feat: add default redirect uri and handling of unknown usernames (#3616)

* feat: add possibility to ignore username errors on first login screen * console changes * fix: handling of unknown usernames (#3445) * fix: handling of unknown usernames * fix: handle HideLoginNameSuffix on unknown users * feat: add default redirect uri on login policy (#3607) * feat: add default redirect uri on login policy * fix tests * feat: Console login policy default redirect (#3613) * console default redirect * placeholder * validate default redirect uri * allow empty default redirect uri Co-authored-by: Max Peintner <max@caos.ch> * remove wonrgly cherry picked migration Co-authored-by: Max Peintner <max@caos.ch>
2025-08-12 04:57:33 +00:00 · 2022-05-16 15:39:09 +02:00
parent f1fa74a2c0
commit 411d7c6c5c
69 changed files with 655 additions and 107 deletions
--- a/internal/api/grpc/admin/login_policy_converter.go
+++ b/internal/api/grpc/admin/login_policy_converter.go
@@ -16,6 +16,8 @@ func updateLoginPolicyToDomain(p *admin_pb.UpdateLoginPolicyRequest) *domain.Log
 		ForceMFA:                   p.ForceMfa,
 		PasswordlessType:           policy_grpc.PasswordlessTypeToDomain(p.PasswordlessType),
 		HidePasswordReset:          p.HidePasswordReset,
+		IgnoreUnknownUsernames:     p.IgnoreUnknownUsernames,
+		DefaultRedirectURI:         p.DefaultRedirectUri,
 		PasswordCheckLifetime:      p.PasswordCheckLifetime.AsDuration(),
 		ExternalLoginCheckLifetime: p.ExternalLoginCheckLifetime.AsDuration(),
 		MFAInitSkipLifetime:        p.MfaInitSkipLifetime.AsDuration(),
--- a/internal/api/grpc/management/policy_login_converter.go
+++ b/internal/api/grpc/management/policy_login_converter.go
@@ -16,6 +16,8 @@ func addLoginPolicyToDomain(p *mgmt_pb.AddCustomLoginPolicyRequest) *domain.Logi
 		ForceMFA:                   p.ForceMfa,
 		PasswordlessType:           policy_grpc.PasswordlessTypeToDomain(p.PasswordlessType),
 		HidePasswordReset:          p.HidePasswordReset,
+		IgnoreUnknownUsernames:     p.IgnoreUnknownUsernames,
+		DefaultRedirectURI:         p.DefaultRedirectUri,
 		PasswordCheckLifetime:      p.PasswordCheckLifetime.AsDuration(),
 		ExternalLoginCheckLifetime: p.ExternalLoginCheckLifetime.AsDuration(),
 		MFAInitSkipLifetime:        p.MfaInitSkipLifetime.AsDuration(),
@@ -32,6 +34,8 @@ func updateLoginPolicyToDomain(p *mgmt_pb.UpdateCustomLoginPolicyRequest) *domai
 		ForceMFA:                   p.ForceMfa,
 		PasswordlessType:           policy_grpc.PasswordlessTypeToDomain(p.PasswordlessType),
 		HidePasswordReset:          p.HidePasswordReset,
+		IgnoreUnknownUsernames:     p.IgnoreUnknownUsernames,
+		DefaultRedirectURI:         p.DefaultRedirectUri,
 		PasswordCheckLifetime:      p.PasswordCheckLifetime.AsDuration(),
 		ExternalLoginCheckLifetime: p.ExternalLoginCheckLifetime.AsDuration(),
 		MFAInitSkipLifetime:        p.MfaInitSkipLifetime.AsDuration(),
--- a/internal/api/grpc/policy/login_policy.go
+++ b/internal/api/grpc/policy/login_policy.go
@@ -1,12 +1,13 @@
 package policy

 import (
+	"google.golang.org/protobuf/types/known/durationpb"
+	"google.golang.org/protobuf/types/known/timestamppb"
+
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/query"
 	"github.com/zitadel/zitadel/pkg/grpc/object"
 	policy_pb "github.com/zitadel/zitadel/pkg/grpc/policy"
-	"google.golang.org/protobuf/types/known/durationpb"
-	timestamp_pb "google.golang.org/protobuf/types/known/timestamppb"
 )

 func ModelLoginPolicyToPb(policy *query.LoginPolicy) *policy_pb.LoginPolicy {
@@ -18,6 +19,8 @@ func ModelLoginPolicyToPb(policy *query.LoginPolicy) *policy_pb.LoginPolicy {
 		ForceMfa:                   policy.ForceMFA,
 		PasswordlessType:           ModelPasswordlessTypeToPb(policy.PasswordlessType),
 		HidePasswordReset:          policy.HidePasswordReset,
+		IgnoreUnknownUsernames:     policy.IgnoreUnknownUsernames,
+		DefaultRedirectUri:         policy.DefaultRedirectURI,
 		PasswordCheckLifetime:      durationpb.New(policy.PasswordCheckLifetime),
 		ExternalLoginCheckLifetime: durationpb.New(policy.ExternalLoginCheckLifetime),
 		MfaInitSkipLifetime:        durationpb.New(policy.MFAInitSkipLifetime),
@@ -25,8 +28,8 @@ func ModelLoginPolicyToPb(policy *query.LoginPolicy) *policy_pb.LoginPolicy {
 		MultiFactorCheckLifetime:   durationpb.New(policy.MultiFactorCheckLifetime),
 		Details: &object.ObjectDetails{
 			Sequence:      policy.Sequence,
-			CreationDate:  timestamp_pb.New(policy.CreationDate),
-			ChangeDate:    timestamp_pb.New(policy.ChangeDate),
+			CreationDate:  timestamppb.New(policy.CreationDate),
+			ChangeDate:    timestamppb.New(policy.ChangeDate),
 			ResourceOwner: policy.OrgID,
 		},
 	}