| 
									
										
										
										
											2022-02-14 17:22:30 +01:00
										 |  |  | package login | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | import ( | 
					
						
							|  |  |  | 	"context" | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 	"encoding/json" | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 	"net/http" | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 	"github.com/dop251/goja" | 
					
						
							| 
									
										
										
										
											2023-05-02 18:03:33 +02:00
										 |  |  | 	"github.com/zitadel/logging" | 
					
						
							| 
									
										
										
										
											2023-10-17 18:19:51 +03:00
										 |  |  | 	"github.com/zitadel/oidc/v3/pkg/oidc" | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 	"golang.org/x/text/language" | 
					
						
							| 
									
										
											  
											
												feat(queries): use org projection (#2342)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* global counter column
* fix is org unique
* fix: merge main and change actions / flow projections to new query side (#2434)
* feat: actions (#2377)
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* change actions / flow projections to new query side
* fixes
* enable org projection
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fixes
* cleanup
* add tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
											
										 
											2021-09-29 13:20:57 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-04-27 01:01:45 +02:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/actions" | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/actions/object" | 
					
						
							| 
									
										
										
										
											2022-04-27 01:01:45 +02:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/api/authz" | 
					
						
							|  |  |  | 	"github.com/zitadel/zitadel/internal/domain" | 
					
						
							| 
									
										
										
										
											2023-03-03 11:38:49 +01:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/idp" | 
					
						
							| 
									
										
										
										
											2023-05-02 18:03:33 +02:00
										 |  |  | 	"github.com/zitadel/zitadel/internal/query" | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | func (l *Login) runPostExternalAuthenticationActions( | 
					
						
							|  |  |  | 	user *domain.ExternalUser, | 
					
						
							| 
									
										
										
										
											2023-03-28 14:28:56 +03:00
										 |  |  | 	tokens *oidc.Tokens[*oidc.IDTokenClaims], | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 	authRequest *domain.AuthRequest, | 
					
						
							|  |  |  | 	httpRequest *http.Request, | 
					
						
							| 
									
										
										
										
											2023-03-03 11:38:49 +01:00
										 |  |  | 	idpUser idp.User, | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 	authenticationError error, | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | ) (_ *domain.ExternalUser, userChanged bool, err error) { | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 	ctx := httpRequest.Context() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-05-02 18:03:33 +02:00
										 |  |  | 	// use the request org (scopes or domain discovery) as default | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 	resourceOwner := authRequest.RequestedOrgID | 
					
						
							| 
									
										
										
										
											2023-05-02 18:03:33 +02:00
										 |  |  | 	// if the user was already linked to an IDP and redirected to that, the requested org might be empty | 
					
						
							|  |  |  | 	if resourceOwner == "" { | 
					
						
							|  |  |  | 		resourceOwner = authRequest.UserOrgID | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	// if we will have no org (e.g. user clicked directly on the IDP on the login page) | 
					
						
							|  |  |  | 	if resourceOwner == "" { | 
					
						
							|  |  |  | 		// in this case the user might nevertheless already be linked to an IDP, | 
					
						
							|  |  |  | 		// so let's do a workaround and resourceOwnerOfUserIDPLink if there would be a IDP link | 
					
						
							|  |  |  | 		resourceOwner, err = l.resourceOwnerOfUserIDPLink(ctx, authRequest.SelectedIDPConfigID, user.ExternalUserID) | 
					
						
							|  |  |  | 		logging.WithFields("authReq", authRequest.ID, "idpID", authRequest.SelectedIDPConfigID).OnError(err). | 
					
						
							|  |  |  | 			Warn("could not determine resource owner for runPostExternalAuthenticationActions, fall back to default org id") | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	// fallback to default org id | 
					
						
							| 
									
										
											  
											
												feat(queries): use org projection (#2342)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* global counter column
* fix is org unique
* fix: merge main and change actions / flow projections to new query side (#2434)
* feat: actions (#2377)
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* change actions / flow projections to new query side
* fixes
* enable org projection
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fixes
* cleanup
* add tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
											
										 
											2021-09-29 13:20:57 +02:00
										 |  |  | 	if resourceOwner == "" { | 
					
						
							| 
									
										
										
										
											2023-02-28 21:20:58 +01:00
										 |  |  | 		resourceOwner = authz.GetInstance(ctx).DefaultOrganisationID() | 
					
						
							| 
									
										
											  
											
												feat(queries): use org projection (#2342)
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800)
* fix: is default (#1737)
* fix: use email as username on global org (#1738)
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739)
* chore: remove PAT and use GH Token (#1716)
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746)
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744)
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691)
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases)
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md)
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases)
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md)
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682)
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681)
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666)
Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704)
* fix: show org with regex (#1688)
* fix: flag mapping (#1699)
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service)
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745)
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753)
* fix: handle api configs in authz handler (#1755)
* fix(console): add model for api keys, fix toast, binding (#1757)
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758)
* feat: refresh token (#1728)
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760)
* fix: migration version (#1767)
* start subscription
* eventtypes
* fix(login): links (#1778)
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779)
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782)
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785)
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795)
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796)
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810)
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026)
* fix: template names in login (#1974)
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976)
* fix: add sentry in ui, http and projection handlers (#1977)
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805)
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980)
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984)
* fix: role assertion (#1986)
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982)
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990)
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973)
* fix: return default language file, if requested lang does not exist for default login texts (#1988)
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993)
* feat: handle ui_locales in login (#1994)
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995)
* fix: give restore more time (#1997)
* fix: translation file read (#2009)
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010)
* fix: filter event_data (#2011)
* feat: Custom message files (#1992)
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013)
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012)
* fix: remove oauth endpoints from oidc config proto (#2014)
* try with view
* fix(console): disable sw (#2021)
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138)
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases)
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3)
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases)
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md)
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0)
---
updated-dependencies:
- dependency-name: google.golang.org/api
  dependency-type: direct:production
  update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416)
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* global counter column
* fix is org unique
* fix: merge main and change actions / flow projections to new query side (#2434)
* feat: actions (#2377)
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* change actions / flow projections to new query side
* fixes
* enable org projection
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fixes
* cleanup
* add tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
											
										 
											2021-09-29 13:20:57 +02:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	triggerActions, err := l.query.GetActiveActionsByFlowAndTriggerType(ctx, domain.FlowTypeExternalAuthentication, domain.TriggerTypePostAuthentication, resourceOwner) | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 		return nil, false, err | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	metadataList := object.MetadataListFromDomain(user.Metadatas) | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 	apiFields := actions.WithAPIFields( | 
					
						
							|  |  |  | 		actions.SetFields("setFirstName", func(firstName string) { | 
					
						
							|  |  |  | 			user.FirstName = firstName | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setLastName", func(lastName string) { | 
					
						
							|  |  |  | 			user.LastName = lastName | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setNickName", func(nickName string) { | 
					
						
							|  |  |  | 			user.NickName = nickName | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setDisplayName", func(displayName string) { | 
					
						
							|  |  |  | 			user.DisplayName = displayName | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setPreferredLanguage", func(preferredLanguage string) { | 
					
						
							|  |  |  | 			user.PreferredLanguage = language.Make(preferredLanguage) | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setPreferredUsername", func(username string) { | 
					
						
							|  |  |  | 			user.PreferredUsername = username | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 		actions.SetFields("setEmail", func(email domain.EmailAddress) { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			user.Email = email | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setEmailVerified", func(verified bool) { | 
					
						
							|  |  |  | 			user.IsEmailVerified = verified | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 		actions.SetFields("setPhone", func(phone domain.PhoneNumber) { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			user.Phone = phone | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setPhoneVerified", func(verified bool) { | 
					
						
							|  |  |  | 			user.IsPhoneVerified = verified | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			userChanged = true | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2023-03-23 14:28:53 +01:00
										 |  |  | 		actions.SetFields("metadata", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 			return metadataList.MetadataListFromDomain(c.Runtime) | 
					
						
							|  |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actions.SetFields("v1", | 
					
						
							|  |  |  | 			actions.SetFields("user", | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 				actions.SetFields("appendMetadata", metadataList.AppendMetadataFunc), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			), | 
					
						
							|  |  |  | 		), | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 	authErrStr := "none" | 
					
						
							|  |  |  | 	if authenticationError != nil { | 
					
						
							|  |  |  | 		authErrStr = authenticationError.Error() | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	for _, a := range triggerActions { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actionCtx, cancel := context.WithTimeout(ctx, a.Timeout()) | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		ctxFieldOptions := append(tokenCtxFields(tokens), | 
					
						
							|  |  |  | 			actions.SetFields("v1", | 
					
						
							|  |  |  | 				actions.SetFields("externalUser", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 					return object.UserFromExternalUser(c, user) | 
					
						
							|  |  |  | 				}), | 
					
						
							| 
									
										
										
										
											2023-03-03 11:38:49 +01:00
										 |  |  | 				actions.SetFields("providerInfo", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 					return c.Runtime.ToValue(idpUser) | 
					
						
							|  |  |  | 				}), | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 				actions.SetFields("authRequest", object.AuthRequestField(authRequest)), | 
					
						
							|  |  |  | 				actions.SetFields("httpRequest", object.HTTPRequestField(httpRequest)), | 
					
						
							|  |  |  | 				actions.SetFields("authError", authErrStr), | 
					
						
							| 
									
										
										
										
											2024-03-19 07:34:38 +01:00
										 |  |  | 				actions.SetFields("org", | 
					
						
							|  |  |  | 					actions.SetFields("getMetadata", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 						return func(goja.FunctionCall) goja.Value { | 
					
						
							|  |  |  | 							metadata, err := l.query.SearchOrgMetadata( | 
					
						
							|  |  |  | 								ctx, | 
					
						
							|  |  |  | 								true, | 
					
						
							|  |  |  | 								resourceOwner, | 
					
						
							|  |  |  | 								&query.OrgMetadataSearchQueries{}, | 
					
						
							|  |  |  | 								false, | 
					
						
							|  |  |  | 							) | 
					
						
							|  |  |  | 							if err != nil { | 
					
						
							|  |  |  | 								logging.WithError(err).Info("unable to get org metadata in action") | 
					
						
							|  |  |  | 								panic(err) | 
					
						
							|  |  |  | 							} | 
					
						
							|  |  |  | 							return object.OrgMetadataListFromQuery(c, metadata) | 
					
						
							|  |  |  | 						} | 
					
						
							|  |  |  | 					}), | 
					
						
							|  |  |  | 				), | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 			), | 
					
						
							|  |  |  | 		) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		ctxFields := actions.SetContextFields(ctxFieldOptions...) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		err = actions.Run( | 
					
						
							|  |  |  | 			actionCtx, | 
					
						
							|  |  |  | 			ctxFields, | 
					
						
							|  |  |  | 			apiFields, | 
					
						
							|  |  |  | 			a.Script, | 
					
						
							|  |  |  | 			a.Name, | 
					
						
							| 
									
										
										
										
											2023-10-13 07:31:23 +00:00
										 |  |  | 			append(actions.ActionToOptions(a), actions.WithHTTP(actionCtx), actions.WithUUID(actionCtx))..., | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		) | 
					
						
							|  |  |  | 		cancel() | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 		if err != nil { | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 			return nil, false, err | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	user.Metadatas = object.MetadataListToDomain(metadataList) | 
					
						
							| 
									
										
										
										
											2023-03-28 14:53:21 +02:00
										 |  |  | 	return user, userChanged, err | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | type authMethod string | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | const ( | 
					
						
							|  |  |  | 	authMethodPassword     authMethod = "password" | 
					
						
							|  |  |  | 	authMethodOTP          authMethod = "OTP" | 
					
						
							| 
									
										
										
										
											2023-08-15 14:47:05 +02:00
										 |  |  | 	authMethodOTPSMS       authMethod = "OTP SMS" | 
					
						
							|  |  |  | 	authMethodOTPEmail     authMethod = "OTP Email" | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	authMethodU2F          authMethod = "U2F" | 
					
						
							|  |  |  | 	authMethodPasswordless authMethod = "passwordless" | 
					
						
							|  |  |  | ) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | func (l *Login) runPostInternalAuthenticationActions( | 
					
						
							|  |  |  | 	authRequest *domain.AuthRequest, | 
					
						
							|  |  |  | 	httpRequest *http.Request, | 
					
						
							|  |  |  | 	authMethod authMethod, | 
					
						
							|  |  |  | 	authenticationError error, | 
					
						
							|  |  |  | ) ([]*domain.Metadata, error) { | 
					
						
							|  |  |  | 	ctx := httpRequest.Context() | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	resourceOwner := authRequest.RequestedOrgID | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	if resourceOwner == "" { | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 		resourceOwner = authRequest.UserOrgID | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	triggerActions, err := l.query.GetActiveActionsByFlowAndTriggerType(ctx, domain.FlowTypeInternalAuthentication, domain.TriggerTypePostAuthentication, resourceOwner) | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	if err != nil { | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 		return nil, err | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	metadataList := object.MetadataListFromDomain(nil) | 
					
						
							|  |  |  | 	apiFields := actions.WithAPIFields( | 
					
						
							| 
									
										
										
										
											2023-03-23 14:28:53 +01:00
										 |  |  | 		actions.SetFields("metadata", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 			return metadataList.MetadataListFromDomain(c.Runtime) | 
					
						
							|  |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actions.SetFields("v1", | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 			actions.SetFields("user", | 
					
						
							|  |  |  | 				actions.SetFields("appendMetadata", metadataList.AppendMetadataFunc), | 
					
						
							|  |  |  | 			), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		), | 
					
						
							|  |  |  | 	) | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	for _, a := range triggerActions { | 
					
						
							|  |  |  | 		actionCtx, cancel := context.WithTimeout(ctx, a.Timeout()) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		authErrStr := "none" | 
					
						
							|  |  |  | 		if authenticationError != nil { | 
					
						
							|  |  |  | 			authErrStr = authenticationError.Error() | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 		ctxFields := actions.SetContextFields( | 
					
						
							|  |  |  | 			actions.SetFields("v1", | 
					
						
							|  |  |  | 				actions.SetFields("authMethod", authMethod), | 
					
						
							|  |  |  | 				actions.SetFields("authError", authErrStr), | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 				actions.SetFields("authRequest", object.AuthRequestField(authRequest)), | 
					
						
							|  |  |  | 				actions.SetFields("httpRequest", object.HTTPRequestField(httpRequest)), | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 			), | 
					
						
							|  |  |  | 		) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		err = actions.Run( | 
					
						
							|  |  |  | 			actionCtx, | 
					
						
							|  |  |  | 			ctxFields, | 
					
						
							|  |  |  | 			apiFields, | 
					
						
							|  |  |  | 			a.Script, | 
					
						
							|  |  |  | 			a.Name, | 
					
						
							| 
									
										
										
										
											2023-10-13 07:31:23 +00:00
										 |  |  | 			append(actions.ActionToOptions(a), actions.WithHTTP(actionCtx), actions.WithUUID(actionCtx))..., | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 		) | 
					
						
							|  |  |  | 		cancel() | 
					
						
							|  |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return object.MetadataListToDomain(metadataList), err | 
					
						
							|  |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | func (l *Login) runPreCreationActions( | 
					
						
							|  |  |  | 	authRequest *domain.AuthRequest, | 
					
						
							|  |  |  | 	httpRequest *http.Request, | 
					
						
							|  |  |  | 	user *domain.Human, | 
					
						
							|  |  |  | 	metadata []*domain.Metadata, | 
					
						
							|  |  |  | 	resourceOwner string, | 
					
						
							|  |  |  | 	flowType domain.FlowType, | 
					
						
							|  |  |  | ) (*domain.Human, []*domain.Metadata, error) { | 
					
						
							|  |  |  | 	ctx := httpRequest.Context() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	triggerActions, err := l.query.GetActiveActionsByFlowAndTriggerType(ctx, flowType, domain.TriggerTypePreCreation, resourceOwner) | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 	metadataList := object.MetadataListFromDomain(metadata) | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 	apiFields := actions.WithAPIFields( | 
					
						
							|  |  |  | 		actions.SetFields("setFirstName", func(firstName string) { | 
					
						
							|  |  |  | 			user.FirstName = firstName | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setLastName", func(lastName string) { | 
					
						
							|  |  |  | 			user.LastName = lastName | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setNickName", func(nickName string) { | 
					
						
							|  |  |  | 			user.NickName = nickName | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setDisplayName", func(displayName string) { | 
					
						
							|  |  |  | 			user.DisplayName = displayName | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setPreferredLanguage", func(preferredLanguage string) { | 
					
						
							|  |  |  | 			user.PreferredLanguage = language.Make(preferredLanguage) | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setGender", func(gender domain.Gender) { | 
					
						
							|  |  |  | 			user.Gender = gender | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setUsername", func(username string) { | 
					
						
							|  |  |  | 			user.Username = username | 
					
						
							|  |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 		actions.SetFields("setEmail", func(email domain.EmailAddress) { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			if user.Email == nil { | 
					
						
							|  |  |  | 				user.Email = &domain.Email{} | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			user.Email.EmailAddress = email | 
					
						
							|  |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setEmailVerified", func(verified bool) { | 
					
						
							|  |  |  | 			if user.Email == nil { | 
					
						
							|  |  |  | 				return | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			user.Email.IsEmailVerified = verified | 
					
						
							|  |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 		actions.SetFields("setPhone", func(phone domain.PhoneNumber) { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			if user.Phone == nil { | 
					
						
							|  |  |  | 				user.Phone = &domain.Phone{} | 
					
						
							|  |  |  | 			} | 
					
						
							| 
									
										
										
										
											2023-03-14 20:20:38 +01:00
										 |  |  | 			user.Phone.PhoneNumber = phone | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		}), | 
					
						
							|  |  |  | 		actions.SetFields("setPhoneVerified", func(verified bool) { | 
					
						
							|  |  |  | 			if user.Phone == nil { | 
					
						
							|  |  |  | 				return | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			user.Phone.IsPhoneVerified = verified | 
					
						
							|  |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2023-03-23 14:28:53 +01:00
										 |  |  | 		actions.SetFields("metadata", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 			return metadataList.MetadataListFromDomain(c.Runtime) | 
					
						
							|  |  |  | 		}), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actions.SetFields("v1", | 
					
						
							|  |  |  | 			actions.SetFields("user", | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 				actions.SetFields("appendMetadata", metadataList.AppendMetadataFunc), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			), | 
					
						
							|  |  |  | 		), | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	for _, a := range triggerActions { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actionCtx, cancel := context.WithTimeout(ctx, a.Timeout()) | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 
 | 
					
						
							|  |  |  | 		ctxOpts := actions.SetContextFields( | 
					
						
							|  |  |  | 			actions.SetFields("v1", | 
					
						
							|  |  |  | 				actions.SetFields("user", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 					return object.UserFromHuman(c, user) | 
					
						
							|  |  |  | 				}), | 
					
						
							|  |  |  | 				actions.SetFields("authRequest", object.AuthRequestField(authRequest)), | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 				actions.SetFields("httpRequest", object.HTTPRequestField(httpRequest)), | 
					
						
							| 
									
										
										
										
											2024-03-19 07:34:38 +01:00
										 |  |  | 				actions.SetFields("org", | 
					
						
							|  |  |  | 					actions.SetFields("getMetadata", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 						return func(goja.FunctionCall) goja.Value { | 
					
						
							|  |  |  | 							metadata, err := l.query.SearchOrgMetadata( | 
					
						
							|  |  |  | 								ctx, | 
					
						
							|  |  |  | 								true, | 
					
						
							|  |  |  | 								resourceOwner, | 
					
						
							|  |  |  | 								&query.OrgMetadataSearchQueries{}, | 
					
						
							|  |  |  | 								false, | 
					
						
							|  |  |  | 							) | 
					
						
							|  |  |  | 							if err != nil { | 
					
						
							|  |  |  | 								logging.WithError(err).Info("unable to get org metadata in action") | 
					
						
							|  |  |  | 								panic(err) | 
					
						
							|  |  |  | 							} | 
					
						
							|  |  |  | 							return object.OrgMetadataListFromQuery(c, metadata) | 
					
						
							|  |  |  | 						} | 
					
						
							|  |  |  | 					}), | 
					
						
							|  |  |  | 				), | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 			), | 
					
						
							|  |  |  | 		) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		err = actions.Run( | 
					
						
							|  |  |  | 			actionCtx, | 
					
						
							|  |  |  | 			ctxOpts, | 
					
						
							|  |  |  | 			apiFields, | 
					
						
							|  |  |  | 			a.Script, | 
					
						
							|  |  |  | 			a.Name, | 
					
						
							| 
									
										
										
										
											2023-10-13 07:31:23 +00:00
										 |  |  | 			append(actions.ActionToOptions(a), actions.WithHTTP(actionCtx), actions.WithUUID(actionCtx))..., | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		) | 
					
						
							|  |  |  | 		cancel() | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	return user, object.MetadataListToDomain(metadataList), err | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | func (l *Login) runPostCreationActions( | 
					
						
							|  |  |  | 	userID string, | 
					
						
							|  |  |  | 	authRequest *domain.AuthRequest, | 
					
						
							|  |  |  | 	httpRequest *http.Request, | 
					
						
							|  |  |  | 	resourceOwner string, | 
					
						
							|  |  |  | 	flowType domain.FlowType, | 
					
						
							|  |  |  | ) ([]*domain.UserGrant, error) { | 
					
						
							|  |  |  | 	ctx := httpRequest.Context() | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-11-20 16:21:08 +01:00
										 |  |  | 	triggerActions, err := l.query.GetActiveActionsByFlowAndTriggerType(ctx, flowType, domain.TriggerTypePostCreation, resourceOwner) | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return nil, err | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	mutableUserGrants := &object.UserGrants{UserGrants: make([]object.UserGrant, 0)} | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | 	apiFields := actions.WithAPIFields( | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 		actions.SetFields("userGrants", &mutableUserGrants.UserGrants), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actions.SetFields("v1", | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 			actions.SetFields("appendUserGrant", object.AppendGrantFunc(mutableUserGrants)), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		), | 
					
						
							|  |  |  | 	) | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	for _, a := range triggerActions { | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		actionCtx, cancel := context.WithTimeout(ctx, a.Timeout()) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		ctxFields := actions.SetContextFields( | 
					
						
							|  |  |  | 			actions.SetFields("v1", | 
					
						
							|  |  |  | 				actions.SetFields("getUser", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 					return func(call goja.FunctionCall) goja.Value { | 
					
						
							| 
									
										
										
										
											2023-11-21 14:11:38 +02:00
										 |  |  | 						user, err := l.query.GetUserByID(actionCtx, true, userID) | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 						if err != nil { | 
					
						
							|  |  |  | 							panic(err) | 
					
						
							|  |  |  | 						} | 
					
						
							|  |  |  | 						return object.UserFromQuery(c, user) | 
					
						
							|  |  |  | 					} | 
					
						
							|  |  |  | 				}), | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 				actions.SetFields("authRequest", object.AuthRequestField(authRequest)), | 
					
						
							| 
									
										
										
										
											2023-01-26 11:40:49 +01:00
										 |  |  | 				actions.SetFields("httpRequest", object.HTTPRequestField(httpRequest)), | 
					
						
							| 
									
										
										
										
											2024-03-19 07:34:38 +01:00
										 |  |  | 				actions.SetFields("org", | 
					
						
							|  |  |  | 					actions.SetFields("getMetadata", func(c *actions.FieldConfig) interface{} { | 
					
						
							|  |  |  | 						return func(goja.FunctionCall) goja.Value { | 
					
						
							|  |  |  | 							metadata, err := l.query.SearchOrgMetadata( | 
					
						
							|  |  |  | 								ctx, | 
					
						
							|  |  |  | 								true, | 
					
						
							|  |  |  | 								resourceOwner, | 
					
						
							|  |  |  | 								&query.OrgMetadataSearchQueries{}, | 
					
						
							|  |  |  | 								false, | 
					
						
							|  |  |  | 							) | 
					
						
							|  |  |  | 							if err != nil { | 
					
						
							|  |  |  | 								logging.WithError(err).Info("unable to get org metadata in action") | 
					
						
							|  |  |  | 								panic(err) | 
					
						
							|  |  |  | 							} | 
					
						
							|  |  |  | 							return object.OrgMetadataListFromQuery(c, metadata) | 
					
						
							|  |  |  | 						} | 
					
						
							|  |  |  | 					}), | 
					
						
							|  |  |  | 				), | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 			), | 
					
						
							|  |  |  | 		) | 
					
						
							|  |  |  | 
 | 
					
						
							|  |  |  | 		err = actions.Run( | 
					
						
							|  |  |  | 			actionCtx, | 
					
						
							|  |  |  | 			ctxFields, | 
					
						
							|  |  |  | 			apiFields, | 
					
						
							|  |  |  | 			a.Script, | 
					
						
							|  |  |  | 			a.Name, | 
					
						
							| 
									
										
										
										
											2023-10-13 07:31:23 +00:00
										 |  |  | 			append(actions.ActionToOptions(a), actions.WithHTTP(actionCtx), actions.WithUUID(actionCtx))..., | 
					
						
							| 
									
										
										
										
											2022-10-06 14:23:59 +02:00
										 |  |  | 		) | 
					
						
							|  |  |  | 		cancel() | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 		if err != nil { | 
					
						
							|  |  |  | 			return nil, err | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 	return object.UserGrantsToDomain(userID, mutableUserGrants.UserGrants), err | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | } | 
					
						
							|  |  |  | 
 | 
					
						
							| 
									
										
										
										
											2023-03-28 14:28:56 +03:00
										 |  |  | func tokenCtxFields(tokens *oidc.Tokens[*oidc.IDTokenClaims]) []actions.FieldOption { | 
					
						
							| 
									
										
										
										
											2023-03-03 11:38:49 +01:00
										 |  |  | 	var accessToken, idToken string | 
					
						
							|  |  |  | 	getClaim := func(claim string) interface{} { | 
					
						
							|  |  |  | 		return nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	claimsJSON := func() (string, error) { | 
					
						
							|  |  |  | 		return "", nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if tokens == nil { | 
					
						
							|  |  |  | 		return []actions.FieldOption{ | 
					
						
							|  |  |  | 			actions.SetFields("accessToken", accessToken), | 
					
						
							|  |  |  | 			actions.SetFields("idToken", idToken), | 
					
						
							|  |  |  | 			actions.SetFields("getClaim", getClaim), | 
					
						
							|  |  |  | 			actions.SetFields("claimsJSON", claimsJSON), | 
					
						
							|  |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	accessToken = tokens.AccessToken | 
					
						
							|  |  |  | 	idToken = tokens.IDToken | 
					
						
							|  |  |  | 	if tokens.IDTokenClaims != nil { | 
					
						
							|  |  |  | 		getClaim = func(claim string) interface{} { | 
					
						
							| 
									
										
										
										
											2023-03-28 14:28:56 +03:00
										 |  |  | 			return tokens.IDTokenClaims.Claims[claim] | 
					
						
							| 
									
										
										
										
											2023-03-03 11:38:49 +01:00
										 |  |  | 		} | 
					
						
							|  |  |  | 		claimsJSON = func() (string, error) { | 
					
						
							| 
									
										
										
										
											2023-01-25 14:08:01 +01:00
										 |  |  | 			c, err := json.Marshal(tokens.IDTokenClaims) | 
					
						
							|  |  |  | 			if err != nil { | 
					
						
							|  |  |  | 				return "", err | 
					
						
							|  |  |  | 			} | 
					
						
							|  |  |  | 			return string(c), nil | 
					
						
							| 
									
										
										
										
											2023-03-03 11:38:49 +01:00
										 |  |  | 		} | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return []actions.FieldOption{ | 
					
						
							|  |  |  | 		actions.SetFields("accessToken", accessToken), | 
					
						
							|  |  |  | 		actions.SetFields("idToken", idToken), | 
					
						
							|  |  |  | 		actions.SetFields("getClaim", getClaim), | 
					
						
							|  |  |  | 		actions.SetFields("claimsJSON", claimsJSON), | 
					
						
							| 
									
										
										
										
											2021-09-27 13:43:49 +02:00
										 |  |  | 	} | 
					
						
							|  |  |  | } | 
					
						
							| 
									
										
										
										
											2023-05-02 18:03:33 +02:00
										 |  |  | 
 | 
					
						
							|  |  |  | func (l *Login) resourceOwnerOfUserIDPLink(ctx context.Context, idpConfigID string, externalUserID string) (string, error) { | 
					
						
							|  |  |  | 	idQuery, err := query.NewIDPUserLinkIDPIDSearchQuery(idpConfigID) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return "", err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	externalIDQuery, err := query.NewIDPUserLinksExternalIDSearchQuery(externalUserID) | 
					
						
							|  |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return "", err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	queries := []query.SearchQuery{ | 
					
						
							|  |  |  | 		idQuery, externalIDQuery, | 
					
						
							|  |  |  | 	} | 
					
						
							| 
									
										
										
										
											2024-08-23 08:44:18 +02:00
										 |  |  | 	links, err := l.query.IDPUserLinks(ctx, &query.IDPUserLinksSearchQuery{Queries: queries}, nil) | 
					
						
							| 
									
										
										
										
											2023-05-02 18:03:33 +02:00
										 |  |  | 	if err != nil { | 
					
						
							|  |  |  | 		return "", err | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	if len(links.Links) != 1 { | 
					
						
							|  |  |  | 		return "", nil | 
					
						
							|  |  |  | 	} | 
					
						
							|  |  |  | 	return links.Links[0].ResourceOwner, nil | 
					
						
							|  |  |  | } |