fix tags not resolving to username if email is present (#2309)

* ensure valid tags is populated on user gets too Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * ensure forced tags are added Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * remove unused envvar in test Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * debug log auth/unauth tags in policy man Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * defer shutdown in tags test Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add tag test with groups Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add email, display name, picture to create user Updates #2166 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add ability to set display and email to cli Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * add email to test users in integration Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * fix issue where tags were only assigned to email, not username Fixes #2300 Fixes #2307 Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * expand principles to correct login name and if fix an issue where nodeip principles might not expand to all relevant IPs instead of taking the first in a prefix. Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * fix ssh unit test Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * update cli and oauth tests for users with email Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * index by test email Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> * fix last test Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com> --------- Signed-off-by: Kristoffer Dalby <kristoffer@tailscale.com>
2025-11-09 05:34:51 -05:00 · 2024-12-19 13:10:10 +01:00
parent af4508b9dc
commit 770f3dcb93
28 changed files with 409 additions and 230 deletions
--- a/integration/auth_oidc_test.go
+++ b/integration/auth_oidc_test.go
@@ -130,8 +130,9 @@ func TestOIDCAuthenticationPingAll(t *testing.T) {

 	want := []v1.User{
 		{
-			Id:   1,
-			Name: "user1",
+			Id:    1,
+			Name:  "user1",
+			Email: "user1@test.no",
 		},
 		{
 			Id:         2,
@@ -141,8 +142,9 @@ func TestOIDCAuthenticationPingAll(t *testing.T) {
 			ProviderId: oidcConfig.Issuer + "/user1",
 		},
 		{
-			Id:   3,
-			Name: "user2",
+			Id:    3,
+			Name:  "user2",
+			Email: "user2@test.no",
 		},
 		{
 			Id:         4,
@@ -260,8 +262,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 			want: func(iss string) []v1.User {
 				return []v1.User{
 					{
-						Id:   1,
-						Name: "user1",
+						Id:    1,
+						Name:  "user1",
+						Email: "user1@test.no",
 					},
 					{
 						Id:         2,
@@ -271,8 +274,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 						ProviderId: iss + "/user1",
 					},
 					{
-						Id:   3,
-						Name: "user2",
+						Id:    3,
+						Name:  "user2",
+						Email: "user2@test.no",
 					},
 					{
 						Id:         4,
@@ -295,8 +299,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 			want: func(iss string) []v1.User {
 				return []v1.User{
 					{
-						Id:   1,
-						Name: "user1",
+						Id:    1,
+						Name:  "user1",
+						Email: "user1@test.no",
 					},
 					{
 						Id:         2,
@@ -305,8 +310,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 						ProviderId: iss + "/user1",
 					},
 					{
-						Id:   3,
-						Name: "user2",
+						Id:    3,
+						Name:  "user2",
+						Email: "user2@test.no",
 					},
 					{
 						Id:         4,
@@ -357,8 +363,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 			want: func(iss string) []v1.User {
 				return []v1.User{
 					{
-						Id:   1,
-						Name: "user1",
+						Id:    1,
+						Name:  "user1",
+						Email: "user1@test.no",
 					},
 					{
 						Id:         2,
@@ -367,8 +374,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 						ProviderId: iss + "/user1",
 					},
 					{
-						Id:   3,
-						Name: "user2",
+						Id:    3,
+						Name:  "user2",
+						Email: "user2@test.no",
 					},
 					{
 						Id:         4,
@@ -421,8 +429,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 			want: func(iss string) []v1.User {
 				return []v1.User{
 					{
-						Id:   1,
-						Name: "user1.headscale.net",
+						Id:    1,
+						Name:  "user1.headscale.net",
+						Email: "user1.headscale.net@test.no",
 					},
 					{
 						Id:         2,
@@ -431,8 +440,9 @@ func TestOIDC024UserCreation(t *testing.T) {
 						ProviderId: iss + "/user1",
 					},
 					{
-						Id:   3,
-						Name: "user2.headscale.net",
+						Id:    3,
+						Name:  "user2.headscale.net",
+						Email: "user2.headscale.net@test.no",
 					},
 					{
 						Id:         4,