mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-06 13:37:40 +00:00
fix: return absolute url for avatar in user sessions (#3724)
* fix: return absolute url for avatar in user sessions * fix: refresh token unique constraint
This commit is contained in:
Livio Amstutz
GitHub
parent
e79aab3671
commit
41d78ef523
@ -156,7 +156,7 @@ CREATE TABLE auth.refresh_tokens (
|
||||
instance_id STRING NOT NULL,
|
||||
|
||||
PRIMARY KEY (id, instance_id),
|
||||
UNIQUE INDEX unique_client_user_index (client_id ASC, user_agent_id ASC, user_id ASC, instance_id)
|
||||
UNIQUE INDEX unique_client_user_index (client_id, user_agent_id, user_id)
|
||||
);
|
||||
|
||||
CREATE TABLE auth.org_project_mapping (
|
||||
|
||||
@ -153,7 +153,7 @@ func startAPIs(ctx context.Context, router *mux.Router, commands *command.Comman
|
||||
verifier := internal_authz.Start(repo)
|
||||
|
||||
authenticatedAPIs := api.New(config.Port, router, &repo, config.InternalAuthZ, config.ExternalSecure, config.HTTP2HostHeader)
|
||||
authRepo, err := auth_es.Start(config.Auth, config.SystemDefaults, commands, queries, dbClient, assets.HandlerPrefix, keys.OIDC, keys.User)
|
||||
authRepo, err := auth_es.Start(config.Auth, config.SystemDefaults, commands, queries, dbClient, keys.OIDC, keys.User)
|
||||
if err != nil {
|
||||
return fmt.Errorf("error starting auth repo: %w", err)
|
||||
}
|
||||
|
||||
@ -100,7 +100,7 @@ func (s *Server) ListMyUserSessions(ctx context.Context, req *auth_pb.ListMyUser
|
||||
return nil, err
|
||||
}
|
||||
return &auth_pb.ListMyUserSessionsResponse{
|
||||
Result: user_grpc.UserSessionsToPb(userSessions),
|
||||
Result: user_grpc.UserSessionsToPb(userSessions, s.assetsAPIDomain(ctx)),
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
@ -7,15 +7,15 @@ import (
|
||||
"github.com/zitadel/zitadel/pkg/grpc/user"
|
||||
)
|
||||
|
||||
func UserSessionsToPb(sessions []*user_model.UserSessionView) []*user.Session {
|
||||
func UserSessionsToPb(sessions []*user_model.UserSessionView, avatarPrefix string) []*user.Session {
|
||||
s := make([]*user.Session, len(sessions))
|
||||
for i, session := range sessions {
|
||||
s[i] = UserSessionToPb(session)
|
||||
s[i] = UserSessionToPb(session, avatarPrefix)
|
||||
}
|
||||
return s
|
||||
}
|
||||
|
||||
func UserSessionToPb(session *user_model.UserSessionView) *user.Session {
|
||||
func UserSessionToPb(session *user_model.UserSessionView, avatarPrefix string) *user.Session {
|
||||
return &user.Session{
|
||||
// SessionId: session.,//TOOD: not return from be
|
||||
AgentId: session.UserAgentID,
|
||||
@ -24,7 +24,7 @@ func UserSessionToPb(session *user_model.UserSessionView) *user.Session {
|
||||
LoginName: session.LoginName,
|
||||
DisplayName: session.DisplayName,
|
||||
AuthState: SessionStateToPb(session.State),
|
||||
AvatarUrl: session.AvatarURL,
|
||||
AvatarUrl: domain.AvatarURL(avatarPrefix, session.ResourceOwner, session.AvatarKey),
|
||||
Details: object.ToViewDetailsPb(
|
||||
session.Sequence,
|
||||
session.CreationDate,
|
||||
|
||||
@ -65,11 +65,9 @@ type privacyPolicyProvider interface {
|
||||
type userSessionViewProvider interface {
|
||||
UserSessionByIDs(string, string, string) (*user_view_model.UserSessionView, error)
|
||||
UserSessionsByAgentID(string, string) ([]*user_view_model.UserSessionView, error)
|
||||
PrefixAvatarURL() string
|
||||
}
|
||||
type userViewProvider interface {
|
||||
UserByID(string, string) (*user_view_model.UserView, error)
|
||||
PrefixAvatarURL() string
|
||||
}
|
||||
|
||||
type loginPolicyViewProvider interface {
|
||||
@ -1105,7 +1103,7 @@ func userSessionsByUserAgentID(provider userSessionViewProvider, agentID, instan
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return user_view_model.UserSessionsToModel(session, provider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserSessionsToModel(session), nil
|
||||
}
|
||||
|
||||
func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eventProvider userEventProvider, agentID string, user *user_model.UserView) (*user_model.UserSessionView, error) {
|
||||
@ -1119,7 +1117,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
|
||||
events, err := eventProvider.UserEventsByID(ctx, user.ID, session.Sequence)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-Hse6s").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
|
||||
return user_view_model.UserSessionToModel(session, provider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserSessionToModel(session), nil
|
||||
}
|
||||
sessionCopy := *session
|
||||
for _, event := range events {
|
||||
@ -1144,7 +1142,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
|
||||
eventData, err := user_view_model.UserSessionFromEvent(event)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-sdgT3").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error getting event data")
|
||||
return user_view_model.UserSessionToModel(session, provider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserSessionToModel(session), nil
|
||||
}
|
||||
if eventData.UserAgentID != agentID {
|
||||
continue
|
||||
@ -1155,7 +1153,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
|
||||
err := sessionCopy.AppendEvent(event)
|
||||
logging.Log("EVENT-qbhj3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("error appending event")
|
||||
}
|
||||
return user_view_model.UserSessionToModel(&sessionCopy, provider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserSessionToModel(&sessionCopy), nil
|
||||
}
|
||||
|
||||
func activeUserByID(ctx context.Context, userViewProvider userViewProvider, userEventProvider userEventProvider, queries orgViewProvider, lockoutPolicyProvider lockoutPolicyViewProvider, userID string, ignoreUnknownUsernames bool) (user *user_model.UserView, err error) {
|
||||
@ -1200,24 +1198,24 @@ func userByID(ctx context.Context, viewProvider userViewProvider, eventProvider
|
||||
events, err := eventProvider.UserEventsByID(ctx, userID, user.Sequence)
|
||||
if err != nil {
|
||||
logging.Log("EVENT-dfg42").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
|
||||
return user_view_model.UserToModel(user, viewProvider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserToModel(user), nil
|
||||
}
|
||||
if len(events) == 0 {
|
||||
if viewErr != nil {
|
||||
return nil, viewErr
|
||||
}
|
||||
return user_view_model.UserToModel(user, viewProvider.PrefixAvatarURL()), viewErr
|
||||
return user_view_model.UserToModel(user), viewErr
|
||||
}
|
||||
userCopy := *user
|
||||
for _, event := range events {
|
||||
if err := userCopy.AppendEvent(event); err != nil {
|
||||
return user_view_model.UserToModel(user, viewProvider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserToModel(user), nil
|
||||
}
|
||||
}
|
||||
if userCopy.State == int32(user_model.UserStateDeleted) {
|
||||
return nil, errors.ThrowNotFound(nil, "EVENT-3F9so", "Errors.User.NotFound")
|
||||
}
|
||||
return user_view_model.UserToModel(&userCopy, viewProvider.PrefixAvatarURL()), nil
|
||||
return user_view_model.UserToModel(&userCopy), nil
|
||||
}
|
||||
|
||||
func linkExternalIDPs(ctx context.Context, userCommandProvider userCommandProvider, request *domain.AuthRequest) error {
|
||||
|
||||
@ -32,10 +32,6 @@ func (m *mockViewNoUserSession) UserSessionsByAgentID(string, string) ([]*user_v
|
||||
return nil, nil
|
||||
}
|
||||
|
||||
func (m *mockViewNoUserSession) PrefixAvatarURL() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
type mockViewErrUserSession struct{}
|
||||
|
||||
func (m *mockViewErrUserSession) UserSessionByIDs(string, string, string) (*user_view_model.UserSessionView, error) {
|
||||
@ -46,10 +42,6 @@ func (m *mockViewErrUserSession) UserSessionsByAgentID(string, string) ([]*user_
|
||||
return nil, errors.ThrowInternal(nil, "id", "internal error")
|
||||
}
|
||||
|
||||
func (m *mockViewErrUserSession) PrefixAvatarURL() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
type mockViewUserSession struct {
|
||||
ExternalLoginVerification time.Time
|
||||
PasswordlessVerification time.Time
|
||||
@ -87,20 +79,12 @@ func (m *mockViewUserSession) UserSessionsByAgentID(string, string) ([]*user_vie
|
||||
return sessions, nil
|
||||
}
|
||||
|
||||
func (m *mockViewUserSession) PrefixAvatarURL() string {
|
||||
return "prefix/"
|
||||
}
|
||||
|
||||
type mockViewNoUser struct{}
|
||||
|
||||
func (m *mockViewNoUser) UserByID(string, string) (*user_view_model.UserView, error) {
|
||||
return nil, errors.ThrowNotFound(nil, "id", "user not found")
|
||||
}
|
||||
|
||||
func (m *mockViewNoUser) PrefixAvatarURL() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
type mockEventUser struct {
|
||||
Event *es_models.Event
|
||||
}
|
||||
@ -176,10 +160,6 @@ func (m *mockViewUser) UserByID(string, string) (*user_view_model.UserView, erro
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (m *mockViewUser) PrefixAvatarURL() string {
|
||||
return ""
|
||||
}
|
||||
|
||||
type mockViewOrg struct {
|
||||
State domain.OrgState
|
||||
}
|
||||
|
||||
@ -14,12 +14,11 @@ import (
|
||||
)
|
||||
|
||||
type UserRepo struct {
|
||||
SearchLimit uint64
|
||||
Eventstore v1.Eventstore
|
||||
View *view.View
|
||||
Query *query.Queries
|
||||
SystemDefaults systemdefaults.SystemDefaults
|
||||
PrefixAvatarURL string
|
||||
SearchLimit uint64
|
||||
Eventstore v1.Eventstore
|
||||
View *view.View
|
||||
Query *query.Queries
|
||||
SystemDefaults systemdefaults.SystemDefaults
|
||||
}
|
||||
|
||||
func (repo *UserRepo) Health(ctx context.Context) error {
|
||||
|
||||
@ -18,7 +18,7 @@ func (repo *UserSessionRepo) GetMyUserSessions(ctx context.Context) ([]*usr_mode
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return model.UserSessionsToModel(userSessions, repo.View.PrefixAvatarURL()), nil
|
||||
return model.UserSessionsToModel(userSessions), nil
|
||||
}
|
||||
|
||||
func (repo *UserSessionRepo) ActiveUserSessionCount() int64 {
|
||||
|
||||
@ -33,14 +33,14 @@ type EsRepository struct {
|
||||
eventstore.OrgRepository
|
||||
}
|
||||
|
||||
func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, assetsPrefix string, oidcEncryption crypto.EncryptionAlgorithm, userEncryption crypto.EncryptionAlgorithm) (*EsRepository, error) {
|
||||
func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, oidcEncryption crypto.EncryptionAlgorithm, userEncryption crypto.EncryptionAlgorithm) (*EsRepository, error) {
|
||||
es, err := v1.Start(dbClient)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
idGenerator := id.SonyFlakeGenerator()
|
||||
|
||||
view, err := auth_view.StartView(dbClient, oidcEncryption, queries, idGenerator, assetsPrefix)
|
||||
view, err := auth_view.StartView(dbClient, oidcEncryption, queries, idGenerator)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
@ -50,12 +50,11 @@ func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Comma
|
||||
spool := spooler.StartSpooler(conf.Spooler, es, view, dbClient, systemDefaults, queries)
|
||||
|
||||
userRepo := eventstore.UserRepo{
|
||||
SearchLimit: conf.SearchLimit,
|
||||
Eventstore: es,
|
||||
View: view,
|
||||
Query: queries,
|
||||
SystemDefaults: systemDefaults,
|
||||
PrefixAvatarURL: assetsPrefix,
|
||||
SearchLimit: conf.SearchLimit,
|
||||
Eventstore: es,
|
||||
View: view,
|
||||
Query: queries,
|
||||
SystemDefaults: systemDefaults,
|
||||
}
|
||||
//TODO: remove as soon as possible
|
||||
queryView := queryViewWrapper{
|
||||
|
||||
@ -11,31 +11,25 @@ import (
|
||||
)
|
||||
|
||||
type View struct {
|
||||
Db *gorm.DB
|
||||
keyAlgorithm crypto.EncryptionAlgorithm
|
||||
idGenerator id.Generator
|
||||
prefixAvatarURL string
|
||||
query *query.Queries
|
||||
Db *gorm.DB
|
||||
keyAlgorithm crypto.EncryptionAlgorithm
|
||||
idGenerator id.Generator
|
||||
query *query.Queries
|
||||
}
|
||||
|
||||
func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator, prefixAvatarURL string) (*View, error) {
|
||||
func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator) (*View, error) {
|
||||
gorm, err := gorm.Open("postgres", sqlClient)
|
||||
if err != nil {
|
||||
return nil, err
|
||||
}
|
||||
return &View{
|
||||
Db: gorm,
|
||||
keyAlgorithm: keyAlgorithm,
|
||||
idGenerator: idGenerator,
|
||||
prefixAvatarURL: prefixAvatarURL,
|
||||
query: queries,
|
||||
Db: gorm,
|
||||
keyAlgorithm: keyAlgorithm,
|
||||
idGenerator: idGenerator,
|
||||
query: queries,
|
||||
}, nil
|
||||
}
|
||||
|
||||
func (v *View) Health() (err error) {
|
||||
return v.Db.DB().Ping()
|
||||
}
|
||||
|
||||
func (v *View) PrefixAvatarURL() string {
|
||||
return v.prefixAvatarURL
|
||||
}
|
||||
|
||||
@ -17,7 +17,7 @@ type Profile struct {
|
||||
Gender Gender
|
||||
PreferredLoginName string
|
||||
LoginNames []string
|
||||
AvatarURL string
|
||||
AvatarKey string
|
||||
}
|
||||
|
||||
func (p *Profile) IsValid() bool {
|
||||
|
||||
@ -18,7 +18,6 @@ type UserSessionView struct {
|
||||
LoginName string
|
||||
DisplayName string
|
||||
AvatarKey string
|
||||
AvatarURL string
|
||||
SelectedIDPConfigID string
|
||||
PasswordVerification time.Time
|
||||
PasswordlessVerification time.Time
|
||||
|
||||
@ -37,7 +37,6 @@ type HumanView struct {
|
||||
NickName string
|
||||
DisplayName string
|
||||
AvatarKey string
|
||||
AvatarURL string
|
||||
PreferredLanguage string
|
||||
Gender Gender
|
||||
Email string
|
||||
@ -249,7 +248,7 @@ func (u *UserView) GetProfile() (*Profile, error) {
|
||||
Gender: u.Gender,
|
||||
PreferredLoginName: u.PreferredLoginName,
|
||||
LoginNames: u.LoginNames,
|
||||
AvatarURL: u.AvatarURL,
|
||||
AvatarKey: u.AvatarKey,
|
||||
}, nil
|
||||
}
|
||||
|
||||
|
||||
@ -139,7 +139,7 @@ func (m *MachineView) IsZero() bool {
|
||||
return m == nil || m.Name == ""
|
||||
}
|
||||
|
||||
func UserToModel(user *UserView, prefixAvatarURL string) *model.UserView {
|
||||
func UserToModel(user *UserView) *model.UserView {
|
||||
userView := &model.UserView{
|
||||
ID: user.ID,
|
||||
UserName: user.UserName,
|
||||
@ -165,7 +165,6 @@ func UserToModel(user *UserView, prefixAvatarURL string) *model.UserView {
|
||||
NickName: user.NickName,
|
||||
DisplayName: user.DisplayName,
|
||||
AvatarKey: user.AvatarKey,
|
||||
AvatarURL: domain.AvatarURL(prefixAvatarURL, user.ResourceOwner, user.AvatarKey),
|
||||
PreferredLanguage: user.PreferredLanguage,
|
||||
Gender: model.Gender(user.Gender),
|
||||
Email: user.Email,
|
||||
@ -194,14 +193,6 @@ func UserToModel(user *UserView, prefixAvatarURL string) *model.UserView {
|
||||
return userView
|
||||
}
|
||||
|
||||
func UsersToModel(users []*UserView, prefixAvatarURL string) []*model.UserView {
|
||||
result := make([]*model.UserView, len(users))
|
||||
for i, p := range users {
|
||||
result[i] = UserToModel(p, prefixAvatarURL)
|
||||
}
|
||||
return result
|
||||
}
|
||||
|
||||
func WebauthnTokensToModel(tokens []*WebAuthNView) []*model.WebAuthNView {
|
||||
if tokens == nil {
|
||||
return nil
|
||||
|
||||
@ -55,7 +55,7 @@ func UserSessionFromEvent(event *models.Event) (*UserSessionView, error) {
|
||||
return v, nil
|
||||
}
|
||||
|
||||
func UserSessionToModel(userSession *UserSessionView, prefixAvatarURL string) *model.UserSessionView {
|
||||
func UserSessionToModel(userSession *UserSessionView) *model.UserSessionView {
|
||||
return &model.UserSessionView{
|
||||
ChangeDate: userSession.ChangeDate,
|
||||
CreationDate: userSession.CreationDate,
|
||||
@ -67,7 +67,6 @@ func UserSessionToModel(userSession *UserSessionView, prefixAvatarURL string) *m
|
||||
LoginName: userSession.LoginName,
|
||||
DisplayName: userSession.DisplayName,
|
||||
AvatarKey: userSession.AvatarKey,
|
||||
AvatarURL: domain.AvatarURL(prefixAvatarURL, userSession.ResourceOwner, userSession.AvatarKey),
|
||||
SelectedIDPConfigID: userSession.SelectedIDPConfigID,
|
||||
PasswordVerification: userSession.PasswordVerification,
|
||||
PasswordlessVerification: userSession.PasswordlessVerification,
|
||||
@ -80,10 +79,10 @@ func UserSessionToModel(userSession *UserSessionView, prefixAvatarURL string) *m
|
||||
}
|
||||
}
|
||||
|
||||
func UserSessionsToModel(userSessions []*UserSessionView, prefixAvatarURL string) []*model.UserSessionView {
|
||||
func UserSessionsToModel(userSessions []*UserSessionView) []*model.UserSessionView {
|
||||
result := make([]*model.UserSessionView, len(userSessions))
|
||||
for i, s := range userSessions {
|
||||
result[i] = UserSessionToModel(s, prefixAvatarURL)
|
||||
result[i] = UserSessionToModel(s)
|
||||
}
|
||||
return result
|
||||
}
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user