fix: user session with external login (#797)

* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name

internal/user/repository/eventsourcing/eventstore.go

@@ -592,6 +592,25 @@ func (es *UserEventstore) SetPassword(ctx context.Context, policy *policy_model.
 	return err
 }
 
+func (es *UserEventstore) ExternalLoginChecked(ctx context.Context, userID string, authRequest *req_model.AuthRequest) error {
+	user, err := es.UserByID(ctx, userID)
+	if err != nil {
+		return err
+	}
+	if user.Human == nil {
+		return errors.ThrowPreconditionFailed(nil, "EVENT-Gns8i", "Errors.User.NotHuman")
+	}
+	repoUser := model.UserFromModel(user)
+	repoAuthRequest := model.AuthRequestFromModel(authRequest)
+	agg := ExternalLoginCheckSucceededAggregate(es.AggregateCreator(), repoUser, repoAuthRequest)
+	err = es_sdk.Push(ctx, es.PushAggregates, repoUser.AppendEvents, agg)
+	if err != nil {
+		return err
+	}
+	es.userCache.cacheUser(repoUser)
+	return nil
+}
+
 func (es *UserEventstore) ChangeMachine(ctx context.Context, machine *usr_model.Machine) (*usr_model.Machine, error) {
 	user, err := es.UserByID(ctx, machine.AggregateID)
 	if err != nil {

internal/user/repository/eventsourcing/model/auth_request.go

@@ -1,22 +1,28 @@
 package model
 
 import (
+	"encoding/json"
+	"github.com/caos/logging"
+	caos_errs "github.com/caos/zitadel/internal/errors"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
 	"net"
 
 	"github.com/caos/zitadel/internal/auth_request/model"
 )
 
 type AuthRequest struct {
-	ID          string `json:"id,omitempty"`
-	UserAgentID string `json:"userAgentID,omitempty"`
+	ID                  string `json:"id,omitempty"`
+	UserAgentID         string `json:"userAgentID,omitempty"`
+	SelectedIDPConfigID string `json:"selectedIDPConfigID,omitempty"`
 	*BrowserInfo
 }
 
 func AuthRequestFromModel(request *model.AuthRequest) *AuthRequest {
 	return &AuthRequest{
-		ID:          request.ID,
-		UserAgentID: request.AgentID,
-		BrowserInfo: BrowserInfoFromModel(request.BrowserInfo),
+		ID:                  request.ID,
+		UserAgentID:         request.AgentID,
+		BrowserInfo:         BrowserInfoFromModel(request.BrowserInfo),
+		SelectedIDPConfigID: request.SelectedIDPConfigID,
 	}
 }
 
@@ -33,3 +39,11 @@ func BrowserInfoFromModel(info *model.BrowserInfo) *BrowserInfo {
 		RemoteIP:       info.RemoteIP,
 	}
 }
+
+func (a *AuthRequest) SetData(event *es_models.Event) error {
+	if err := json.Unmarshal(event.Data, a); err != nil {
+		logging.Log("EVEN-T5df6").WithError(err).Error("could not unmarshal event data")
+		return caos_errs.ThrowInternal(err, "MODEL-yGmhh", "could not unmarshal event")
+	}
+	return nil
+}

internal/user/repository/eventsourcing/model/types.go

@@ -84,6 +84,8 @@ const (
 	HumanPasswordCheckSucceeded models.EventType = "user.human.password.check.succeeded"
 	HumanPasswordCheckFailed    models.EventType = "user.human.password.check.failed"
 
+	HumanExternalLoginCheckSucceeded models.EventType = "user.human.externallogin.check.succeeded"
+
 	HumanExternalIDPReserved models.EventType = "user.human.externalidp.reserved"
 	HumanExternalIDPReleased models.EventType = "user.human.externalidp.released"
 

internal/user/repository/eventsourcing/user.go

@@ -445,6 +445,16 @@ func PasswordCodeSentAggregate(aggCreator *es_models.AggregateCreator, user *mod
 	}
 }
 
+func ExternalLoginCheckSucceededAggregate(aggCreator *es_models.AggregateCreator, user *model.User, check *model.AuthRequest) es_sdk.AggregateFunc {
+	return func(ctx context.Context) (*es_models.Aggregate, error) {
+		agg, err := UserAggregate(ctx, aggCreator, user)
+		if err != nil {
+			return nil, err
+		}
+		return agg.AppendEvent(model.HumanExternalLoginCheckSucceeded, check)
+	}
+}
+
 func MachineChangeAggregate(aggCreator *es_models.AggregateCreator, user *model.User, machine *model.Machine) func(ctx context.Context) (*es_models.Aggregate, error) {
 	return func(ctx context.Context) (*es_models.Aggregate, error) {
 		if machine == nil {