semaphoreio
diff --git a/‎ee/rbac/.gitignore
Lines changed: 1 addition & 0 deletions b/‎ee/rbac/.gitignore
Lines changed: 1 addition & 0 deletions
diff --git a/‎ee/rbac/lib/rbac/api/project.ex
Lines changed: 5 additions & 7 deletions b/‎ee/rbac/lib/rbac/api/project.ex
Lines changed: 5 additions & 7 deletions
diff --git a/‎ee/rbac/lib/rbac/api/repository.ex
Lines changed: 4 additions & 5 deletions b/‎ee/rbac/lib/rbac/api/repository.ex
Lines changed: 4 additions & 5 deletions
diff --git a/‎ee/rbac/lib/rbac/events/authorization.ex
Lines changed: 8 additions & 9 deletions b/‎ee/rbac/lib/rbac/events/authorization.ex
Lines changed: 8 additions & 9 deletions
diff --git a/‎ee/rbac/lib/rbac/events/user_created.ex
Lines changed: 6 additions & 7 deletions b/‎ee/rbac/lib/rbac/events/user_created.ex
Lines changed: 6 additions & 7 deletions
diff --git a/‎ee/rbac/lib/rbac/events/user_joined_organization.ex
Lines changed: 5 additions & 6 deletions b/‎ee/rbac/lib/rbac/events/user_joined_organization.ex
Lines changed: 5 additions & 6 deletions
diff --git a/‎ee/rbac/lib/rbac/events/user_left_organization.ex
Lines changed: 5 additions & 6 deletions b/‎ee/rbac/lib/rbac/events/user_left_organization.ex
Lines changed: 5 additions & 6 deletions
diff --git a/‎ee/rbac/lib/rbac/events/user_updated.ex
Lines changed: 5 additions & 6 deletions b/‎ee/rbac/lib/rbac/events/user_updated.ex
Lines changed: 5 additions & 6 deletions
diff --git a/‎ee/rbac/lib/rbac/okta/integrations.ex
Lines changed: 7 additions & 7 deletions b/‎ee/rbac/lib/rbac/okta/integrations.ex
Lines changed: 7 additions & 7 deletions
diff --git a/‎ee/rbac/lib/rbac/repo/okta_integrations.ex
Lines changed: 6 additions & 11 deletions b/‎ee/rbac/lib/rbac/repo/okta_integrations.ex
Lines changed: 6 additions & 11 deletions
@@ -28,4 +28,5 @@ home_dir/*
 .elixir_ls/
 test_report/*
 .devcontainer
+.tool-versions
 docker-compose.local.yml
@@ -3,14 +3,12 @@ defmodule Rbac.Api.Project do
 
   def fetch(project_id) do
     Watchman.benchmark("fetch_project.duration", fn ->
-      req =
-        %InternalApi.Projecthub.DescribeRequest{
-          id: project_id,
-          metadata: %InternalApi.Projecthub.RequestMeta{}
-        }
+      req = %InternalApi.Projecthub.DescribeRequest{
+        id: project_id,
+        metadata: %InternalApi.Projecthub.RequestMeta{}
+      }
 
-      {:ok, channel} =
-        GRPC.Stub.connect(Application.fetch_env!(:rbac, :projecthub_grpc_endpoint))
+      {:ok, channel} = GRPC.Stub.connect(Application.fetch_env!(:rbac, :projecthub_grpc_endpoint))
 
       result = InternalApi.Projecthub.ProjectService.Stub.describe(channel, req, timeout: 30_000)
 
 
@@ -20,11 +20,10 @@ defmodule Rbac.Api.Repository do
   end
 
   defp fetch_collaborators_request(repository_id, page_token) do
-    req =
-      %InternalApi.Repository.ListCollaboratorsRequest{
-        repository_id: repository_id,
-        page_token: page_token
-      }
+    req = %InternalApi.Repository.ListCollaboratorsRequest{
+      repository_id: repository_id,
+      page_token: page_token
+    }
 
     {:ok, channel} =
       GRPC.Stub.connect(Application.fetch_env!(:rbac, :repositoryhub_grpc_endpoint))
 
@@ -14,16 +14,15 @@ defmodule Rbac.Events.Authorization do
     with :ok <- validate(routing_key) do
       date_time = DateTime.utc_now()
 
-      event =
-        %InternalApi.Guard.AuthorizationEvent{
-          org_id: org_id,
-          project_id: project_id,
-          user_id: user_id,
-          timestamp: %Google.Protobuf.Timestamp{
-            seconds: date_time |> seconds(),
-            nanos: date_time |> nanos()
-          }
+      event = %InternalApi.Guard.AuthorizationEvent{
+        org_id: org_id,
+        project_id: project_id,
+        user_id: user_id,
+        timestamp: %Google.Protobuf.Timestamp{
+          seconds: date_time |> seconds(),
+          nanos: date_time |> nanos()
         }
+      }
 
       message = InternalApi.Guard.AuthorizationEvent.encode(event)
 
 
@@ -1,14 +1,13 @@
 defmodule Rbac.Events.UserCreated do
   @spec publish(String.t(), boolean) :: :ok
   def publish(user_id, invited) do
-    event =
-      %InternalApi.User.UserCreated{
-        user_id: user_id,
-        invited: invited,
-        timestamp: %Google.Protobuf.Timestamp{
-          seconds: DateTime.utc_now() |> DateTime.to_unix(:second)
-        }
+    event = %InternalApi.User.UserCreated{
+      user_id: user_id,
+      invited: invited,
+      timestamp: %Google.Protobuf.Timestamp{
+        seconds: DateTime.utc_now() |> DateTime.to_unix(:second)
       }
+    }
 
     message = InternalApi.User.UserCreated.encode(event)
 
 
@@ -12,12 +12,11 @@ defmodule Rbac.Events.UserJoinedOrganization do
   end
 
   def publish(user_id, org_id, join_time \\ DateTime.utc_now()) do
-    event =
-      %InternalApi.User.UserJoinedOrganization{
-        user_id: user_id,
-        org_id: org_id,
-        timestamp: %Google.Protobuf.Timestamp{seconds: join_time |> DateTime.to_unix(:second)}
-      }
+    event = %InternalApi.User.UserJoinedOrganization{
+      user_id: user_id,
+      org_id: org_id,
+      timestamp: %Google.Protobuf.Timestamp{seconds: join_time |> DateTime.to_unix(:second)}
+    }
 
     message = InternalApi.User.UserJoinedOrganization.encode(event)
 
 
@@ -1,11 +1,10 @@
 defmodule Rbac.Events.UserLeftOrganization do
   def publish(user_id, org_id, join_time \\ DateTime.utc_now()) do
-    event =
-      %InternalApi.User.UserLeftOrganization{
-        user_id: user_id,
-        org_id: org_id,
-        timestamp: %Google.Protobuf.Timestamp{seconds: join_time |> DateTime.to_unix(:second)}
-      }
+    event = %InternalApi.User.UserLeftOrganization{
+      user_id: user_id,
+      org_id: org_id,
+      timestamp: %Google.Protobuf.Timestamp{seconds: join_time |> DateTime.to_unix(:second)}
+    }
 
     message = InternalApi.User.UserLeftOrganization.encode(event)
 
 
@@ -3,13 +3,12 @@ defmodule Rbac.Events.UserUpdated do
 
   @spec publish(String.t(), String.t(), String.t()) :: :ok
   def publish(user_id, exchange_name, routing_key \\ @routing_key) do
-    event =
-      %InternalApi.User.UserUpdated{
-        user_id: user_id,
-        timestamp: %Google.Protobuf.Timestamp{
-          seconds: DateTime.utc_now() |> DateTime.to_unix(:second)
-        }
+    event = %InternalApi.User.UserUpdated{
+      user_id: user_id,
+      timestamp: %Google.Protobuf.Timestamp{
+        seconds: DateTime.utc_now() |> DateTime.to_unix(:second)
       }
+    }
 
     message = InternalApi.User.UserUpdated.encode(event)
     {:ok, channel} = AMQP.Application.get_channel(:user)
 
@@ -16,19 +16,19 @@ defmodule Rbac.Okta.Integration do
         org_id,
         creator_id,
         sso_url,
-        issuer,
+        saml_issuer,
         certificate,
         idempotency_token \\ Ecto.UUID.generate()
       ) do
     with {:ok, fingerprint} <- Certificate.fingerprint(certificate),
          {:ok, integration} <-
            Rbac.Repo.OktaIntegration.insert_or_update(
-             org_id,
-             creator_id,
-             sso_url,
-             issuer,
-             fingerprint,
-             idempotency_token
+             org_id: org_id,
+             creator_id: creator_id,
+             sso_url: sso_url,
+             saml_issuer: saml_issuer,
+             saml_certificate_fingerprint: Base.encode64(fingerprint),
+             idempotency_token: idempotency_token
            ) do
       {:ok, integration}
     else
 
@@ -26,6 +26,7 @@ defmodule Rbac.Repo.OktaIntegration do
     field(:sso_url, :string)
     field(:saml_certificate_fingerprint, :string)
     field(:scim_token_hash, :string)
+    field(:jit_provisioning_enabled, :boolean, default: false)
 
     timestamps()
   end
@@ -44,20 +45,14 @@ defmodule Rbac.Repo.OktaIntegration do
     )
   end
 
-  def insert_or_update(org_id, creator_id, sso_url, issuer, fingerprint, idempotency_token) do
-    integration = %__MODULE__{
-      org_id: org_id,
-      creator_id: creator_id,
-      sso_url: sso_url,
-      saml_issuer: issuer,
-      saml_certificate_fingerprint: Base.encode64(fingerprint),
-      idempotency_token: idempotency_token,
-      scim_token_hash: ""
-    }
+  def insert_or_update(fields \\ []) do
+    # Each time you want to make any change to the integration, token will be reset
+    fields = Keyword.put(fields, :scim_token_hash, "")
+    integration = struct(__MODULE__, fields)
 
     changeset = Rbac.Repo.OktaIntegration.changeset(integration)
 
-    case find_idempotent_record(org_id, idempotency_token) do
+    case find_idempotent_record(fields[:org_id], fields[:idempotency_token]) do
       {:ok, integration} ->
         {:ok, integration}