19625601168

Committed 24 Nov 2025 06:38AM UTC coverage: 55.069% (-0.04%) from 55.108%

Build # 19625601168

Build Type

Pull #4477

github

Committed by

web-flow

Commit Message

Merge c380f11c5 into 4a90b4fce

Pull Request Pull Request #4477: feat: add `--name-id-format` flag to `sso add` and `sso update`

Run Details

10 of 21 new or added lines in 4 files covered. (47.62%)

5 existing lines in 1 file now uncovered.

6540 of 11876 relevant lines covered (55.07%)

6.26 hits per line

Source File
Press 'n' to go to next uncovered line, 'b' for previous

0.0

/cmd/sso.go

package cmd

import (
        "github.com/go-errors/errors"
        "github.com/spf13/cobra"

        "github.com/supabase/cli/internal/sso/create"
        "github.com/supabase/cli/internal/sso/get"
        "github.com/supabase/cli/internal/sso/info"
        "github.com/supabase/cli/internal/sso/list"
        "github.com/supabase/cli/internal/sso/remove"
        "github.com/supabase/cli/internal/sso/update"
        "github.com/supabase/cli/internal/utils"
        "github.com/supabase/cli/internal/utils/flags"
        "github.com/supabase/cli/pkg/api"
)

var (
        ssoCmd = &cobra.Command{
                GroupID: groupManagementAPI,
                Use:     "sso",
                Short:   "Manage Single Sign-On (SSO) authentication for projects",
        }

        ssoProviderType = utils.EnumFlag{
                Allowed: []string{"saml"},
                // intentionally no default value so users have to specify --type saml explicitly
        }

        ssoNameIDFormat = utils.EnumFlag{
                Allowed: []string{
                        string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatEmailAddress),
                        string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatUnspecified),
                        string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatPersistent),
                        string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatTransient),
                },
        }

        ssoMetadataFile         string
        ssoMetadataURL          string
        ssoSkipURLValidation    bool
        ssoMetadata             bool
        ssoAttributeMappingFile string
        ssoDomains              []string
        ssoAddDomains           []string
        ssoRemoveDomains        []string

        ssoAddCmd = &cobra.Command{
                Use:     "add",
                Short:   "Add a new SSO identity provider",
                Long:    "Add and configure a new connection to a SSO identity provider to your Supabase project.",
                Example: `  supabase sso add --type saml --project-ref mwjylndxudmiehsxhmmz --metadata-url 'https://...' --domains example.com`,
                RunE: func(cmd *cobra.Command, args []string) error {
                        return create.Run(cmd.Context(), create.RunParams{
                                ProjectRef:        flags.ProjectRef,
                                Type:              ssoProviderType.String(),
                                Format:            utils.OutputFormat.Value,
                                MetadataFile:      ssoMetadataFile,
                                MetadataURL:       ssoMetadataURL,
                                SkipURLValidation: ssoSkipURLValidation,
                                AttributeMapping:  ssoAttributeMappingFile,
                                NameIDFormat:      ssoNameIDFormat.String(),
                                Domains:           ssoDomains,
                        })
                },
        }

        ssoRemoveCmd = &cobra.Command{
                Use:     "remove <provider-id>",
                Short:   "Remove an existing SSO identity provider",
                Long:    "Remove a connection to an already added SSO identity provider. Removing the provider will prevent existing users from logging in. Please treat this command with care.",
                Args:    cobra.ExactArgs(1),
                Example: `  supabase sso remove b5ae62f9-ef1d-4f11-a02b-731c8bbb11e8 --project-ref mwjylndxudmiehsxhmmz`,
                RunE: func(cmd *cobra.Command, args []string) error {
                        if !utils.UUIDPattern.MatchString(args[0]) {
                                return errors.Errorf("identity provider ID %q is not a UUID", args[0])
                        }

                        return remove.Run(cmd.Context(), flags.ProjectRef, args[0], utils.OutputFormat.Value)
                },
        }

        ssoUpdateCmd = &cobra.Command{
                Use:     "update <provider-id>",
                Short:   "Update information about an SSO identity provider",
                Long:    "Update the configuration settings of a already added SSO identity provider.",
                Args:    cobra.ExactArgs(1),
                Example: `  supabase sso update b5ae62f9-ef1d-4f11-a02b-731c8bbb11e8 --project-ref mwjylndxudmiehsxhmmz --add-domains example.com`,
                RunE: func(cmd *cobra.Command, args []string) error {
                        if !utils.UUIDPattern.MatchString(args[0]) {
                                return errors.Errorf("identity provider ID %q is not a UUID", args[0])
                        }

                        return update.Run(cmd.Context(), update.RunParams{
                                ProjectRef: flags.ProjectRef,
                                ProviderID: args[0],
                                Format:     utils.OutputFormat.Value,

                                MetadataFile:      ssoMetadataFile,
                                MetadataURL:       ssoMetadataURL,
                                SkipURLValidation: ssoSkipURLValidation,
                                AttributeMapping:  ssoAttributeMappingFile,
                                NameIDFormat:      ssoNameIDFormat.String(),
                                Domains:           ssoDomains,
                                AddDomains:        ssoAddDomains,
                                RemoveDomains:     ssoRemoveDomains,
                        })
                },
        }

        ssoShowCmd = &cobra.Command{
                Use:     "show <provider-id>",
                Short:   "Show information about an SSO identity provider",
                Long:    "Provides the information about an established connection to an identity provider. You can use --metadata to obtain the raw SAML 2.0 Metadata XML document stored in your project's configuration.",
                Args:    cobra.ExactArgs(1),
                Example: `  supabase sso show b5ae62f9-ef1d-4f11-a02b-731c8bbb11e8 --project-ref mwjylndxudmiehsxhmmz`,
                RunE: func(cmd *cobra.Command, args []string) error {
                        if !utils.UUIDPattern.MatchString(args[0]) {
                                return errors.Errorf("identity provider ID %q is not a UUID", args[0])
                        }

                        format := utils.OutputFormat.Value
                        if ssoMetadata {
                                format = utils.OutputMetadata
                        }

                        return get.Run(cmd.Context(), flags.ProjectRef, args[0], format)
                },
        }

        ssoListCmd = &cobra.Command{
                Use:     "list",
                Short:   "List all SSO identity providers for a project",
                Long:    "List all connections to a SSO identity provider to your Supabase project.",
                Example: `  supabase sso list --project-ref mwjylndxudmiehsxhmmz`,
                RunE: func(cmd *cobra.Command, args []string) error {
                        return list.Run(cmd.Context(), flags.ProjectRef, utils.OutputFormat.Value)
                },
        }

        ssoInfoCmd = &cobra.Command{
                Use:     "info",
                Short:   "Returns the SAML SSO settings required for the identity provider",
                Long:    "Returns all of the important SSO information necessary for your project to be registered with a SAML 2.0 compatible identity provider.",
                Example: `  supabase sso info --project-ref mwjylndxudmiehsxhmmz`,
                RunE: func(cmd *cobra.Command, args []string) error {
                        return info.Run(cmd.Context(), flags.ProjectRef, utils.OutputFormat.Value)
                },
        }
)

func init() {
        persistentFlags := ssoCmd.PersistentFlags()
        persistentFlags.StringVar(&flags.ProjectRef, "project-ref", "", "Project ref of the Supabase project.")
        ssoAddFlags := ssoAddCmd.Flags()
        ssoAddFlags.VarP(&ssoProviderType, "type", "t", "Type of identity provider (according to supported protocol).")
        ssoAddFlags.StringSliceVar(&ssoDomains, "domains", nil, "Comma separated list of email domains to associate with the added identity provider.")
        ssoAddFlags.StringVar(&ssoMetadataFile, "metadata-file", "", "File containing a SAML 2.0 Metadata XML document describing the identity provider.")
        ssoAddFlags.StringVar(&ssoMetadataURL, "metadata-url", "", "URL pointing to a SAML 2.0 Metadata XML document describing the identity provider.")
        ssoAddFlags.BoolVar(&ssoSkipURLValidation, "skip-url-validation", false, "Whether local validation of the SAML 2.0 Metadata URL should not be performed.")
        ssoAddFlags.StringVar(&ssoAttributeMappingFile, "attribute-mapping-file", "", "File containing a JSON mapping between SAML attributes to custom JWT claims.")
        ssoAddFlags.Var(&ssoNameIDFormat, "name-id-format", "URI reference representing the classification of string-based identifier information.")
        ssoAddCmd.MarkFlagsMutuallyExclusive("metadata-file", "metadata-url")
        cobra.CheckErr(ssoAddCmd.MarkFlagRequired("type"))
        cobra.CheckErr(ssoAddCmd.MarkFlagFilename("metadata-file", "xml"))
        cobra.CheckErr(ssoAddCmd.MarkFlagFilename("attribute-mapping-file", "json"))

        ssoUpdateFlags := ssoUpdateCmd.Flags()
        ssoUpdateFlags.StringSliceVar(&ssoDomains, "domains", []string{}, "Replace domains with this comma separated list of email domains.")
        ssoUpdateFlags.StringSliceVar(&ssoAddDomains, "add-domains", []string{}, "Add this comma separated list of email domains to the identity provider.")
        ssoUpdateFlags.StringSliceVar(&ssoRemoveDomains, "remove-domains", []string{}, "Remove this comma separated list of email domains from the identity provider.")
        ssoUpdateFlags.StringVar(&ssoMetadataFile, "metadata-file", "", "File containing a SAML 2.0 Metadata XML document describing the identity provider.")
        ssoUpdateFlags.StringVar(&ssoMetadataURL, "metadata-url", "", "URL pointing to a SAML 2.0 Metadata XML document describing the identity provider.")
        ssoUpdateFlags.BoolVar(&ssoSkipURLValidation, "skip-url-validation", false, "Whether local validation of the SAML 2.0 Metadata URL should not be performed.")
        ssoUpdateFlags.StringVar(&ssoAttributeMappingFile, "attribute-mapping-file", "", "File containing a JSON mapping between SAML attributes to custom JWT claims.")
        ssoUpdateFlags.Var(&ssoNameIDFormat, "name-id-format", "URI reference representing the classification of string-based identifier information.")
        ssoUpdateCmd.MarkFlagsMutuallyExclusive("metadata-file", "metadata-url")
        ssoUpdateCmd.MarkFlagsMutuallyExclusive("domains", "add-domains")
        ssoUpdateCmd.MarkFlagsMutuallyExclusive("domains", "remove-domains")
        cobra.CheckErr(ssoUpdateCmd.MarkFlagFilename("metadata-file", "xml"))
        cobra.CheckErr(ssoUpdateCmd.MarkFlagFilename("attribute-mapping-file", "json"))

        ssoShowFlags := ssoShowCmd.Flags()
        ssoShowFlags.BoolVar(&ssoMetadata, "metadata", false, "Show SAML 2.0 XML Metadata only")

        ssoCmd.AddCommand(ssoAddCmd)
        ssoCmd.AddCommand(ssoRemoveCmd)
        ssoCmd.AddCommand(ssoUpdateCmd)
        ssoCmd.AddCommand(ssoShowCmd)
        ssoCmd.AddCommand(ssoListCmd)
        ssoCmd.AddCommand(ssoInfoCmd)

        rootCmd.AddCommand(ssoCmd)
}

1	package cmd
2
3	import (
4	"github.com/go-errors/errors"
5	"github.com/spf13/cobra"
6
7	"github.com/supabase/cli/internal/sso/create"
8	"github.com/supabase/cli/internal/sso/get"
9	"github.com/supabase/cli/internal/sso/info"
10	"github.com/supabase/cli/internal/sso/list"
11	"github.com/supabase/cli/internal/sso/remove"
12	"github.com/supabase/cli/internal/sso/update"
13	"github.com/supabase/cli/internal/utils"
14	"github.com/supabase/cli/internal/utils/flags"
15	"github.com/supabase/cli/pkg/api"
16	)
17
18	var (
19	ssoCmd = &cobra.Command{
20	GroupID: groupManagementAPI,
21	Use: "sso",
22	Short: "Manage Single Sign-On (SSO) authentication for projects",
23	}
24
25	ssoProviderType = utils.EnumFlag{
26	Allowed: []string{"saml"},
27	// intentionally no default value so users have to specify --type saml explicitly
28	}
29
30	ssoNameIDFormat = utils.EnumFlag{
31	Allowed: []string{
32	string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatEmailAddress),
33	string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML11NameidFormatUnspecified),
34	string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatPersistent),
35	string(api.CreateProviderBodyNameIdFormatUrnOasisNamesTcSAML20NameidFormatTransient),
36	},
37	}
38
39	ssoMetadataFile string
40	ssoMetadataURL string
41	ssoSkipURLValidation bool
42	ssoMetadata bool
43	ssoAttributeMappingFile string
44	ssoDomains []string
45	ssoAddDomains []string
46	ssoRemoveDomains []string
47
48	ssoAddCmd = &cobra.Command{
49	Use: "add",
50	Short: "Add a new SSO identity provider",
51	Long: "Add and configure a new connection to a SSO identity provider to your Supabase project.",
52	Example: ` supabase sso add --type saml --project-ref mwjylndxudmiehsxhmmz --metadata-url 'https://...' --domains example.com`,
53	RunE: func(cmd *cobra.Command, args []string) error {	×
54	return create.Run(cmd.Context(), create.RunParams{	×
55	ProjectRef: flags.ProjectRef,	×
56	Type: ssoProviderType.String(),	×
57	Format: utils.OutputFormat.Value,	×
58	MetadataFile: ssoMetadataFile,	×
59	MetadataURL: ssoMetadataURL,	×
60	SkipURLValidation: ssoSkipURLValidation,	×
61	AttributeMapping: ssoAttributeMappingFile,	×
NEW 62	NameIDFormat: ssoNameIDFormat.String(),	×
63	Domains: ssoDomains,	×
64	})	×
65	},	×
66	}
67
68	ssoRemoveCmd = &cobra.Command{
69	Use: "remove <provider-id>",
70	Short: "Remove an existing SSO identity provider",
71	Long: "Remove a connection to an already added SSO identity provider. Removing the provider will prevent existing users from logging in. Please treat this command with care.",
72	Args: cobra.ExactArgs(1),
73	Example: ` supabase sso remove b5ae62f9-ef1d-4f11-a02b-731c8bbb11e8 --project-ref mwjylndxudmiehsxhmmz`,
74	RunE: func(cmd *cobra.Command, args []string) error {	×
75	if !utils.UUIDPattern.MatchString(args[0]) {	×
76	return errors.Errorf("identity provider ID %q is not a UUID", args[0])	×
77	}	×
78
79	return remove.Run(cmd.Context(), flags.ProjectRef, args[0], utils.OutputFormat.Value)	×
80	},
81	}
82
83	ssoUpdateCmd = &cobra.Command{
84	Use: "update <provider-id>",
85	Short: "Update information about an SSO identity provider",
86	Long: "Update the configuration settings of a already added SSO identity provider.",
87	Args: cobra.ExactArgs(1),
88	Example: ` supabase sso update b5ae62f9-ef1d-4f11-a02b-731c8bbb11e8 --project-ref mwjylndxudmiehsxhmmz --add-domains example.com`,
89	RunE: func(cmd *cobra.Command, args []string) error {	×
90	if !utils.UUIDPattern.MatchString(args[0]) {	×
91	return errors.Errorf("identity provider ID %q is not a UUID", args[0])	×
92	}	×
93
94	return update.Run(cmd.Context(), update.RunParams{	×
95	ProjectRef: flags.ProjectRef,	×
96	ProviderID: args[0],	×
97	Format: utils.OutputFormat.Value,	×
98		×
99	MetadataFile: ssoMetadataFile,	×
100	MetadataURL: ssoMetadataURL,	×
101	SkipURLValidation: ssoSkipURLValidation,	×
102	AttributeMapping: ssoAttributeMappingFile,	×
NEW 103	NameIDFormat: ssoNameIDFormat.String(),	×
104	Domains: ssoDomains,	×
105	AddDomains: ssoAddDomains,	×
106	RemoveDomains: ssoRemoveDomains,	×
107	})	×
108	},
109	}
110
111	ssoShowCmd = &cobra.Command{
112	Use: "show <provider-id>",
113	Short: "Show information about an SSO identity provider",
114	Long: "Provides the information about an established connection to an identity provider. You can use --metadata to obtain the raw SAML 2.0 Metadata XML document stored in your project's configuration.",
115	Args: cobra.ExactArgs(1),
116	Example: ` supabase sso show b5ae62f9-ef1d-4f11-a02b-731c8bbb11e8 --project-ref mwjylndxudmiehsxhmmz`,
117	RunE: func(cmd *cobra.Command, args []string) error {	×
118	if !utils.UUIDPattern.MatchString(args[0]) {	×
119	return errors.Errorf("identity provider ID %q is not a UUID", args[0])	×
120	}	×
121
122	format := utils.OutputFormat.Value	×
123	if ssoMetadata {	×
124	format = utils.OutputMetadata	×
125	}	×
126
127	return get.Run(cmd.Context(), flags.ProjectRef, args[0], format)	×
128	},
129	}
130
131	ssoListCmd = &cobra.Command{
132	Use: "list",
133	Short: "List all SSO identity providers for a project",
134	Long: "List all connections to a SSO identity provider to your Supabase project.",
135	Example: ` supabase sso list --project-ref mwjylndxudmiehsxhmmz`,
136	RunE: func(cmd *cobra.Command, args []string) error {	×
137	return list.Run(cmd.Context(), flags.ProjectRef, utils.OutputFormat.Value)	×
138	},	×
139	}
140
141	ssoInfoCmd = &cobra.Command{
142	Use: "info",
143	Short: "Returns the SAML SSO settings required for the identity provider",
144	Long: "Returns all of the important SSO information necessary for your project to be registered with a SAML 2.0 compatible identity provider.",
145	Example: ` supabase sso info --project-ref mwjylndxudmiehsxhmmz`,
146	RunE: func(cmd *cobra.Command, args []string) error {	×
147	return info.Run(cmd.Context(), flags.ProjectRef, utils.OutputFormat.Value)	×
148	},	×
149	}
150	)
151
152	func init() {	×
153	persistentFlags := ssoCmd.PersistentFlags()	×
154	persistentFlags.StringVar(&flags.ProjectRef, "project-ref", "", "Project ref of the Supabase project.")	×
155	ssoAddFlags := ssoAddCmd.Flags()	×
156	ssoAddFlags.VarP(&ssoProviderType, "type", "t", "Type of identity provider (according to supported protocol).")	×
157	ssoAddFlags.StringSliceVar(&ssoDomains, "domains", nil, "Comma separated list of email domains to associate with the added identity provider.")	×
158	ssoAddFlags.StringVar(&ssoMetadataFile, "metadata-file", "", "File containing a SAML 2.0 Metadata XML document describing the identity provider.")	×
159	ssoAddFlags.StringVar(&ssoMetadataURL, "metadata-url", "", "URL pointing to a SAML 2.0 Metadata XML document describing the identity provider.")	×
160	ssoAddFlags.BoolVar(&ssoSkipURLValidation, "skip-url-validation", false, "Whether local validation of the SAML 2.0 Metadata URL should not be performed.")	×
161	ssoAddFlags.StringVar(&ssoAttributeMappingFile, "attribute-mapping-file", "", "File containing a JSON mapping between SAML attributes to custom JWT claims.")	×
NEW 162	ssoAddFlags.Var(&ssoNameIDFormat, "name-id-format", "URI reference representing the classification of string-based identifier information.")	×
163	ssoAddCmd.MarkFlagsMutuallyExclusive("metadata-file", "metadata-url")	×
164	cobra.CheckErr(ssoAddCmd.MarkFlagRequired("type"))	×
165	cobra.CheckErr(ssoAddCmd.MarkFlagFilename("metadata-file", "xml"))	×
166	cobra.CheckErr(ssoAddCmd.MarkFlagFilename("attribute-mapping-file", "json"))	×
167		×
168	ssoUpdateFlags := ssoUpdateCmd.Flags()	×
169	ssoUpdateFlags.StringSliceVar(&ssoDomains, "domains", []string{}, "Replace domains with this comma separated list of email domains.")	×
170	ssoUpdateFlags.StringSliceVar(&ssoAddDomains, "add-domains", []string{}, "Add this comma separated list of email domains to the identity provider.")	×
171	ssoUpdateFlags.StringSliceVar(&ssoRemoveDomains, "remove-domains", []string{}, "Remove this comma separated list of email domains from the identity provider.")	×
172	ssoUpdateFlags.StringVar(&ssoMetadataFile, "metadata-file", "", "File containing a SAML 2.0 Metadata XML document describing the identity provider.")	×
173	ssoUpdateFlags.StringVar(&ssoMetadataURL, "metadata-url", "", "URL pointing to a SAML 2.0 Metadata XML document describing the identity provider.")	×
174	ssoUpdateFlags.BoolVar(&ssoSkipURLValidation, "skip-url-validation", false, "Whether local validation of the SAML 2.0 Metadata URL should not be performed.")	×
175	ssoUpdateFlags.StringVar(&ssoAttributeMappingFile, "attribute-mapping-file", "", "File containing a JSON mapping between SAML attributes to custom JWT claims.")	×
NEW 176	ssoUpdateFlags.Var(&ssoNameIDFormat, "name-id-format", "URI reference representing the classification of string-based identifier information.")	×
177	ssoUpdateCmd.MarkFlagsMutuallyExclusive("metadata-file", "metadata-url")	×
178	ssoUpdateCmd.MarkFlagsMutuallyExclusive("domains", "add-domains")	×
179	ssoUpdateCmd.MarkFlagsMutuallyExclusive("domains", "remove-domains")	×
180	cobra.CheckErr(ssoUpdateCmd.MarkFlagFilename("metadata-file", "xml"))	×
181	cobra.CheckErr(ssoUpdateCmd.MarkFlagFilename("attribute-mapping-file", "json"))	×
182		×
183	ssoShowFlags := ssoShowCmd.Flags()	×
184	ssoShowFlags.BoolVar(&ssoMetadata, "metadata", false, "Show SAML 2.0 XML Metadata only")	×
185		×
186	ssoCmd.AddCommand(ssoAddCmd)	×
187	ssoCmd.AddCommand(ssoRemoveCmd)	×
188	ssoCmd.AddCommand(ssoUpdateCmd)	×
189	ssoCmd.AddCommand(ssoShowCmd)	×
190	ssoCmd.AddCommand(ssoListCmd)	×
191	ssoCmd.AddCommand(ssoInfoCmd)	×
192		×
193	rootCmd.AddCommand(ssoCmd)	×
194	}	×

supabase / cli / 19625601168

Source File Press 'n' to go to next uncovered line, 'b' for previous

Source File
Press 'n' to go to next uncovered line, 'b' for previous