-- This file is part of the Wire Server implementation.
--
-- Copyright (C) 2025 Wire Swiss GmbH <opensource@wire.com>
--
-- This program is free software: you can redistribute it and/or modify it under
-- the terms of the GNU Affero General Public License as published by the Free
-- Software Foundation, either version 3 of the License, or (at your option) any
-- later version.
--
-- This program is distributed in the hope that it will be useful, but WITHOUT
-- ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS
-- FOR A PARTICULAR PURPOSE. See the GNU Affero General Public License for more
-- details.
--
-- You should have received a copy of the GNU Affero General Public License along
-- with this program. If not, see <https://www.gnu.org/licenses/>.

module API.Spar where

import API.Common (defPassword)
import qualified Data.ByteString.Base64.Lazy as EL
import Data.String.Conversions (cs)
import Data.String.Conversions.Monomorphic (fromLT)
import GHC.Stack
import Network.HTTP.Client (Request)
import Network.HTTP.Client.MultipartFormData
import qualified SAML2.WebSSO as SAML
import qualified SAML2.WebSSO.Test.MockResponse as SAML
import Testlib.Prelude
import qualified Text.XML as XML

-- | https://staging-nginz-https.zinfra.io/v6/api/swagger-ui/#/default/get_scim_auth_tokens
getScimTokens :: (HasCallStack, MakesValue caller) => caller -> App Response
getScimTokens :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> App Response
getScimTokens caller
caller = do
  Request
req <- caller -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest caller
caller Service
Spar Versioned
Versioned String
"/scim/auth-tokens"
  String -> Request -> App Response
submit String
"GET" Request
req

data CreateScimToken = CreateScimToken
  { CreateScimToken -> String
password :: String,
    CreateScimToken -> Maybe String
description :: Maybe String,
    CreateScimToken -> Maybe String
name :: Maybe String,
    CreateScimToken -> Maybe String
idp :: Maybe String
  }
  deriving stock ((forall x. CreateScimToken -> Rep CreateScimToken x)
-> (forall x. Rep CreateScimToken x -> CreateScimToken)
-> Generic CreateScimToken
forall x. Rep CreateScimToken x -> CreateScimToken
forall x. CreateScimToken -> Rep CreateScimToken x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cfrom :: forall x. CreateScimToken -> Rep CreateScimToken x
from :: forall x. CreateScimToken -> Rep CreateScimToken x
$cto :: forall x. Rep CreateScimToken x -> CreateScimToken
to :: forall x. Rep CreateScimToken x -> CreateScimToken
Generic, Int -> CreateScimToken -> ShowS
[CreateScimToken] -> ShowS
CreateScimToken -> String
(Int -> CreateScimToken -> ShowS)
-> (CreateScimToken -> String)
-> ([CreateScimToken] -> ShowS)
-> Show CreateScimToken
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
$cshowsPrec :: Int -> CreateScimToken -> ShowS
showsPrec :: Int -> CreateScimToken -> ShowS
$cshow :: CreateScimToken -> String
show :: CreateScimToken -> String
$cshowList :: [CreateScimToken] -> ShowS
showList :: [CreateScimToken] -> ShowS
Show)

instance Default CreateScimToken where
  def :: CreateScimToken
def = String
-> Maybe String -> Maybe String -> Maybe String -> CreateScimToken
CreateScimToken String
defPassword (String -> Maybe String
forall a. a -> Maybe a
Just String
"integration test") Maybe String
forall a. Maybe a
Nothing Maybe String
forall a. Maybe a
Nothing

instance ToJSON CreateScimToken where
  toJSON :: CreateScimToken -> Value
toJSON = Options -> CreateScimToken -> Value
forall a.
(Generic a, GToJSON' Value Zero (Rep a)) =>
Options -> a -> Value
genericToJSON (Options -> CreateScimToken -> Value)
-> Options -> CreateScimToken -> Value
forall a b. (a -> b) -> a -> b
$ Options
defaultOptions {fieldLabelModifier = camelTo2 '_'}

-- | https://staging-nginz-https.zinfra.io/v5/api/swagger-ui/#/default/post_scim_auth_tokens
createScimTokenV6 :: (HasCallStack, MakesValue caller) => caller -> CreateScimToken -> App Response
createScimTokenV6 :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> CreateScimToken -> App Response
createScimTokenV6 caller
caller CreateScimToken
payload = do
  Request
req <- caller -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest caller
caller Service
Spar (Int -> Versioned
ExplicitVersion Int
6) String
"/scim/auth-tokens"
  Value
j <- CreateScimToken -> App Value
forall a. (MakesValue a, HasCallStack) => a -> App Value
make CreateScimToken
payload
  String -> Request -> App Response
submit String
"POST" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& Value -> Request -> Request
forall a. ToJSON a => a -> Request -> Request
addJSON Value
j

createScimToken :: (HasCallStack, MakesValue caller) => caller -> CreateScimToken -> App Response
createScimToken :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> CreateScimToken -> App Response
createScimToken caller
caller CreateScimToken
payload = do
  Request
req <- caller -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest caller
caller Service
Spar Versioned
Versioned String
"/scim/auth-tokens"
  Value
j <- CreateScimToken -> App Value
forall a. (MakesValue a, HasCallStack) => a -> App Value
make CreateScimToken
payload
  String -> Request -> App Response
submit String
"POST" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& Value -> Request -> Request
forall a. ToJSON a => a -> Request -> Request
addJSON Value
j

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/auth-tokens-delete
deleteScimToken :: (HasCallStack, MakesValue caller) => caller -> String -> App Response
deleteScimToken :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> App Response
deleteScimToken caller
caller String
token = do
  Request
req <- caller -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest caller
caller Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"auth-tokens"]
  String -> Request -> App Response
submit String
"DELETE" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& [(String, String)] -> Request -> Request
addQueryParams [(String
"id", String
token)]

putScimTokenName :: (HasCallStack, MakesValue caller) => caller -> String -> String -> App Response
putScimTokenName :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> String -> App Response
putScimTokenName caller
caller String
token String
name = do
  Request
req <- caller -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest caller
caller Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"auth-tokens", String
token]
  String -> Request -> App Response
submit String
"PUT" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& [Pair] -> Request -> Request
addJSONObject [String
"name" String -> String -> Pair
forall a. ToJSON a => String -> a -> Pair
.= String
name]

createScimUser :: (HasCallStack, MakesValue domain, MakesValue scimUser) => domain -> String -> scimUser -> App Response
createScimUser :: forall domain scimUser.
(HasCallStack, MakesValue domain, MakesValue scimUser) =>
domain -> String -> scimUser -> App Response
createScimUser domain
domain String
token scimUser
scimUser = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned String
"/scim/v2/Users"
  Value
body <- scimUser -> App Value
forall a. (MakesValue a, HasCallStack) => a -> App Value
make scimUser
scimUser
  String -> Request -> App Response
submit String
"POST" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& Value -> Request -> Request
forall a. ToJSON a => a -> Request -> Request
addJSON Value
body (Request -> Request) -> (Request -> Request) -> Request -> Request
forall b c a. (b -> c) -> (a -> b) -> a -> c
. String -> String -> Request -> Request
addHeader String
"Authorization" (String
"Bearer " String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
token)

deleteScimUser :: (HasCallStack, MakesValue domain) => domain -> String -> String -> App Response
deleteScimUser :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> String -> App Response
deleteScimUser domain
domain String
token String
uid = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"v2", String
"Users", String
uid]
  String -> Request -> App Response
submit String
"DELETE" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> String -> Request -> Request
addHeader String
"Authorization" (String
"Bearer " String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
token)

scimCommonHeaders :: String -> Request -> Request
scimCommonHeaders :: String -> Request -> Request
scimCommonHeaders String
scimToken Request
req =
  Request
req
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> String -> Request -> Request
addHeader String
"Authorization" (String
"Bearer " String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
scimToken)
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> String -> Request -> Request
addHeader String
"Accept" String
"application/scim+json"

findUsersByExternalId :: (HasCallStack, MakesValue domain) => domain -> String -> String -> App Response
findUsersByExternalId :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> String -> App Response
findUsersByExternalId domain
domain String
scimToken String
externalId = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned String
"/scim/v2/Users"
  String -> Request -> App Response
submit String
"GET" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> Request -> Request
scimCommonHeaders String
scimToken
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& [(String, String)] -> Request -> Request
addQueryParams [(String
"filter", String
"externalId eq \"" String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
externalId String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
"\"")]

getScimUser :: (HasCallStack, MakesValue domain) => domain -> String -> String -> App Response
getScimUser :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> String -> App Response
getScimUser domain
domain String
scimToken String
uid = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"v2", String
"Users", String
uid]
  String -> Request -> App Response
submit String
"GET" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> Request -> Request
scimCommonHeaders String
scimToken

updateScimUser :: (HasCallStack, MakesValue domain, MakesValue scimUser) => domain -> String -> String -> scimUser -> App Response
updateScimUser :: forall domain scimUser.
(HasCallStack, MakesValue domain, MakesValue scimUser) =>
domain -> String -> String -> scimUser -> App Response
updateScimUser domain
domain String
scimToken String
userId scimUser
scimUser = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"v2", String
"Users", String
userId]
  Value
body <- scimUser -> App Value
forall a. (MakesValue a, HasCallStack) => a -> App Value
make scimUser
scimUser
  String -> Request -> App Response
submit String
"PUT" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> Request -> Request
scimCommonHeaders String
scimToken
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& Value -> Request -> Request
forall a. ToJSON a => a -> Request -> Request
addJSON Value
body

createScimUserGroup :: (HasCallStack, MakesValue domain, MakesValue scimUserGroup) => domain -> String -> scimUserGroup -> App Response
createScimUserGroup :: forall domain scimUser.
(HasCallStack, MakesValue domain, MakesValue scimUser) =>
domain -> String -> scimUser -> App Response
createScimUserGroup domain
domain String
token scimUserGroup
scimUserGroup = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned String
"/scim/v2/Groups"
  Value
body <- scimUserGroup -> App Value
forall a. (MakesValue a, HasCallStack) => a -> App Value
make scimUserGroup
scimUserGroup
  String -> Request -> App Response
submit String
"POST" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& Value -> Request -> Request
forall a. ToJSON a => a -> Request -> Request
addJSON Value
body (Request -> Request) -> (Request -> Request) -> Request -> Request
forall b c a. (b -> c) -> (a -> b) -> a -> c
. String -> String -> Request -> Request
addHeader String
"Authorization" (String
"Bearer " String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
token)

getScimUserGroup :: (HasCallStack, MakesValue domain) => domain -> String -> String -> App Response
getScimUserGroup :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> String -> App Response
getScimUserGroup domain
domain String
token String
gid = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"/scim/v2/Groups", String
gid]
  String -> Request -> App Response
submit String
"GET" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> Request -> Request
scimCommonHeaders String
token

updateScimUserGroup :: (HasCallStack, MakesValue domain, MakesValue scimUserGroup) => domain -> String -> String -> scimUserGroup -> App Response
updateScimUserGroup :: forall domain scimUser.
(HasCallStack, MakesValue domain, MakesValue scimUser) =>
domain -> String -> String -> scimUser -> App Response
updateScimUserGroup domain
domain String
token String
groupId scimUserGroup
scimUserGroup = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"v2", String
"Groups", String
groupId]
  Value
body <- scimUserGroup -> App Value
forall a. (MakesValue a, HasCallStack) => a -> App Value
make scimUserGroup
scimUserGroup
  String -> Request -> App Response
submit String
"PUT" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& Value -> Request -> Request
forall a. ToJSON a => a -> Request -> Request
addJSON Value
body (Request -> Request) -> (Request -> Request) -> Request -> Request
forall b c a. (b -> c) -> (a -> b) -> a -> c
. String -> String -> Request -> Request
addHeader String
"Authorization" (String
"Bearer " String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
token)

deleteScimUserGroup :: (HasCallStack, MakesValue domain) => domain -> String -> String -> App Response
deleteScimUserGroup :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> String -> App Response
deleteScimUserGroup domain
domain String
token String
groupId = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"scim", String
"v2", String
"Groups", String
groupId]
  String -> Request -> App Response
submit String
"DELETE" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> String -> Request -> Request
addHeader String
"Authorization" (String
"Bearer " String -> ShowS
forall a. Semigroup a => a -> a -> a
<> String
token)

filterScimUserGroup :: (HasCallStack, MakesValue domain) => domain -> String -> Maybe String -> App Response
filterScimUserGroup :: forall domain.
(HasCallStack, MakesValue domain) =>
domain -> String -> Maybe String -> App Response
filterScimUserGroup domain
domain String
token Maybe String
mbFilter = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned String
"/scim/v2/Groups"
  String -> Request -> App Response
submit String
"GET" (Request -> App Response) -> Request -> App Response
forall a b. (a -> b) -> a -> b
$ Request
req
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> Request -> Request
scimCommonHeaders String
token
    Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& (Request -> Request)
-> (String -> Request -> Request)
-> Maybe String
-> Request
-> Request
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Request -> Request
forall a. a -> a
id (\String
f -> [(String, String)] -> Request -> Request
addQueryParams [(String
"filter", String
f)]) Maybe String
mbFilter

mkScimGroup :: String -> [Value] -> Value
mkScimGroup :: String -> [Value] -> Value
mkScimGroup String
name [Value]
members =
  [Pair] -> Value
object
    [ String
"schemas" String -> [String] -> Pair
forall a. ToJSON a => String -> a -> Pair
.= [String
"urn:ietf:params:scim:schemas:core:2.0:Group"],
      String
"displayName" String -> String -> Pair
forall a. ToJSON a => String -> a -> Pair
.= String
name,
      String
"members" String -> [Value] -> Pair
forall a. ToJSON a => String -> a -> Pair
.= [Value]
members
    ]

mkScimUser :: String -> Value
mkScimUser :: String -> Value
mkScimUser String
scimUserId =
  [Pair] -> Value
object
    [ String
"type" String -> String -> Pair
forall a. ToJSON a => String -> a -> Pair
.= String
"User",
      String
"$ref" String -> String -> Pair
forall a. ToJSON a => String -> a -> Pair
.= String
"...", -- something like
      -- "https://example.org/v2/scim/User/ea2e4bf0-aa5e-11f0-96ad-e776a606779b"?
      -- but since we're just receiving this it's ok to ignore.
      String
"value" String -> String -> Pair
forall a. ToJSON a => String -> a -> Pair
.= String
scimUserId
    ]

-- | https://staging-nginz-https.zinfra.io/v12/api/swagger-ui/#/default/idp-create
createIdp :: (HasCallStack, MakesValue user) => user -> SAML.IdPMetadata -> App Response
createIdp :: forall user.
(HasCallStack, MakesValue user) =>
user -> IdPMetadata -> App Response
createIdp = ((user -> Maybe String -> IdPMetadata -> App Response)
-> Maybe String -> user -> IdPMetadata -> App Response
forall a b c. (a -> b -> c) -> b -> a -> c
flip user -> Maybe String -> IdPMetadata -> App Response
forall user.
(HasCallStack, MakesValue user) =>
user -> Maybe String -> IdPMetadata -> App Response
createIdpWithZHost) Maybe String
forall a. Maybe a
Nothing

createIdpWithZHost :: (HasCallStack, MakesValue user) => user -> Maybe String -> SAML.IdPMetadata -> App Response
createIdpWithZHost :: forall user.
(HasCallStack, MakesValue user) =>
user -> Maybe String -> IdPMetadata -> App Response
createIdpWithZHost user
user Maybe String
mbZHost IdPMetadata
metadata = do
  Request
bReq <- user -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest user
user Service
Spar Versioned
Versioned String
"/identity-providers"
  let req :: Request
req =
        Request
bReq
          Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& [(String, String)] -> Request -> Request
addQueryParams [(String
"api_version", String
"v2")]
          Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& ByteString -> Request -> Request
addXML (LT -> ByteString
forall a. ConvertibleStrings LT a => LT -> a
fromLT (LT -> ByteString) -> LT -> ByteString
forall a b. (a -> b) -> a -> b
$ IdPMetadata -> LT
forall a. HasXMLRoot a => a -> LT
SAML.encode IdPMetadata
metadata)
          Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> String -> Request -> Request
addHeader String
"Content-Type" String
"application/xml"
  String -> Request -> App Response
submit String
"POST" (Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& (Request -> Request)
-> (String -> Request -> Request)
-> Maybe String
-> Request
-> Request
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Request -> Request
forall a. a -> a
id String -> Request -> Request
zHost Maybe String
mbZHost)

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/idp-update
updateIdp :: (HasCallStack, MakesValue user) => user -> String -> SAML.IdPMetadata -> App Response
updateIdp :: forall user.
(HasCallStack, MakesValue user) =>
user -> String -> IdPMetadata -> App Response
updateIdp = ((user -> Maybe String -> String -> IdPMetadata -> App Response)
-> Maybe String -> user -> String -> IdPMetadata -> App Response
forall a b c. (a -> b -> c) -> b -> a -> c
flip user -> Maybe String -> String -> IdPMetadata -> App Response
forall user.
(HasCallStack, MakesValue user) =>
user -> Maybe String -> String -> IdPMetadata -> App Response
updateIdpWithZHost) Maybe String
forall a. Maybe a
Nothing

updateIdpWithZHost :: (HasCallStack, MakesValue user) => user -> Maybe String -> String -> SAML.IdPMetadata -> App Response
updateIdpWithZHost :: forall user.
(HasCallStack, MakesValue user) =>
user -> Maybe String -> String -> IdPMetadata -> App Response
updateIdpWithZHost user
user Maybe String
mbZHost String
idpId IdPMetadata
metadata = do
  Request
bReq <- user -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest user
user Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"identity-providers", String
idpId]
  let req :: Request
req =
        Request
bReq
          Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& ByteString -> Request -> Request
addXML (LT -> ByteString
forall a. ConvertibleStrings LT a => LT -> a
fromLT (LT -> ByteString) -> LT -> ByteString
forall a b. (a -> b) -> a -> b
$ IdPMetadata -> LT
forall a. HasXMLRoot a => a -> LT
SAML.encode IdPMetadata
metadata)
          Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& String -> String -> Request -> Request
addHeader String
"Content-Type" String
"application/xml"
  String -> Request -> App Response
submit String
"PUT" (Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& (Request -> Request)
-> (String -> Request -> Request)
-> Maybe String
-> Request
-> Request
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Request -> Request
forall a. a -> a
id String -> Request -> Request
zHost Maybe String
mbZHost)

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/idp-get-all
getIdps :: (HasCallStack, MakesValue user) => user -> App Response
getIdps :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> App Response
getIdps user
user = do
  Request
req <- user -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest user
user Service
Spar Versioned
Versioned String
"/identity-providers"
  String -> Request -> App Response
submit String
"GET" Request
req

getIdp :: (HasCallStack, MakesValue user) => user -> String -> App Response
getIdp :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> App Response
getIdp user
user String
idpId = do
  Request
req <- user -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest user
user Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"identity-providers", String
idpId]
  String -> Request -> App Response
submit String
"GET" Request
req

deleteIdp :: (HasCallStack, MakesValue user) => user -> String -> App Response
deleteIdp :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> App Response
deleteIdp user
user String
idpId = do
  Request
req <- user -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest user
user Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"identity-providers", String
idpId]
  String -> Request -> App Response
submit String
"DELETE" Request
req

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/sso-team-metadata
getSPMetadata :: (HasCallStack, MakesValue domain) => domain -> String -> App Response
getSPMetadata :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> App Response
getSPMetadata = ((domain -> Maybe String -> String -> App Response)
-> Maybe String -> domain -> String -> App Response
forall a b c. (a -> b -> c) -> b -> a -> c
flip domain -> Maybe String -> String -> App Response
forall domain.
(HasCallStack, MakesValue domain) =>
domain -> Maybe String -> String -> App Response
getSPMetadataWithZHost) Maybe String
forall a. Maybe a
Nothing

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/sso-team-metadata
getSPMetadataWithZHost :: (HasCallStack, MakesValue domain) => domain -> Maybe String -> String -> App Response
getSPMetadataWithZHost :: forall domain.
(HasCallStack, MakesValue domain) =>
domain -> Maybe String -> String -> App Response
getSPMetadataWithZHost domain
domain Maybe String
mbZHost String
tid = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"sso", String
"metadata", String
tid]
  String -> Request -> App Response
submit String
"GET" (Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& (Request -> Request)
-> (String -> Request -> Request)
-> Maybe String
-> Request
-> Request
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Request -> Request
forall a. a -> a
id String -> Request -> Request
zHost Maybe String
mbZHost)

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/auth-req
initiateSamlLogin :: (HasCallStack, MakesValue domain) => domain -> String -> App Response
initiateSamlLogin :: forall caller.
(HasCallStack, MakesValue caller) =>
caller -> String -> App Response
initiateSamlLogin = ((domain -> Maybe String -> String -> App Response)
-> Maybe String -> domain -> String -> App Response
forall a b c. (a -> b -> c) -> b -> a -> c
flip domain -> Maybe String -> String -> App Response
forall domain.
(HasCallStack, MakesValue domain) =>
domain -> Maybe String -> String -> App Response
initiateSamlLoginWithZHost) Maybe String
forall a. Maybe a
Nothing

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/auth-req
initiateSamlLoginWithZHost :: (HasCallStack, MakesValue domain) => domain -> Maybe String -> String -> App Response
initiateSamlLoginWithZHost :: forall domain.
(HasCallStack, MakesValue domain) =>
domain -> Maybe String -> String -> App Response
initiateSamlLoginWithZHost domain
domain Maybe String
mbZHost String
idpId = do
  Request
req <- domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned (String -> App Request) -> String -> App Request
forall a b. (a -> b) -> a -> b
$ [String] -> String
joinHttpPath [String
"sso", String
"initiate-login", String
idpId]
  String -> Request -> App Response
submit String
"GET" (Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& (Request -> Request)
-> (String -> Request -> Request)
-> Maybe String
-> Request
-> Request
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Request -> Request
forall a. a -> a
id String -> Request -> Request
zHost Maybe String
mbZHost)

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/auth-resp
finalizeSamlLogin :: (HasCallStack, MakesValue domain) => domain -> String -> SAML.SignedAuthnResponse -> App Response
finalizeSamlLogin :: forall domain.
(HasCallStack, MakesValue domain) =>
domain -> String -> SignedAuthnResponse -> App Response
finalizeSamlLogin = ((domain
 -> Maybe String -> String -> SignedAuthnResponse -> App Response)
-> Maybe String
-> domain
-> String
-> SignedAuthnResponse
-> App Response
forall a b c. (a -> b -> c) -> b -> a -> c
flip domain
-> Maybe String -> String -> SignedAuthnResponse -> App Response
forall domain.
(HasCallStack, MakesValue domain) =>
domain
-> Maybe String -> String -> SignedAuthnResponse -> App Response
finalizeSamlLoginWithZHost) Maybe String
forall a. Maybe a
Nothing

-- | https://staging-nginz-https.zinfra.io/v7/api/swagger-ui/#/default/auth-resp
finalizeSamlLoginWithZHost :: (HasCallStack, MakesValue domain) => domain -> Maybe String -> String -> SAML.SignedAuthnResponse -> App Response
finalizeSamlLoginWithZHost :: forall domain.
(HasCallStack, MakesValue domain) =>
domain
-> Maybe String -> String -> SignedAuthnResponse -> App Response
finalizeSamlLoginWithZHost domain
domain Maybe String
mbZHost String
tid (SAML.SignedAuthnResponse Document
authnresp) = do
  domain -> Service -> Versioned -> String -> App Request
forall user.
(HasCallStack, MakesValue user) =>
user -> Service -> Versioned -> String -> App Request
baseRequest domain
domain Service
Spar Versioned
Versioned ([String] -> String
joinHttpPath [String
"sso", String
"finalize-login", String
tid])
    App Request -> (Request -> App Request) -> App Request
forall a b. App a -> (a -> App b) -> App b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= [Part] -> Request -> App Request
forall (m :: * -> *). MonadIO m => [Part] -> Request -> m Request
formDataBody [Text -> ByteString -> Part
forall (m :: * -> *).
Applicative m =>
Text -> ByteString -> PartM m
partLBS (String -> Text
forall a b. ConvertibleStrings a b => a -> b
cs String
"SAMLResponse") (ByteString -> Part)
-> (Document -> ByteString) -> Document -> Part
forall b c a. (b -> c) -> (a -> b) -> a -> c
. ByteString -> ByteString
EL.encode (ByteString -> ByteString)
-> (Document -> ByteString) -> Document -> ByteString
forall b c a. (b -> c) -> (a -> b) -> a -> c
. RenderSettings -> Document -> ByteString
XML.renderLBS RenderSettings
forall a. Default a => a
XML.def (Document -> Part) -> Document -> Part
forall a b. (a -> b) -> a -> b
$ Document
authnresp]
    App Request -> (Request -> App Response) -> App Response
forall a b. App a -> (a -> App b) -> App b
forall (m :: * -> *) a b. Monad m => m a -> (a -> m b) -> m b
>>= \Request
req -> String -> Request -> App Response
submit String
"POST" (Request
req Request -> (Request -> Request) -> Request
forall a b. a -> (a -> b) -> b
& (Request -> Request)
-> (String -> Request -> Request)
-> Maybe String
-> Request
-> Request
forall b a. b -> (a -> b) -> Maybe a -> b
maybe Request -> Request
forall a. a -> a
id String -> Request -> Request
zHost Maybe String
mbZHost)