From d94f3efd978181f15385d555b5aa397c48c0952c Mon Sep 17 00:00:00 2001
From: Logan Saso <logan.saso@conductorone.com>
Date: Thu, 21 Dec 2023 16:54:56 -0800
Subject: [PATCH] Fix pagination for SSO groups and added groupID to error log
 (#25)

* Fix pagination

* Empty string checking

* Spelling
---
 pkg/connector/helpers.go   | 10 ++++++++--
 pkg/connector/sso_group.go |  7 ++++---
 2 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/pkg/connector/helpers.go b/pkg/connector/helpers.go
index 77d819ff..49e5a3ec 100644
--- a/pkg/connector/helpers.go
+++ b/pkg/connector/helpers.go
@@ -64,7 +64,10 @@ func ssoGroupIdFromARN(input string) (string, error) {
 	}
 	_, after, found := strings.Cut(id.Resource, "/group/")
 	if !found {
-		return "", fmt.Errorf("ssoGroupIdFromARN: invalid resrouce '%s' in ARN", input)
+		return "", fmt.Errorf("ssoGroupIdFromARN: invalid resource '%s' in ARN", input)
+	}
+	if after == "" {
+		return "", fmt.Errorf("ssoGroupIdFromARN: invalid resource '%s' in ARN", input)
 	}
 	return after, nil
 }
@@ -76,7 +79,10 @@ func ssoUserIdFromARN(input string) (string, error) {
 	}
 	_, after, found := strings.Cut(id.Resource, "/user/")
 	if !found {
-		return "", fmt.Errorf("ssoUserIdFromARN: invalid resrouce '%s' in ARN", input)
+		return "", fmt.Errorf("ssoUserIdFromARN: invalid resource '%s' in ARN", input)
+	}
+	if after == "" {
+		return "", fmt.Errorf("ssoUserIdFromARN: invalid resource '%s' in ARN", input)
 	}
 	return after, nil
 }
diff --git a/pkg/connector/sso_group.go b/pkg/connector/sso_group.go
index a8c2fca5..cac12361 100644
--- a/pkg/connector/sso_group.go
+++ b/pkg/connector/sso_group.go
@@ -140,7 +140,7 @@ func (o *ssoGroupResourceType) Grants(ctx context.Context, resource *v2.Resource
 
 	resp, err := o.identityStoreClient.ListGroupMemberships(ctx, input)
 	if err != nil {
-		return nil, "", nil, fmt.Errorf("aws-connector: identitystore.ListGroupMemberships failed: %w", err)
+		return nil, "", nil, fmt.Errorf("aws-connector: identitystore.ListGroupMemberships failed [%s]: %w", awsSdk.ToString(input.GroupId), err)
 	}
 
 	for _, user := range resp.GroupMemberships {
@@ -160,9 +160,10 @@ func (o *ssoGroupResourceType) Grants(ctx context.Context, resource *v2.Resource
 		}
 		rv = append(rv, grant)
 	}
-	nextPage, err := bag.Marshal()
+
+	nextPage, err := bag.NextToken(awsSdk.ToString(resp.NextToken))
 	if err != nil {
-		return nil, "", nil, fmt.Errorf("aws-connector: failed to marshal pagination bag: %w", err)
+		return nil, "", nil, fmt.Errorf("aws-connector: failed to marshal pagination bag [%s]: %w", awsSdk.ToString(input.GroupId), err)
 	}
 	return rv, nextPage, nil, nil
 }