feat: user v2alpha email API (#5708)

* chore(proto): update versions * change protoc plugin * some cleanups * define api for setting emails in new api * implement user.SetEmail * move SetEmail buisiness logic into command * resuse newCryptoCode * command: add ChangeEmail unit tests Not complete, was not able to mock the generator. * Revert "resuse newCryptoCode" This reverts commit c89e90ae35. * undo change to crypto code generators * command: use a generator so we can test properly * command: reorganise ChangeEmail improve test coverage * implement VerifyEmail including unit tests * add URL template tests * proto: change context to object * remove old auth option * remove old auth option * fix linting errors run gci on modified files * add permission checks and fix some errors * comments * comments --------- Co-authored-by: Livio Spring <livio.a@gmail.com> Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2025-08-11 21:17:32 +00:00 · 2023-04-25 09:02:29 +02:00
parent 2a79e77c7b
commit 095ec21678
58 changed files with 3589 additions and 399 deletions
--- a/internal/domain/human_email.go
+++ b/internal/domain/human_email.go
@@ -1,12 +1,15 @@
 package domain

 import (
+	"io"
 	"regexp"
 	"strings"
+	"text/template"
 	"time"

 	"github.com/zitadel/zitadel/internal/crypto"
 	"github.com/zitadel/zitadel/internal/errors"
+	caos_errs "github.com/zitadel/zitadel/internal/errors"
 	es_models "github.com/zitadel/zitadel/internal/eventstore/v1/models"
 )

@@ -35,6 +38,8 @@ type Email struct {

 	EmailAddress    EmailAddress
 	IsEmailVerified bool
+	// PlainCode is set by the command and can be used to return it to the caller (API)
+	PlainCode *string
 }

 type EmailCode struct {
@@ -51,13 +56,36 @@ func (e *Email) Validate() error {
 	return e.EmailAddress.Validate()
 }

-func NewEmailCode(emailGenerator crypto.Generator) (*EmailCode, error) {
-	emailCodeCrypto, _, err := crypto.NewCode(emailGenerator)
+func NewEmailCode(emailGenerator crypto.Generator) (*EmailCode, string, error) {
+	emailCodeCrypto, code, err := crypto.NewCode(emailGenerator)
 	if err != nil {
-		return nil, err
+		return nil, "", err
 	}
 	return &EmailCode{
 		Code:   emailCodeCrypto,
 		Expiry: emailGenerator.Expiry(),
-	}, nil
+	}, code, nil
+}
+
+type ConfirmURLData struct {
+	UserID string
+	Code   string
+	OrgID  string
+}
+
+// RenderConfirmURLTemplate parses and renders tmplStr.
+// userID, code and orgID are passed into the [ConfirmURLData].
+// "%s%s?userID=%s&code=%s&orgID=%s"
+func RenderConfirmURLTemplate(w io.Writer, tmplStr, userID, code, orgID string) error {
+	tmpl, err := template.New("").Parse(tmplStr)
+	if err != nil {
+		return caos_errs.ThrowInvalidArgument(err, "USERv2-ooD8p", "Errors.User.Email.InvalidURLTemplate")
+	}
+
+	data := &ConfirmURLData{userID, code, orgID}
+	if err = tmpl.Execute(w, data); err != nil {
+		return caos_errs.ThrowInvalidArgument(err, "USERv2-ohSi5", "Errors.User.Email.InvalidURLTemplate")
+	}
+
+	return nil
 }