feat: session checks with intent (#6031)

* feat: session checks with intent * feat: session checks with intent * fix: integration tests for intent session * fix: integration tests for intent session * fix merge * fix: integration tests for intent session --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
2025-08-11 21:27:42 +00:00 · 2023-06-21 16:06:18 +02:00
parent c12d94f7d4
commit 1b5d6ce89e
29 changed files with 727 additions and 153 deletions
--- a/proto/zitadel/session/v2alpha/session.proto
+++ b/proto/zitadel/session/v2alpha/session.proto
@@ -45,6 +45,7 @@ message Factors {
  UserFactor user = 1;
  PasswordFactor password = 2;
  PasskeyFactor passkey = 3;
+  IntentFactor intent = 4;
 }

 message UserFactor {
@@ -78,6 +79,14 @@ message PasswordFactor {
  ];
 }

+message IntentFactor {
+  google.protobuf.Timestamp verified_at = 1 [
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+      description: "\"time when an intent was last checked\"";
+    }
+  ];
+}
+
 message PasskeyFactor {
  google.protobuf.Timestamp verified_at = 1 [
    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
--- a/proto/zitadel/session/v2alpha/session_service.proto
+++ b/proto/zitadel/session/v2alpha/session_service.proto
@@ -341,6 +341,11 @@ message Checks {
      description: "\"Checks the public key credential issued by the passkey client. Requires that the user is already checked and a passkey challenge to be requested, in any previous request.\"";
    }
  ];
+  optional CheckIntent intent = 4 [
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+      description: "\"Checks the intent. Requires that the userlink is already checked and a successful intent.\"";
+    }
+  ];
 }

 message CheckUser {
@@ -386,3 +391,24 @@ message CheckPasskey {
    }
  ];
 }
+
+message CheckIntent {
+  string intent_id = 1 [
+    (validate.rules).string = {min_len: 1, max_len: 200},
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+      description: "ID of the intent, previously returned on the success response of the IDP callback"
+      min_length: 1;
+      max_length: 200;
+      example: "\"d654e6ba-70a3-48ef-a95d-37c8d8a7901a\"";
+    }
+  ];
+  string token = 2 [
+    (validate.rules).string = {min_len: 1, max_len: 200},
+    (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
+      description: "token of the intent, previously returned on the success response of the IDP callback"
+      min_length: 1;
+      max_length: 200;
+      example: "\"SJKL3ioIDpo342ioqw98fjp3sdf32wahb=\"";
+    }
+  ];
+}