2023-01-31 20:52:47 +01:00
|
|
|
package user
|
|
|
|
|
|
|
|
import (
|
|
|
|
"context"
|
|
|
|
|
|
|
|
"github.com/zitadel/zitadel/internal/crypto"
|
|
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
2023-12-08 16:30:55 +02:00
|
|
|
"github.com/zitadel/zitadel/internal/zerrors"
|
2023-01-31 20:52:47 +01:00
|
|
|
)
|
|
|
|
|
|
|
|
const (
|
|
|
|
machineSecretPrefix = machineEventPrefix + "secret."
|
|
|
|
MachineSecretSetType = machineSecretPrefix + "set"
|
2024-04-05 12:35:49 +03:00
|
|
|
MachineSecretHashUpdatedType = machineSecretPrefix + "updated"
|
2023-01-31 20:52:47 +01:00
|
|
|
MachineSecretRemovedType = machineSecretPrefix + "removed"
|
|
|
|
MachineSecretCheckSucceededType = machineSecretPrefix + "check.succeeded"
|
|
|
|
MachineSecretCheckFailedType = machineSecretPrefix + "check.failed"
|
|
|
|
)
|
|
|
|
|
|
|
|
type MachineSecretSetEvent struct {
|
|
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
|
2024-04-05 12:35:49 +03:00
|
|
|
// New events only use EncodedHash. However, the ClientSecret field
|
|
|
|
// is preserved to handle events older than the switch to Passwap.
|
2023-01-31 20:52:47 +01:00
|
|
|
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
|
2024-04-05 12:35:49 +03:00
|
|
|
HashedSecret string `json:"hashedSecret,omitempty"`
|
2023-01-31 20:52:47 +01:00
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretSetEvent) Payload() interface{} {
|
2023-01-31 20:52:47 +01:00
|
|
|
return e
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretSetEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
|
2023-01-31 20:52:47 +01:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewMachineSecretSetEvent(
|
|
|
|
ctx context.Context,
|
|
|
|
aggregate *eventstore.Aggregate,
|
2024-04-05 12:35:49 +03:00
|
|
|
hashedSecret string,
|
2023-01-31 20:52:47 +01:00
|
|
|
) *MachineSecretSetEvent {
|
|
|
|
return &MachineSecretSetEvent{
|
|
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
|
|
ctx,
|
|
|
|
aggregate,
|
|
|
|
MachineSecretSetType,
|
|
|
|
),
|
2024-04-05 12:35:49 +03:00
|
|
|
HashedSecret: hashedSecret,
|
2023-01-31 20:52:47 +01:00
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func MachineSecretSetEventMapper(event eventstore.Event) (eventstore.Event, error) {
|
2023-01-31 20:52:47 +01:00
|
|
|
credentialsSet := &MachineSecretSetEvent{
|
|
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
|
|
}
|
2023-10-19 12:19:10 +02:00
|
|
|
err := event.Unmarshal(credentialsSet)
|
2023-01-31 20:52:47 +01:00
|
|
|
if err != nil {
|
2023-12-08 16:30:55 +02:00
|
|
|
return nil, zerrors.ThrowInternal(err, "USER-lopbqu", "unable to unmarshal machine secret set")
|
2023-01-31 20:52:47 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return credentialsSet, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type MachineSecretRemovedEvent struct {
|
|
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretRemovedEvent) Payload() interface{} {
|
2023-01-31 20:52:47 +01:00
|
|
|
return e
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
|
2023-01-31 20:52:47 +01:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewMachineSecretRemovedEvent(
|
|
|
|
ctx context.Context,
|
|
|
|
aggregate *eventstore.Aggregate,
|
|
|
|
) *MachineSecretRemovedEvent {
|
|
|
|
return &MachineSecretRemovedEvent{
|
|
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
|
|
ctx,
|
|
|
|
aggregate,
|
|
|
|
MachineSecretRemovedType,
|
|
|
|
),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func MachineSecretRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
|
2023-01-31 20:52:47 +01:00
|
|
|
credentialsRemoved := &MachineSecretRemovedEvent{
|
|
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
|
|
}
|
2023-10-19 12:19:10 +02:00
|
|
|
err := event.Unmarshal(credentialsRemoved)
|
2023-01-31 20:52:47 +01:00
|
|
|
if err != nil {
|
2023-12-08 16:30:55 +02:00
|
|
|
return nil, zerrors.ThrowInternal(err, "USER-quox9j2", "unable to unmarshal machine secret removed")
|
2023-01-31 20:52:47 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return credentialsRemoved, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type MachineSecretCheckSucceededEvent struct {
|
|
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretCheckSucceededEvent) Payload() interface{} {
|
2023-01-31 20:52:47 +01:00
|
|
|
return e
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
|
2023-01-31 20:52:47 +01:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewMachineSecretCheckSucceededEvent(
|
|
|
|
ctx context.Context,
|
|
|
|
aggregate *eventstore.Aggregate,
|
|
|
|
) *MachineSecretCheckSucceededEvent {
|
|
|
|
return &MachineSecretCheckSucceededEvent{
|
|
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
|
|
ctx,
|
|
|
|
aggregate,
|
|
|
|
MachineSecretCheckSucceededType,
|
|
|
|
),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func MachineSecretCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
|
2023-01-31 20:52:47 +01:00
|
|
|
check := &MachineSecretCheckSucceededEvent{
|
|
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
|
|
}
|
2023-10-19 12:19:10 +02:00
|
|
|
err := event.Unmarshal(check)
|
2023-01-31 20:52:47 +01:00
|
|
|
if err != nil {
|
2023-12-08 16:30:55 +02:00
|
|
|
return nil, zerrors.ThrowInternal(err, "USER-x002n1p", "unable to unmarshal machine secret check succeeded")
|
2023-01-31 20:52:47 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return check, nil
|
|
|
|
}
|
|
|
|
|
|
|
|
type MachineSecretCheckFailedEvent struct {
|
|
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretCheckFailedEvent) Payload() interface{} {
|
2023-01-31 20:52:47 +01:00
|
|
|
return e
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func (e *MachineSecretCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
|
2023-01-31 20:52:47 +01:00
|
|
|
return nil
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewMachineSecretCheckFailedEvent(
|
|
|
|
ctx context.Context,
|
|
|
|
aggregate *eventstore.Aggregate,
|
|
|
|
) *MachineSecretCheckFailedEvent {
|
|
|
|
return &MachineSecretCheckFailedEvent{
|
|
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
|
|
ctx,
|
|
|
|
aggregate,
|
|
|
|
MachineSecretCheckFailedType,
|
|
|
|
),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2023-10-19 12:19:10 +02:00
|
|
|
func MachineSecretCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
|
2023-01-31 20:52:47 +01:00
|
|
|
check := &MachineSecretCheckFailedEvent{
|
|
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
|
|
}
|
2023-10-19 12:19:10 +02:00
|
|
|
err := event.Unmarshal(check)
|
2023-01-31 20:52:47 +01:00
|
|
|
if err != nil {
|
2023-12-08 16:30:55 +02:00
|
|
|
return nil, zerrors.ThrowInternal(err, "USER-x7901b1l", "unable to unmarshal machine secret check failed")
|
2023-01-31 20:52:47 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
return check, nil
|
|
|
|
}
|
2024-04-05 12:35:49 +03:00
|
|
|
|
|
|
|
type MachineSecretHashUpdatedEvent struct {
|
|
|
|
*eventstore.BaseEvent `json:"-"`
|
|
|
|
HashedSecret string `json:"hashedSecret,omitempty"`
|
|
|
|
}
|
|
|
|
|
|
|
|
func NewMachineSecretHashUpdatedEvent(
|
|
|
|
ctx context.Context,
|
|
|
|
aggregate *eventstore.Aggregate,
|
|
|
|
encoded string,
|
|
|
|
) *MachineSecretHashUpdatedEvent {
|
|
|
|
return &MachineSecretHashUpdatedEvent{
|
|
|
|
BaseEvent: eventstore.NewBaseEventForPush(
|
|
|
|
ctx,
|
|
|
|
aggregate,
|
|
|
|
MachineSecretHashUpdatedType,
|
|
|
|
),
|
|
|
|
HashedSecret: encoded,
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *MachineSecretHashUpdatedEvent) SetBaseEvent(b *eventstore.BaseEvent) {
|
|
|
|
e.BaseEvent = b
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *MachineSecretHashUpdatedEvent) Payload() interface{} {
|
|
|
|
return e
|
|
|
|
}
|
|
|
|
|
|
|
|
func (e *MachineSecretHashUpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
|
|
|
|
return nil
|
|
|
|
}
|