TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-06 19:36:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: Identity brokering (#730)

Browse Source 
* feat: add/ remove external idps

* feat: external idp add /remove

* fix: auth proto

* fix: handle login

* feat: loginpolicy on authrequest

* feat: idp providers on login

* feat: link external idp

* fix: check login policy on check username

* feat: add mapping fields for idp config

* feat: use user org id if existing

* feat: use user org id if existing

* feat: register external user

* feat: register external user

* feat: user linking

* feat: user linking

* feat: design external login

* feat: design external login

* fix: tests

* fix: regenerate login design

* feat: next step test linking process

* feat: next step test linking process

* feat: cascade remove external idps on user

* fix: tests

* fix: tests

* feat: external idp requsts on users

* fix: generate protos

* feat: login styles

* feat: login styles

* fix: link user

* fix: register user on specifig org

* fix: user linking

* fix: register external, linking auto

* fix: remove unnecessary request from proto

* fix: tests

* fix: new oidc package

* fix: migration version

* fix: policy permissions

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/renderer.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/renderer.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: pr requests

* Update internal/ui/login/handler/link_users_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: pr requests

* fix: pr requests

* fix: pr requests

* fix: login name size

* fix: profile image light

* fix: colors

* fix: pr requests

* fix: remove redirect uri validator

* fix: remove redirect uri validator

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi
2020-09-18 13:26:28 +02:00
committed by GitHub
parent 1d542a0c57
commit 320ddfa46d
141 changed files with 30057 additions and 12535 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
internal/ui/login/static/templates/change_password.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "PasswordChange.Description"}}</p>
<p>{{t "PasswordChange.Description"}}</p>
</div>
<form action="{{ changePasswordUrl }}" method="POST">
@@ -42,8 +44,8 @@
<div class="actions">
<button type="submit" id="change-password-button" name="resend" value="false" class="primary right">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/change_password_done.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "PasswordChangeDone.Description"}}</p>
<p>{{t "PasswordChangeDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
@@ -13,8 +15,8 @@
<div class="actions">
<button class="primary right" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/change_username.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "UsernameChange.Description"}}</p>
<p>{{t "UsernameChange.Description"}}</p>
</div>
<form action="{{ changeUsernameUrl }}" method="POST">
@@ -21,8 +23,8 @@
<div class="actions">
<button type="submit" id="submit-button" value="false" class="primary right">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

6
internal/ui/login/static/templates/change_username_done.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "UsernameChangeDone.Description"}}</p>
<p>{{t "UsernameChangeDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">

31
internal/ui/login/static/templates/external_not_found_option.html Normal file
View File

@@ -0,0 +1,31 @@
{{template "main-top" .}}
<div class="head">
<h1>{{t "ExternalNotFoundOption.Title"}}</h1>
<p>{{t "ExternalNotFoundOption.Description"}}</p>
</div>
<form action="{{ externalNotFoundOptionUrl }}" method="POST">
{{ .CSRF }}
<input type="hidden" name="authRequestID" value="{{ .AuthReqID }}" />
<div class="actions">
<button class="secondary right" name="link" value="true" formnovalidate>{{t "ExternalNotFoundOption.Link"}}</button>
<button class="secondary right" name="autoregister" value="true" formnovalidate>{{t "ExternalNotFoundOption.AutoRegister"}}</button>
<a class="button secondary" href="{{ loginUrl .AuthReqID }}">
{{t "Actions.Back"}}
</a>
</div>
{{template "error-message" .}}
</form>
<script src="{{ resourceUrl "scripts/form_submit.js" }}"></script>
<script src="{{ resourceUrl "scripts/default_form_validation.js" }}"></script>
{{template "main-bottom" .}}

10
internal/ui/login/static/templates/init_password.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "InitPassword.Description" }}</p>
<p>{{t "InitPassword.Description" }}</p>
</div>
<form action="{{ initPasswordUrl }}" method="POST">
@@ -47,8 +49,8 @@
<div class="actions">
<button type="submit" id="init-button" name="resend" value="false" class="primary right" >{{t "Actions.Next"}}</button>
<button type="submit" name="resend" value="true" class="secondary right" formnovalidate>{{t "Actions.Resend" }}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/init_password_done.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "PasswordSetDone.Description"}}</p>
<p>{{t "PasswordSetDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
@@ -12,8 +14,8 @@
<div class="actions">
<button class="primary right" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/init_user.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "InitUser.Description" }}</p>
<p>{{t "InitUser.Description" }}</p>
</div>
<form action="{{ initUserUrl }}" method="POST">
@@ -49,8 +51,8 @@
value="false"
class="primary right">{{t "Actions.Next"}}</button>
<button type="submit" name="resend" value="true" class="secondary right" formnovalidate>{{t "Actions.Resend" }}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/init_user_done.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "InitUserDone.Description"}}</p>
<p>{{t "InitUserDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
@@ -12,8 +14,8 @@
<div class="actions">
<button class="primary right" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

25
internal/ui/login/static/templates/link_users_done.html Normal file
View File

@@ -0,0 +1,25 @@
{{template "main-top" .}}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "LinkingUsersDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
{{ .CSRF }}
<input type="hidden" name="authRequestID" value="{{ .AuthReqID }}" />
<div class="actions">
<button class="primary right" type="submit">{{t "Actions.Next"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>
{{template "main-bottom" .}}

33
internal/ui/login/static/templates/login.html
View File

@@ -1,8 +1,16 @@
{{template "main-top" .}}
<h1>{{t "Login.Title"}}</h1>
<p>{{t "Login.Description"}}</p>
<div class="head">
{{if .Linking}}
<h1>{{t "Login.TitleLinking"}}</h1>
<p>{{t "Login.DescriptionLinking"}}</p>
{{else}}
<h1>{{t "Login.Title"}}</h1>
<p>{{t "Login.Description"}}</p>
{{end}}
</div>
<form action="{{ loginNameUrl }}" method="POST">
@@ -10,19 +18,36 @@
<input type="hidden" name="authRequestID" value="{{ .AuthReqID }}" />
{{if .LoginPolicy.AllowUsernamePassword }}
<div class="fields">
<div class="field">
<label class="label" for="loginName">{{t "Login.Loginname"}}</label>
<input class="input" type="text" id="loginName" name="loginName" placeholder="{{t "Login.LoginnamePlaceHolder"}}" value="{{ .LoginName }}" autocomplete="username" autofocus required>
</div>
</div>
{{end}}
{{template "error-message" .}}
<div class="actions">
<button class="primary right" id="submit-button" type="submit">{{t "Actions.Next"}}</button>
<button class="secondary right" name="register" value="true" formnovalidate>{{t "Actions.Register"}}</button>
<button class="primary" id="submit-button" type="submit">{{t "Actions.Next"}}</button>
{{if .LoginPolicy.AllowRegister}}
<button class="secondary" name="register" value="true" formnovalidate>{{t "Actions.Register"}}</button>
{{end}}
</div>
{{if .LoginPolicy.AllowExternalIDP}}
<div class="actions idp-providers">
<p>{{t "Login.ExternalLogin"}}</p>
{{ $reqid := .AuthReqID}}
{{range $provider := .IDPProviders}}
<a href="{{ externalIDPAuthURL $reqid $provider.IDPConfigID}}" class="button secondary idp-providers">
{{$provider.Name}}
</a>
{{end}}
</div>
{{end}}
</form>

7
internal/ui/login/static/templates/logout_done.html
View File

@@ -1,8 +1,9 @@
{{template "main-top" .}}
<h1>{{t "LogoutDone.Title"}}</h1>
<p>{{t "LogoutDone.Description"}}</p>
<div class="head">
<h1>{{t "LogoutDone.Title"}}</h1>
<p> {{t "LogoutDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
{{ .CSRF }}

10
internal/ui/login/static/templates/mail_verification.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "EmailVerification.Description"}}</p>
<p>{{t "EmailVerification.Description"}}</p>
</div>
<form action="{{ mailVerificationUrl }}" method="POST">
@@ -25,8 +27,8 @@
{{ if .UserID }}
<button type="submit" name="resend" value="true" class="secondary right" formnovalidate>{{t "Actions.Resend"}}</button>
{{ end }}
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/mail_verified.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "EmailVerificationDone.Description"}}</p>
<p>{{t "EmailVerificationDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
@@ -13,8 +15,8 @@
<div class="actions">
<button class="primary right" type="submit">{{if .AuthReqID }}{{t "Actions.Next"}}{{else}}{{t "Actions.Login"}}{{end}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/mfa_init_done.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "MfaInitDone.Description"}}</p>
<p>{{t "MfaInitDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">
@@ -13,8 +15,8 @@
<div class="actions">
<button class="primary right" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

14
internal/ui/login/static/templates/mfa_init_verify.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "MfaInitVerify.Description"}}</p>
<p>{{t "MfaInitVerify.Description"}}</p>
</div>
<form action="{{ mfaInitVerifyUrl }}" method="POST">
@@ -35,11 +37,11 @@
<div class="actions">
<button class="primary right" id="submit-button" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ mfaPromptChangeUrl .AuthReqID .MfaType }}">
<button class="secondary" type="button">{{t "Actions.Back"}}</button>
<a class="button secondary" href="{{ mfaPromptChangeUrl .AuthReqID .MfaType }}">
{{t "Actions.Back"}}
</a>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/mfa_prompt.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "MfaPrompt.Description"}}</p>
<p>{{t "MfaPrompt.Description"}}</p>
</div>
<form action="{{ mfaPromptUrl }}" method="POST">
@@ -25,8 +27,8 @@
{{if not .MfaRequired}}
<button class="default right" name="skip" value="true" type="submit" formnovalidate>{{t "Actions.Skip"}}</button>
{{end}}
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/mfa_verify.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "MfaVerify.Description"}}</p>
<p>{{t "MfaVerify.Description"}}</p>
</div>
<form action="{{ mfaVerifyUrl }}" method="POST">
@@ -22,8 +24,8 @@
<div class="actions">
<button class="primary right" id="submit-button" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ loginUrl }}">
<button class="secondary" type="button">{{t "Actions.Cancel"}}</button>
<a class="button secondary" href="{{ loginUrl }}">
{{t "Actions.Cancel"}}
</a>
</div>
</form>

10
internal/ui/login/static/templates/password.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "Password.Description"}}</p>
<p>{{t "Password.Description"}}</p>
</div>
<form action="{{ passwordUrl }}" method="POST">
@@ -25,8 +27,8 @@
<a href="{{ loginNameChangeUrl .AuthReqID }}">
<button class="secondary" type="button">{{t "Actions.Back"}}</button>
</a>
<a href="{{ passwordResetUrl .AuthReqID }}">
<button class="secondary" type="button">{{t "Actions.ForgotPassword"}}</button>
<a class="button secondary" href="{{ passwordResetUrl .AuthReqID }}">
{{t "Actions.ForgotPassword"}}
</a>
</div>
</form>

6
internal/ui/login/static/templates/password_reset_done.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
{{ template "user-profile" . }}
<div class="head">
{{ template "user-profile" . }}
<p>{{t "PasswordResetDone.Description"}}</p>
<p>{{t "PasswordResetDone.Description"}}</p>
</div>
<form action="{{ loginUrl }}" method="POST">

13
internal/ui/login/static/templates/register.html
View File

@@ -1,7 +1,10 @@
{{template "main-top" .}}
<h1>{{t "Registration.Title"}}</h1>
<p>{{t "Registration.Description"}}</p>
<div class="head">
<h1>{{t "Registration.Title"}}</h1>
<p>{{t "Registration.Description"}}</p>
</div>
<form action="{{ registrationUrl }}" method="POST">
@@ -62,7 +65,7 @@
<input class="input" type="checkbox" id="register-term-confirmation" name="register-term-confirmation" required>
<label for="register-term-confirmation">
{{t "Registration.TosConfirm"}}
<a class="" target="_blank" href="{{t "Registration.TosLink"}}">{{t "Registration.TosLinkText"}}</a>
<a class="tos-link" target="_blank" href="{{t "Registration.TosLink"}}">{{t "Registration.TosLinkText"}}</a>
</label>
</div>
</div>
@@ -72,8 +75,8 @@
<div class="actions">
<button class="primary right" id="register-button" type="submit">{{t "Actions.Next"}}</button>
<a href="{{ loginNameChangeUrl .AuthReqID }}">
<button class="secondary" type="button">{{t "Actions.Back"}}</button>
<a class="button secondary" href="{{ loginNameChangeUrl .AuthReqID }}">
{{t "Actions.Back"}}
</a>
</div>
</form>

40
internal/ui/login/static/templates/register_option.html Normal file
View File

@@ -0,0 +1,40 @@
{{template "main-top" .}}
<div class="head">
<h1>{{t "RegisterOption.Title"}}</h1>
<p>{{t "RegisterOption.Description"}}</p>
</div>
<form action="{{ registerOptionUrl }}" method="POST">
{{ .CSRF }}
<input type="hidden" name="authRequestID" value="{{ .AuthReqID }}" />
<div class="actions">
{{if .LoginPolicy.AllowUsernamePassword }}
<button class="secondary right" name="usernamepassword" value="true" formnovalidate>{{t "RegisterOption.RegisterUsernamePassword"}}</button>
{{end}}
{{if .LoginPolicy.AllowExternalIDP}}
{{ $reqid := .AuthReqID}}
{{range $provider := .IDPProviders}}
<a href="{{ externalIDPRegisterURL $reqid $provider.IDPConfigID}}" class="button secondary idp-providers">
{{$provider.Name}}
</a>
{{end}}
{{end}}
<a class="button secondary" href="{{ loginNameChangeUrl .AuthReqID }}">
{{t "Actions.Back"}}
</a>
</div>
{{template "error-message" .}}
</form>
<script src="{{ resourceUrl "scripts/form_submit.js" }}"></script>
<script src="{{ resourceUrl "scripts/default_form_validation.js" }}"></script>
{{template "main-bottom" .}}

10
internal/ui/login/static/templates/register_org.html
View File

@@ -1,8 +1,10 @@
{{template "main-top" .}}
<h1>{{t "RegistrationOrg.Title"}}</h1>
<p class="free-tier">{{t "RegistrationOrg.FreeTillEndOfYear"}}</p>
<p>{{t "RegistrationOrg.Description"}}</p>
<div class="head">
<h1>{{t "RegistrationOrg.Title"}}</h1>
<p class="free-tier">{{t "RegistrationOrg.FreeTillEndOfYear"}}</p>
<p>{{t "RegistrationOrg.Description"}}</p>
</div>
<form action="{{ orgRegistrationUrl }}" method="POST">
@@ -61,7 +63,7 @@
<input class="input" type="checkbox" id="register-term-confirmation" name="register-term-confirmation" required>
<label for="register-term-confirmation">
{{t "RegistrationOrg.TosConfirm"}}
<a class="" target="_blank" href="{{t "RegistrationOrg.TosLink"}}">{{t "RegistrationOrg.TosLinkText"}}</a>
<a class="tos-link" target="_blank" href="{{t "RegistrationOrg.TosLink"}}">{{t "RegistrationOrg.TosLinkText"}}</a>
</label>
</div>
</div>

11
internal/ui/login/static/templates/select_user.html
View File

@@ -1,8 +1,15 @@
{{template "main-top" .}}
<div class="head">
{{if .Linking}}
<h1>{{t "UserSelection.TitleLinking"}}</h1>
<p>{{t "UserSelection.DescriptionLinking"}}</p>
{{else}}
<h1>{{t "UserSelection.Title"}}</h1>
<p>{{t "UserSelection.Description"}}</p>
{{end}}
</div>
<h1>{{t "UserSelection.Title"}}</h1>
<p>{{t "UserSelection.Description"}}</p>
<form action="{{ userSelectionUrl }}" method="POST">

20
internal/ui/login/static/templates/user_profile.html
View File

@@ -1,13 +1,13 @@
{{define "user-profile"}}
{{if .LoginName}}
<div class="login-profile">
<div class="profile-image"></div>
<div class="names">
{{if .DisplayName}}
<div class="displayname">{{.DisplayName}}</div>
{{end}}
<div class="loginname">{{.LoginName}}</div>
{{if .LoginName}}
<div class="login-profile">
<div class="profile-image"></div>
<div class="names">
{{if .DisplayName}}
<div class="displayname">{{.DisplayName}}</div>
{{end}}
<div class="loginname">{{.LoginName}}</div>
</div>
</div>
</div>
{{end}}
{{end}}
{{end}}