zitadel/internal/v2/domain/human_web_auth_n.go

package domain

import (
	"bytes"
	es_models "github.com/caos/zitadel/internal/eventstore/models"
)

type WebAuthNToken struct {
	es_models.ObjectRoot

	WebAuthNTokenID        string
	CredentialCreationData []byte
	State                  MFAState
	Challenge              string
	AllowedCredentialIDs   [][]byte
	UserVerification       UserVerificationRequirement
	KeyID                  []byte
	PublicKey              []byte
	AttestationType        string
	AAGUID                 []byte
	SignCount              uint32
	WebAuthNTokenName      string
}

type WebAuthNLogin struct {
	es_models.ObjectRoot

	CredentialAssertionData []byte
	Challenge               string
	AllowedCredentialIDs    [][]byte
	UserVerification        UserVerificationRequirement
	//TODO: Add Auth Request
	//*model.AuthRequest
}

type UserVerificationRequirement int32

const (
	UserVerificationRequirementUnspecified UserVerificationRequirement = iota
	UserVerificationRequirementRequired
	UserVerificationRequirementPreferred
	UserVerificationRequirementDiscouraged
)

type AuthenticatorAttachment int32

const (
	AuthenticatorAttachmentUnspecified AuthenticatorAttachment = iota
	AuthenticatorAttachmentPlattform
	AuthenticatorAttachmentCrossPlattform
)

func GetTokenToVerify(tokens []*WebAuthNToken) (int, *WebAuthNToken) {
	for i, u2f := range tokens {
		if u2f.State == MFAStateNotReady {
			return i, u2f
		}
	}
	return -1, nil
}

func GetTokenByKeyID(tokens []*WebAuthNToken, keyID []byte) (int, *WebAuthNToken) {
	for i, token := range tokens {
		if bytes.Compare(token.KeyID, keyID) == 0 {
			return i, token
		}
	}
	return -1, nil
}
fix: use domain models for v2 eventstore (#1151) * fix: use domain models for v2 eventstore * fix: user domain model * Update internal/api/grpc/admin/login_policy_converter.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: converter Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-05 08:33:45 +00:00			`package domain`

feat: User login commands (#1228) * feat: change login to command side * feat: change login to command side * fix: fix push on user * feat: user command side * feat: sign out * feat: command side login * feat: command side login * feat: fix register user * feat: fix register user * feat: fix web auth n events * feat: add machine keys * feat: send codes * feat: move authrequest to domain * feat: move authrequest to domain * feat: webauthn working * feat: external users * feat: external users login * feat: notify users * fix: tests * feat: cascade remove user grants on project remove * fix: webauthn * fix: pr requests * fix: register human with member * fix: fix bugs * fix: fix bugs 2021-02-08 10:30:30 +00:00			`import (`
			`"bytes"`
			`es_models "github.com/caos/zitadel/internal/eventstore/models"`
			`)`
fix: use domain models for v2 eventstore (#1151) * fix: use domain models for v2 eventstore * fix: user domain model * Update internal/api/grpc/admin/login_policy_converter.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: converter Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-05 08:33:45 +00:00
			`type WebAuthNToken struct {`
			`es_models.ObjectRoot`

			`WebAuthNTokenID string`
			`CredentialCreationData []byte`
			`State MFAState`
			`Challenge string`
			`AllowedCredentialIDs [][]byte`
			`UserVerification UserVerificationRequirement`
			`KeyID []byte`
			`PublicKey []byte`
			`AttestationType string`
			`AAGUID []byte`
			`SignCount uint32`
			`WebAuthNTokenName string`
			`}`

			`type WebAuthNLogin struct {`
			`es_models.ObjectRoot`

			`CredentialAssertionData []byte`
			`Challenge string`
			`AllowedCredentialIDs [][]byte`
			`UserVerification UserVerificationRequirement`
			`//TODO: Add Auth Request`
			`//*model.AuthRequest`
			`}`

			`type UserVerificationRequirement int32`

			`const (`
			`UserVerificationRequirementUnspecified UserVerificationRequirement = iota`
			`UserVerificationRequirementRequired`
			`UserVerificationRequirementPreferred`
			`UserVerificationRequirementDiscouraged`
			`)`
feat: New event user (#1156) * feat: change user command side * feat: change user command side * feat: use states on write model * feat: command and query side in auth api * feat: auth commands * feat: check external idp id * feat: user state check * fix: error messages * fix: is active state 2021-01-07 15:06:45 +00:00
feat: new user auth api (#1168) * fix: correct selectors for extended writemodel * fix: no previous checks in eventstore * start check previous * feat: auth user commands * feat: auth user commands * feat: auth user commands * feat: otp * feat: corrections from pr merge * feat: webauthn * feat: comment old webauthn * feat: refactor user, human, machine * feat: webauth command side * feat: command and query side in login * feat: fix user writemodel append events * fix: remove creation dates on command side * fix: remove previous sequence * previous sequence * fix: external idps * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/user_human_email.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: pr changes * fix: phone verification Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-15 08:32:59 +00:00			`type AuthenticatorAttachment int32`
feat: New event user (#1156) * feat: change user command side * feat: change user command side * feat: use states on write model * feat: command and query side in auth api * feat: auth commands * feat: check external idp id * feat: user state check * fix: error messages * fix: is active state 2021-01-07 15:06:45 +00:00
			`const (`
feat: new user auth api (#1168) * fix: correct selectors for extended writemodel * fix: no previous checks in eventstore * start check previous * feat: auth user commands * feat: auth user commands * feat: auth user commands * feat: otp * feat: corrections from pr merge * feat: webauthn * feat: comment old webauthn * feat: refactor user, human, machine * feat: webauth command side * feat: command and query side in login * feat: fix user writemodel append events * fix: remove creation dates on command side * fix: remove previous sequence * previous sequence * fix: external idps * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/user_human_email.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: pr changes * fix: phone verification Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-15 08:32:59 +00:00			`AuthenticatorAttachmentUnspecified AuthenticatorAttachment = iota`
			`AuthenticatorAttachmentPlattform`
			`AuthenticatorAttachmentCrossPlattform`
feat: New event user (#1156) * feat: change user command side * feat: change user command side * feat: use states on write model * feat: command and query side in auth api * feat: auth commands * feat: check external idp id * feat: user state check * fix: error messages * fix: is active state 2021-01-07 15:06:45 +00:00			`)`

feat: new user auth api (#1168) * fix: correct selectors for extended writemodel * fix: no previous checks in eventstore * start check previous * feat: auth user commands * feat: auth user commands * feat: auth user commands * feat: otp * feat: corrections from pr merge * feat: webauthn * feat: comment old webauthn * feat: refactor user, human, machine * feat: webauth command side * feat: command and query side in login * feat: fix user writemodel append events * fix: remove creation dates on command side * fix: remove previous sequence * previous sequence * fix: external idps * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/v2/command/user_human_email.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: pr changes * fix: phone verification Co-authored-by: adlerhurst <silvan.reusser@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com> 2021-01-15 08:32:59 +00:00			`func GetTokenToVerify(tokens []WebAuthNToken) (int, WebAuthNToken) {`
			`for i, u2f := range tokens {`
			`if u2f.State == MFAStateNotReady {`
			`return i, u2f`
			`}`
			`}`
			`return -1, nil`
feat: New event user (#1156) * feat: change user command side * feat: change user command side * feat: use states on write model * feat: command and query side in auth api * feat: auth commands * feat: check external idp id * feat: user state check * fix: error messages * fix: is active state 2021-01-07 15:06:45 +00:00			`}`
feat: User login commands (#1228) * feat: change login to command side * feat: change login to command side * fix: fix push on user * feat: user command side * feat: sign out * feat: command side login * feat: command side login * feat: fix register user * feat: fix register user * feat: fix web auth n events * feat: add machine keys * feat: send codes * feat: move authrequest to domain * feat: move authrequest to domain * feat: webauthn working * feat: external users * feat: external users login * feat: notify users * fix: tests * feat: cascade remove user grants on project remove * fix: webauthn * fix: pr requests * fix: register human with member * fix: fix bugs * fix: fix bugs 2021-02-08 10:30:30 +00:00
			`func GetTokenByKeyID(tokens []WebAuthNToken, keyID []byte) (int, WebAuthNToken) {`
			`for i, token := range tokens {`
			`if bytes.Compare(token.KeyID, keyID) == 0 {`
			`return i, token`
			`}`
			`}`
			`return -1, nil`
			`}`