fix: return absolute url for avatar in user sessions (#3724)

* fix: return absolute url for avatar in user sessions

* fix: refresh token unique constraint
This commit is contained in:
Livio Amstutz 2022-05-30 13:27:52 +02:00 committed by GitHub
parent e79aab3671
commit 41d78ef523
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 43 additions and 85 deletions

View File

@ -156,7 +156,7 @@ CREATE TABLE auth.refresh_tokens (
instance_id STRING NOT NULL,
PRIMARY KEY (id, instance_id),
UNIQUE INDEX unique_client_user_index (client_id ASC, user_agent_id ASC, user_id ASC, instance_id)
UNIQUE INDEX unique_client_user_index (client_id, user_agent_id, user_id)
);
CREATE TABLE auth.org_project_mapping (

View File

@ -153,7 +153,7 @@ func startAPIs(ctx context.Context, router *mux.Router, commands *command.Comman
verifier := internal_authz.Start(repo)
authenticatedAPIs := api.New(config.Port, router, &repo, config.InternalAuthZ, config.ExternalSecure, config.HTTP2HostHeader)
authRepo, err := auth_es.Start(config.Auth, config.SystemDefaults, commands, queries, dbClient, assets.HandlerPrefix, keys.OIDC, keys.User)
authRepo, err := auth_es.Start(config.Auth, config.SystemDefaults, commands, queries, dbClient, keys.OIDC, keys.User)
if err != nil {
return fmt.Errorf("error starting auth repo: %w", err)
}

View File

@ -100,7 +100,7 @@ func (s *Server) ListMyUserSessions(ctx context.Context, req *auth_pb.ListMyUser
return nil, err
}
return &auth_pb.ListMyUserSessionsResponse{
Result: user_grpc.UserSessionsToPb(userSessions),
Result: user_grpc.UserSessionsToPb(userSessions, s.assetsAPIDomain(ctx)),
}, nil
}

View File

@ -7,15 +7,15 @@ import (
"github.com/zitadel/zitadel/pkg/grpc/user"
)
func UserSessionsToPb(sessions []*user_model.UserSessionView) []*user.Session {
func UserSessionsToPb(sessions []*user_model.UserSessionView, avatarPrefix string) []*user.Session {
s := make([]*user.Session, len(sessions))
for i, session := range sessions {
s[i] = UserSessionToPb(session)
s[i] = UserSessionToPb(session, avatarPrefix)
}
return s
}
func UserSessionToPb(session *user_model.UserSessionView) *user.Session {
func UserSessionToPb(session *user_model.UserSessionView, avatarPrefix string) *user.Session {
return &user.Session{
// SessionId: session.,//TOOD: not return from be
AgentId: session.UserAgentID,
@ -24,7 +24,7 @@ func UserSessionToPb(session *user_model.UserSessionView) *user.Session {
LoginName: session.LoginName,
DisplayName: session.DisplayName,
AuthState: SessionStateToPb(session.State),
AvatarUrl: session.AvatarURL,
AvatarUrl: domain.AvatarURL(avatarPrefix, session.ResourceOwner, session.AvatarKey),
Details: object.ToViewDetailsPb(
session.Sequence,
session.CreationDate,

View File

@ -65,11 +65,9 @@ type privacyPolicyProvider interface {
type userSessionViewProvider interface {
UserSessionByIDs(string, string, string) (*user_view_model.UserSessionView, error)
UserSessionsByAgentID(string, string) ([]*user_view_model.UserSessionView, error)
PrefixAvatarURL() string
}
type userViewProvider interface {
UserByID(string, string) (*user_view_model.UserView, error)
PrefixAvatarURL() string
}
type loginPolicyViewProvider interface {
@ -1105,7 +1103,7 @@ func userSessionsByUserAgentID(provider userSessionViewProvider, agentID, instan
if err != nil {
return nil, err
}
return user_view_model.UserSessionsToModel(session, provider.PrefixAvatarURL()), nil
return user_view_model.UserSessionsToModel(session), nil
}
func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eventProvider userEventProvider, agentID string, user *user_model.UserView) (*user_model.UserSessionView, error) {
@ -1119,7 +1117,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
events, err := eventProvider.UserEventsByID(ctx, user.ID, session.Sequence)
if err != nil {
logging.Log("EVENT-Hse6s").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
return user_view_model.UserSessionToModel(session, provider.PrefixAvatarURL()), nil
return user_view_model.UserSessionToModel(session), nil
}
sessionCopy := *session
for _, event := range events {
@ -1144,7 +1142,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
eventData, err := user_view_model.UserSessionFromEvent(event)
if err != nil {
logging.Log("EVENT-sdgT3").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error getting event data")
return user_view_model.UserSessionToModel(session, provider.PrefixAvatarURL()), nil
return user_view_model.UserSessionToModel(session), nil
}
if eventData.UserAgentID != agentID {
continue
@ -1155,7 +1153,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
err := sessionCopy.AppendEvent(event)
logging.Log("EVENT-qbhj3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("error appending event")
}
return user_view_model.UserSessionToModel(&sessionCopy, provider.PrefixAvatarURL()), nil
return user_view_model.UserSessionToModel(&sessionCopy), nil
}
func activeUserByID(ctx context.Context, userViewProvider userViewProvider, userEventProvider userEventProvider, queries orgViewProvider, lockoutPolicyProvider lockoutPolicyViewProvider, userID string, ignoreUnknownUsernames bool) (user *user_model.UserView, err error) {
@ -1200,24 +1198,24 @@ func userByID(ctx context.Context, viewProvider userViewProvider, eventProvider
events, err := eventProvider.UserEventsByID(ctx, userID, user.Sequence)
if err != nil {
logging.Log("EVENT-dfg42").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
return user_view_model.UserToModel(user, viewProvider.PrefixAvatarURL()), nil
return user_view_model.UserToModel(user), nil
}
if len(events) == 0 {
if viewErr != nil {
return nil, viewErr
}
return user_view_model.UserToModel(user, viewProvider.PrefixAvatarURL()), viewErr
return user_view_model.UserToModel(user), viewErr
}
userCopy := *user
for _, event := range events {
if err := userCopy.AppendEvent(event); err != nil {
return user_view_model.UserToModel(user, viewProvider.PrefixAvatarURL()), nil
return user_view_model.UserToModel(user), nil
}
}
if userCopy.State == int32(user_model.UserStateDeleted) {
return nil, errors.ThrowNotFound(nil, "EVENT-3F9so", "Errors.User.NotFound")
}
return user_view_model.UserToModel(&userCopy, viewProvider.PrefixAvatarURL()), nil
return user_view_model.UserToModel(&userCopy), nil
}
func linkExternalIDPs(ctx context.Context, userCommandProvider userCommandProvider, request *domain.AuthRequest) error {

View File

@ -32,10 +32,6 @@ func (m *mockViewNoUserSession) UserSessionsByAgentID(string, string) ([]*user_v
return nil, nil
}
func (m *mockViewNoUserSession) PrefixAvatarURL() string {
return ""
}
type mockViewErrUserSession struct{}
func (m *mockViewErrUserSession) UserSessionByIDs(string, string, string) (*user_view_model.UserSessionView, error) {
@ -46,10 +42,6 @@ func (m *mockViewErrUserSession) UserSessionsByAgentID(string, string) ([]*user_
return nil, errors.ThrowInternal(nil, "id", "internal error")
}
func (m *mockViewErrUserSession) PrefixAvatarURL() string {
return ""
}
type mockViewUserSession struct {
ExternalLoginVerification time.Time
PasswordlessVerification time.Time
@ -87,20 +79,12 @@ func (m *mockViewUserSession) UserSessionsByAgentID(string, string) ([]*user_vie
return sessions, nil
}
func (m *mockViewUserSession) PrefixAvatarURL() string {
return "prefix/"
}
type mockViewNoUser struct{}
func (m *mockViewNoUser) UserByID(string, string) (*user_view_model.UserView, error) {
return nil, errors.ThrowNotFound(nil, "id", "user not found")
}
func (m *mockViewNoUser) PrefixAvatarURL() string {
return ""
}
type mockEventUser struct {
Event *es_models.Event
}
@ -176,10 +160,6 @@ func (m *mockViewUser) UserByID(string, string) (*user_view_model.UserView, erro
}, nil
}
func (m *mockViewUser) PrefixAvatarURL() string {
return ""
}
type mockViewOrg struct {
State domain.OrgState
}

View File

@ -19,7 +19,6 @@ type UserRepo struct {
View *view.View
Query *query.Queries
SystemDefaults systemdefaults.SystemDefaults
PrefixAvatarURL string
}
func (repo *UserRepo) Health(ctx context.Context) error {

View File

@ -18,7 +18,7 @@ func (repo *UserSessionRepo) GetMyUserSessions(ctx context.Context) ([]*usr_mode
if err != nil {
return nil, err
}
return model.UserSessionsToModel(userSessions, repo.View.PrefixAvatarURL()), nil
return model.UserSessionsToModel(userSessions), nil
}
func (repo *UserSessionRepo) ActiveUserSessionCount() int64 {

View File

@ -33,14 +33,14 @@ type EsRepository struct {
eventstore.OrgRepository
}
func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, assetsPrefix string, oidcEncryption crypto.EncryptionAlgorithm, userEncryption crypto.EncryptionAlgorithm) (*EsRepository, error) {
func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Commands, queries *query.Queries, dbClient *sql.DB, oidcEncryption crypto.EncryptionAlgorithm, userEncryption crypto.EncryptionAlgorithm) (*EsRepository, error) {
es, err := v1.Start(dbClient)
if err != nil {
return nil, err
}
idGenerator := id.SonyFlakeGenerator()
view, err := auth_view.StartView(dbClient, oidcEncryption, queries, idGenerator, assetsPrefix)
view, err := auth_view.StartView(dbClient, oidcEncryption, queries, idGenerator)
if err != nil {
return nil, err
}
@ -55,7 +55,6 @@ func Start(conf Config, systemDefaults sd.SystemDefaults, command *command.Comma
View: view,
Query: queries,
SystemDefaults: systemDefaults,
PrefixAvatarURL: assetsPrefix,
}
//TODO: remove as soon as possible
queryView := queryViewWrapper{

View File

@ -14,11 +14,10 @@ type View struct {
Db *gorm.DB
keyAlgorithm crypto.EncryptionAlgorithm
idGenerator id.Generator
prefixAvatarURL string
query *query.Queries
}
func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator, prefixAvatarURL string) (*View, error) {
func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queries *query.Queries, idGenerator id.Generator) (*View, error) {
gorm, err := gorm.Open("postgres", sqlClient)
if err != nil {
return nil, err
@ -27,7 +26,6 @@ func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queri
Db: gorm,
keyAlgorithm: keyAlgorithm,
idGenerator: idGenerator,
prefixAvatarURL: prefixAvatarURL,
query: queries,
}, nil
}
@ -35,7 +33,3 @@ func StartView(sqlClient *sql.DB, keyAlgorithm crypto.EncryptionAlgorithm, queri
func (v *View) Health() (err error) {
return v.Db.DB().Ping()
}
func (v *View) PrefixAvatarURL() string {
return v.prefixAvatarURL
}

View File

@ -17,7 +17,7 @@ type Profile struct {
Gender Gender
PreferredLoginName string
LoginNames []string
AvatarURL string
AvatarKey string
}
func (p *Profile) IsValid() bool {

View File

@ -18,7 +18,6 @@ type UserSessionView struct {
LoginName string
DisplayName string
AvatarKey string
AvatarURL string
SelectedIDPConfigID string
PasswordVerification time.Time
PasswordlessVerification time.Time

View File

@ -37,7 +37,6 @@ type HumanView struct {
NickName string
DisplayName string
AvatarKey string
AvatarURL string
PreferredLanguage string
Gender Gender
Email string
@ -249,7 +248,7 @@ func (u *UserView) GetProfile() (*Profile, error) {
Gender: u.Gender,
PreferredLoginName: u.PreferredLoginName,
LoginNames: u.LoginNames,
AvatarURL: u.AvatarURL,
AvatarKey: u.AvatarKey,
}, nil
}

View File

@ -139,7 +139,7 @@ func (m *MachineView) IsZero() bool {
return m == nil || m.Name == ""
}
func UserToModel(user *UserView, prefixAvatarURL string) *model.UserView {
func UserToModel(user *UserView) *model.UserView {
userView := &model.UserView{
ID: user.ID,
UserName: user.UserName,
@ -165,7 +165,6 @@ func UserToModel(user *UserView, prefixAvatarURL string) *model.UserView {
NickName: user.NickName,
DisplayName: user.DisplayName,
AvatarKey: user.AvatarKey,
AvatarURL: domain.AvatarURL(prefixAvatarURL, user.ResourceOwner, user.AvatarKey),
PreferredLanguage: user.PreferredLanguage,
Gender: model.Gender(user.Gender),
Email: user.Email,
@ -194,14 +193,6 @@ func UserToModel(user *UserView, prefixAvatarURL string) *model.UserView {
return userView
}
func UsersToModel(users []*UserView, prefixAvatarURL string) []*model.UserView {
result := make([]*model.UserView, len(users))
for i, p := range users {
result[i] = UserToModel(p, prefixAvatarURL)
}
return result
}
func WebauthnTokensToModel(tokens []*WebAuthNView) []*model.WebAuthNView {
if tokens == nil {
return nil

View File

@ -55,7 +55,7 @@ func UserSessionFromEvent(event *models.Event) (*UserSessionView, error) {
return v, nil
}
func UserSessionToModel(userSession *UserSessionView, prefixAvatarURL string) *model.UserSessionView {
func UserSessionToModel(userSession *UserSessionView) *model.UserSessionView {
return &model.UserSessionView{
ChangeDate: userSession.ChangeDate,
CreationDate: userSession.CreationDate,
@ -67,7 +67,6 @@ func UserSessionToModel(userSession *UserSessionView, prefixAvatarURL string) *m
LoginName: userSession.LoginName,
DisplayName: userSession.DisplayName,
AvatarKey: userSession.AvatarKey,
AvatarURL: domain.AvatarURL(prefixAvatarURL, userSession.ResourceOwner, userSession.AvatarKey),
SelectedIDPConfigID: userSession.SelectedIDPConfigID,
PasswordVerification: userSession.PasswordVerification,
PasswordlessVerification: userSession.PasswordlessVerification,
@ -80,10 +79,10 @@ func UserSessionToModel(userSession *UserSessionView, prefixAvatarURL string) *m
}
}
func UserSessionsToModel(userSessions []*UserSessionView, prefixAvatarURL string) []*model.UserSessionView {
func UserSessionsToModel(userSessions []*UserSessionView) []*model.UserSessionView {
result := make([]*model.UserSessionView, len(userSessions))
for i, s := range userSessions {
result[i] = UserSessionToModel(s, prefixAvatarURL)
result[i] = UserSessionToModel(s)
}
return result
}