2022-02-14 17:22:30 +01:00
|
|
|
package login
|
2020-06-05 07:50:04 +02:00
|
|
|
|
|
|
|
|
import (
|
|
|
|
|
"net/http"
|
|
|
|
|
|
|
|
|
|
"github.com/gorilla/mux"
|
|
|
|
|
)
|
|
|
|
|
|
|
|
|
|
const (
|
2023-08-31 08:39:16 +02:00
|
|
|
EndpointRoot = "/"
|
|
|
|
|
EndpointHealthz = "/healthz"
|
|
|
|
|
EndpointReadiness = "/ready"
|
|
|
|
|
EndpointLogin = "/login"
|
|
|
|
|
EndpointExternalLogin = "/login/externalidp"
|
|
|
|
|
EndpointExternalLoginCallback = "/login/externalidp/callback"
|
|
|
|
|
EndpointExternalLoginCallbackFormPost = "/login/externalidp/callback/form"
|
feat: federated logout for SAML IdPs (#9931)
# Which Problems Are Solved
Currently if a user signs in using an IdP, once they sign out of
Zitadel, the corresponding IdP session is not terminated. This can be
the desired behavior. In some cases, e.g. when using a shared computer
it results in a potential security risk, since a follower user might be
able to sign in as the previous using the still open IdP session.
# How the Problems Are Solved
- Admins can enabled a federated logout option on SAML IdPs through the
Admin and Management APIs.
- During the termination of a login V1 session using OIDC end_session
endpoint, Zitadel will check if an IdP was used to authenticate that
session.
- In case there was a SAML IdP used with Federated Logout enabled, it
will intercept the logout process, store the information into the shared
cache and redirect to the federated logout endpoint in the V1 login.
- The V1 login federated logout endpoint checks every request on an
existing cache entry. On success it will create a SAML logout request
for the used IdP and either redirect or POST to the configured SLO
endpoint. The cache entry is updated with a `redirected` state.
- A SLO endpoint is added to the `/idp` handlers, which will handle the
SAML logout responses. At the moment it will check again for an existing
federated logout entry (with state `redirected`) in the cache. On
success, the user is redirected to the initially provided
`post_logout_redirect_uri` from the end_session request.
# Additional Changes
None
# Additional Context
- This PR merges the https://github.com/zitadel/zitadel/pull/9841 and
https://github.com/zitadel/zitadel/pull/9854 to main, additionally
updating the docs on Entra ID SAML.
- closes #9228
- backport to 3.x
---------
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
Co-authored-by: Zach Hirschtritt <zachary.hirschtritt@klaviyo.com>
(cherry picked from commit 2cf3ef4de4ef993367daec6ff3974bdbdf70d2f3)
2025-05-23 13:52:25 +02:00
|
|
|
EndpointExternalLogout = "/logout/externalidp"
|
2023-09-29 11:26:14 +02:00
|
|
|
EndpointSAMLACS = "/login/externalidp/saml/acs"
|
2023-08-31 08:39:16 +02:00
|
|
|
EndpointJWTAuthorize = "/login/jwt/authorize"
|
|
|
|
|
EndpointJWTCallback = "/login/jwt/callback"
|
|
|
|
|
EndpointLDAPLogin = "/login/ldap"
|
|
|
|
|
EndpointLDAPCallback = "/login/ldap/callback"
|
|
|
|
|
EndpointPasswordlessLogin = "/login/passwordless"
|
|
|
|
|
EndpointPasswordlessRegistration = "/login/passwordless/init"
|
|
|
|
|
EndpointPasswordlessPrompt = "/login/passwordless/prompt"
|
|
|
|
|
EndpointLoginName = "/loginname"
|
|
|
|
|
EndpointUserSelection = "/userselection"
|
|
|
|
|
EndpointChangeUsername = "/username/change"
|
|
|
|
|
EndpointPassword = "/password"
|
|
|
|
|
EndpointInitPassword = "/password/init"
|
|
|
|
|
EndpointChangePassword = "/password/change"
|
|
|
|
|
EndpointPasswordReset = "/password/reset"
|
|
|
|
|
EndpointInitUser = "/user/init"
|
2024-09-11 12:53:55 +02:00
|
|
|
EndpointInviteUser = "/user/invite"
|
2023-08-31 08:39:16 +02:00
|
|
|
EndpointMFAVerify = "/mfa/verify"
|
|
|
|
|
EndpointMFAPrompt = "/mfa/prompt"
|
|
|
|
|
EndpointMFAInitVerify = "/mfa/init/verify"
|
|
|
|
|
EndpointMFASMSInitVerify = "/mfa/init/sms/verify"
|
|
|
|
|
EndpointMFAOTPVerify = "/mfa/otp/verify"
|
|
|
|
|
EndpointMFAInitU2FVerify = "/mfa/init/u2f/verify"
|
|
|
|
|
EndpointU2FVerification = "/mfa/u2f/verify"
|
|
|
|
|
EndpointMailVerification = "/mail/verification"
|
|
|
|
|
EndpointMailVerified = "/mail/verified"
|
|
|
|
|
EndpointRegisterOption = "/register/option"
|
|
|
|
|
EndpointRegister = "/register"
|
|
|
|
|
EndpointExternalRegister = "/register/externalidp"
|
|
|
|
|
EndpointExternalRegisterCallback = "/register/externalidp/callback"
|
|
|
|
|
EndpointRegisterOrg = "/register/org"
|
|
|
|
|
EndpointLogoutDone = "/logout/done"
|
|
|
|
|
EndpointLoginSuccess = "/login/success"
|
|
|
|
|
EndpointExternalNotFoundOption = "/externaluser/option"
|
2020-06-05 07:50:04 +02:00
|
|
|
|
feat: label policy (#1708)
* feat: label policy proto extension
* feat: label policy and activate event
* feat: label policy asset events
* feat: label policy asset commands
* feat: add storage key
* feat: storage key validation
* feat: label policy asset tests
* feat: label policy query side
* feat: avatar
* feat: avatar event
* feat: human avatar
* feat: avatar read side
* feat: font on iam label policy
* feat: label policy font
* feat: possiblity to create bucket on put file
* uplaoder
* login policy logo
* set bucket prefix
* feat: avatar upload
* feat: avatar upload
* feat: use assets on command side
* feat: fix human avatar removed event
* feat: remove human avatar
* feat: mock asset storage
* feat: remove human avatar
* fix(operator): add configuration of asset storage to zitadel operator
* feat(console): private labeling policy (#1697)
* private labeling component, routing, preview
* font, colors, upload, i18n
* show logo
* fix: uniqueness (#1710)
* fix: uniqueconstraint to lower
* feat: change org
* feat: org change test
* feat: change org
* fix: tests
* fix: handle domain claims correctly
* feat: update org
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: handle domain claimed event correctly for service users (#1711)
* fix: handle domain claimed event correctly on user view
* fix: ignore domain claimed events for email notifications
* fix: change org
* handle org changed in read models correctly
* fix: change org in user grant handler
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: correct value (#1695)
* docs(api): correct link (#1712)
* upload service
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: fix tests,
* feat: remove assets from label policy
* fix npm, set environment
* lint ts
* remove stylelinting
* fix(operator): add mapping for console with changed unit tests
* fix(operator): add secrets as env variables to pod
* feat: remove human avatar
* fix(operator): add secrets as env variables to pod
* feat: map label policy
* feat: labelpolicy, admin, mgmt, adv settings (#1715)
* fetch label policy, mgmt, admin service
* feat: advanced beh, links, add, update
* lint ts
* feat: watermark
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: custom css
* css
* css
* css
* css
* css
* getobject
* feat: dynamic handler
* feat: varibale css
* content info
* css overwrite
* feat: variablen css
* feat: generate css file
* feat: dark mode
* feat: dark mode
* fix logo css
* feat: upload logos
* dark mode with cookie
* feat: handle images in login
* avatar css and begin font
* feat: avatar
* feat: user avatar
* caching of static assets in login
* add avatar.js to main.html
* feat: header dont show logo if no url
* feat: label policy colors
* feat: mock asset storage
* feat: mock asset storage
* feat: fix tests
* feat: user avatar
* feat: header logo
* avatar
* avatar
* make it compatible with go 1.15
* feat: remove unused logos
* fix handler
* fix: styling error handling
* fonts
* fix: download func
* switch to mux
* fix: change upload api to assets
* fix build
* fix: download avatar
* fix: download logos
* fix: my avatar
* font
* fix: remove error msg popup possibility
* fix: docs
* fix: svalidate colors
* rem msg popup from frontend
* fix: email with private labeling
* fix: tests
* fix: email templates
* fix: change migration version
* fix: fix duplicate imports
* fix(console): assets, service url, upload, policy current and preview (#1781)
* upload endpoint, layout
* fetch current, preview, fix upload
* cleanup private labeling
* fix linting
* begin generated asset handler
* generate asset api in dockerfile
* features for label policy
* features for label policy
* features
* flag for asset generator
* change asset generator flag
* fix label policy view in grpc
* fix: layout, activate policy (#1786)
* theme switcher up on top
* change layout
* activate policy
* feat(console): label policy back color, layout (#1788)
* theme switcher up on top
* change layout
* activate policy
* fix overwrite value fc
* reset policy, reset service
* autosave policy, preview desc, layout impv
* layout, i18n
* background colors, inject material styles
* load images
* clean, lint
* fix layout
* set custom hex
* fix content size conversion
* remove font format in generated css
* fix features for assets
* fix(console): label policy colors, image downloads, preview (#1804)
* load images
* colors, images binding
* lint
* refresh emitter
* lint
* propagate font colors
* upload error handling
* label policy feature check
* add blob in csp for console
* log
* fix: feature edits for label policy, refresh state on upload (#1807)
* show error on load image, stop spinner
* fix merge
* fix migration versions
* fix assets
* fix csp
* fix background color
* scss
* fix build
* lint scss
* fix statik for console
* fix features check for label policy
* cleanup
* lint
* public links
* fix notifications
* public links
* feat: merge main
* feat: fix translation files
* fix migration
* set api domain
* fix logo in email
* font face in email
* font face in email
* validate assets on upload
* cleanup
* add missing translations
* add missing translations
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2021-06-04 14:53:51 +02:00
|
|
|
EndpointResources = "/resources"
|
|
|
|
|
EndpointDynamicResources = "/resources/dynamic"
|
2023-04-19 11:46:02 +03:00
|
|
|
|
|
|
|
|
EndpointDeviceAuth = "/device"
|
|
|
|
|
EndpointDeviceAuthAction = "/device/{action}"
|
2024-04-10 17:46:30 +02:00
|
|
|
|
|
|
|
|
EndpointLinkingUserPrompt = "/link/user"
|
2020-06-05 07:50:04 +02:00
|
|
|
)
|
|
|
|
|
|
2022-05-02 17:26:54 +02:00
|
|
|
var (
|
|
|
|
|
IgnoreInstanceEndpoints = []string{
|
|
|
|
|
EndpointResources + "/fonts",
|
|
|
|
|
EndpointResources + "/images",
|
|
|
|
|
EndpointResources + "/scripts",
|
|
|
|
|
EndpointResources + "/themes",
|
|
|
|
|
}
|
|
|
|
|
)
|
|
|
|
|
|
2023-12-05 12:12:01 +01:00
|
|
|
func CreateRouter(login *Login, interceptors ...mux.MiddlewareFunc) *mux.Router {
|
2020-06-05 07:50:04 +02:00
|
|
|
router := mux.NewRouter()
|
2020-06-17 08:06:40 +02:00
|
|
|
router.Use(interceptors...)
|
2020-06-05 07:50:04 +02:00
|
|
|
router.HandleFunc(EndpointRoot, login.handleLogin).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointHealthz, login.handleHealthz).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointReadiness, login.handleReadiness).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointLogin, login.handleLogin).Methods(http.MethodGet, http.MethodPost)
|
2020-09-18 13:26:28 +02:00
|
|
|
router.HandleFunc(EndpointExternalLogin, login.handleExternalLogin).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointExternalLoginCallback, login.handleExternalLoginCallback).Methods(http.MethodGet)
|
2023-08-31 08:39:16 +02:00
|
|
|
router.HandleFunc(EndpointExternalLoginCallbackFormPost, login.handleExternalLoginCallbackForm).Methods(http.MethodPost)
|
feat: federated logout for SAML IdPs (#9931)
# Which Problems Are Solved
Currently if a user signs in using an IdP, once they sign out of
Zitadel, the corresponding IdP session is not terminated. This can be
the desired behavior. In some cases, e.g. when using a shared computer
it results in a potential security risk, since a follower user might be
able to sign in as the previous using the still open IdP session.
# How the Problems Are Solved
- Admins can enabled a federated logout option on SAML IdPs through the
Admin and Management APIs.
- During the termination of a login V1 session using OIDC end_session
endpoint, Zitadel will check if an IdP was used to authenticate that
session.
- In case there was a SAML IdP used with Federated Logout enabled, it
will intercept the logout process, store the information into the shared
cache and redirect to the federated logout endpoint in the V1 login.
- The V1 login federated logout endpoint checks every request on an
existing cache entry. On success it will create a SAML logout request
for the used IdP and either redirect or POST to the configured SLO
endpoint. The cache entry is updated with a `redirected` state.
- A SLO endpoint is added to the `/idp` handlers, which will handle the
SAML logout responses. At the moment it will check again for an existing
federated logout entry (with state `redirected`) in the cache. On
success, the user is redirected to the initially provided
`post_logout_redirect_uri` from the end_session request.
# Additional Changes
None
# Additional Context
- This PR merges the https://github.com/zitadel/zitadel/pull/9841 and
https://github.com/zitadel/zitadel/pull/9854 to main, additionally
updating the docs on Entra ID SAML.
- closes #9228
- backport to 3.x
---------
Co-authored-by: Silvan <27845747+adlerhurst@users.noreply.github.com>
Co-authored-by: Zach Hirschtritt <zachary.hirschtritt@klaviyo.com>
(cherry picked from commit 2cf3ef4de4ef993367daec6ff3974bdbdf70d2f3)
2025-05-23 13:52:25 +02:00
|
|
|
router.HandleFunc(EndpointExternalLogout, login.handleExternalLogout).Methods(http.MethodGet)
|
2023-09-29 11:26:14 +02:00
|
|
|
router.HandleFunc(EndpointSAMLACS, login.handleExternalLoginCallback).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointSAMLACS, login.handleExternalLoginCallbackForm).Methods(http.MethodPost)
|
2021-09-14 15:15:01 +02:00
|
|
|
router.HandleFunc(EndpointJWTAuthorize, login.handleJWTRequest).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointJWTCallback, login.handleJWTCallback).Methods(http.MethodGet)
|
2020-12-02 17:00:04 +01:00
|
|
|
router.HandleFunc(EndpointPasswordlessLogin, login.handlePasswordlessVerification).Methods(http.MethodPost)
|
2021-08-02 15:24:58 +02:00
|
|
|
router.HandleFunc(EndpointPasswordlessRegistration, login.handlePasswordlessRegistration).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointPasswordlessRegistration, login.handlePasswordlessRegistrationCheck).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointPasswordlessPrompt, login.handlePasswordlessPrompt).Methods(http.MethodPost)
|
2020-06-17 08:06:40 +02:00
|
|
|
router.HandleFunc(EndpointLoginName, login.handleLoginName).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointLoginName, login.handleLoginNameCheck).Methods(http.MethodPost)
|
2020-06-05 07:50:04 +02:00
|
|
|
router.HandleFunc(EndpointUserSelection, login.handleSelectUser).Methods(http.MethodPost)
|
2020-08-27 17:18:23 +02:00
|
|
|
router.HandleFunc(EndpointChangeUsername, login.handleChangeUsername).Methods(http.MethodPost)
|
2020-06-05 07:50:04 +02:00
|
|
|
router.HandleFunc(EndpointPassword, login.handlePasswordCheck).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointInitPassword, login.handleInitPassword).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointInitPassword, login.handleInitPasswordCheck).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointPasswordReset, login.handlePasswordReset).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointInitUser, login.handleInitUser).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointInitUser, login.handleInitUserCheck).Methods(http.MethodPost)
|
2024-09-11 12:53:55 +02:00
|
|
|
router.HandleFunc(EndpointInviteUser, login.handleInviteUser).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointInviteUser, login.handleInviteUserCheck).Methods(http.MethodPost)
|
2020-12-02 17:00:04 +01:00
|
|
|
router.HandleFunc(EndpointMFAVerify, login.handleMFAVerify).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointMFAPrompt, login.handleMFAPromptSelection).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointMFAPrompt, login.handleMFAPrompt).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointMFAInitVerify, login.handleMFAInitVerify).Methods(http.MethodPost)
|
2023-08-15 14:47:05 +02:00
|
|
|
router.HandleFunc(EndpointMFASMSInitVerify, login.handleRegisterSMSCheck).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointMFAOTPVerify, login.handleOTPVerificationCheck).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointMFAOTPVerify, login.handleOTPVerificationCheck).Methods(http.MethodPost)
|
2020-12-02 17:00:04 +01:00
|
|
|
router.HandleFunc(EndpointMFAInitU2FVerify, login.handleRegisterU2F).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointU2FVerification, login.handleU2FVerification).Methods(http.MethodPost)
|
2020-06-05 07:50:04 +02:00
|
|
|
router.HandleFunc(EndpointMailVerification, login.handleMailVerification).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointMailVerification, login.handleMailVerificationCheck).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointChangePassword, login.handleChangePassword).Methods(http.MethodPost)
|
2020-09-18 13:26:28 +02:00
|
|
|
router.HandleFunc(EndpointRegisterOption, login.handleRegisterOption).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointRegisterOption, login.handleRegisterOptionCheck).Methods(http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointExternalNotFoundOption, login.handleExternalNotFoundOptionCheck).Methods(http.MethodPost)
|
2020-06-05 07:50:04 +02:00
|
|
|
router.HandleFunc(EndpointRegister, login.handleRegister).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointRegister, login.handleRegisterCheck).Methods(http.MethodPost)
|
2020-09-18 13:26:28 +02:00
|
|
|
router.HandleFunc(EndpointExternalRegister, login.handleExternalRegister).Methods(http.MethodGet)
|
2023-02-28 21:20:58 +01:00
|
|
|
router.HandleFunc(EndpointExternalRegisterCallback, login.handleExternalLoginCallback).Methods(http.MethodGet)
|
2020-06-05 07:50:04 +02:00
|
|
|
router.HandleFunc(EndpointLogoutDone, login.handleLogoutDone).Methods(http.MethodGet)
|
feat: label policy (#1708)
* feat: label policy proto extension
* feat: label policy and activate event
* feat: label policy asset events
* feat: label policy asset commands
* feat: add storage key
* feat: storage key validation
* feat: label policy asset tests
* feat: label policy query side
* feat: avatar
* feat: avatar event
* feat: human avatar
* feat: avatar read side
* feat: font on iam label policy
* feat: label policy font
* feat: possiblity to create bucket on put file
* uplaoder
* login policy logo
* set bucket prefix
* feat: avatar upload
* feat: avatar upload
* feat: use assets on command side
* feat: fix human avatar removed event
* feat: remove human avatar
* feat: mock asset storage
* feat: remove human avatar
* fix(operator): add configuration of asset storage to zitadel operator
* feat(console): private labeling policy (#1697)
* private labeling component, routing, preview
* font, colors, upload, i18n
* show logo
* fix: uniqueness (#1710)
* fix: uniqueconstraint to lower
* feat: change org
* feat: org change test
* feat: change org
* fix: tests
* fix: handle domain claims correctly
* feat: update org
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: handle domain claimed event correctly for service users (#1711)
* fix: handle domain claimed event correctly on user view
* fix: ignore domain claimed events for email notifications
* fix: change org
* handle org changed in read models correctly
* fix: change org in user grant handler
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: correct value (#1695)
* docs(api): correct link (#1712)
* upload service
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: fix tests,
* feat: remove assets from label policy
* fix npm, set environment
* lint ts
* remove stylelinting
* fix(operator): add mapping for console with changed unit tests
* fix(operator): add secrets as env variables to pod
* feat: remove human avatar
* fix(operator): add secrets as env variables to pod
* feat: map label policy
* feat: labelpolicy, admin, mgmt, adv settings (#1715)
* fetch label policy, mgmt, admin service
* feat: advanced beh, links, add, update
* lint ts
* feat: watermark
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: custom css
* css
* css
* css
* css
* css
* getobject
* feat: dynamic handler
* feat: varibale css
* content info
* css overwrite
* feat: variablen css
* feat: generate css file
* feat: dark mode
* feat: dark mode
* fix logo css
* feat: upload logos
* dark mode with cookie
* feat: handle images in login
* avatar css and begin font
* feat: avatar
* feat: user avatar
* caching of static assets in login
* add avatar.js to main.html
* feat: header dont show logo if no url
* feat: label policy colors
* feat: mock asset storage
* feat: mock asset storage
* feat: fix tests
* feat: user avatar
* feat: header logo
* avatar
* avatar
* make it compatible with go 1.15
* feat: remove unused logos
* fix handler
* fix: styling error handling
* fonts
* fix: download func
* switch to mux
* fix: change upload api to assets
* fix build
* fix: download avatar
* fix: download logos
* fix: my avatar
* font
* fix: remove error msg popup possibility
* fix: docs
* fix: svalidate colors
* rem msg popup from frontend
* fix: email with private labeling
* fix: tests
* fix: email templates
* fix: change migration version
* fix: fix duplicate imports
* fix(console): assets, service url, upload, policy current and preview (#1781)
* upload endpoint, layout
* fetch current, preview, fix upload
* cleanup private labeling
* fix linting
* begin generated asset handler
* generate asset api in dockerfile
* features for label policy
* features for label policy
* features
* flag for asset generator
* change asset generator flag
* fix label policy view in grpc
* fix: layout, activate policy (#1786)
* theme switcher up on top
* change layout
* activate policy
* feat(console): label policy back color, layout (#1788)
* theme switcher up on top
* change layout
* activate policy
* fix overwrite value fc
* reset policy, reset service
* autosave policy, preview desc, layout impv
* layout, i18n
* background colors, inject material styles
* load images
* clean, lint
* fix layout
* set custom hex
* fix content size conversion
* remove font format in generated css
* fix features for assets
* fix(console): label policy colors, image downloads, preview (#1804)
* load images
* colors, images binding
* lint
* refresh emitter
* lint
* propagate font colors
* upload error handling
* label policy feature check
* add blob in csp for console
* log
* fix: feature edits for label policy, refresh state on upload (#1807)
* show error on load image, stop spinner
* fix merge
* fix migration versions
* fix assets
* fix csp
* fix background color
* scss
* fix build
* lint scss
* fix statik for console
* fix features check for label policy
* cleanup
* lint
* public links
* fix notifications
* public links
* feat: merge main
* feat: fix translation files
* fix migration
* set api domain
* fix logo in email
* font face in email
* font face in email
* validate assets on upload
* cleanup
* add missing translations
* add missing translations
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2021-06-04 14:53:51 +02:00
|
|
|
router.HandleFunc(EndpointDynamicResources, login.handleDynamicResources).Methods(http.MethodGet)
|
2023-12-05 12:12:01 +01:00
|
|
|
router.PathPrefix(EndpointResources).Handler(login.handleResources()).Methods(http.MethodGet)
|
2020-08-06 14:38:19 +02:00
|
|
|
router.HandleFunc(EndpointRegisterOrg, login.handleRegisterOrg).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointRegisterOrg, login.handleRegisterOrgCheck).Methods(http.MethodPost)
|
2021-06-10 14:18:07 +02:00
|
|
|
router.HandleFunc(EndpointLoginSuccess, login.handleLoginSuccess).Methods(http.MethodGet)
|
2023-03-24 16:18:56 +01:00
|
|
|
router.HandleFunc(EndpointLDAPLogin, login.handleLDAP).Methods(http.MethodGet)
|
|
|
|
|
router.HandleFunc(EndpointLDAPCallback, login.handleLDAPCallback).Methods(http.MethodPost)
|
2022-04-26 12:13:16 +02:00
|
|
|
router.SkipClean(true).Handle("", http.RedirectHandler(HandlerPrefix+"/", http.StatusMovedPermanently))
|
2023-04-19 11:46:02 +03:00
|
|
|
router.HandleFunc(EndpointDeviceAuth, login.handleDeviceAuthUserCode).Methods(http.MethodGet, http.MethodPost)
|
|
|
|
|
router.HandleFunc(EndpointDeviceAuthAction, login.handleDeviceAuthAction).Methods(http.MethodGet, http.MethodPost)
|
2020-06-05 07:50:04 +02:00
|
|
|
return router
|
|
|
|
|
}
|