zitadel/internal/api/ui/login/login_success_handler.go

package login

import (
	"context"
	"net/http"

	"github.com/zitadel/zitadel/internal/domain"
	"github.com/zitadel/zitadel/internal/zerrors"
)

const (
	tmplLoginSuccess = "login_success"
)

type loginSuccessData struct {
	userData
	RedirectURI string `schema:"redirect-uri"`
}

func (l *Login) redirectToLoginSuccess(w http.ResponseWriter, r *http.Request, id string) {
	http.Redirect(w, r, l.renderer.pathPrefix+EndpointLoginSuccess+"?authRequestID="+id, http.StatusFound)
}

func (l *Login) handleLoginSuccess(w http.ResponseWriter, r *http.Request) {
	authRequest, _ := l.getAuthRequest(r)
	if authRequest == nil {
		l.renderSuccessAndCallback(w, r, nil, nil)
		return
	}
	for _, step := range authRequest.PossibleSteps {
		if step.Type() != domain.NextStepLoginSucceeded && step.Type() != domain.NextStepRedirectToCallback {
			l.renderNextStep(w, r, authRequest)
			return
		}
	}
	l.renderSuccessAndCallback(w, r, authRequest, nil)
}

func (l *Login) renderSuccessAndCallback(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest, err error) {
	var errID, errMessage string
	if err != nil {
		errID, errMessage = l.getErrorMessage(r, err)
	}
	translator := l.getTranslator(r.Context(), authReq)
	data := loginSuccessData{
		userData: l.getUserData(r, authReq, translator, "LoginSuccess.Title", "", errID, errMessage),
	}
	if authReq != nil {
		data.RedirectURI, err = l.authRequestCallback(r.Context(), authReq)
		if err != nil {
			l.renderInternalError(w, r, authReq, err)
			return
		}
	}
	l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplLoginSuccess], data, nil)
}

func (l *Login) redirectToCallback(w http.ResponseWriter, r *http.Request, authReq *domain.AuthRequest) {
	callback, err := l.authRequestCallback(r.Context(), authReq)
	if err != nil {
		l.renderInternalError(w, r, authReq, err)
		return
	}
	http.Redirect(w, r, callback, http.StatusFound)
}

func (l *Login) authRequestCallback(ctx context.Context, authReq *domain.AuthRequest) (string, error) {
	switch authReq.Request.(type) {
	case *domain.AuthRequestOIDC:
		return l.oidcAuthCallbackURL(ctx, authReq.ID), nil
	case *domain.AuthRequestSAML:
		return l.samlAuthCallbackURL(ctx, authReq.ID), nil
	case *domain.AuthRequestDevice:
		return l.deviceAuthCallbackURL(authReq.ID), nil
	default:
		return "", zerrors.ThrowInternal(nil, "LOGIN-rhjQF", "Errors.AuthRequest.RequestTypeNotSupported")
	}
}
feat: run on a single port (#3163) * start v2 * start * run * some cleanup * remove v2 pkg again * simplify * webauthn * remove unused config * fix login path in Dockerfile * fix asset_generator.go * health handler * fix grpc web * refactor * merge * build new main.go * run new main.go * update logging pkg * fix error msg * update logging * cleanup * cleanup * go mod tidy * change localDevMode * fix customEndpoints * update logging * comments * change local flag to external configs * fix location generated go code * fix Co-authored-by: fforootd <florian@caos.ch> 2022-02-14 17:22:30 +01:00			`package login`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00
			`import (`
feat: allow skip of success page for native apps (#5627) add possibility to return to callback directly after login without rendering the successful login page 2023-04-11 17:07:32 +02:00			`"context"`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`"net/http"`

chore(v2): move to new org (#3499) * chore: move to new org * logging * fix: org rename caos -> zitadel Co-authored-by: adlerhurst <silvan.reusser@gmail.com> 2022-04-27 01:01:45 +02:00			`"github.com/zitadel/zitadel/internal/domain"`
refactor: rename package errors to zerrors (#7039) * chore: rename package errors to zerrors * rename package errors to gerrors * fix error related linting issues * fix zitadel error assertion * fix gosimple linting issues * fix deprecated linting issues * resolve gci linting issues * fix import structure --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2023-12-08 16:30:55 +02:00			`"github.com/zitadel/zitadel/internal/zerrors"`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`)`

			`const (`
			`tmplLoginSuccess = "login_success"`
			`)`

			`type loginSuccessData struct {`
			`userData`
			RedirectURI string `schema:"redirect-uri"`
			`}`

			`func (l Login) redirectToLoginSuccess(w http.ResponseWriter, r http.Request, id string) {`
			`http.Redirect(w, r, l.renderer.pathPrefix+EndpointLoginSuccess+"?authRequestID="+id, http.StatusFound)`
			`}`

			`func (l Login) handleLoginSuccess(w http.ResponseWriter, r http.Request) {`
			`authRequest, _ := l.getAuthRequest(r)`
feat: display login succeeded page only for native apps (#2839) 2021-12-14 09:47:49 +01:00			`if authRequest == nil {`
			`l.renderSuccessAndCallback(w, r, nil, nil)`
fix: panics (#2993) * add missing return Signed-off-by: Livio Amstutz <livio.a@gmail.com> * add nil pointer check Signed-off-by: Livio Amstutz <livio.a@gmail.com> 2022-01-12 15:31:11 +01:00			`return`
feat: display login succeeded page only for native apps (#2839) 2021-12-14 09:47:49 +01:00			`}`
			`for _, step := range authRequest.PossibleSteps {`
			`if step.Type() != domain.NextStepLoginSucceeded && step.Type() != domain.NextStepRedirectToCallback {`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`l.renderNextStep(w, r, authRequest)`
			`return`
			`}`
			`}`
			`l.renderSuccessAndCallback(w, r, authRequest, nil)`
			`}`

			`func (l Login) renderSuccessAndCallback(w http.ResponseWriter, r http.Request, authReq *domain.AuthRequest, err error) {`
fix: err id as title (shown on hover) (#1895) 2021-06-18 10:31:53 +02:00			`var errID, errMessage string`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`if err != nil {`
fix: err id as title (shown on hover) (#1895) 2021-06-18 10:31:53 +02:00			`errID, errMessage = l.getErrorMessage(r, err)`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`}`
feat: restrict languages (#6931) * feat: return 404 or 409 if org reg disallowed * fix: system limit permissions * feat: add iam limits api * feat: disallow public org registrations on default instance * add integration test * test: integration * fix test * docs: describe public org registrations * avoid updating docs deps * fix system limits integration test * silence integration tests * fix linting * ignore strange linter complaints * review * improve reset properties naming * redefine the api * use restrictions aggregate * test query * simplify and test projection * test commands * fix unit tests * move integration test * support restrictions on default instance * also test GetRestrictions * self review * lint * abstract away resource owner * fix tests * configure supported languages * fix allowed languages * fix tests * default lang must not be restricted * preferred language must be allowed * change preferred languages * check languages everywhere * lint * test command side * lint * add integration test * add integration test * restrict supported ui locales * lint * lint * cleanup * lint * allow undefined preferred language * fix integration tests * update main * fix env var * ignore linter * ignore linter * improve integration test config * reduce cognitive complexity * compile * check for duplicates * remove useless restriction checks * review * revert restriction renaming * fix language restrictions * lint * generate * allow custom texts for supported langs for now * fix tests * cleanup * cleanup * cleanup * lint * unsupported preferred lang is allowed * fix integration test * finish reverting to old property name * finish reverting to old property name * load languages * refactor(i18n): centralize translators and fs * lint * amplify no validations on preferred languages * fix integration test * lint * fix resetting allowed languages * test unchanged restrictions 2023-12-05 12:12:01 +01:00			`translator := l.getTranslator(r.Context(), authReq)`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`data := loginSuccessData{`
feat: restrict languages (#6931) * feat: return 404 or 409 if org reg disallowed * fix: system limit permissions * feat: add iam limits api * feat: disallow public org registrations on default instance * add integration test * test: integration * fix test * docs: describe public org registrations * avoid updating docs deps * fix system limits integration test * silence integration tests * fix linting * ignore strange linter complaints * review * improve reset properties naming * redefine the api * use restrictions aggregate * test query * simplify and test projection * test commands * fix unit tests * move integration test * support restrictions on default instance * also test GetRestrictions * self review * lint * abstract away resource owner * fix tests * configure supported languages * fix allowed languages * fix tests * default lang must not be restricted * preferred language must be allowed * change preferred languages * check languages everywhere * lint * test command side * lint * add integration test * add integration test * restrict supported ui locales * lint * lint * cleanup * lint * allow undefined preferred language * fix integration tests * update main * fix env var * ignore linter * ignore linter * improve integration test config * reduce cognitive complexity * compile * check for duplicates * remove useless restriction checks * review * revert restriction renaming * fix language restrictions * lint * generate * allow custom texts for supported langs for now * fix tests * cleanup * cleanup * cleanup * lint * unsupported preferred lang is allowed * fix integration test * finish reverting to old property name * finish reverting to old property name * load languages * refactor(i18n): centralize translators and fs * lint * amplify no validations on preferred languages * fix integration test * lint * fix resetting allowed languages * test unchanged restrictions 2023-12-05 12:12:01 +01:00			`userData: l.getUserData(r, authReq, translator, "LoginSuccess.Title", "", errID, errMessage),`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`}`
			`if authReq != nil {`
feat: allow skip of success page for native apps (#5627) add possibility to return to callback directly after login without rendering the successful login page 2023-04-11 17:07:32 +02:00			`data.RedirectURI, err = l.authRequestCallback(r.Context(), authReq)`
			`if err != nil {`
			`l.renderInternalError(w, r, authReq, err)`
			`return`
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 17:18:08 +01:00			`}`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`}`
feat: restrict languages (#6931) * feat: return 404 or 409 if org reg disallowed * fix: system limit permissions * feat: add iam limits api * feat: disallow public org registrations on default instance * add integration test * test: integration * fix test * docs: describe public org registrations * avoid updating docs deps * fix system limits integration test * silence integration tests * fix linting * ignore strange linter complaints * review * improve reset properties naming * redefine the api * use restrictions aggregate * test query * simplify and test projection * test commands * fix unit tests * move integration test * support restrictions on default instance * also test GetRestrictions * self review * lint * abstract away resource owner * fix tests * configure supported languages * fix allowed languages * fix tests * default lang must not be restricted * preferred language must be allowed * change preferred languages * check languages everywhere * lint * test command side * lint * add integration test * add integration test * restrict supported ui locales * lint * lint * cleanup * lint * allow undefined preferred language * fix integration tests * update main * fix env var * ignore linter * ignore linter * improve integration test config * reduce cognitive complexity * compile * check for duplicates * remove useless restriction checks * review * revert restriction renaming * fix language restrictions * lint * generate * allow custom texts for supported langs for now * fix tests * cleanup * cleanup * cleanup * lint * unsupported preferred lang is allowed * fix integration test * finish reverting to old property name * finish reverting to old property name * load languages * refactor(i18n): centralize translators and fs * lint * amplify no validations on preferred languages * fix integration test * lint * fix resetting allowed languages * test unchanged restrictions 2023-12-05 12:12:01 +01:00			`l.renderer.RenderTemplate(w, r, translator, l.renderer.Templates[tmplLoginSuccess], data, nil)`
feat: login success page (#1849) * feat: login success page * fix: script import on mfa verify 2021-06-10 14:18:07 +02:00			`}`
feat: display login succeeded page only for native apps (#2839) 2021-12-14 09:47:49 +01:00
			`func (l Login) redirectToCallback(w http.ResponseWriter, r http.Request, authReq *domain.AuthRequest) {`
feat: allow skip of success page for native apps (#5627) add possibility to return to callback directly after login without rendering the successful login page 2023-04-11 17:07:32 +02:00			`callback, err := l.authRequestCallback(r.Context(), authReq)`
			`if err != nil {`
			`l.renderInternalError(w, r, authReq, err)`
			`return`
			`}`
			`http.Redirect(w, r, callback, http.StatusFound)`
			`}`

			`func (l Login) authRequestCallback(ctx context.Context, authReq domain.AuthRequest) (string, error) {`
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 17:18:08 +01:00			`switch authReq.Request.(type) {`
			`case *domain.AuthRequestOIDC:`
feat: allow skip of success page for native apps (#5627) add possibility to return to callback directly after login without rendering the successful login page 2023-04-11 17:07:32 +02:00			`return l.oidcAuthCallbackURL(ctx, authReq.ID), nil`
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 17:18:08 +01:00			`case *domain.AuthRequestSAML:`
feat: allow skip of success page for native apps (#5627) add possibility to return to callback directly after login without rendering the successful login page 2023-04-11 17:07:32 +02:00			`return l.samlAuthCallbackURL(ctx, authReq.ID), nil`
feat: device authorization RFC 8628 (#5646) * device auth: implement the write events * add grant type device code * fix(init): check if default value implements stringer --------- Co-authored-by: adlerhurst <silvan.reusser@gmail.com> 2023-04-19 11:46:02 +03:00			`case *domain.AuthRequestDevice:`
			`return l.deviceAuthCallbackURL(authReq.ID), nil`
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 17:18:08 +01:00			`default:`
refactor: rename package errors to zerrors (#7039) * chore: rename package errors to zerrors * rename package errors to gerrors * fix error related linting issues * fix zitadel error assertion * fix gosimple linting issues * fix deprecated linting issues * resolve gci linting issues * fix import structure --------- Co-authored-by: Elio Bischof <elio@zitadel.com> 2023-12-08 16:30:55 +02:00			`return "", zerrors.ThrowInternal(nil, "LOGIN-rhjQF", "Errors.AuthRequest.RequestTypeNotSupported")`
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 17:18:08 +01:00			`}`
feat: display login succeeded page only for native apps (#2839) 2021-12-14 09:47:49 +01:00			`}`