com/ory/x v0.0.534/go.mod h1:CQopDsCC9t0tQsddE9UlyRFVEFd2xjKBVcw4nLMMMS0=
github.com/otiai10/copy v1.2.0/go.mod h1:rrF5dJ5F0t/EWSYODDu4j9/vEeYHMkc8jt0zJChqQWw=
github.com/otiai10/curr v0.0.0-20150429015615-9b4961190c95/go.mod h1:9qAhocn7zKJG+0mI8eUu6xqkFDYS2kb2saOteoSB3cE=
github.com/otiai10/curr v1.0.0/go.mod h1:LskTG5wDwr8Rs+nNQ+1LlxRjAtTZZjtJW4rMXl6j4vs=
Expand Down Expand Up @@ -1320,6 +1321,7 @@ github.com/spf13/cobra v0.0.5/go.mod h1:3K3wKZymM7VvHMDS9+Akkh4K60UwM26emMESw8tL
github.com/spf13/cobra v1.0.0/go.mod h1:/6GTrnGXV9HjY+aR4k0oJ5tcvakLuG6EuKReYlHNrgE=
github.com/spf13/cobra v1.1.1/go.mod h1:WnodtKOvamDL/PwE2M4iKs8aMDBZ5Q5klgD3qfVJQMI=
github.com/spf13/cobra v1.1.3/go.mod h1:pGADOWyqRD/YMrPZigI/zbliZ2wVD/23d+is3pSWzOo=
github.com/spf13/cobra v1.5.0/go.mod h1:dWXEIy2H428czQCjInthrTRUg7yKbok+2Qi/yBIJoUM=
github.com/spf13/cobra v1.6.1 h1:o94oiPyS4KD1mPy2fmcYYHHfCxLqYjJOhGsCHFZtEzA=
github.com/spf13/cobra v1.6.1/go.mod h1:IOw/AERYS7UzyrGinqmz6HLUo219MORXGxhbaJUqzrY=
github.com/spf13/jwalterweatherman v1.0.0/go.mod h1:cQK4TGJAtQXfYWX+Ddv3mKDzgVb68N+wFjFa4jdeBTo=
Expand Down Expand Up @@ -1950,8 +1952,8 @@ golang.org/x/tools v0.1.2/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.5/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk=
golang.org/x/tools v0.1.7/go.mod h1:LGqMHiF4EqQNHR1JncWGqT5BVaXmza+X+BDGol+dOxo=
golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc=
golang.org/x/tools v0.5.0 h1:+bSpV5HIeWkuvgaMfI3UmKRThoTA5ODJTUd8T17NO+4=
golang.org/x/tools v0.5.0/go.mod h1:N+Kgy78s5I24c24dU8OfWNEotWjutIs8SnJvn5IDq+k=
golang.org/x/tools v0.2.0 h1:G6AHpWxTMGY1KyEYoAQ5WTtIekUUvDNjan3ugu60JvE=
golang.org/x/tools v0.2.0/go.mod h1:y4OqIKeOV/fWJetJ8bXPU1sEVniLMIyDAZWeHdV+NTA=
golang.org/x/xerrors v0.0.0-20190410155217-1f06c39b4373/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190513163551-3ee3066db522/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0=
Expand Down
9 changes: 8 additions & 1 deletion selfservice/strategy/saml/strategy.go
Original file line number Diff line number Diff line change
Expand Up @@ -3,7 +3,9 @@ package saml
import (
"bytes"
"context"
"encoding/base64"
"encoding/json"
"fmt"
"net/http"
"strings"

Expand Down Expand Up @@ -124,6 +126,11 @@ type authCodeContainer struct {
Traits json.RawMessage `json:"traits"`
}

func generateState(flowID string) string {
state := x.NewUUID().String()
return base64.RawURLEncoding.EncodeToString([]byte(fmt.Sprintf("%s:%s", flowID, state)))
}

func NewStrategy(d registrationStrategyDependencies) *Strategy {
return &Strategy{
d: d,
Expand Down Expand Up @@ -178,7 +185,7 @@ func (s *Strategy) GetAttributesFromAssertion(assertion *saml.Assertion) (map[st
}

func (s *Strategy) validateFlow(ctx context.Context, r *http.Request, rid uuid.UUID) (flow.Flow, error) {
if x.IsZeroUUID(rid) {
if rid.IsNil() {
return nil, errors.WithStack(herodot.ErrBadRequest.WithReason("The session cookie contains invalid values and the flow could not be executed. Please try again."))
}

Expand Down
5 changes: 3 additions & 2 deletions selfservice/strategy/saml/strategy_login.go
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (
"net/http"
"time"

"github.com/gofrs/uuid"
"github.com/google/go-jsonnet"
"github.com/pkg/errors"
"github.com/tidwall/gjson"
Expand Down Expand Up @@ -74,7 +75,7 @@ func (s *Strategy) processLogin(w http.ResponseWriter, r *http.Request, a *login
return nil, nil
}

func (s *Strategy) Login(w http.ResponseWriter, r *http.Request, f *login.Flow, ss *session.Session) (i *identity.Identity, err error) {
func (s *Strategy) Login(w http.ResponseWriter, r *http.Request, f *login.Flow, identityID uuid.UUID) (i *identity.Identity, err error) {
if err := login.CheckAAL(f, identity.AuthenticatorAssuranceLevel1); err != nil {
return nil, err
}
Expand Down Expand Up @@ -102,7 +103,7 @@ func (s *Strategy) Login(w http.ResponseWriter, r *http.Request, f *login.Flow,
return
}

state := x.NewUUID().String()
state := generateState(f.ID.String())
if err := s.d.RelayStateContinuityManager().Pause(r.Context(), w, r, sessionName,
continuity.WithPayload(&authCodeContainer{
State: state,
Expand Down
18 changes: 8 additions & 10 deletions selfservice/strategy/saml/vulnerabilities_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@ import (

"github.com/beevik/etree"
"github.com/crewjam/saml"
"github.com/ory/kratos/identity"

dsig "github.com/russellhaering/goxmldsig"
"gotest.tools/assert"
Expand Down Expand Up @@ -56,9 +57,6 @@ func TestHappyPath(t *testing.T) {
// We send the request to Kratos
strategy.HandleCallback(resp, req, ps)

ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
_ = ids

// This is the Happy Path, the HTTP response code should be 302 (Found status)
assert.Check(t, !strings.Contains(resp.HeaderMap["Location"][0], "error"))
}
Expand Down Expand Up @@ -498,7 +496,7 @@ func TestAddXMLCommentsInSAMLAttributes(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)
traitsMap := make(map[string]interface{})
json.Unmarshal(ids[0].Traits, &traitsMap)

Expand Down Expand Up @@ -682,7 +680,7 @@ func TestXSW3AssertionWrap1(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)

// We have to check that there is either an error or an identity created without the modified attribute
assert.Check(t, strings.Contains(resp.HeaderMap["Location"][0], "error") || strings.Contains(string(ids[0].Traits), "[email protected]"))
Expand Down Expand Up @@ -744,7 +742,7 @@ func TestXSW4AssertionWrap2(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)

// We have to check that there is either an error or an identity created without the modified attribute
assert.Check(t, strings.Contains(resp.HeaderMap["Location"][0], "error") || strings.Contains(string(ids[0].Traits), "[email protected]"))
Expand Down Expand Up @@ -806,7 +804,7 @@ func TestXSW5AssertionWrap3(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)

// We have to check that there is either an error or an identity created without the modified attribute
assert.Check(t, strings.Contains(resp.HeaderMap["Location"][0], "error") || strings.Contains(string(ids[0].Traits), "[email protected]"))
Expand Down Expand Up @@ -868,7 +866,7 @@ func TestXSW6AssertionWrap4(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)

// We have to check that there is either an error or an identity created without the modified attribute
assert.Check(t, strings.Contains(resp.HeaderMap["Location"][0], "error") || strings.Contains(string(ids[0].Traits), "[email protected]"))
Expand Down Expand Up @@ -930,7 +928,7 @@ func TestXSW7AssertionWrap5(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)

// We have to check that there is either an error or an identity created without the modified attribute
assert.Check(t, strings.Contains(resp.HeaderMap["Location"][0], "error") || strings.Contains(string(ids[0].Traits), "[email protected]"))
Expand Down Expand Up @@ -990,7 +988,7 @@ func TestXSW8AssertionWrap6(t *testing.T) {
strategy.HandleCallback(resp, req, ps)

// Get all identities
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), 0, 1000)
ids, _ := strategy.D().PrivilegedIdentityPool().ListIdentities(context.Background(), identity.ExpandEverything, 0, 1000)

// We have to check that there is either an error or an identity created without the modified attribute
assert.Check(t, strings.Contains(resp.HeaderMap["Location"][0], "error") || strings.Contains(string(ids[0].Traits), "[email protected]"))
Expand Down

0 comments on commit 5636dc0

Please sign in to comment.