2020-05-18 10:06:36 +00:00
package eventstore
import (
"context"
2022-08-19 13:00:14 +00:00
"strings"
2021-06-11 11:20:39 +00:00
"time"
2022-04-26 23:01:45 +00:00
"github.com/zitadel/logging"
2021-10-04 14:19:21 +00:00
2022-04-26 23:01:45 +00:00
"github.com/zitadel/zitadel/internal/api/authz"
"github.com/zitadel/zitadel/internal/auth/repository/eventsourcing/view"
cache "github.com/zitadel/zitadel/internal/auth_request/repository"
"github.com/zitadel/zitadel/internal/command"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
es_models "github.com/zitadel/zitadel/internal/eventstore/v1/models"
"github.com/zitadel/zitadel/internal/id"
"github.com/zitadel/zitadel/internal/query"
user_repo "github.com/zitadel/zitadel/internal/repository/user"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
user_model "github.com/zitadel/zitadel/internal/user/model"
user_view_model "github.com/zitadel/zitadel/internal/user/repository/view/model"
2023-12-08 14:30:55 +00:00
"github.com/zitadel/zitadel/internal/zerrors"
2020-05-18 10:06:36 +00:00
)
2022-05-16 13:39:09 +00:00
const unknownUserID = "UNKNOWN"
2020-05-18 10:06:36 +00:00
type AuthRequestRepo struct {
2021-02-24 10:17:39 +00:00
Command * command . Commands
2021-11-26 06:57:05 +00:00
Query * query . Queries
2020-06-05 05:50:04 +00:00
AuthRequests cache . AuthRequestCache
2020-05-18 10:06:36 +00:00
View * view . View
2022-02-16 15:49:17 +00:00
UserCodeAlg crypto . EncryptionAlgorithm
2020-05-18 10:06:36 +00:00
fix(queries): Label policy projection (#2479)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* fix(queries): org iam policy
* fix: init provider
* tests
* tests
* tests
* tests
* tests
* add copy stmt
* label policy projection
* tests
* constant naming in test
* query
* fix nil pointer
* fix test
* refactor: remove useless file
* fix(configs): add options to setup
* fix: sql changes
* tests
* remove old comment
* rename label policy to styling
* fix where
* remove unused logs
* migration
* correct primary key
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-11-24 15:02:00 +00:00
LabelPolicyProvider labelPolicyProvider
2021-08-11 06:36:32 +00:00
UserSessionViewProvider userSessionViewProvider
UserViewProvider userViewProvider
UserCommandProvider userCommandProvider
UserEventProvider userEventProvider
OrgViewProvider orgViewProvider
LoginPolicyViewProvider loginPolicyViewProvider
LockoutPolicyViewProvider lockoutPolicyViewProvider
fix(queries): privacy policy (#2431)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* tests
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* correct version
* fix test
* cleanup code
* fix interface
* cleanup code
* method name
* rename method
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 15:12:34 +00:00
PrivacyPolicyProvider privacyPolicyProvider
2021-08-11 06:36:32 +00:00
IDPProviderViewProvider idpProviderViewProvider
2022-10-18 14:48:26 +00:00
IDPUserLinksProvider idpUserLinksProvider
2021-08-11 06:36:32 +00:00
UserGrantProvider userGrantProvider
2021-08-18 08:49:04 +00:00
ProjectProvider projectProvider
2021-12-14 08:47:49 +00:00
ApplicationProvider applicationProvider
2023-09-21 14:45:41 +00:00
CustomTextProvider customTextProvider
2020-05-18 10:06:36 +00:00
IdGenerator id . Generator
}
fix(queries): Label policy projection (#2479)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* fix(queries): org iam policy
* fix: init provider
* tests
* tests
* tests
* tests
* tests
* add copy stmt
* label policy projection
* tests
* constant naming in test
* query
* fix nil pointer
* fix test
* refactor: remove useless file
* fix(configs): add options to setup
* fix: sql changes
* tests
* remove old comment
* rename label policy to styling
* fix where
* remove unused logs
* migration
* correct primary key
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-11-24 15:02:00 +00:00
type labelPolicyProvider interface {
2022-11-30 16:01:17 +00:00
ActiveLabelPolicyByOrg ( context . Context , string , bool ) ( * query . LabelPolicy , error )
fix(queries): Label policy projection (#2479)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* fix(queries): org iam policy
* fix: init provider
* tests
* tests
* tests
* tests
* tests
* add copy stmt
* label policy projection
* tests
* constant naming in test
* query
* fix nil pointer
* fix test
* refactor: remove useless file
* fix(configs): add options to setup
* fix: sql changes
* tests
* remove old comment
* rename label policy to styling
* fix where
* remove unused logs
* migration
* correct primary key
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-11-24 15:02:00 +00:00
}
fix(queries): privacy policy (#2431)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* tests
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* correct version
* fix test
* cleanup code
* fix interface
* cleanup code
* method name
* rename method
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 15:12:34 +00:00
type privacyPolicyProvider interface {
2022-11-30 16:01:17 +00:00
PrivacyPolicyByOrg ( context . Context , bool , string , bool ) ( * query . PrivacyPolicy , error )
fix(queries): privacy policy (#2431)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* tests
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* correct version
* fix test
* cleanup code
* fix interface
* cleanup code
* method name
* rename method
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 15:12:34 +00:00
}
2020-05-18 10:06:36 +00:00
type userSessionViewProvider interface {
2022-04-19 06:26:12 +00:00
UserSessionByIDs ( string , string , string ) ( * user_view_model . UserSessionView , error )
UserSessionsByAgentID ( string , string ) ( [ ] * user_view_model . UserSessionView , error )
2023-10-19 10:19:10 +00:00
GetLatestUserSessionSequence ( ctx context . Context , instanceID string ) ( * query . CurrentState , error )
2020-05-18 10:06:36 +00:00
}
2023-04-28 14:28:13 +00:00
2020-05-18 10:06:36 +00:00
type userViewProvider interface {
2022-04-19 06:26:12 +00:00
UserByID ( string , string ) ( * user_view_model . UserView , error )
2020-05-18 10:06:36 +00:00
}
2020-09-18 11:26:28 +00:00
type loginPolicyViewProvider interface {
2022-11-30 16:01:17 +00:00
LoginPolicyByID ( context . Context , bool , string , bool ) ( * query . LoginPolicy , error )
2020-09-18 11:26:28 +00:00
}
2021-08-11 06:36:32 +00:00
type lockoutPolicyViewProvider interface {
2024-04-10 09:14:55 +00:00
LockoutPolicyByOrg ( context . Context , bool , string ) ( * query . LockoutPolicy , error )
2021-08-11 06:36:32 +00:00
}
2020-09-18 11:26:28 +00:00
type idpProviderViewProvider interface {
2023-02-28 20:20:58 +00:00
IDPLoginPolicyLinks ( context . Context , string , * query . IDPLoginPolicyLinksSearchQuery , bool ) ( * query . IDPLoginPolicyLinks , error )
2020-09-18 11:26:28 +00:00
}
2022-10-18 14:48:26 +00:00
type idpUserLinksProvider interface {
2022-11-30 16:01:17 +00:00
IDPUserLinks ( ctx context . Context , queries * query . IDPUserLinksSearchQuery , withOwnerRemoved bool ) ( * query . IDPUserLinks , error )
2022-10-18 14:48:26 +00:00
}
2020-06-05 05:50:04 +00:00
type userEventProvider interface {
2023-12-14 10:07:47 +00:00
UserEventsByID ( ctx context . Context , id string , changeDate time . Time , eventTypes [ ] eventstore . EventType ) ( [ ] eventstore . Event , error )
2021-02-08 10:30:30 +00:00
}
type userCommandProvider interface {
2021-11-02 09:08:47 +00:00
BulkAddedUserIDPLinks ( ctx context . Context , userID , resourceOwner string , externalIDPs [ ] * domain . UserIDPLink ) error
2020-06-05 05:50:04 +00:00
}
2020-06-19 12:52:04 +00:00
type orgViewProvider interface {
2022-06-14 05:51:00 +00:00
OrgByID ( context . Context , bool , string ) ( * query . Org , error )
2022-10-06 11:30:14 +00:00
OrgByPrimaryDomain ( context . Context , string ) ( * query . Org , error )
2020-06-19 12:52:04 +00:00
}
2020-10-16 05:49:38 +00:00
type userGrantProvider interface {
2023-11-20 15:21:08 +00:00
ProjectByClientID ( context . Context , string ) ( * query . Project , error )
2022-06-09 09:48:54 +00:00
UserGrantsByProjectAndUserID ( context . Context , string , string ) ( [ ] * query . UserGrant , error )
2020-10-16 05:49:38 +00:00
}
2021-08-18 08:49:04 +00:00
type projectProvider interface {
2023-11-20 15:21:08 +00:00
ProjectByClientID ( context . Context , string ) ( * query . Project , error )
SearchProjectGrants ( ctx context . Context , queries * query . ProjectGrantSearchQueries ) ( projects * query . ProjectGrants , err error )
2021-08-18 08:49:04 +00:00
}
2021-12-14 08:47:49 +00:00
type applicationProvider interface {
2023-11-21 12:11:38 +00:00
AppByOIDCClientID ( context . Context , string ) ( * query . App , error )
2021-12-14 08:47:49 +00:00
}
2023-09-21 14:45:41 +00:00
type customTextProvider interface {
CustomTextListByTemplate ( ctx context . Context , aggregateID string , text string , withOwnerRemoved bool ) ( texts * query . CustomTexts , err error )
}
2020-05-18 10:06:36 +00:00
func ( repo * AuthRequestRepo ) Health ( ctx context . Context ) error {
return repo . AuthRequests . Health ( ctx )
}
2021-02-08 10:30:30 +00:00
func ( repo * AuthRequestRepo ) CreateAuthRequest ( ctx context . Context , request * domain . AuthRequest ) ( _ * domain . AuthRequest , err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2020-05-18 10:06:36 +00:00
reqID , err := repo . IdGenerator . Next ( )
if err != nil {
return nil , err
}
request . ID = reqID
2023-11-20 15:21:08 +00:00
project , err := repo . ProjectProvider . ProjectByClientID ( ctx , request . ApplicationID )
2020-10-16 05:49:38 +00:00
if err != nil {
return nil , err
}
2021-11-26 06:57:05 +00:00
request . AppendAudIfNotExisting ( project . ID )
request . ApplicationResourceOwner = project . ResourceOwner
request . PrivateLabelingSetting = project . PrivateLabelingSetting
2022-06-27 07:24:23 +00:00
if err := setOrgID ( ctx , repo . OrgViewProvider , request ) ; err != nil {
2020-12-14 09:54:29 +00:00
return nil , err
}
2020-07-07 06:14:44 +00:00
if request . LoginHint != "" {
2020-09-18 11:26:28 +00:00
err = repo . checkLoginName ( ctx , request , request . LoginHint )
2022-07-28 12:11:10 +00:00
logging . WithFields ( "login name" , request . LoginHint , "id" , request . ID , "applicationID" , request . ApplicationID , "traceID" , tracing . TraceIDFromCtx ( ctx ) ) . OnError ( err ) . Info ( "login hint invalid" )
2020-07-07 06:14:44 +00:00
}
2021-11-03 07:35:24 +00:00
if request . UserID == "" && request . LoginHint == "" && domain . IsPrompt ( request . Prompt , domain . PromptNone ) {
2023-08-18 07:21:31 +00:00
err = repo . tryUsingOnlyUserSession ( ctx , request )
2022-07-06 06:32:05 +00:00
logging . WithFields ( "id" , request . ID , "applicationID" , request . ApplicationID , "traceID" , tracing . TraceIDFromCtx ( ctx ) ) . OnError ( err ) . Debug ( "unable to select only user session" )
2021-11-03 07:35:24 +00:00
}
2021-09-10 07:49:49 +00:00
2020-05-18 10:06:36 +00:00
err = repo . AuthRequests . SaveAuthRequest ( ctx , request )
if err != nil {
return nil , err
}
return request , nil
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) AuthRequestByID ( ctx context . Context , id , userAgentID string ) ( _ * domain . AuthRequest , err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
return repo . getAuthRequestNextSteps ( ctx , id , userAgentID , false )
2020-06-05 05:50:04 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) AuthRequestByIDCheckLoggedIn ( ctx context . Context , id , userAgentID string ) ( _ * domain . AuthRequest , err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
return repo . getAuthRequestNextSteps ( ctx , id , userAgentID , true )
2020-06-05 05:50:04 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) SaveAuthCode ( ctx context . Context , id , code , userAgentID string ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , id , userAgentID )
2020-06-05 05:50:04 +00:00
if err != nil {
return err
}
request . Code = code
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2023-09-29 09:26:14 +00:00
func ( repo * AuthRequestRepo ) SaveSAMLRequestID ( ctx context . Context , id , requestID , userAgentID string ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
request , err := repo . getAuthRequest ( ctx , id , userAgentID )
if err != nil {
return err
}
request . SAMLRequestID = requestID
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) AuthRequestByCode ( ctx context . Context , code string ) ( _ * domain . AuthRequest , err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . AuthRequests . GetAuthRequestByCode ( ctx , code )
2020-05-18 10:06:36 +00:00
if err != nil {
return nil , err
}
2021-07-05 13:10:49 +00:00
err = repo . fillPolicies ( ctx , request )
2020-11-04 10:26:10 +00:00
if err != nil {
return nil , err
}
2020-06-05 05:50:04 +00:00
steps , err := repo . nextSteps ( ctx , request , true )
2020-05-18 10:06:36 +00:00
if err != nil {
return nil , err
}
request . PossibleSteps = steps
return request , nil
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) DeleteAuthRequest ( ctx context . Context , id string ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
return repo . AuthRequests . DeleteAuthRequest ( ctx , id )
2020-06-05 05:50:04 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) CheckLoginName ( ctx context . Context , id , loginName , userAgentID string ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , id , userAgentID )
2020-05-18 10:06:36 +00:00
if err != nil {
return err
}
2020-09-18 11:26:28 +00:00
err = repo . checkLoginName ( ctx , request , loginName )
if err != nil {
return err
}
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) SelectExternalIDP ( ctx context . Context , authReqID , idpConfigID , userAgentID string ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
err = repo . checkSelectedExternalIDP ( request , idpConfigID )
2020-05-18 10:06:36 +00:00
if err != nil {
return err
}
2020-06-05 05:50:04 +00:00
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2023-08-04 09:35:36 +00:00
func ( repo * AuthRequestRepo ) CheckExternalUserLogin ( ctx context . Context , authReqID , userAgentID string , externalUser * domain . ExternalUser , info * domain . BrowserInfo , migrationCheck bool ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
2021-08-13 12:27:24 +00:00
err = repo . checkExternalUserLogin ( ctx , request , externalUser . IDPConfigID , externalUser . ExternalUserID )
2023-12-08 14:30:55 +00:00
if zerrors . IsNotFound ( err ) {
2023-06-21 05:00:03 +00:00
// clear potential user information (e.g. when username was entered but another external user was returned)
request . SetUserInfo ( "" , "" , "" , "" , "" , request . UserOrgID )
2023-08-04 09:35:36 +00:00
// in case the check was done with an ID, that was retrieved by a session that allows migration,
// we do not need to set the linking user and return early
if migrationCheck {
return err
}
2020-10-07 14:29:56 +00:00
if err := repo . setLinkingUser ( ctx , request , externalUser ) ; err != nil {
return err
}
return err
2020-09-18 11:26:28 +00:00
}
if err != nil {
return err
}
2020-10-02 06:02:09 +00:00
2021-11-02 09:08:47 +00:00
err = repo . Command . UserIDPLoginChecked ( ctx , request . UserOrgID , request . UserID , request . WithCurrentInfo ( info ) )
2020-10-02 06:02:09 +00:00
if err != nil {
return err
}
2020-09-18 11:26:28 +00:00
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) SetExternalUserLogin ( ctx context . Context , authReqID , userAgentID string , externalUser * domain . ExternalUser ) ( err error ) {
2021-08-11 11:50:03 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2021-08-11 11:50:03 +00:00
if err != nil {
return err
}
err = repo . setLinkingUser ( ctx , request , externalUser )
if err != nil {
return err
}
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2023-06-15 07:02:53 +00:00
func ( repo * AuthRequestRepo ) SetLinkingUser ( ctx context . Context , request * domain . AuthRequest , externalUser * domain . ExternalUser ) error {
for i , user := range request . LinkingUsers {
if user . ExternalUserID == externalUser . ExternalUserID {
request . LinkingUsers [ i ] = externalUser
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
}
return nil
}
2021-02-08 10:30:30 +00:00
func ( repo * AuthRequestRepo ) setLinkingUser ( ctx context . Context , request * domain . AuthRequest , externalUser * domain . ExternalUser ) error {
2020-09-18 11:26:28 +00:00
request . LinkingUsers = append ( request . LinkingUsers , externalUser )
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2024-04-10 15:46:30 +00:00
func ( repo * AuthRequestRepo ) SelectUser ( ctx context . Context , authReqID , userID , userAgentID string ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2024-04-10 15:46:30 +00:00
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2020-06-05 05:50:04 +00:00
if err != nil {
return err
}
2022-05-16 13:39:09 +00:00
user , err := activeUserByID ( ctx , repo . UserViewProvider , repo . UserEventProvider , repo . OrgViewProvider , repo . LockoutPolicyViewProvider , userID , false )
2020-06-05 05:50:04 +00:00
if err != nil {
return err
}
2020-12-14 09:54:29 +00:00
if request . RequestedOrgID != "" && request . RequestedOrgID != user . ResourceOwner {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowPreconditionFailed ( nil , "EVENT-fJe2a" , "Errors.User.NotAllowedOrg" )
2020-12-14 09:54:29 +00:00
}
2021-03-26 15:29:26 +00:00
username := user . UserName
if request . RequestedOrgID == "" {
username = user . PreferredLoginName
}
feat: label policy (#1708)
* feat: label policy proto extension
* feat: label policy and activate event
* feat: label policy asset events
* feat: label policy asset commands
* feat: add storage key
* feat: storage key validation
* feat: label policy asset tests
* feat: label policy query side
* feat: avatar
* feat: avatar event
* feat: human avatar
* feat: avatar read side
* feat: font on iam label policy
* feat: label policy font
* feat: possiblity to create bucket on put file
* uplaoder
* login policy logo
* set bucket prefix
* feat: avatar upload
* feat: avatar upload
* feat: use assets on command side
* feat: fix human avatar removed event
* feat: remove human avatar
* feat: mock asset storage
* feat: remove human avatar
* fix(operator): add configuration of asset storage to zitadel operator
* feat(console): private labeling policy (#1697)
* private labeling component, routing, preview
* font, colors, upload, i18n
* show logo
* fix: uniqueness (#1710)
* fix: uniqueconstraint to lower
* feat: change org
* feat: org change test
* feat: change org
* fix: tests
* fix: handle domain claims correctly
* feat: update org
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: handle domain claimed event correctly for service users (#1711)
* fix: handle domain claimed event correctly on user view
* fix: ignore domain claimed events for email notifications
* fix: change org
* handle org changed in read models correctly
* fix: change org in user grant handler
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: correct value (#1695)
* docs(api): correct link (#1712)
* upload service
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: fix tests,
* feat: remove assets from label policy
* fix npm, set environment
* lint ts
* remove stylelinting
* fix(operator): add mapping for console with changed unit tests
* fix(operator): add secrets as env variables to pod
* feat: remove human avatar
* fix(operator): add secrets as env variables to pod
* feat: map label policy
* feat: labelpolicy, admin, mgmt, adv settings (#1715)
* fetch label policy, mgmt, admin service
* feat: advanced beh, links, add, update
* lint ts
* feat: watermark
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: custom css
* css
* css
* css
* css
* css
* getobject
* feat: dynamic handler
* feat: varibale css
* content info
* css overwrite
* feat: variablen css
* feat: generate css file
* feat: dark mode
* feat: dark mode
* fix logo css
* feat: upload logos
* dark mode with cookie
* feat: handle images in login
* avatar css and begin font
* feat: avatar
* feat: user avatar
* caching of static assets in login
* add avatar.js to main.html
* feat: header dont show logo if no url
* feat: label policy colors
* feat: mock asset storage
* feat: mock asset storage
* feat: fix tests
* feat: user avatar
* feat: header logo
* avatar
* avatar
* make it compatible with go 1.15
* feat: remove unused logos
* fix handler
* fix: styling error handling
* fonts
* fix: download func
* switch to mux
* fix: change upload api to assets
* fix build
* fix: download avatar
* fix: download logos
* fix: my avatar
* font
* fix: remove error msg popup possibility
* fix: docs
* fix: svalidate colors
* rem msg popup from frontend
* fix: email with private labeling
* fix: tests
* fix: email templates
* fix: change migration version
* fix: fix duplicate imports
* fix(console): assets, service url, upload, policy current and preview (#1781)
* upload endpoint, layout
* fetch current, preview, fix upload
* cleanup private labeling
* fix linting
* begin generated asset handler
* generate asset api in dockerfile
* features for label policy
* features for label policy
* features
* flag for asset generator
* change asset generator flag
* fix label policy view in grpc
* fix: layout, activate policy (#1786)
* theme switcher up on top
* change layout
* activate policy
* feat(console): label policy back color, layout (#1788)
* theme switcher up on top
* change layout
* activate policy
* fix overwrite value fc
* reset policy, reset service
* autosave policy, preview desc, layout impv
* layout, i18n
* background colors, inject material styles
* load images
* clean, lint
* fix layout
* set custom hex
* fix content size conversion
* remove font format in generated css
* fix features for assets
* fix(console): label policy colors, image downloads, preview (#1804)
* load images
* colors, images binding
* lint
* refresh emitter
* lint
* propagate font colors
* upload error handling
* label policy feature check
* add blob in csp for console
* log
* fix: feature edits for label policy, refresh state on upload (#1807)
* show error on load image, stop spinner
* fix merge
* fix migration versions
* fix assets
* fix csp
* fix background color
* scss
* fix build
* lint scss
* fix statik for console
* fix features check for label policy
* cleanup
* lint
* public links
* fix notifications
* public links
* feat: merge main
* feat: fix translation files
* fix migration
* set api domain
* fix logo in email
* font face in email
* font face in email
* validate assets on upload
* cleanup
* add missing translations
* add missing translations
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2021-06-04 12:53:51 +00:00
request . SetUserInfo ( user . ID , username , user . PreferredLoginName , user . DisplayName , user . AvatarKey , user . ResourceOwner )
2020-06-05 05:50:04 +00:00
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
2020-05-18 10:06:36 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) VerifyPassword ( ctx context . Context , authReqID , userID , resourceOwner , password , userAgentID string , info * domain . BrowserInfo ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequestEnsureUser ( ctx , authReqID , userAgentID , userID )
2020-05-18 10:06:36 +00:00
if err != nil {
2022-05-16 13:39:09 +00:00
if isIgnoreUserNotFoundError ( err , request ) {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowInvalidArgument ( nil , "EVENT-SDe2f" , "Errors.User.UsernameOrPassword.Invalid" )
2022-05-16 13:39:09 +00:00
}
2020-05-18 10:06:36 +00:00
return err
}
2021-08-11 06:36:32 +00:00
policy , err := repo . getLockoutPolicy ( ctx , resourceOwner )
if err != nil {
return err
}
2022-05-16 13:39:09 +00:00
err = repo . Command . HumanCheckPassword ( ctx , resourceOwner , userID , password , request . WithCurrentInfo ( info ) , lockoutPolicyToDomain ( policy ) )
if isIgnoreUserInvalidPasswordError ( err , request ) {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowInvalidArgument ( nil , "EVENT-Jsf32" , "Errors.User.UsernameOrPassword.Invalid" )
2022-05-16 13:39:09 +00:00
}
return err
}
func isIgnoreUserNotFoundError ( err error , request * domain . AuthRequest ) bool {
2023-12-08 14:30:55 +00:00
return request != nil && request . LoginPolicy != nil && request . LoginPolicy . IgnoreUnknownUsernames && zerrors . IsNotFound ( err ) && zerrors . Contains ( err , "Errors.User.NotFound" )
2022-05-16 13:39:09 +00:00
}
func isIgnoreUserInvalidPasswordError ( err error , request * domain . AuthRequest ) bool {
2023-12-08 14:30:55 +00:00
return request != nil && request . LoginPolicy != nil && request . LoginPolicy . IgnoreUnknownUsernames && zerrors . IsErrorInvalidArgument ( err ) && zerrors . Contains ( err , "Errors.User.Password.Invalid" )
fix(queries): lockout policy (#2419)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* fix test
* cleanup code
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 14:28:24 +00:00
}
func lockoutPolicyToDomain ( policy * query . LockoutPolicy ) * domain . LockoutPolicy {
return & domain . LockoutPolicy {
ObjectRoot : es_models . ObjectRoot {
AggregateID : policy . ID ,
Sequence : policy . Sequence ,
ResourceOwner : policy . ResourceOwner ,
CreationDate : policy . CreationDate ,
ChangeDate : policy . ChangeDate ,
} ,
Default : policy . IsDefault ,
MaxPasswordAttempts : policy . MaxPasswordAttempts ,
2024-04-10 09:14:55 +00:00
MaxOTPAttempts : policy . MaxOTPAttempts ,
fix(queries): lockout policy (#2419)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* fix test
* cleanup code
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 14:28:24 +00:00
ShowLockOutFailures : policy . ShowFailures ,
}
2020-05-18 10:06:36 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) VerifyMFAOTP ( ctx context . Context , authRequestID , userID , resourceOwner , code , userAgentID string , info * domain . BrowserInfo ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
2020-05-18 10:06:36 +00:00
if err != nil {
return err
}
2023-08-02 16:57:53 +00:00
return repo . Command . HumanCheckMFATOTP ( ctx , userID , code , resourceOwner , request . WithCurrentInfo ( info ) )
2020-12-02 16:00:04 +00:00
}
2023-08-15 12:47:05 +00:00
func ( repo * AuthRequestRepo ) SendMFAOTPSMS ( ctx context . Context , userID , resourceOwner , authRequestID , userAgentID string ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
if err != nil {
return err
}
return repo . Command . HumanSendOTPSMS ( ctx , userID , resourceOwner , request )
}
func ( repo * AuthRequestRepo ) VerifyMFAOTPSMS ( ctx context . Context , userID , resourceOwner , code , authRequestID , userAgentID string , info * domain . BrowserInfo ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
if err != nil {
return err
}
return repo . Command . HumanCheckOTPSMS ( ctx , userID , code , resourceOwner , request . WithCurrentInfo ( info ) )
}
func ( repo * AuthRequestRepo ) SendMFAOTPEmail ( ctx context . Context , userID , resourceOwner , authRequestID , userAgentID string ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
if err != nil {
return err
}
return repo . Command . HumanSendOTPEmail ( ctx , userID , resourceOwner , request )
}
func ( repo * AuthRequestRepo ) VerifyMFAOTPEmail ( ctx context . Context , userID , resourceOwner , code , authRequestID , userAgentID string , info * domain . BrowserInfo ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
if err != nil {
return err
}
return repo . Command . HumanCheckOTPEmail ( ctx , userID , code , resourceOwner , request . WithCurrentInfo ( info ) )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) BeginMFAU2FLogin ( ctx context . Context , userID , resourceOwner , authRequestID , userAgentID string ) ( login * domain . WebAuthNLogin , err error ) {
2020-12-02 16:00:04 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
2020-12-02 16:00:04 +00:00
if err != nil {
return nil , err
}
2022-07-06 06:32:05 +00:00
return repo . Command . HumanBeginU2FLogin ( ctx , userID , resourceOwner , request )
2020-12-02 16:00:04 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) VerifyMFAU2F ( ctx context . Context , userID , resourceOwner , authRequestID , userAgentID string , credentialData [ ] byte , info * domain . BrowserInfo ) ( err error ) {
2020-12-02 16:00:04 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
2020-12-02 16:00:04 +00:00
if err != nil {
return err
}
2022-07-06 06:32:05 +00:00
return repo . Command . HumanFinishU2FLogin ( ctx , userID , resourceOwner , credentialData , request )
2020-12-02 16:00:04 +00:00
}
2021-10-04 14:19:21 +00:00
func ( repo * AuthRequestRepo ) BeginPasswordlessSetup ( ctx context . Context , userID , resourceOwner string , authenticatorPlatform domain . AuthenticatorAttachment ) ( login * domain . WebAuthNToken , err error ) {
2021-08-02 13:24:58 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2021-10-04 14:19:21 +00:00
return repo . Command . HumanAddPasswordlessSetup ( ctx , userID , resourceOwner , true , authenticatorPlatform )
2021-08-02 13:24:58 +00:00
}
func ( repo * AuthRequestRepo ) VerifyPasswordlessSetup ( ctx context . Context , userID , resourceOwner , userAgentID , tokenName string , credentialData [ ] byte ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
_ , err = repo . Command . HumanHumanPasswordlessSetup ( ctx , userID , resourceOwner , tokenName , userAgentID , credentialData )
return err
}
2021-10-04 14:19:21 +00:00
func ( repo * AuthRequestRepo ) BeginPasswordlessInitCodeSetup ( ctx context . Context , userID , resourceOwner , codeID , verificationCode string , preferredPlatformType domain . AuthenticatorAttachment ) ( login * domain . WebAuthNToken , err error ) {
2021-08-02 13:24:58 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-02-16 15:49:17 +00:00
passwordlessInitCode , err := repo . Query . InitEncryptionGenerator ( ctx , domain . SecretGeneratorTypePasswordlessInitCode , repo . UserCodeAlg )
if err != nil {
return nil , err
}
return repo . Command . HumanAddPasswordlessSetupInitCode ( ctx , userID , resourceOwner , codeID , verificationCode , preferredPlatformType , passwordlessInitCode )
2021-08-02 13:24:58 +00:00
}
func ( repo * AuthRequestRepo ) VerifyPasswordlessInitCodeSetup ( ctx context . Context , userID , resourceOwner , userAgentID , tokenName , codeID , verificationCode string , credentialData [ ] byte ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-02-16 15:49:17 +00:00
passwordlessInitCode , err := repo . Query . InitEncryptionGenerator ( ctx , domain . SecretGeneratorTypePasswordlessInitCode , repo . UserCodeAlg )
if err != nil {
return err
}
_ , err = repo . Command . HumanPasswordlessSetupInitCode ( ctx , userID , resourceOwner , tokenName , userAgentID , codeID , verificationCode , credentialData , passwordlessInitCode )
2021-08-02 13:24:58 +00:00
return err
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) BeginPasswordlessLogin ( ctx context . Context , userID , resourceOwner , authRequestID , userAgentID string ) ( login * domain . WebAuthNLogin , err error ) {
2020-12-02 16:00:04 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
2020-12-02 16:00:04 +00:00
if err != nil {
return nil , err
}
2022-07-06 06:32:05 +00:00
return repo . Command . HumanBeginPasswordlessLogin ( ctx , userID , resourceOwner , request )
2020-12-02 16:00:04 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) VerifyPasswordless ( ctx context . Context , userID , resourceOwner , authRequestID , userAgentID string , credentialData [ ] byte , info * domain . BrowserInfo ) ( err error ) {
2020-12-02 16:00:04 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequestEnsureUser ( ctx , authRequestID , userAgentID , userID )
2020-12-02 16:00:04 +00:00
if err != nil {
return err
2020-05-18 10:06:36 +00:00
}
2022-07-06 06:32:05 +00:00
return repo . Command . HumanFinishPasswordlessLogin ( ctx , userID , resourceOwner , credentialData , request )
2020-05-18 10:06:36 +00:00
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) LinkExternalUsers ( ctx context . Context , authReqID , userAgentID string , info * domain . BrowserInfo ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
2021-02-08 10:30:30 +00:00
err = linkExternalIDPs ( ctx , repo . UserCommandProvider , request )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
2021-11-02 09:08:47 +00:00
err = repo . Command . UserIDPLoginChecked ( ctx , request . UserOrgID , request . UserID , request . WithCurrentInfo ( info ) )
2020-10-02 06:02:09 +00:00
if err != nil {
return err
}
2020-09-18 11:26:28 +00:00
request . LinkingUsers = nil
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) ResetLinkingUsers ( ctx context . Context , authReqID , userAgentID string ) error {
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2020-09-28 07:29:41 +00:00
if err != nil {
return err
}
request . LinkingUsers = nil
request . SelectedIDPConfigID = ""
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2023-03-24 15:18:56 +00:00
func ( repo * AuthRequestRepo ) ResetSelectedIDP ( ctx context . Context , authReqID , userAgentID string ) error {
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
if err != nil {
return err
}
request . SelectedIDPConfigID = ""
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) AutoRegisterExternalUser ( ctx context . Context , registerUser * domain . Human , externalIDP * domain . UserIDPLink , orgMemberRoles [ ] string , authReqID , userAgentID , resourceOwner string , metadatas [ ] * domain . Metadata , info * domain . BrowserInfo ) ( err error ) {
2020-10-21 08:18:34 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-05 05:58:09 +00:00
request , err := repo . getAuthRequest ( ctx , authReqID , userAgentID )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
2022-02-16 15:49:17 +00:00
initCodeGenerator , err := repo . Query . InitEncryptionGenerator ( ctx , domain . SecretGeneratorTypeInitCode , repo . UserCodeAlg )
if err != nil {
return err
}
2022-10-18 14:48:26 +00:00
emailCodeGenerator , err := repo . Query . InitEncryptionGenerator ( ctx , domain . SecretGeneratorTypeVerifyEmailCode , repo . UserCodeAlg )
if err != nil {
return err
}
2022-02-16 15:49:17 +00:00
phoneCodeGenerator , err := repo . Query . InitEncryptionGenerator ( ctx , domain . SecretGeneratorTypeVerifyPhoneCode , repo . UserCodeAlg )
if err != nil {
return err
}
2022-10-18 14:48:26 +00:00
human , err := repo . Command . RegisterHuman ( ctx , resourceOwner , registerUser , externalIDP , orgMemberRoles , initCodeGenerator , emailCodeGenerator , phoneCodeGenerator )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
2024-03-20 14:02:57 +00:00
request . SetUserInfo ( human . AggregateID , human . Username , human . PreferredLoginName , human . DisplayName , "" , human . ResourceOwner )
2020-09-18 11:26:28 +00:00
request . SelectedIDPConfigID = externalIDP . IDPConfigID
request . LinkingUsers = nil
2021-11-02 09:08:47 +00:00
err = repo . Command . UserIDPLoginChecked ( ctx , request . UserOrgID , request . UserID , request . WithCurrentInfo ( info ) )
2020-10-02 06:02:09 +00:00
if err != nil {
return err
}
2021-09-27 11:43:49 +00:00
if len ( metadatas ) > 0 {
_ , err = repo . Command . BulkSetUserMetadata ( ctx , request . UserID , request . UserOrgID , metadatas ... )
if err != nil {
return err
}
}
2020-09-18 11:26:28 +00:00
return repo . AuthRequests . UpdateAuthRequest ( ctx , request )
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) getAuthRequestNextSteps ( ctx context . Context , id , userAgentID string , checkLoggedIn bool ) ( * domain . AuthRequest , error ) {
request , err := repo . getAuthRequest ( ctx , id , userAgentID )
2020-06-05 05:50:04 +00:00
if err != nil {
return nil , err
}
steps , err := repo . nextSteps ( ctx , request , checkLoggedIn )
if err != nil {
2021-10-28 12:50:29 +00:00
return request , err
2020-06-05 05:50:04 +00:00
}
request . PossibleSteps = steps
return request , nil
}
2022-04-05 05:58:09 +00:00
func ( repo * AuthRequestRepo ) getAuthRequestEnsureUser ( ctx context . Context , authRequestID , userAgentID , userID string ) ( * domain . AuthRequest , error ) {
request , err := repo . getAuthRequest ( ctx , authRequestID , userAgentID )
2020-12-02 16:00:04 +00:00
if err != nil {
return nil , err
}
2023-08-07 08:01:24 +00:00
// If there's no user, checks if the user could be reused (from the session).
// (the nextStepsUser will update the userID in the request in that case)
if request . UserID == "" {
2023-08-18 07:21:31 +00:00
if _ , err = repo . nextStepsUser ( ctx , request ) ; err != nil {
2023-08-07 08:01:24 +00:00
return nil , err
}
}
2020-12-02 16:00:04 +00:00
if request . UserID != userID {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPreconditionFailed ( nil , "EVENT-GBH32" , "Errors.User.NotMatchingUserID" )
2020-12-02 16:00:04 +00:00
}
2022-05-16 13:39:09 +00:00
_ , err = activeUserByID ( ctx , repo . UserViewProvider , repo . UserEventProvider , repo . OrgViewProvider , repo . LockoutPolicyViewProvider , request . UserID , false )
2021-08-11 06:36:32 +00:00
if err != nil {
2022-05-16 13:39:09 +00:00
return request , err
2021-08-11 06:36:32 +00:00
}
2020-12-02 16:00:04 +00:00
return request , nil
}
2023-08-18 07:21:31 +00:00
func ( repo * AuthRequestRepo ) getAuthRequest ( ctx context . Context , id , userAgentID string ) ( request * domain . AuthRequest , err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
request , err = repo . AuthRequests . GetAuthRequestByID ( ctx , id )
2020-08-31 06:49:35 +00:00
if err != nil {
return nil , err
}
if request . AgentID != userAgentID {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPermissionDenied ( nil , "EVENT-adk13" , "Errors.AuthRequest.UserAgentNotCorresponding" )
2020-08-31 06:49:35 +00:00
}
2021-07-05 13:10:49 +00:00
err = repo . fillPolicies ( ctx , request )
2020-09-18 11:26:28 +00:00
if err != nil {
return nil , err
}
2020-08-31 06:49:35 +00:00
return request , nil
}
fix(queries): login policy projection (#2401)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* move org domain to query
* cleanup code
* add org id as condition to projection
* begin projection
* add custom column constructors
* start query
* import
* initial implementation of login policy
* remove unused field
* tests
* factors
* simplify reducers
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column
* column
* column for current sequences
* latest sequence
* global counter column
* fix is org unique
* remove col
* fix naming
* correct errors
* deprecate duplicated is_default in api's,
error messages,
migrations
* Update internal/query/policy_login.go
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update login_policy.go
* fix tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-19 08:10:37 +00:00
func ( repo * AuthRequestRepo ) getLoginPolicyAndIDPProviders ( ctx context . Context , orgID string ) ( * query . LoginPolicy , [ ] * domain . IDPProvider , error ) {
2022-11-30 16:01:17 +00:00
policy , err := repo . LoginPolicyViewProvider . LoginPolicyByID ( ctx , false , orgID , false )
2020-09-18 11:26:28 +00:00
if err != nil {
return nil , nil , err
}
fix(queries): login policy projection (#2401)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* move org domain to query
* cleanup code
* add org id as condition to projection
* begin projection
* add custom column constructors
* start query
* import
* initial implementation of login policy
* remove unused field
* tests
* factors
* simplify reducers
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column
* column
* column for current sequences
* latest sequence
* global counter column
* fix is org unique
* remove col
* fix naming
* correct errors
* deprecate duplicated is_default in api's,
error messages,
migrations
* Update internal/query/policy_login.go
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update login_policy.go
* fix tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-19 08:10:37 +00:00
if ! policy . AllowExternalIDPs {
return policy , nil , nil
2020-09-18 11:26:28 +00:00
}
2023-02-28 20:20:58 +00:00
idpProviders , err := getLoginPolicyIDPProviders ( ctx , repo . IDPProviderViewProvider , authz . GetInstance ( ctx ) . InstanceID ( ) , orgID , policy . IsDefault )
2020-09-18 11:26:28 +00:00
if err != nil {
return nil , nil , err
}
2023-02-28 20:20:58 +00:00
return policy , idpProviders , nil
2020-09-18 11:26:28 +00:00
}
2021-07-05 13:10:49 +00:00
func ( repo * AuthRequestRepo ) fillPolicies ( ctx context . Context , request * domain . AuthRequest ) error {
2024-02-28 08:55:54 +00:00
instance := authz . GetInstance ( ctx )
2020-12-14 09:54:29 +00:00
orgID := request . RequestedOrgID
2020-09-18 11:26:28 +00:00
if orgID == "" {
2020-12-14 09:54:29 +00:00
orgID = request . UserOrgID
2020-09-18 11:26:28 +00:00
}
if orgID == "" {
2023-09-29 08:21:32 +00:00
orgID = authz . GetInstance ( ctx ) . DefaultOrganisationID ( )
2024-02-28 08:55:54 +00:00
if ! instance . Features ( ) . LoginDefaultOrg {
orgID = instance . InstanceID ( )
2023-09-29 08:21:32 +00:00
}
2020-09-18 11:26:28 +00:00
}
2024-04-23 11:23:50 +00:00
if request . LoginPolicy == nil || len ( request . AllowedExternalIDPs ) == 0 {
loginPolicy , idpProviders , err := repo . getLoginPolicyAndIDPProviders ( ctx , orgID )
if err != nil {
return err
}
request . LoginPolicy = queryLoginPolicyToDomain ( loginPolicy )
if len ( idpProviders ) > 0 {
request . AllowedExternalIDPs = idpProviders
}
2020-09-18 11:26:28 +00:00
}
2024-04-23 11:23:50 +00:00
if request . LockoutPolicy == nil {
lockoutPolicy , err := repo . getLockoutPolicy ( ctx , orgID )
if err != nil {
return err
}
request . LockoutPolicy = lockoutPolicyToDomain ( lockoutPolicy )
2021-08-11 06:36:32 +00:00
}
2024-04-23 11:23:50 +00:00
if request . PrivacyPolicy == nil {
privacyPolicy , err := repo . GetPrivacyPolicy ( ctx , orgID )
if err != nil {
return err
}
request . PrivacyPolicy = privacyPolicy
2021-07-05 08:36:51 +00:00
}
2024-04-23 11:23:50 +00:00
if request . LabelPolicy == nil {
labelPolicy , err := repo . getLabelPolicy ( ctx , request . PrivateLabelingOrgID ( orgID ) )
if err != nil {
return err
}
request . LabelPolicy = labelPolicy
2021-03-25 13:41:07 +00:00
}
2024-04-23 11:23:50 +00:00
if len ( request . DefaultTranslations ) == 0 {
defaultLoginTranslations , err := repo . getLoginTexts ( ctx , instance . InstanceID ( ) )
if err != nil {
return err
}
request . DefaultTranslations = defaultLoginTranslations
2021-07-05 13:10:49 +00:00
}
2024-04-23 11:23:50 +00:00
if len ( request . OrgTranslations ) == 0 {
orgLoginTranslations , err := repo . getLoginTexts ( ctx , orgID )
if err != nil {
return err
}
request . OrgTranslations = orgLoginTranslations
2021-07-05 13:10:49 +00:00
}
2024-04-23 11:23:50 +00:00
repo . AuthRequests . CacheAuthRequest ( ctx , request )
2020-09-18 11:26:28 +00:00
return nil
}
2023-08-18 07:21:31 +00:00
func ( repo * AuthRequestRepo ) tryUsingOnlyUserSession ( ctx context . Context , request * domain . AuthRequest ) ( err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
userSessions , err := userSessionsByUserAgentID ( ctx , repo . UserSessionViewProvider , request . AgentID , request . InstanceID )
2021-11-03 07:35:24 +00:00
if err != nil {
return err
}
if len ( userSessions ) == 1 {
user := userSessions [ 0 ]
username := user . UserName
if request . RequestedOrgID == "" {
username = user . LoginName
}
request . SetUserInfo ( user . UserID , username , user . LoginName , user . DisplayName , user . AvatarKey , user . ResourceOwner )
}
return nil
}
2024-02-26 14:05:18 +00:00
func ( repo * AuthRequestRepo ) checkLoginName ( ctx context . Context , request * domain . AuthRequest , loginNameInput string ) ( err error ) {
2022-07-06 06:32:05 +00:00
var user * user_view_model . UserView
2024-02-26 14:05:18 +00:00
loginNameInput = strings . TrimSpace ( loginNameInput )
preferredLoginName := loginNameInput
2020-12-14 09:54:29 +00:00
if request . RequestedOrgID != "" {
2022-09-23 12:08:10 +00:00
if request . RequestedOrgDomain {
domainPolicy , err := repo . getDomainPolicy ( ctx , request . RequestedOrgID )
if err != nil {
return err
}
if domainPolicy . UserLoginMustBeDomain {
preferredLoginName += "@" + request . RequestedPrimaryDomain
}
2021-03-25 13:41:07 +00:00
}
2024-02-26 14:05:18 +00:00
user , err = repo . checkLoginNameInputForResourceOwner ( ctx , request , loginNameInput , preferredLoginName )
2020-09-18 11:26:28 +00:00
} else {
2024-02-26 14:05:18 +00:00
user , err = repo . checkLoginNameInput ( ctx , request , loginNameInput , preferredLoginName )
2020-09-18 11:26:28 +00:00
}
2022-10-06 11:30:14 +00:00
// return any error apart from not found ones directly
2023-12-08 14:30:55 +00:00
if err != nil && ! zerrors . IsNotFound ( err ) {
2022-10-06 11:30:14 +00:00
return err
}
2022-10-07 11:56:50 +00:00
// if there's an active (human) user, let's use it
2024-02-28 09:30:05 +00:00
if user != nil && ! user . HumanView . IsZero ( ) && domain . UserState ( user . State ) . IsEnabled ( ) {
2024-02-26 14:05:18 +00:00
request . SetUserInfo ( user . ID , loginNameInput , user . PreferredLoginName , "" , "" , user . ResourceOwner )
2022-10-06 11:30:14 +00:00
return nil
}
// the user was either not found or not active
// so check if the loginname suffix matches a verified org domain
2024-02-26 14:05:18 +00:00
ok , errDomainDiscovery := repo . checkDomainDiscovery ( ctx , request , loginNameInput )
2023-10-09 15:05:25 +00:00
if errDomainDiscovery != nil || ok {
return errDomainDiscovery
2022-10-06 11:30:14 +00:00
}
2022-11-24 09:13:19 +00:00
// let's once again check if the user was just inactive
if user != nil && user . State == int32 ( domain . UserStateInactive ) {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowPreconditionFailed ( nil , "AUTH-2n8fs" , "Errors.User.Inactive" )
2022-11-24 09:13:19 +00:00
}
// or locked
if user != nil && user . State == int32 ( domain . UserStateLocked ) {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowPreconditionFailed ( nil , "AUTH-SF3gb" , "Errors.User.Locked" )
2022-11-24 09:13:19 +00:00
}
// let's just check if unknown usernames are ignored
2022-07-28 12:11:10 +00:00
if request . LoginPolicy != nil && request . LoginPolicy . IgnoreUnknownUsernames {
2022-10-06 11:30:14 +00:00
if request . LabelPolicy != nil && request . LabelPolicy . HideLoginNameSuffix {
2024-02-26 14:05:18 +00:00
preferredLoginName = loginNameInput
2022-05-16 13:39:09 +00:00
}
2022-10-06 11:30:14 +00:00
request . SetUserInfo ( unknownUserID , preferredLoginName , preferredLoginName , preferredLoginName , "" , request . RequestedOrgID )
return nil
2022-05-16 13:39:09 +00:00
}
2022-10-06 11:30:14 +00:00
// there was no policy that allowed unknown loginnames in any case
2022-10-07 11:56:50 +00:00
// so not found errors can now be returned
if err != nil {
return err
}
// let's check if it was a machine user
if ! user . MachineView . IsZero ( ) {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowPreconditionFailed ( nil , "AUTH-DGV4g" , "Errors.User.NotHuman" )
2022-10-07 11:56:50 +00:00
}
// everything should be handled by now
2024-02-26 14:05:18 +00:00
logging . WithFields ( "authRequest" , request . ID , "loginName" , loginNameInput ) . Error ( "unhandled state for checkLoginName" )
2023-12-08 14:30:55 +00:00
return zerrors . ThrowInternal ( nil , "AUTH-asf3df" , "Errors.Internal" )
2022-10-06 11:30:14 +00:00
}
2023-09-29 08:21:32 +00:00
func ( repo * AuthRequestRepo ) checkDomainDiscovery ( ctx context . Context , request * domain . AuthRequest , loginName string ) ( bool , error ) {
2022-10-06 11:30:14 +00:00
// check if there's a suffix in the loginname
2023-07-12 13:02:16 +00:00
loginName = strings . TrimSpace ( strings . ToLower ( loginName ) )
2022-12-22 11:16:17 +00:00
index := strings . LastIndex ( loginName , "@" )
if index < 0 {
2023-09-29 08:21:32 +00:00
return false , nil
2022-10-06 11:30:14 +00:00
}
// check if the suffix matches a verified domain
2022-12-22 11:16:17 +00:00
org , err := repo . Query . OrgByVerifiedDomain ( ctx , loginName [ index + 1 : ] )
2020-07-07 06:14:44 +00:00
if err != nil {
2023-09-29 08:21:32 +00:00
return false , nil
2020-07-07 06:14:44 +00:00
}
2022-10-06 11:30:14 +00:00
// and if the login policy allows domain discovery
2022-11-30 16:01:17 +00:00
policy , err := repo . Query . LoginPolicyByID ( ctx , true , org . ID , false )
2022-10-06 11:30:14 +00:00
if err != nil || ! policy . AllowDomainDiscovery {
2023-09-29 08:21:32 +00:00
return false , nil
2021-06-10 11:49:10 +00:00
}
2022-10-06 11:30:14 +00:00
// discovery was allowed, so set the org as requested org
2022-10-11 09:12:07 +00:00
// and clear all potentially existing user information and only set the loginname as hint (for registration)
2023-09-29 08:21:32 +00:00
// also ensure that the policies are read from the org
2022-10-06 11:30:14 +00:00
request . SetOrgInformation ( org . ID , org . Name , org . Domain , false )
2022-10-11 09:12:07 +00:00
request . SetUserInfo ( "" , "" , "" , "" , "" , org . ID )
2023-09-29 08:21:32 +00:00
if err = repo . fillPolicies ( ctx , request ) ; err != nil {
return false , err
}
2022-10-07 12:17:17 +00:00
request . LoginHint = loginName
2022-10-11 09:12:07 +00:00
request . Prompt = append ( request . Prompt , domain . PromptCreate ) // to trigger registration
2024-04-23 11:23:50 +00:00
repo . AuthRequests . CacheAuthRequest ( ctx , request )
2023-09-29 08:21:32 +00:00
return true , nil
2020-07-07 06:14:44 +00:00
}
2024-02-26 14:05:18 +00:00
func ( repo * AuthRequestRepo ) checkLoginNameInput ( ctx context . Context , request * domain . AuthRequest , loginNameInput , preferredLoginName string ) ( * user_view_model . UserView , error ) {
// always check the preferred / suffixed loginname first
user , err := repo . View . UserByLoginName ( ctx , preferredLoginName , request . InstanceID )
2022-10-17 19:19:15 +00:00
if err == nil {
// and take the user regardless if there would be a user with that email or phone
return user , repo . checkLoginPolicyWithResourceOwner ( ctx , request , user . ResourceOwner )
}
2024-02-26 14:05:18 +00:00
// for email and phone check we will use the loginname as provided by the user (without computed suffix)
2023-04-28 14:28:13 +00:00
user , emailErr := repo . View . UserByEmail ( ctx , loginNameInput , request . InstanceID )
2022-10-17 19:19:15 +00:00
if emailErr == nil {
// if there was a single user with the specified email
// load and check the login policy
if emailErr = repo . checkLoginPolicyWithResourceOwner ( ctx , request , user . ResourceOwner ) ; emailErr != nil {
return nil , emailErr
}
// and in particular if the login with email is possible
// if so take the user (and ignore possible phone matches)
if ! request . LoginPolicy . DisableLoginWithEmail {
return user , nil
}
}
2023-04-28 14:28:13 +00:00
user , phoneErr := repo . View . UserByPhone ( ctx , loginNameInput , request . InstanceID )
2022-10-17 19:19:15 +00:00
if phoneErr == nil {
// if there was a single user with the specified phone
// load and check the login policy
if phoneErr = repo . checkLoginPolicyWithResourceOwner ( ctx , request , user . ResourceOwner ) ; phoneErr != nil {
return nil , phoneErr
}
// and in particular if the login with phone is possible
// if so take the user
if ! request . LoginPolicy . DisableLoginWithPhone {
return user , nil
}
}
// if we get here the user was not found by loginname
// and either there was no match for email or phone as well, or they have been both disabled
return nil , err
}
2024-02-26 14:05:18 +00:00
func ( repo * AuthRequestRepo ) checkLoginNameInputForResourceOwner ( ctx context . Context , request * domain . AuthRequest , loginNameInput , preferredLoginName string ) ( * user_view_model . UserView , error ) {
// always check the preferred / suffixed loginname first
user , err := repo . View . UserByLoginNameAndResourceOwner ( ctx , preferredLoginName , request . RequestedOrgID , request . InstanceID )
2022-10-17 19:19:15 +00:00
if err == nil {
// and take the user regardless if there would be a user with that email or phone
return user , nil
}
2024-02-26 14:05:18 +00:00
// for email and phone check we will use the loginname as provided by the user (without computed suffix)
2022-10-17 19:19:15 +00:00
if request . LoginPolicy != nil && ! request . LoginPolicy . DisableLoginWithEmail {
// if login by email is allowed and there was a single user with the specified email
// take that user (and ignore possible phone number matches)
2023-04-28 14:28:13 +00:00
user , emailErr := repo . View . UserByEmailAndResourceOwner ( ctx , loginNameInput , request . RequestedOrgID , request . InstanceID )
2022-10-17 19:19:15 +00:00
if emailErr == nil {
return user , nil
}
}
if request . LoginPolicy != nil && ! request . LoginPolicy . DisableLoginWithPhone {
// if login by phone is allowed and there was a single user with the specified phone
// take that user
2023-04-28 14:28:13 +00:00
user , phoneErr := repo . View . UserByPhoneAndResourceOwner ( ctx , loginNameInput , request . RequestedOrgID , request . InstanceID )
2022-10-17 19:19:15 +00:00
if phoneErr == nil {
return user , nil
}
}
// if we get here the user was not found by loginname
// and either there was no match for email or phone as well or they have been both disabled
return nil , err
}
2024-04-23 11:23:50 +00:00
func ( repo * AuthRequestRepo ) checkLoginPolicyWithResourceOwner ( ctx context . Context , request * domain . AuthRequest , resourceOwner string ) ( err error ) {
if request . LoginPolicy == nil {
loginPolicy , idps , err := repo . getLoginPolicyAndIDPProviders ( ctx , resourceOwner )
if err != nil {
return err
}
request . LoginPolicy = queryLoginPolicyToDomain ( loginPolicy )
request . AllowedExternalIDPs = idps
2020-09-18 11:26:28 +00:00
}
2024-04-23 11:23:50 +00:00
if len ( request . LinkingUsers ) != 0 && ! request . LoginPolicy . AllowExternalIDP {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowInvalidArgument ( nil , "LOGIN-s9sio" , "Errors.User.NotAllowedToLink" )
2020-09-18 11:26:28 +00:00
}
if len ( request . LinkingUsers ) != 0 {
2024-04-23 11:23:50 +00:00
exists := linkingIDPConfigExistingInAllowedIDPs ( request . LinkingUsers , request . AllowedExternalIDPs )
2020-09-18 11:26:28 +00:00
if ! exists {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowInvalidArgument ( nil , "LOGIN-Dj89o" , "Errors.User.NotAllowedToLink" )
2020-09-18 11:26:28 +00:00
}
}
2024-04-23 11:23:50 +00:00
repo . AuthRequests . CacheAuthRequest ( ctx , request )
2020-09-18 11:26:28 +00:00
return nil
}
fix(queries): login policy projection (#2401)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* move org domain to query
* cleanup code
* add org id as condition to projection
* begin projection
* add custom column constructors
* start query
* import
* initial implementation of login policy
* remove unused field
* tests
* factors
* simplify reducers
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column
* column
* column for current sequences
* latest sequence
* global counter column
* fix is org unique
* remove col
* fix naming
* correct errors
* deprecate duplicated is_default in api's,
error messages,
migrations
* Update internal/query/policy_login.go
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update login_policy.go
* fix tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-19 08:10:37 +00:00
func queryLoginPolicyToDomain ( policy * query . LoginPolicy ) * domain . LoginPolicy {
return & domain . LoginPolicy {
ObjectRoot : es_models . ObjectRoot {
AggregateID : policy . OrgID ,
Sequence : policy . Sequence ,
ResourceOwner : policy . OrgID ,
CreationDate : policy . CreationDate ,
ChangeDate : policy . ChangeDate ,
} ,
2022-03-14 06:55:09 +00:00
Default : policy . IsDefault ,
AllowUsernamePassword : policy . AllowUsernamePassword ,
AllowRegister : policy . AllowRegister ,
AllowExternalIDP : policy . AllowExternalIDPs ,
ForceMFA : policy . ForceMFA ,
2023-07-20 04:06:16 +00:00
ForceMFALocalOnly : policy . ForceMFALocalOnly ,
2022-03-14 06:55:09 +00:00
SecondFactors : policy . SecondFactors ,
MultiFactors : policy . MultiFactors ,
PasswordlessType : policy . PasswordlessType ,
HidePasswordReset : policy . HidePasswordReset ,
2022-05-16 13:39:09 +00:00
IgnoreUnknownUsernames : policy . IgnoreUnknownUsernames ,
2022-10-17 19:19:15 +00:00
AllowDomainDiscovery : policy . AllowDomainDiscovery ,
DefaultRedirectURI : policy . DefaultRedirectURI ,
2024-03-27 13:48:22 +00:00
PasswordCheckLifetime : time . Duration ( policy . PasswordCheckLifetime ) ,
ExternalLoginCheckLifetime : time . Duration ( policy . ExternalLoginCheckLifetime ) ,
MFAInitSkipLifetime : time . Duration ( policy . MFAInitSkipLifetime ) ,
SecondFactorCheckLifetime : time . Duration ( policy . SecondFactorCheckLifetime ) ,
MultiFactorCheckLifetime : time . Duration ( policy . MultiFactorCheckLifetime ) ,
2022-10-17 19:19:15 +00:00
DisableLoginWithEmail : policy . DisableLoginWithEmail ,
DisableLoginWithPhone : policy . DisableLoginWithPhone ,
fix(queries): login policy projection (#2401)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* move org domain to query
* cleanup code
* add org id as condition to projection
* begin projection
* add custom column constructors
* start query
* import
* initial implementation of login policy
* remove unused field
* tests
* factors
* simplify reducers
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column
* column
* column for current sequences
* latest sequence
* global counter column
* fix is org unique
* remove col
* fix naming
* correct errors
* deprecate duplicated is_default in api's,
error messages,
migrations
* Update internal/query/policy_login.go
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update login_policy.go
* fix tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-19 08:10:37 +00:00
}
}
2021-02-08 10:30:30 +00:00
func ( repo * AuthRequestRepo ) checkSelectedExternalIDP ( request * domain . AuthRequest , idpConfigID string ) error {
2020-09-18 11:26:28 +00:00
for _ , externalIDP := range request . AllowedExternalIDPs {
if externalIDP . IDPConfigID == idpConfigID {
request . SelectedIDPConfigID = idpConfigID
return nil
}
}
2023-12-08 14:30:55 +00:00
return zerrors . ThrowNotFound ( nil , "LOGIN-Nsm8r" , "Errors.User.ExternalIDP.NotAllowed" )
2020-09-18 11:26:28 +00:00
}
2021-08-13 12:27:24 +00:00
func ( repo * AuthRequestRepo ) checkExternalUserLogin ( ctx context . Context , request * domain . AuthRequest , idpConfigID , externalUserID string ) ( err error ) {
2023-02-28 20:20:58 +00:00
idQuery , err := query . NewIDPUserLinkIDPIDSearchQuery ( idpConfigID )
if err != nil {
return err
}
externalIDQuery , err := query . NewIDPUserLinksExternalIDSearchQuery ( externalUserID )
if err != nil {
return err
}
queries := [ ] query . SearchQuery {
idQuery , externalIDQuery ,
}
2020-12-14 09:54:29 +00:00
if request . RequestedOrgID != "" {
2023-03-16 13:14:08 +00:00
orgIDQuery , err := query . NewIDPUserLinksResourceOwnerSearchQuery ( request . RequestedOrgID )
2023-02-28 20:20:58 +00:00
if err != nil {
return err
}
queries = append ( queries , orgIDQuery )
2020-09-18 11:26:28 +00:00
}
2023-02-28 20:20:58 +00:00
links , err := repo . Query . IDPUserLinks ( ctx , & query . IDPUserLinksSearchQuery { Queries : queries } , false )
2020-09-18 11:26:28 +00:00
if err != nil {
return err
}
2023-02-28 20:20:58 +00:00
if len ( links . Links ) != 1 {
2023-12-08 14:30:55 +00:00
return zerrors . ThrowNotFound ( nil , "AUTH-Sf8sd" , "Errors.ExternalIDP.NotFound" )
2023-02-28 20:20:58 +00:00
}
user , err := activeUserByID ( ctx , repo . UserViewProvider , repo . UserEventProvider , repo . OrgViewProvider , repo . LockoutPolicyViewProvider , links . Links [ 0 ] . UserID , false )
2021-08-13 12:27:24 +00:00
if err != nil {
return err
}
2021-08-16 05:05:56 +00:00
username := user . UserName
if request . RequestedOrgID == "" {
username = user . PreferredLoginName
}
request . SetUserInfo ( user . ID , username , user . PreferredLoginName , user . DisplayName , user . AvatarKey , user . ResourceOwner )
2020-09-18 11:26:28 +00:00
return nil
}
2023-08-07 08:01:24 +00:00
//nolint:gocognit
func ( repo * AuthRequestRepo ) nextSteps ( ctx context . Context , request * domain . AuthRequest , checkLoggedIn bool ) ( steps [ ] domain . NextStep , err error ) {
2023-08-18 07:21:31 +00:00
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2020-05-18 10:06:36 +00:00
if request == nil {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowInvalidArgument ( nil , "EVENT-ds27a" , "Errors.Internal" )
2020-05-18 10:06:36 +00:00
}
2023-08-07 08:01:24 +00:00
steps = make ( [ ] domain . NextStep , 0 )
2021-06-16 08:02:15 +00:00
if ! checkLoggedIn && domain . IsPrompt ( request . Prompt , domain . PromptNone ) {
2021-02-08 10:30:30 +00:00
return append ( steps , & domain . RedirectToCallbackStep { } ) , nil
2020-06-05 05:50:04 +00:00
}
2020-05-18 10:06:36 +00:00
if request . UserID == "" {
2023-08-18 07:21:31 +00:00
steps , err = repo . nextStepsUser ( ctx , request )
2023-08-07 08:01:24 +00:00
if err != nil || len ( steps ) > 0 {
return steps , err
2020-05-18 10:06:36 +00:00
}
}
2022-05-16 13:39:09 +00:00
user , err := activeUserByID ( ctx , repo . UserViewProvider , repo . UserEventProvider , repo . OrgViewProvider , repo . LockoutPolicyViewProvider , request . UserID , request . LoginPolicy . IgnoreUnknownUsernames )
2020-05-18 10:06:36 +00:00
if err != nil {
return nil , err
}
2022-05-16 13:39:09 +00:00
if user . PreferredLoginName != "" {
request . LoginName = user . PreferredLoginName
}
2020-06-05 05:50:04 +00:00
userSession , err := userSessionByIDs ( ctx , repo . UserSessionViewProvider , repo . UserEventProvider , request . AgentID , user )
2020-05-18 10:06:36 +00:00
if err != nil {
return nil , err
}
2023-08-10 14:19:39 +00:00
request . DisplayName = userSession . DisplayName
request . AvatarKey = userSession . AvatarKey
2020-05-18 10:06:36 +00:00
2020-12-02 16:00:04 +00:00
isInternalLogin := request . SelectedIDPConfigID == "" && userSession . SelectedIDPConfigID == ""
2022-10-18 14:48:26 +00:00
idps , err := checkExternalIDPsOfUser ( ctx , repo . IDPUserLinksProvider , user . ID )
if err != nil {
return nil , err
}
if ( ! isInternalLogin || len ( idps . Links ) > 0 ) && len ( request . LinkingUsers ) == 0 && ! checkVerificationTimeMaxAge ( userSession . ExternalLoginVerification , request . LoginPolicy . ExternalLoginCheckLifetime , request ) {
2020-12-02 16:00:04 +00:00
selectedIDPConfigID := request . SelectedIDPConfigID
if selectedIDPConfigID == "" {
selectedIDPConfigID = userSession . SelectedIDPConfigID
2020-09-18 11:26:28 +00:00
}
2022-10-18 14:48:26 +00:00
if selectedIDPConfigID == "" {
selectedIDPConfigID = idps . Links [ 0 ] . IDPID
}
2021-02-08 10:30:30 +00:00
return append ( steps , & domain . ExternalLoginStep { SelectedIDPConfigID : selectedIDPConfigID } ) , nil
2020-12-02 16:00:04 +00:00
}
if isInternalLogin || ( ! isInternalLogin && len ( request . LinkingUsers ) > 0 ) {
step := repo . firstFactorChecked ( request , user , userSession )
if step != nil {
return append ( steps , step ) , nil
2020-09-18 11:26:28 +00:00
}
2020-05-18 10:06:36 +00:00
}
2023-07-20 04:06:16 +00:00
step , ok , err := repo . mfaChecked ( userSession , request , user , isInternalLogin && len ( request . LinkingUsers ) == 0 )
2020-11-04 10:26:10 +00:00
if err != nil {
return nil , err
}
if ! ok {
2020-05-18 10:06:36 +00:00
return append ( steps , step ) , nil
}
if user . PasswordChangeRequired {
2021-02-08 10:30:30 +00:00
steps = append ( steps , & domain . ChangePasswordStep { } )
2020-05-18 10:06:36 +00:00
}
if ! user . IsEmailVerified {
2021-02-08 10:30:30 +00:00
steps = append ( steps , & domain . VerifyEMailStep { } )
2020-05-18 10:06:36 +00:00
}
2020-08-27 15:18:23 +00:00
if user . UsernameChangeRequired {
2021-02-08 10:30:30 +00:00
steps = append ( steps , & domain . ChangeUsernameStep { } )
2020-08-27 15:18:23 +00:00
}
2020-05-18 10:06:36 +00:00
2020-08-27 15:18:23 +00:00
if user . PasswordChangeRequired || ! user . IsEmailVerified || user . UsernameChangeRequired {
2020-05-18 10:06:36 +00:00
return steps , nil
}
2020-09-18 11:26:28 +00:00
if request . LinkingUsers != nil && len ( request . LinkingUsers ) != 0 {
2021-02-08 10:30:30 +00:00
return append ( steps , & domain . LinkUsersStep { } ) , nil
2020-09-18 11:26:28 +00:00
}
2020-05-18 10:06:36 +00:00
//PLANNED: consent step
2020-10-16 05:49:38 +00:00
2021-08-18 08:49:04 +00:00
missing , err := projectRequired ( ctx , request , repo . ProjectProvider )
if err != nil {
return nil , err
}
if missing {
return append ( steps , & domain . ProjectRequiredStep { } ) , nil
}
missing , err = userGrantRequired ( ctx , request , user , repo . UserGrantProvider )
2020-10-16 05:49:38 +00:00
if err != nil {
return nil , err
}
if missing {
2021-02-08 10:30:30 +00:00
return append ( steps , & domain . GrantRequiredStep { } ) , nil
2020-10-16 05:49:38 +00:00
}
2021-12-14 08:47:49 +00:00
ok , err = repo . hasSucceededPage ( ctx , request , repo . ApplicationProvider )
if err != nil {
return nil , err
}
if ok {
steps = append ( steps , & domain . LoginSucceededStep { } )
}
2021-02-08 10:30:30 +00:00
return append ( steps , & domain . RedirectToCallbackStep { } ) , nil
2020-05-18 10:06:36 +00:00
}
2023-08-18 07:21:31 +00:00
func ( repo * AuthRequestRepo ) nextStepsUser ( ctx context . Context , request * domain . AuthRequest ) ( _ [ ] domain . NextStep , err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2023-08-07 08:01:24 +00:00
steps := make ( [ ] domain . NextStep , 0 )
if request . LinkingUsers != nil && len ( request . LinkingUsers ) > 0 {
steps = append ( steps , new ( domain . ExternalNotFoundOptionStep ) )
return steps , nil
}
if domain . IsPrompt ( request . Prompt , domain . PromptCreate ) {
return append ( steps , & domain . RegistrationStep { } ) , nil
}
// if there's a login or consent prompt, but not select account, just return the login step
if len ( request . Prompt ) > 0 && ! domain . IsPrompt ( request . Prompt , domain . PromptSelectAccount ) {
return append ( steps , new ( domain . LoginStep ) ) , nil
} else {
// if no user was specified, no prompt or select_account was provided,
// then check the active user sessions (of the user agent)
2023-08-18 07:21:31 +00:00
users , err := repo . usersForUserSelection ( ctx , request )
2023-08-07 08:01:24 +00:00
if err != nil {
return nil , err
}
if domain . IsPrompt ( request . Prompt , domain . PromptSelectAccount ) {
steps = append ( steps , & domain . SelectUserStep { Users : users } )
}
if request . SelectedIDPConfigID != "" {
steps = append ( steps , & domain . RedirectToExternalIDPStep { } )
}
if len ( request . Prompt ) == 0 && len ( users ) == 0 {
steps = append ( steps , new ( domain . LoginStep ) )
}
// if no prompt was provided, but there are multiple user sessions, then the user must decide which to use
if len ( request . Prompt ) == 0 && len ( users ) > 1 {
steps = append ( steps , & domain . SelectUserStep { Users : users } )
}
if len ( steps ) > 0 {
return steps , nil
}
2023-09-21 14:45:41 +00:00
// the single user session was inactive
if users [ 0 ] . UserSessionState != domain . UserSessionStateActive {
return append ( steps , & domain . SelectUserStep { Users : users } ) , nil
}
// a single active user session was found, use that automatically
2023-08-07 08:01:24 +00:00
request . SetUserInfo ( users [ 0 ] . UserID , users [ 0 ] . UserName , users [ 0 ] . LoginName , users [ 0 ] . DisplayName , users [ 0 ] . AvatarKey , users [ 0 ] . ResourceOwner )
2023-09-21 14:45:41 +00:00
if err = repo . fillPolicies ( ctx , request ) ; err != nil {
return nil , err
}
if err = repo . AuthRequests . UpdateAuthRequest ( ctx , request ) ; err != nil {
return nil , err
}
2023-08-07 08:01:24 +00:00
}
return steps , nil
}
2022-10-18 14:48:26 +00:00
func checkExternalIDPsOfUser ( ctx context . Context , idpUserLinksProvider idpUserLinksProvider , userID string ) ( * query . IDPUserLinks , error ) {
userIDQuery , err := query . NewIDPUserLinksUserIDSearchQuery ( userID )
if err != nil {
return nil , err
}
2022-11-30 16:01:17 +00:00
return idpUserLinksProvider . IDPUserLinks ( ctx , & query . IDPUserLinksSearchQuery { Queries : [ ] query . SearchQuery { userIDQuery } } , false )
2022-10-18 14:48:26 +00:00
}
2023-08-18 07:21:31 +00:00
func ( repo * AuthRequestRepo ) usersForUserSelection ( ctx context . Context , request * domain . AuthRequest ) ( [ ] domain . UserSelection , error ) {
userSessions , err := userSessionsByUserAgentID ( ctx , repo . UserSessionViewProvider , request . AgentID , request . InstanceID )
2020-05-18 10:06:36 +00:00
if err != nil {
return nil , err
}
2022-01-10 15:36:31 +00:00
users := make ( [ ] domain . UserSelection , 0 )
for _ , session := range userSessions {
if request . RequestedOrgID == "" || request . RequestedOrgID == session . ResourceOwner {
users = append ( users , domain . UserSelection {
UserID : session . UserID ,
DisplayName : session . DisplayName ,
UserName : session . UserName ,
LoginName : session . LoginName ,
ResourceOwner : session . ResourceOwner ,
AvatarKey : session . AvatarKey ,
2022-03-31 09:36:26 +00:00
UserSessionState : session . State ,
2022-01-10 15:36:31 +00:00
SelectionPossible : request . RequestedOrgID == "" || request . RequestedOrgID == session . ResourceOwner ,
} )
2020-05-18 10:06:36 +00:00
}
}
return users , nil
}
2021-02-08 10:30:30 +00:00
func ( repo * AuthRequestRepo ) firstFactorChecked ( request * domain . AuthRequest , user * user_model . UserView , userSession * user_model . UserSessionView ) domain . NextStep {
2020-12-02 16:00:04 +00:00
if user . InitRequired {
2021-02-08 10:30:30 +00:00
return & domain . InitUserStep { PasswordSet : user . PasswordSet }
2020-12-02 16:00:04 +00:00
}
2021-02-08 10:30:30 +00:00
var step domain . NextStep
if request . LoginPolicy . PasswordlessType != domain . PasswordlessTypeNotAllowed && user . IsPasswordlessReady ( ) {
2022-02-21 15:05:02 +00:00
if checkVerificationTimeMaxAge ( userSession . PasswordlessVerification , request . LoginPolicy . MultiFactorCheckLifetime , request ) {
2020-12-18 12:42:21 +00:00
request . AuthTime = userSession . PasswordlessVerification
return nil
2020-12-02 16:00:04 +00:00
}
2021-08-02 13:24:58 +00:00
step = & domain . PasswordlessStep {
PasswordSet : user . PasswordSet ,
}
}
if user . PasswordlessInitRequired {
return & domain . PasswordlessRegistrationPromptStep { }
2020-12-02 16:00:04 +00:00
}
2021-08-02 13:24:58 +00:00
if user . PasswordInitRequired {
2021-02-08 10:30:30 +00:00
return & domain . InitPasswordStep { }
2020-12-02 16:00:04 +00:00
}
2022-02-21 15:05:02 +00:00
if checkVerificationTimeMaxAge ( userSession . PasswordVerification , request . LoginPolicy . PasswordCheckLifetime , request ) {
2020-12-18 12:42:21 +00:00
request . PasswordVerified = true
request . AuthTime = userSession . PasswordVerification
return nil
2020-12-02 16:00:04 +00:00
}
2020-12-18 12:42:21 +00:00
if step != nil {
return step
}
2021-02-08 10:30:30 +00:00
return & domain . PasswordStep { }
2020-12-02 16:00:04 +00:00
}
2023-07-20 04:06:16 +00:00
func ( repo * AuthRequestRepo ) mfaChecked ( userSession * user_model . UserSessionView , request * domain . AuthRequest , user * user_model . UserView , isInternalAuthentication bool ) ( domain . NextStep , bool , error ) {
2020-12-02 16:00:04 +00:00
mfaLevel := request . MFALevel ( )
2023-07-20 04:06:16 +00:00
allowedProviders , required := user . MFATypesAllowed ( mfaLevel , request . LoginPolicy , isInternalAuthentication )
2022-03-31 09:36:26 +00:00
promptRequired := ( user . MFAMaxSetUp < mfaLevel ) || ( len ( allowedProviders ) == 0 && required )
2022-02-21 15:05:02 +00:00
if promptRequired || ! repo . mfaSkippedOrSetUp ( user , request ) {
2020-12-02 16:00:04 +00:00
types := user . MFATypesSetupPossible ( mfaLevel , request . LoginPolicy )
2020-11-04 10:26:10 +00:00
if promptRequired && len ( types ) == 0 {
2023-12-08 14:30:55 +00:00
return nil , false , zerrors . ThrowPreconditionFailed ( nil , "LOGIN-5Hm8s" , "Errors.Login.LoginPolicy.MFA.ForceAndNotConfigured" )
2020-11-04 10:26:10 +00:00
}
2020-11-18 11:56:24 +00:00
if len ( types ) == 0 {
return nil , true , nil
}
2021-02-08 10:30:30 +00:00
return & domain . MFAPromptStep {
2020-06-05 05:50:04 +00:00
Required : promptRequired ,
2020-12-02 16:00:04 +00:00
MFAProviders : types ,
2020-11-04 10:26:10 +00:00
} , false , nil
2020-05-18 10:06:36 +00:00
}
switch mfaLevel {
default :
fallthrough
2021-02-08 10:30:30 +00:00
case domain . MFALevelNotSetUp :
2020-11-18 11:56:24 +00:00
if len ( allowedProviders ) == 0 {
2020-11-04 10:26:10 +00:00
return nil , true , nil
2020-06-05 05:50:04 +00:00
}
fallthrough
2021-02-08 10:30:30 +00:00
case domain . MFALevelSecondFactor :
2022-02-21 15:05:02 +00:00
if checkVerificationTimeMaxAge ( userSession . SecondFactorVerification , request . LoginPolicy . SecondFactorCheckLifetime , request ) {
2022-03-31 09:36:26 +00:00
request . MFAsVerified = append ( request . MFAsVerified , userSession . SecondFactorVerificationType )
2020-11-04 10:26:10 +00:00
request . AuthTime = userSession . SecondFactorVerification
return nil , true , nil
2020-05-18 10:06:36 +00:00
}
fallthrough
2021-02-08 10:30:30 +00:00
case domain . MFALevelMultiFactor :
2022-02-21 15:05:02 +00:00
if checkVerificationTimeMaxAge ( userSession . MultiFactorVerification , request . LoginPolicy . MultiFactorCheckLifetime , request ) {
2022-03-31 09:36:26 +00:00
request . MFAsVerified = append ( request . MFAsVerified , userSession . MultiFactorVerificationType )
2020-11-04 10:26:10 +00:00
request . AuthTime = userSession . MultiFactorVerification
return nil , true , nil
2020-05-18 10:06:36 +00:00
}
}
2021-02-08 10:30:30 +00:00
return & domain . MFAVerificationStep {
2020-12-02 16:00:04 +00:00
MFAProviders : allowedProviders ,
2020-11-04 10:26:10 +00:00
} , false , nil
2020-05-18 10:06:36 +00:00
}
2022-02-21 15:05:02 +00:00
func ( repo * AuthRequestRepo ) mfaSkippedOrSetUp ( user * user_model . UserView , request * domain . AuthRequest ) bool {
2022-03-31 09:36:26 +00:00
if user . MFAMaxSetUp > domain . MFALevelNotSetUp {
2020-05-18 10:06:36 +00:00
return true
}
2022-10-26 08:20:01 +00:00
if request . LoginPolicy . MFAInitSkipLifetime == 0 {
return true
}
2022-02-21 15:05:02 +00:00
return checkVerificationTime ( user . MFAInitSkipped , request . LoginPolicy . MFAInitSkipLifetime )
2020-05-18 10:06:36 +00:00
}
2022-03-24 13:00:24 +00:00
func ( repo * AuthRequestRepo ) GetPrivacyPolicy ( ctx context . Context , orgID string ) ( * domain . PrivacyPolicy , error ) {
2022-11-30 16:01:17 +00:00
policy , err := repo . PrivacyPolicyProvider . PrivacyPolicyByOrg ( ctx , false , orgID , false )
2023-12-08 14:30:55 +00:00
if zerrors . IsNotFound ( err ) {
2022-03-24 13:00:24 +00:00
return new ( domain . PrivacyPolicy ) , nil
}
2021-07-05 08:36:51 +00:00
if err != nil {
return nil , err
}
fix(queries): privacy policy (#2431)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* tests
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* correct version
* fix test
* cleanup code
* fix interface
* cleanup code
* method name
* rename method
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 15:12:34 +00:00
return privacyPolicyToDomain ( policy ) , err
}
func privacyPolicyToDomain ( p * query . PrivacyPolicy ) * domain . PrivacyPolicy {
return & domain . PrivacyPolicy {
ObjectRoot : es_models . ObjectRoot {
AggregateID : p . ID ,
Sequence : p . Sequence ,
ResourceOwner : p . ResourceOwner ,
CreationDate : p . CreationDate ,
ChangeDate : p . ChangeDate ,
} ,
2023-04-06 05:46:12 +00:00
State : p . State ,
Default : p . IsDefault ,
TOSLink : p . TOSLink ,
PrivacyLink : p . PrivacyLink ,
HelpLink : p . HelpLink ,
2023-03-28 19:36:52 +00:00
SupportEmail : p . SupportEmail ,
fix(queries): privacy policy (#2431)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* tests
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* correct version
* fix test
* cleanup code
* fix interface
* cleanup code
* method name
* rename method
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 15:12:34 +00:00
}
2021-07-05 08:36:51 +00:00
}
fix(queries): lockout policy (#2419)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* fix test
* cleanup code
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 14:28:24 +00:00
func ( repo * AuthRequestRepo ) getLockoutPolicy ( ctx context . Context , orgID string ) ( * query . LockoutPolicy , error ) {
2024-04-10 09:14:55 +00:00
policy , err := repo . LockoutPolicyViewProvider . LockoutPolicyByOrg ( ctx , false , orgID )
2021-08-11 06:36:32 +00:00
if err != nil {
return nil , err
}
fix(queries): lockout policy (#2419)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* tests
* tests
* tests
* fix: tests
* migrations
* fixes
* errors
* fix test
* add converter option
* fix(auth-repo): add queries to struct
* error messages
* rename method,
correct log message
* small fixes
* correct version
* correct version
* fix(migration): set pk
* fix test
* cleanup code
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-10-20 14:28:24 +00:00
return policy , err
2021-08-11 06:36:32 +00:00
}
2021-03-25 13:41:07 +00:00
func ( repo * AuthRequestRepo ) getLabelPolicy ( ctx context . Context , orgID string ) ( * domain . LabelPolicy , error ) {
2022-11-30 16:01:17 +00:00
policy , err := repo . LabelPolicyProvider . ActiveLabelPolicyByOrg ( ctx , orgID , false )
2021-03-25 13:41:07 +00:00
if err != nil {
return nil , err
}
fix(queries): Label policy projection (#2479)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* fix(queries): org iam policy
* fix: init provider
* tests
* tests
* tests
* tests
* tests
* add copy stmt
* label policy projection
* tests
* constant naming in test
* query
* fix nil pointer
* fix test
* refactor: remove useless file
* fix(configs): add options to setup
* fix: sql changes
* tests
* remove old comment
* rename label policy to styling
* fix where
* remove unused logs
* migration
* correct primary key
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-11-24 15:02:00 +00:00
return labelPolicyToDomain ( policy ) , nil
}
func labelPolicyToDomain ( p * query . LabelPolicy ) * domain . LabelPolicy {
return & domain . LabelPolicy {
ObjectRoot : es_models . ObjectRoot {
AggregateID : p . ID ,
Sequence : p . Sequence ,
ResourceOwner : p . ResourceOwner ,
CreationDate : p . CreationDate ,
ChangeDate : p . ChangeDate ,
} ,
State : p . State ,
Default : p . IsDefault ,
PrimaryColor : p . Light . PrimaryColor ,
BackgroundColor : p . Light . BackgroundColor ,
WarnColor : p . Light . WarnColor ,
FontColor : p . Light . FontColor ,
LogoURL : p . Light . LogoURL ,
IconURL : p . Light . IconURL ,
PrimaryColorDark : p . Dark . PrimaryColor ,
BackgroundColorDark : p . Dark . BackgroundColor ,
WarnColorDark : p . Dark . WarnColor ,
FontColorDark : p . Dark . FontColor ,
LogoDarkURL : p . Dark . LogoURL ,
IconDarkURL : p . Dark . IconURL ,
Font : p . FontURL ,
HideLoginNameSuffix : p . HideLoginNameSuffix ,
ErrorMsgPopup : p . ShouldErrorPopup ,
DisableWatermark : p . WatermarkDisabled ,
2023-10-26 05:54:09 +00:00
ThemeMode : p . ThemeMode ,
fix(queries): Label policy projection (#2479)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* projection
* correct migration
* projection
* projection
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* correct file name
* global counter column
* fix is org unique
* query
* fix wrong code
* remove unused code
* query
* remove unused code
* remove unused code
* query
* api
* remove unused cod
* remove unused code
* remove unused code
* remove unused code
* fix(queries): org iam policy
* fix: init provider
* tests
* tests
* tests
* tests
* tests
* add copy stmt
* label policy projection
* tests
* constant naming in test
* query
* fix nil pointer
* fix test
* refactor: remove useless file
* fix(configs): add options to setup
* fix: sql changes
* tests
* remove old comment
* rename label policy to styling
* fix where
* remove unused logs
* migration
* correct primary key
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-11-24 15:02:00 +00:00
}
2021-03-25 13:41:07 +00:00
}
2021-07-05 13:10:49 +00:00
func ( repo * AuthRequestRepo ) getLoginTexts ( ctx context . Context , aggregateID string ) ( [ ] * domain . CustomText , error ) {
2023-09-21 14:45:41 +00:00
loginTexts , err := repo . CustomTextProvider . CustomTextListByTemplate ( ctx , aggregateID , domain . LoginCustomText , false )
2021-07-05 13:10:49 +00:00
if err != nil {
return nil , err
}
2021-12-16 14:21:37 +00:00
return query . CustomTextsToDomain ( loginTexts ) , err
2021-07-05 13:10:49 +00:00
}
2021-12-14 08:47:49 +00:00
func ( repo * AuthRequestRepo ) hasSucceededPage ( ctx context . Context , request * domain . AuthRequest , provider applicationProvider ) ( bool , error ) {
2022-09-12 16:18:08 +00:00
if _ , ok := request . Request . ( * domain . AuthRequestOIDC ) ; ! ok {
return false , nil
}
2023-11-21 12:11:38 +00:00
app , err := provider . AppByOIDCClientID ( ctx , request . ApplicationID )
2021-12-14 08:47:49 +00:00
if err != nil {
return false , err
}
2023-04-11 15:07:32 +00:00
return app . OIDCConfig . AppType == domain . OIDCApplicationTypeNative && ! app . OIDCConfig . SkipNativeAppSuccessPage , nil
2021-12-14 08:47:49 +00:00
}
2022-09-23 12:08:10 +00:00
func ( repo * AuthRequestRepo ) getDomainPolicy ( ctx context . Context , orgID string ) ( * query . DomainPolicy , error ) {
2022-11-30 16:01:17 +00:00
return repo . Query . DomainPolicyByOrg ( ctx , false , orgID , false )
2022-09-23 12:08:10 +00:00
}
2022-06-27 07:24:23 +00:00
func setOrgID ( ctx context . Context , orgViewProvider orgViewProvider , request * domain . AuthRequest ) error {
2022-09-23 12:08:10 +00:00
orgID := request . GetScopeOrgID ( )
if orgID != "" {
org , err := orgViewProvider . OrgByID ( ctx , false , orgID )
if err != nil {
return err
}
2022-10-06 11:30:14 +00:00
request . SetOrgInformation ( org . ID , org . Name , org . Domain , false )
2022-09-23 12:08:10 +00:00
return nil
}
2020-12-14 09:54:29 +00:00
primaryDomain := request . GetScopeOrgPrimaryDomain ( )
if primaryDomain == "" {
return nil
}
2022-10-06 11:30:14 +00:00
org , err := orgViewProvider . OrgByPrimaryDomain ( ctx , primaryDomain )
2020-12-14 09:54:29 +00:00
if err != nil {
return err
}
2022-10-06 11:30:14 +00:00
request . SetOrgInformation ( org . ID , org . Name , primaryDomain , true )
2020-12-14 09:54:29 +00:00
return nil
}
2023-02-28 20:20:58 +00:00
func getLoginPolicyIDPProviders ( ctx context . Context , provider idpProviderViewProvider , iamID , orgID string , defaultPolicy bool ) ( [ ] * domain . IDPProvider , error ) {
resourceOwner := iamID
if ! defaultPolicy {
resourceOwner = orgID
2020-09-18 11:26:28 +00:00
}
2023-02-28 20:20:58 +00:00
links , err := provider . IDPLoginPolicyLinks ( ctx , resourceOwner , & query . IDPLoginPolicyLinksSearchQuery { } , false )
2020-09-18 11:26:28 +00:00
if err != nil {
return nil , err
}
2023-02-28 20:20:58 +00:00
providers := make ( [ ] * domain . IDPProvider , len ( links . Links ) )
for i , link := range links . Links {
providers [ i ] = & domain . IDPProvider {
Type : link . OwnerType ,
IDPConfigID : link . IDPID ,
Name : link . IDPName ,
IDPType : link . IDPType ,
}
}
return providers , nil
2020-09-18 11:26:28 +00:00
}
2021-06-16 08:02:15 +00:00
func checkVerificationTimeMaxAge ( verificationTime time . Time , lifetime time . Duration , request * domain . AuthRequest ) bool {
if ! checkVerificationTime ( verificationTime , lifetime ) {
return false
}
if request . MaxAuthAge == nil {
return true
}
return verificationTime . After ( request . CreationDate . Add ( - * request . MaxAuthAge ) )
}
2020-05-18 10:06:36 +00:00
func checkVerificationTime ( verificationTime time . Time , lifetime time . Duration ) bool {
return verificationTime . Add ( lifetime ) . After ( time . Now ( ) . UTC ( ) )
}
2023-08-18 07:21:31 +00:00
func userSessionsByUserAgentID ( ctx context . Context , provider userSessionViewProvider , agentID , instanceID string ) ( _ [ ] * user_model . UserSessionView , err error ) {
//nolint
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-19 06:26:12 +00:00
session , err := provider . UserSessionsByAgentID ( agentID , instanceID )
2020-05-18 10:06:36 +00:00
if err != nil {
return nil , err
}
2022-05-30 11:27:52 +00:00
return user_view_model . UserSessionsToModel ( session ) , nil
2020-05-18 10:06:36 +00:00
}
2023-07-27 12:10:19 +00:00
var (
2023-10-19 10:19:10 +00:00
userSessionEventTypes = [ ] eventstore . EventType {
user_repo . UserV1PasswordCheckSucceededType ,
user_repo . UserV1PasswordCheckFailedType ,
user_repo . UserV1MFAOTPCheckSucceededType ,
user_repo . UserV1MFAOTPCheckFailedType ,
user_repo . UserV1SignedOutType ,
user_repo . UserLockedType ,
user_repo . UserDeactivatedType ,
user_repo . HumanPasswordCheckSucceededType ,
user_repo . HumanPasswordCheckFailedType ,
user_repo . UserIDPLoginCheckSucceededType ,
user_repo . HumanMFAOTPCheckSucceededType ,
user_repo . HumanMFAOTPCheckFailedType ,
user_repo . HumanSignedOutType ,
user_repo . HumanPasswordlessTokenCheckSucceededType ,
user_repo . HumanPasswordlessTokenCheckFailedType ,
user_repo . HumanU2FTokenCheckSucceededType ,
user_repo . HumanU2FTokenCheckFailedType ,
user_repo . UserRemovedType ,
2023-07-27 12:10:19 +00:00
}
)
2020-06-05 05:50:04 +00:00
func userSessionByIDs ( ctx context . Context , provider userSessionViewProvider , eventProvider userEventProvider , agentID string , user * user_model . UserView ) ( * user_model . UserSessionView , error ) {
2023-04-28 14:28:13 +00:00
instanceID := authz . GetInstance ( ctx ) . InstanceID ( )
2023-12-14 10:07:47 +00:00
// always load the latest sequence first, so in case the session was not found by id,
// the sequence will be equal or lower than the actual projection and no events are lost
sequence , err := provider . GetLatestUserSessionSequence ( ctx , instanceID )
logging . WithFields ( "instanceID" , instanceID , "userID" , user . ID ) .
OnError ( err ) .
Errorf ( "could not get current sequence for userSessionByIDs" )
2023-04-28 14:28:13 +00:00
session , err := provider . UserSessionByIDs ( agentID , user . ID , instanceID )
2020-05-18 10:06:36 +00:00
if err != nil {
2023-12-08 14:30:55 +00:00
if ! zerrors . IsNotFound ( err ) {
2020-06-05 05:50:04 +00:00
return nil , err
}
2020-12-07 11:09:10 +00:00
session = & user_view_model . UserSessionView { UserAgentID : agentID , UserID : user . ID }
2023-04-28 14:28:13 +00:00
if sequence != nil {
2023-12-14 10:07:47 +00:00
session . ChangeDate = sequence . EventCreatedAt
2023-04-28 14:28:13 +00:00
}
2020-06-05 05:50:04 +00:00
}
2023-12-14 10:07:47 +00:00
events , err := eventProvider . UserEventsByID ( ctx , user . ID , session . ChangeDate , append ( session . EventTypes ( ) , userSessionEventTypes ... ) )
2020-06-05 05:50:04 +00:00
if err != nil {
2022-07-06 06:32:05 +00:00
logging . WithFields ( "traceID" , tracing . TraceIDFromCtx ( ctx ) ) . WithError ( err ) . Debug ( "error retrieving new events" )
2022-05-30 11:27:52 +00:00
return user_view_model . UserSessionToModel ( session ) , nil
2020-06-05 05:50:04 +00:00
}
sessionCopy := * session
for _ , event := range events {
2023-10-19 10:19:10 +00:00
switch event . Type ( ) {
2022-03-31 09:36:26 +00:00
case user_repo . UserV1PasswordCheckSucceededType ,
user_repo . UserV1PasswordCheckFailedType ,
user_repo . UserV1MFAOTPCheckSucceededType ,
user_repo . UserV1MFAOTPCheckFailedType ,
user_repo . UserV1SignedOutType ,
user_repo . UserLockedType ,
user_repo . UserDeactivatedType ,
user_repo . HumanPasswordCheckSucceededType ,
user_repo . HumanPasswordCheckFailedType ,
user_repo . UserIDPLoginCheckSucceededType ,
user_repo . HumanMFAOTPCheckSucceededType ,
user_repo . HumanMFAOTPCheckFailedType ,
user_repo . HumanSignedOutType ,
user_repo . HumanPasswordlessTokenCheckSucceededType ,
user_repo . HumanPasswordlessTokenCheckFailedType ,
user_repo . HumanU2FTokenCheckSucceededType ,
user_repo . HumanU2FTokenCheckFailedType :
2020-06-19 12:52:04 +00:00
eventData , err := user_view_model . UserSessionFromEvent ( event )
2020-06-05 05:50:04 +00:00
if err != nil {
2022-07-06 06:32:05 +00:00
logging . WithFields ( "traceID" , tracing . TraceIDFromCtx ( ctx ) ) . WithError ( err ) . Debug ( "error getting event data" )
2022-05-30 11:27:52 +00:00
return user_view_model . UserSessionToModel ( session ) , nil
2020-06-05 05:50:04 +00:00
}
if eventData . UserAgentID != agentID {
continue
}
2022-03-31 09:36:26 +00:00
case user_repo . UserRemovedType :
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPreconditionFailed ( nil , "EVENT-dG2fe" , "Errors.User.NotActive" )
2020-06-05 05:50:04 +00:00
}
2020-12-17 15:22:27 +00:00
err := sessionCopy . AppendEvent ( event )
2022-07-06 06:32:05 +00:00
logging . WithFields ( "traceID" , tracing . TraceIDFromCtx ( ctx ) ) . OnError ( err ) . Warn ( "error appending event" )
2020-05-18 10:06:36 +00:00
}
2022-05-30 11:27:52 +00:00
return user_view_model . UserSessionToModel ( & sessionCopy ) , nil
2020-06-19 12:52:04 +00:00
}
2022-05-16 13:39:09 +00:00
func activeUserByID ( ctx context . Context , userViewProvider userViewProvider , userEventProvider userEventProvider , queries orgViewProvider , lockoutPolicyProvider lockoutPolicyViewProvider , userID string , ignoreUnknownUsernames bool ) ( user * user_model . UserView , err error ) {
2021-08-11 06:36:32 +00:00
// PLANNED: Check LockoutPolicy
2022-05-16 13:39:09 +00:00
user , err = userByID ( ctx , userViewProvider , userEventProvider , userID )
2020-06-19 12:52:04 +00:00
if err != nil {
2023-12-08 14:30:55 +00:00
if ignoreUnknownUsernames && zerrors . IsNotFound ( err ) {
2022-05-16 13:39:09 +00:00
return & user_model . UserView {
ID : userID ,
HumanView : & user_model . HumanView { } ,
} , nil
}
2020-06-19 12:52:04 +00:00
return nil , err
}
feat: split users into human and machine (#470)
* feat(management): service accounts
* chore: current go version
* init
* refactor: apis
* feat(internal): start impl of service account
* chore: start impl of machine/human users
* code compiles
* fix: tests
* fix: tests
* fix: add new event types to switches
* chore: add cases to event types
* fix(management): definitive proto messages
* fix: machine/human
* fix: add missing tables as todos
* fix: remove unused permissions
* fix: refactoring
* fix: refactor
* fix: human registered
* fix: user id
* fix: logid
* fix: proto remove //equal
* chore(management): remove no comment
* fix: human mfas
* fix: user subobjects
* chore: rename existing to better name
* fix: username in user (#634)
* fix: username in user
* fix: username
* fix remove unused code
* fix add validations
* fix: use new user in all apis
* fix: regexp for username in api
* fix: fill user data for human and machine (#638)
* fix: fill Display name grant/member handlers
fix: add description to grant/member objects in api
fix: check if user is human in login
* fix: remove description from member and grant
* chore: remove todos
* feat: machine keys
* fix: implement missing parts
* feat: machine key management view
* fix: remove keys from machine view
* fix: set default expiration date
* fix: get key by ids
* feat: add machine keys in proto
* feat: machine keys
* fix: add migration
* fix: mig
* fix: correct method name
* feat: user search
* feat: user search
* fix: log ids
* fix partial authconfig prompt, domain c perm
* membership read check
* contributor refresh trigger, observe org write
* fix: migrations
* fix(console): machine build (#660)
* frontend 1
* fix html bindings
* trailing comma
* user permissions, project deactivate
* fix(console): human view (#661)
* fix search user view, user detail form
* rm log
* feat(console): user services list and create (#663)
* fix search user view, user detail form
* rm log
* machine list
* generic table component
* create user service
* proove table for undefined values
* tmp disable user link if machine
* lint
* lint styles
* user table lint
* Update console/src/assets/i18n/de.json
Co-authored-by: Florian Forster <florian@caos.ch>
* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)
* service users for sidenav, routing
* i18n
* back routes
* machine detail form
* update machine detail, fix svc user grants
* keys table
* add key dialog, timestamp creation
* check permission on create, delete, fix selection
* lint ts, scss
* Update console/src/assets/i18n/de.json
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
* allow user grants for project.write
* management service
* fix mgmt service
* feat: Machine keys (#655)
* fix: memberships (#633)
* feat: add iam members to memberships
* fix: search project grants
* fix: rename
* feat: idp and login policy configurations (#619)
* feat: oidc config
* fix: oidc configurations
* feat: oidc idp config
* feat: add oidc config test
* fix: tests
* fix: tests
* feat: translate new events
* feat: idp eventstore
* feat: idp eventstore
* fix: tests
* feat: command side idp
* feat: query side idp
* feat: idp config on org
* fix: tests
* feat: authz idp on org
* feat: org idps
* feat: login policy
* feat: login policy
* feat: login policy
* feat: add idp func on login policy
* feat: add validation to loginpolicy and idp provider
* feat: add default login policy
* feat: login policy on org
* feat: login policy on org
* fix: id config handlers
* fix: id config handlers
* fix: create idp on org
* fix: create idp on org
* fix: not existing idp config
* fix: default login policy
* fix: add login policy on org
* fix: idp provider search on org
* fix: test
* fix: remove idp on org
* fix: test
* fix: test
* fix: remove admin idp
* fix: logo src as byte
* fix: migration
* fix: tests
* Update internal/iam/repository/eventsourcing/iam.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/iam_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/iam_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/org/repository/eventsourcing/org_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: pr comments
* fix: tests
* Update types.go
* fix: merge request changes
* fix: reduce optimization
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: reread user mfas, preferred loginname as otp account name (#636)
* fix: reread user mfas
* fix: use preferred login name as otp account name
* fix: tests
* fix: reduce (#635)
* fix: management reduce optimization
* fix: reduce optimization
* fix: reduce optimization
* fix: merge master
* chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#627)
Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases)
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#624)
Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0 (#591)
Bumps [github.com/DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/DATA-DOG/go-sqlmock/releases)
- [Commits](https://github.com/DATA-DOG/go-sqlmock/compare/v1.4.1...v1.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: auto assign issues and PR to ZTIADEL project board (#643)
* Create main.yml
* Update main.yml
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix(console): project grant members, update deps (#645)
* fix: searchprojectgrantmembers
* chore(deps-dev): bump @angular/cli from 10.0.6 to 10.0.7 in /console (#622)
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 10.0.6 to 10.0.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v10.0.6...v10.0.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @angular-devkit/build-angular in /console (#626)
Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli) from 0.1000.6 to 0.1000.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/commits)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
* chore(deps-dev): bump @types/jasmine from 3.5.12 to 3.5.13 in /console (#623)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.5.12 to 3.5.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump ts-node from 8.10.2 to 9.0.0 in /console (#629)
Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 8.10.2 to 9.0.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* update packlock
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: delete main.yml (#648)
* fix: usergrant (#650)
* fix(console): mfa refresh after verification, member eventemitter (#651)
* refresh mfa
* fix: detail link from contributors
* lint
* feat: add domain verification notification (#649)
* fix: dont (re)generate client secret with auth type none
* fix(cors): allow Origin from request
* feat: add origin allow list and fix some core issues
* rename migration
* fix UserIDsByDomain
* feat: send email to users after domain claim
* username
* check origin on userinfo
* update oidc pkg
* fix: add migration 1.6
* change username
* change username
* remove unique email aggregate
* change username in mgmt
* search global user by login name
* fix test
* change user search in angular
* fix tests
* merge
* userview in angular
* fix merge
* Update pkg/grpc/management/proto/management.proto
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update internal/notification/static/i18n/de.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: translation (#647)
* fix: translation
* fix: translation
* fix: translation
* fix: remove unused code
* fix: log err
* fix: migration numbers (#652)
* chore: issue / feature templates (#642)
* feat: machine keys
* fix: implement missing parts
* feat: machine key management view
* fix: remove keys from machine view
* feat: global org read (#657)
* fix: set default expiration date
* fix: get key by ids
* feat: add machine keys in proto
* feat: machine keys
* fix: add migration
* fix: mig
* fix: correct method name
* feat: user search
* feat: user search
* fix: log ids
* fix: migrations
* fix(console): machine build (#660)
* frontend 1
* fix html bindings
* trailing comma
* fix(console): human view (#661)
* fix search user view, user detail form
* rm log
* feat(console): user services list and create (#663)
* fix search user view, user detail form
* rm log
* machine list
* generic table component
* create user service
* proove table for undefined values
* tmp disable user link if machine
* lint
* lint styles
* user table lint
* Update console/src/assets/i18n/de.json
Co-authored-by: Florian Forster <florian@caos.ch>
* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)
* service users for sidenav, routing
* i18n
* back routes
* machine detail form
* update machine detail, fix svc user grants
* keys table
* add key dialog, timestamp creation
* check permission on create, delete, fix selection
* lint ts, scss
* Update console/src/assets/i18n/de.json
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
* refactor: protos
* fix(management): key expiration date
* fix: check if user is human
* fix: marshal key details
* fix: correct generate login names
* fix: logid
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix: naming
* refactor: findings
* fix: username
* fix: mfa upper case
* fix: tests
* fix: add translations
* reactivatemyorg req typeö
* fix: projectType for console
* fix: user changes
* fix: translate events
* fix: event type translation
* fix: remove unused types
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-31 15:48:01 +00:00
if user . HumanView == nil {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPreconditionFailed ( nil , "EVENT-Lm69x" , "Errors.User.NotHuman" )
feat: split users into human and machine (#470)
* feat(management): service accounts
* chore: current go version
* init
* refactor: apis
* feat(internal): start impl of service account
* chore: start impl of machine/human users
* code compiles
* fix: tests
* fix: tests
* fix: add new event types to switches
* chore: add cases to event types
* fix(management): definitive proto messages
* fix: machine/human
* fix: add missing tables as todos
* fix: remove unused permissions
* fix: refactoring
* fix: refactor
* fix: human registered
* fix: user id
* fix: logid
* fix: proto remove //equal
* chore(management): remove no comment
* fix: human mfas
* fix: user subobjects
* chore: rename existing to better name
* fix: username in user (#634)
* fix: username in user
* fix: username
* fix remove unused code
* fix add validations
* fix: use new user in all apis
* fix: regexp for username in api
* fix: fill user data for human and machine (#638)
* fix: fill Display name grant/member handlers
fix: add description to grant/member objects in api
fix: check if user is human in login
* fix: remove description from member and grant
* chore: remove todos
* feat: machine keys
* fix: implement missing parts
* feat: machine key management view
* fix: remove keys from machine view
* fix: set default expiration date
* fix: get key by ids
* feat: add machine keys in proto
* feat: machine keys
* fix: add migration
* fix: mig
* fix: correct method name
* feat: user search
* feat: user search
* fix: log ids
* fix partial authconfig prompt, domain c perm
* membership read check
* contributor refresh trigger, observe org write
* fix: migrations
* fix(console): machine build (#660)
* frontend 1
* fix html bindings
* trailing comma
* user permissions, project deactivate
* fix(console): human view (#661)
* fix search user view, user detail form
* rm log
* feat(console): user services list and create (#663)
* fix search user view, user detail form
* rm log
* machine list
* generic table component
* create user service
* proove table for undefined values
* tmp disable user link if machine
* lint
* lint styles
* user table lint
* Update console/src/assets/i18n/de.json
Co-authored-by: Florian Forster <florian@caos.ch>
* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)
* service users for sidenav, routing
* i18n
* back routes
* machine detail form
* update machine detail, fix svc user grants
* keys table
* add key dialog, timestamp creation
* check permission on create, delete, fix selection
* lint ts, scss
* Update console/src/assets/i18n/de.json
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
* allow user grants for project.write
* management service
* fix mgmt service
* feat: Machine keys (#655)
* fix: memberships (#633)
* feat: add iam members to memberships
* fix: search project grants
* fix: rename
* feat: idp and login policy configurations (#619)
* feat: oidc config
* fix: oidc configurations
* feat: oidc idp config
* feat: add oidc config test
* fix: tests
* fix: tests
* feat: translate new events
* feat: idp eventstore
* feat: idp eventstore
* fix: tests
* feat: command side idp
* feat: query side idp
* feat: idp config on org
* fix: tests
* feat: authz idp on org
* feat: org idps
* feat: login policy
* feat: login policy
* feat: login policy
* feat: add idp func on login policy
* feat: add validation to loginpolicy and idp provider
* feat: add default login policy
* feat: login policy on org
* feat: login policy on org
* fix: id config handlers
* fix: id config handlers
* fix: create idp on org
* fix: create idp on org
* fix: not existing idp config
* fix: default login policy
* fix: add login policy on org
* fix: idp provider search on org
* fix: test
* fix: remove idp on org
* fix: test
* fix: test
* fix: remove admin idp
* fix: logo src as byte
* fix: migration
* fix: tests
* Update internal/iam/repository/eventsourcing/iam.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/iam_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/iam_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/org/repository/eventsourcing/org_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: pr comments
* fix: tests
* Update types.go
* fix: merge request changes
* fix: reduce optimization
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: reread user mfas, preferred loginname as otp account name (#636)
* fix: reread user mfas
* fix: use preferred login name as otp account name
* fix: tests
* fix: reduce (#635)
* fix: management reduce optimization
* fix: reduce optimization
* fix: reduce optimization
* fix: merge master
* chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#627)
Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases)
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#624)
Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0 (#591)
Bumps [github.com/DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/DATA-DOG/go-sqlmock/releases)
- [Commits](https://github.com/DATA-DOG/go-sqlmock/compare/v1.4.1...v1.5.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: auto assign issues and PR to ZTIADEL project board (#643)
* Create main.yml
* Update main.yml
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix(console): project grant members, update deps (#645)
* fix: searchprojectgrantmembers
* chore(deps-dev): bump @angular/cli from 10.0.6 to 10.0.7 in /console (#622)
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 10.0.6 to 10.0.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v10.0.6...v10.0.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @angular-devkit/build-angular in /console (#626)
Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli) from 0.1000.6 to 0.1000.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/commits)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
* chore(deps-dev): bump @types/jasmine from 3.5.12 to 3.5.13 in /console (#623)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.5.12 to 3.5.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump ts-node from 8.10.2 to 9.0.0 in /console (#629)
Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 8.10.2 to 9.0.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* update packlock
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: delete main.yml (#648)
* fix: usergrant (#650)
* fix(console): mfa refresh after verification, member eventemitter (#651)
* refresh mfa
* fix: detail link from contributors
* lint
* feat: add domain verification notification (#649)
* fix: dont (re)generate client secret with auth type none
* fix(cors): allow Origin from request
* feat: add origin allow list and fix some core issues
* rename migration
* fix UserIDsByDomain
* feat: send email to users after domain claim
* username
* check origin on userinfo
* update oidc pkg
* fix: add migration 1.6
* change username
* change username
* remove unique email aggregate
* change username in mgmt
* search global user by login name
* fix test
* change user search in angular
* fix tests
* merge
* userview in angular
* fix merge
* Update pkg/grpc/management/proto/management.proto
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update internal/notification/static/i18n/de.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: translation (#647)
* fix: translation
* fix: translation
* fix: translation
* fix: remove unused code
* fix: log err
* fix: migration numbers (#652)
* chore: issue / feature templates (#642)
* feat: machine keys
* fix: implement missing parts
* feat: machine key management view
* fix: remove keys from machine view
* feat: global org read (#657)
* fix: set default expiration date
* fix: get key by ids
* feat: add machine keys in proto
* feat: machine keys
* fix: add migration
* fix: mig
* fix: correct method name
* feat: user search
* feat: user search
* fix: log ids
* fix: migrations
* fix(console): machine build (#660)
* frontend 1
* fix html bindings
* trailing comma
* fix(console): human view (#661)
* fix search user view, user detail form
* rm log
* feat(console): user services list and create (#663)
* fix search user view, user detail form
* rm log
* machine list
* generic table component
* create user service
* proove table for undefined values
* tmp disable user link if machine
* lint
* lint styles
* user table lint
* Update console/src/assets/i18n/de.json
Co-authored-by: Florian Forster <florian@caos.ch>
* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)
* service users for sidenav, routing
* i18n
* back routes
* machine detail form
* update machine detail, fix svc user grants
* keys table
* add key dialog, timestamp creation
* check permission on create, delete, fix selection
* lint ts, scss
* Update console/src/assets/i18n/de.json
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
* refactor: protos
* fix(management): key expiration date
* fix: check if user is human
* fix: marshal key details
* fix: correct generate login names
* fix: logid
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix: naming
* refactor: findings
* fix: username
* fix: mfa upper case
* fix: tests
* fix: add translations
* reactivatemyorg req typeö
* fix: projectType for console
* fix: user changes
* fix: translate events
* fix: event type translation
* fix: remove unused types
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-31 15:48:01 +00:00
}
2020-06-23 12:47:47 +00:00
if user . State == user_model . UserStateLocked || user . State == user_model . UserStateSuspend {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPreconditionFailed ( nil , "EVENT-FJ262" , "Errors.User.Locked" )
2020-06-19 12:52:04 +00:00
}
2020-06-23 12:47:47 +00:00
if ! ( user . State == user_model . UserStateActive || user . State == user_model . UserStateInitial ) {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPreconditionFailed ( nil , "EVENT-FJ262" , "Errors.User.NotActive" )
2020-06-19 12:52:04 +00:00
}
2022-06-14 05:51:00 +00:00
org , err := queries . OrgByID ( ctx , false , user . ResourceOwner )
2020-06-19 12:52:04 +00:00
if err != nil {
return nil , err
}
feat(queries): use org projection (#2342)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* global counter column
* fix is org unique
* fix: merge main and change actions / flow projections to new query side (#2434)
* feat: actions (#2377)
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* change actions / flow projections to new query side
* fixes
* enable org projection
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fixes
* cleanup
* add tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-09-29 11:20:57 +00:00
if org . State != domain . OrgStateActive {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowPreconditionFailed ( nil , "EVENT-Zws3s" , "Errors.User.NotActive" )
2020-06-19 12:52:04 +00:00
}
return user , nil
2020-05-18 10:06:36 +00:00
}
2023-08-18 07:21:31 +00:00
func userByID ( ctx context . Context , viewProvider userViewProvider , eventProvider userEventProvider , userID string ) ( _ * user_model . UserView , err error ) {
ctx , span := tracing . NewSpan ( ctx )
defer func ( ) { span . EndWithError ( err ) } ( )
2022-04-19 06:26:12 +00:00
user , viewErr := viewProvider . UserByID ( userID , authz . GetInstance ( ctx ) . InstanceID ( ) )
2023-12-08 14:30:55 +00:00
if viewErr != nil && ! zerrors . IsNotFound ( viewErr ) {
2020-10-02 06:02:09 +00:00
return nil , viewErr
} else if user == nil {
user = new ( user_view_model . UserView )
2020-05-18 10:06:36 +00:00
}
2023-12-14 10:07:47 +00:00
events , err := eventProvider . UserEventsByID ( ctx , userID , user . ChangeDate , user . EventTypes ( ) )
2020-06-05 05:50:04 +00:00
if err != nil {
2022-07-06 06:32:05 +00:00
logging . WithFields ( "traceID" , tracing . TraceIDFromCtx ( ctx ) ) . WithError ( err ) . Debug ( "error retrieving new events" )
2022-05-30 11:27:52 +00:00
return user_view_model . UserToModel ( user ) , nil
2020-06-05 05:50:04 +00:00
}
2020-10-02 06:02:09 +00:00
if len ( events ) == 0 {
if viewErr != nil {
return nil , viewErr
}
2022-05-30 11:27:52 +00:00
return user_view_model . UserToModel ( user ) , viewErr
2020-10-02 06:02:09 +00:00
}
2020-06-05 05:50:04 +00:00
userCopy := * user
for _ , event := range events {
if err := userCopy . AppendEvent ( event ) ; err != nil {
2022-05-30 11:27:52 +00:00
return user_view_model . UserToModel ( user ) , nil
2020-06-05 05:50:04 +00:00
}
}
2020-10-07 06:16:42 +00:00
if userCopy . State == int32 ( user_model . UserStateDeleted ) {
2023-12-08 14:30:55 +00:00
return nil , zerrors . ThrowNotFound ( nil , "EVENT-3F9so" , "Errors.User.NotFound" )
2020-10-07 06:16:42 +00:00
}
2022-05-30 11:27:52 +00:00
return user_view_model . UserToModel ( & userCopy ) , nil
2020-05-18 10:06:36 +00:00
}
2020-09-18 11:26:28 +00:00
2021-02-08 10:30:30 +00:00
func linkExternalIDPs ( ctx context . Context , userCommandProvider userCommandProvider , request * domain . AuthRequest ) error {
2021-11-02 09:08:47 +00:00
externalIDPs := make ( [ ] * domain . UserIDPLink , len ( request . LinkingUsers ) )
2020-09-18 11:26:28 +00:00
for i , linkingUser := range request . LinkingUsers {
2021-11-02 09:08:47 +00:00
externalIDP := & domain . UserIDPLink {
2021-02-08 10:30:30 +00:00
ObjectRoot : es_models . ObjectRoot { AggregateID : request . UserID } ,
IDPConfigID : linkingUser . IDPConfigID ,
ExternalUserID : linkingUser . ExternalUserID ,
2023-11-02 11:28:59 +00:00
DisplayName : linkingUser . PreferredUsername ,
2020-09-18 11:26:28 +00:00
}
externalIDPs [ i ] = externalIDP
}
data := authz . CtxData {
UserID : "LOGIN" ,
OrgID : request . UserOrgID ,
}
2021-11-02 09:08:47 +00:00
return userCommandProvider . BulkAddedUserIDPLinks ( authz . SetCtxData ( ctx , data ) , request . UserID , request . UserOrgID , externalIDPs )
2020-09-18 11:26:28 +00:00
}
2021-02-08 10:30:30 +00:00
func linkingIDPConfigExistingInAllowedIDPs ( linkingUsers [ ] * domain . ExternalUser , idpProviders [ ] * domain . IDPProvider ) bool {
2020-09-18 11:26:28 +00:00
for _ , linkingUser := range linkingUsers {
exists := false
for _ , idp := range idpProviders {
if idp . IDPConfigID == linkingUser . IDPConfigID {
exists = true
continue
}
}
if ! exists {
return false
}
}
return true
}
2021-08-18 08:49:04 +00:00
2021-02-08 10:30:30 +00:00
func userGrantRequired ( ctx context . Context , request * domain . AuthRequest , user * user_model . UserView , userGrantProvider userGrantProvider ) ( _ bool , err error ) {
2021-11-26 06:57:05 +00:00
var project * query . Project
2020-10-16 05:49:38 +00:00
switch request . Request . Type ( ) {
2023-04-19 08:46:02 +00:00
case domain . AuthRequestTypeOIDC , domain . AuthRequestTypeSAML , domain . AuthRequestTypeDevice :
2023-11-20 15:21:08 +00:00
project , err = userGrantProvider . ProjectByClientID ( ctx , request . ApplicationID )
2020-10-16 05:49:38 +00:00
if err != nil {
return false , err
}
default :
2023-12-08 14:30:55 +00:00
return false , zerrors . ThrowPreconditionFailed ( nil , "EVENT-dfrw2" , "Errors.AuthRequest.RequestTypeNotSupported" )
2020-10-16 05:49:38 +00:00
}
2021-11-26 06:57:05 +00:00
if ! project . ProjectRoleCheck {
2020-10-16 05:49:38 +00:00
return false , nil
}
2022-06-09 09:48:54 +00:00
grants , err := userGrantProvider . UserGrantsByProjectAndUserID ( ctx , project . ID , user . ID )
2020-10-16 05:49:38 +00:00
if err != nil {
return false , err
}
return len ( grants ) == 0 , nil
}
2021-08-18 08:49:04 +00:00
2023-04-06 05:46:12 +00:00
func projectRequired ( ctx context . Context , request * domain . AuthRequest , projectProvider projectProvider ) ( missingGrant bool , err error ) {
2021-11-26 06:57:05 +00:00
var project * query . Project
2021-08-18 08:49:04 +00:00
switch request . Request . Type ( ) {
2023-04-19 08:46:02 +00:00
case domain . AuthRequestTypeOIDC , domain . AuthRequestTypeSAML , domain . AuthRequestTypeDevice :
2023-11-20 15:21:08 +00:00
project , err = projectProvider . ProjectByClientID ( ctx , request . ApplicationID )
2021-08-18 08:49:04 +00:00
if err != nil {
return false , err
}
default :
2023-12-08 14:30:55 +00:00
return false , zerrors . ThrowPreconditionFailed ( nil , "EVENT-ku4He" , "Errors.AuthRequest.RequestTypeNotSupported" )
2021-08-18 08:49:04 +00:00
}
2023-04-06 05:46:12 +00:00
// if the user and project are part of the same organisation we do not need to check if the project exists on that org
if ! project . HasProjectCheck || project . ResourceOwner == request . UserOrgID {
2021-08-18 08:49:04 +00:00
return false , nil
}
2023-04-06 05:46:12 +00:00
// else just check if there is a project grant for that org
projectID , err := query . NewProjectGrantProjectIDSearchQuery ( project . ID )
if err != nil {
return false , err
}
grantedOrg , err := query . NewProjectGrantGrantedOrgIDSearchQuery ( request . UserOrgID )
if err != nil {
return false , err
}
2023-11-20 15:21:08 +00:00
grants , err := projectProvider . SearchProjectGrants ( ctx , & query . ProjectGrantSearchQueries { Queries : [ ] query . SearchQuery { projectID , grantedOrg } } )
2023-04-06 05:46:12 +00:00
if err != nil {
return false , err
2021-08-18 08:49:04 +00:00
}
2023-04-06 05:46:12 +00:00
return len ( grants . ProjectGrants ) != 1 , nil
2021-08-18 08:49:04 +00:00
}