INT-8666 - Add devices ingestion

docs/jupiterone.md

@@ -165,6 +165,7 @@ The following entities are created:
 | Okta Account       | `okta_account`        | `Account`            |
 | Okta App UserGroup | `okta_app_user_group` | `UserGroup`          |
 | Okta Application   | `okta_application`    | `Application`        |
+| Okta Device        | `okta_device`         | `Device`             |
 | Okta Factor Device | `mfa_device`          | `Key`, `AccessKey`   |
 | Okta Role          | `okta_role`           | `AccessRole`         |
 | Okta Rule          | `okta_rule`           | `Configuration`      |
@@ -179,6 +180,7 @@ The following relationships are created:
 | Source Entity `_type`                  | Relationship `_class` | Target Entity `_type` |
 | -------------------------------------- | --------------------- | --------------------- |
 | `okta_account`                         | **HAS**               | `okta_application`    |
+| `okta_account`                         | **HAS**               | `okta_device`         |
 | `okta_account`                         | **HAS**               | `okta_user_group`     |
 | `okta_account`                         | **HAS**               | `okta_app_user_group` |
 | `okta_account`                         | **HAS**               | `okta_rule`           |
@@ -195,6 +197,7 @@ The following relationships are created:
 | `okta_user`                            | **CREATED**           | `okta_application`    |
 | `okta_user_group`                      | **ASSIGNED**          | `aws_iam_role`        |
 | `okta_user_group`                      | **ASSIGNED**          | `okta_role`           |
+| `okta_user`                            | **HAS**               | `okta_device`         |
 
 <!--
 ********************************************************************************

mocks/README.md

@@ -0,0 +1,23 @@
+This can be used to mock the Okta API responses when testing the integration if
+you don't have access to the real API
+
+1. Download the mock server from
+   https://github.com/JupiterOne/integrations-mock-server
+2. Follow the instructions in the README to set up the mock server (generate
+   certs -> set up environment variables in shell)
+3. Create a .env with:
+
+```
+OKTA_ORG_URL=https://dev-857255-admin.okta.com
+OKTA_API_KEY=unknown
+```
+
+4. Start the server:
+
+From `integrations-mock-server` project
+
+```
+yarn start -u https://dev-857255-admin.okta.com -c /<path-to-graph-okta>/mocks/config.json
+```
+
+5. Execute the integration `yarn start`

mocks/config.json

@@ -0,0 +1,17 @@
+{
+  "requests": {
+    "/api/v1/devices?limit=200&expand=user": {
+      "method": "GET",
+      "status": 200,
+      "content": "responses/devices.json",
+      "headers": {
+        "content-type": "application/json",
+        "date": "Wed, 14 Apr 2021 16:34:52 GMT",
+        "link": "<https://dev-857255.okta.com/api/v1/devices?limit=200&expand=user>; rel=\"self\"",
+        "x-rate-limit-limit": "500",
+        "x-rate-limit-remaining": "499",
+        "x-rate-limit-reset": "1618418152"
+      }
+    }
+  }
+}

mocks/responses/devices.json

@@ -0,0 +1,170 @@
+[
+  {
+    "id": "guo4a5u7YAHhjXrMK0g4",
+    "status": "CREATED",
+    "created": "2019-10-02T18:03:07.000Z",
+    "lastUpdated": "2019-10-02T18:03:07.000Z",
+    "profile": {
+      "displayName": "Example Device name 1",
+      "platform": "WINDOWS",
+      "manufacturer": "Acer",
+      "model": "NX.VZ0AA.005",
+      "serialNumber": "XXDDRFCFRGF3M8MD6D",
+      "sid": "S-1-11-111",
+      "registered": true,
+      "secureHardwarePresent": false,
+      "diskEncryptionType": "ALL_INTERNAL_VOLUMES"
+    },
+    "resourceType": "UDDevice",
+    "resourceDisplayName": {
+      "value": "Example Device name 1",
+      "sensitive": false
+    },
+    "resourceAlternateId": null,
+    "resourceId": "guo4a5u7YAHhjXrMK0g4",
+    "_links": {
+      "activate": {
+        "href": "https://dev-857255-admin.okta.com/api/v1/devices/guo4a5u7YAHhjXrMK0g4/lifecycle/activate",
+        "hints": {
+          "allow": ["POST"]
+        }
+      },
+      "self": {
+        "href": "https://dev-857255-admin.okta.com/api/v1/devices/guo4a5u7YAHhjXrMK0g4",
+        "hints": {
+          "allow": ["GET", "PATCH", "PUT"]
+        }
+      },
+      "users": {
+        "href": "https://dev-857255-admin.okta.com/api/v1/devices/guo4a5u7YAHhjXrMK0g4/users",
+        "hints": {
+          "allow": ["GET"]
+        }
+      }
+    },
+    "_embedded": {
+      "users": []
+    }
+  },
+  {
+    "id": "guo4a5u7YAHhjXrMK0g5",
+    "status": "ACTIVE",
+    "created": "2023-06-21T23:24:02.000Z",
+    "lastUpdated": "2023-06-21T23:24:02.000Z",
+    "profile": {
+      "displayName": "Example Device name 2",
+      "platform": "ANDROID",
+      "manufacturer": "Google",
+      "model": "Pixel 6",
+      "serialNumber": "XXDDRFCFRGF3M8MD6F",
+      "osVersion": "13:2023-05-05",
+      "registered": true,
+      "secureHardwarePresent": true,
+      "diskEncryptionType": "USER"
+    },
+    "resourceType": "UDDevice",
+    "resourceDisplayName": {
+      "value": "Example Device name 2",
+      "sensitive": false
+    },
+    "resourceAlternateId": null,
+    "resourceId": "guo4a5u7YAHhjXrMK0g5",
+    "_links": {
+      "activate": {
+        "href": "https://dev-857255-admin.okta.com/api/v1/devices/guo4a5u7YAHhjXrMK0g5/lifecycle/activate",
+        "hints": {
+          "allow": ["POST"]
+        }
+      },
+      "self": {
+        "href": "https://dev-857255-admin.okta.com/api/v1/devices/guo4a5u7YAHhjXrMK0g5",
+        "hints": {
+          "allow": ["GET", "PATCH", "PUT"]
+        }
+      },
+      "users": {
+        "href": "https://dev-857255-admin.okta.com/api/v1/devices/guo4a5u7YAHhjXrMK0g5/users",
+        "hints": {
+          "allow": ["GET"]
+        }
+      }
+    },
+    "_embedded": {
+      "users": [
+        {
+          "managementStatus": "MANAGED",
+          "created": "2023-10-01T16:52:41.000Z",
+          "screenLockType": "BIOMETRIC",
+          "user": {
+            "id": "00u6b1uy23BmWEf6B4x7",
+            "status": "ACTIVE",
+            "created": "2022-08-12T06:46:50.000Z",
+            "activated": "2022-08-12T06:46:50.000Z",
+            "statusChanged": "2023-01-27T21:05:32.000Z",
+            "lastLogin": "2023-10-14T09:04:48.000Z",
+            "lastUpdated": "2023-01-27T21:05:32.000Z",
+            "passwordChanged": "2022-08-12T06:46:50.000Z",
+            "type": {
+              "id": "oty7ut9Uu76oHVUZc0w4"
+            },
+            "profile": {
+              "firstName": "Adam",
+              "lastName": "Pierson",
+              "mobilePhone": null,
+              "secondEmail": null,
+              "login": "adam.pierson@jupiterone.com",
+              "email": "adam.pierson@jupiterone.com"
+            },
+            "credentials": {
+              "password": {},
+              "recovery_question": {
+                "question": "What is the food you least liked as a child?"
+              },
+              "provider": {
+                "type": "OKTA",
+                "name": "OKTA"
+              }
+            },
+            "_links": {
+              "suspend": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/lifecycle/suspend",
+                "method": "POST"
+              },
+              "schema": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/meta/schemas/user/osc7ut9Uu76oHVUZc0w4"
+              },
+              "resetPassword": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/lifecycle/reset_password",
+                "method": "POST"
+              },
+              "forgotPassword": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/credentials/forgot_password",
+                "method": "POST"
+              },
+              "expirePassword": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/lifecycle/expire_password",
+                "method": "POST"
+              },
+              "changeRecoveryQuestion": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/credentials/change_recovery_question",
+                "method": "POST"
+              },
+              "self": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7"
+              },
+              "type": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/meta/types/user/oty7ut9Uu76oHVUZc0w4"
+              },
+              "changePassword": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/credentials/change_password"
+              },
+              "deactivate": {
+                "href": "https://dev-857255-admin.okta.com/api/v1/users/00u6b1uy23BmWEf6B4x7/lifecycle/deactivate"
+              }
+            }
+          }
+        }
+      ]
+    }
+  }
+]

package.json

@@ -33,8 +33,9 @@
     "postversion": "cp package.json ./dist/package.json"
   },
   "dependencies": {
-    "@okta/okta-sdk-nodejs": "^6.4.0",
-    "@types/node": "^18",
+    "@okta/okta-sdk-nodejs": "7.0.1",
+    "@types/node": "^20.8.7",
+    "lodash": "^4.17.21",
     "lodash.startcase": "^4.4.0",
     "p-map": "^4",
     "promise-retry": "^1.1.1",
@@ -47,6 +48,7 @@
     "@jupiterone/integration-sdk-core": "^9.5.0",
     "@jupiterone/integration-sdk-dev-tools": "^9.5.0",
     "@jupiterone/integration-sdk-testing": "^9.5.0",
+    "@types/lodash": "^4.14.200",
     "@types/node-fetch": "^2.6.3",
     "@types/uuid": "^8.3.4",
     "@typescript-eslint/eslint-plugin": "^4.29.3",