feat(actions): add token customization flow and extend functionally with modules (#4337)

* fix: potential memory leak

* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls

* add query call

* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects

* fix(translations): add action translations

* use `domain.FlowType`

* localizers

* localization

* trigger types

* options on `query.Action`

* add functions for actions

* feat: management api: add list flow and trigger  (#4352)

* console changes

* cleanup

* fix: wrong localization

Co-authored-by: Max Peintner <max@caos.ch>

* id token works

* check if claims not nil

* feat(actions): metadata api

* refactor(actions): modules

* fix: allow prerelease

* fix: test

* feat(actions): deny list for http hosts

* feat(actions): deny list for http hosts

* refactor: actions

* fix: different error ids

* fix: rename statusCode to status

* Actions objects as options (#4418)

* fix: rename statusCode to status

* fix(actions): objects as options

* fix(actions): objects as options

* fix(actions): set fields

* add http client to old actions

* fix(actions): add log module

* fix(actions): add user to context where possible

* fix(actions): add user to ctx in external authorization/pre creation

* fix(actions): query correct flow in claims

* test: actions

* fix(id-generator): panic if no machine id

* tests

* maybe this?

* fix linting

* refactor: improve code

* fix: metadata and usergrant usage in actions

* fix: appendUserGrant

* fix: allowedToFail and timeout in action execution

* fix: allowed to fail in token complement flow

* docs: add action log claim

* Update defaults.yaml

* fix log claim

* remove prerelease build

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>

internal/api/grpc/action/action.go

@@ -7,30 +7,66 @@ import (
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/query"
 	action_pb "github.com/zitadel/zitadel/pkg/grpc/action"
+	message_pb "github.com/zitadel/zitadel/pkg/grpc/message"
 )
 
-func FlowTypeToDomain(flowType action_pb.FlowType) domain.FlowType {
+// for backward compatability: old enum identifiers are mapped as well
+func FlowTypeToDomain(flowType string) domain.FlowType {
 	switch flowType {
-	case action_pb.FlowType_FLOW_TYPE_EXTERNAL_AUTHENTICATION:
+	case "FLOW_TYPE_EXTERNAL_AUTHENTICATION", domain.FlowTypeExternalAuthentication.ID():
 		return domain.FlowTypeExternalAuthentication
+	case domain.FlowTypeCustomiseToken.ID():
+		return domain.FlowTypeCustomiseToken
 	default:
 		return domain.FlowTypeUnspecified
 	}
 }
 
-func TriggerTypeToDomain(triggerType action_pb.TriggerType) domain.TriggerType {
+func FlowTypeToPb(typ domain.FlowType) *action_pb.FlowType {
+	return &action_pb.FlowType{
+		Id: typ.ID(),
+		Name: &message_pb.LocalizedMessage{
+			Key: typ.LocalizationKey(),
+		},
+	}
+}
+
+// TriggerTypeToDomain maps the pb type to domain
+// for backward compatability: old enum identifiers are mapped as well
+func TriggerTypeToDomain(triggerType string) domain.TriggerType {
 	switch triggerType {
-	case action_pb.TriggerType_TRIGGER_TYPE_POST_AUTHENTICATION:
+	case "TRIGGER_TYPE_POST_AUTHENTICATION", domain.TriggerTypePostAuthentication.ID():
 		return domain.TriggerTypePostAuthentication
-	case action_pb.TriggerType_TRIGGER_TYPE_PRE_CREATION:
+	case "TRIGGER_TYPE_PRE_CREATION", domain.TriggerTypePreCreation.ID():
 		return domain.TriggerTypePreCreation
-	case action_pb.TriggerType_TRIGGER_TYPE_POST_CREATION:
+	case "TRIGGER_TYPE_POST_CREATION", domain.TriggerTypePostCreation.ID():
 		return domain.TriggerTypePostCreation
+	case domain.TriggerTypePreAccessTokenCreation.ID():
+		return domain.TriggerTypePreAccessTokenCreation
+	case domain.TriggerTypePreUserinfoCreation.ID():
+		return domain.TriggerTypePreUserinfoCreation
 	default:
 		return domain.TriggerTypeUnspecified
 	}
 }
 
+func TriggerTypesToPb(types []domain.TriggerType) []*action_pb.TriggerType {
+	list := make([]*action_pb.TriggerType, len(types))
+	for i, typ := range types {
+		list[i] = TriggerTypeToPb(typ)
+	}
+	return list
+}
+
+func TriggerTypeToPb(typ domain.TriggerType) *action_pb.TriggerType {
+	return &action_pb.TriggerType{
+		Id: typ.ID(),
+		Name: &message_pb.LocalizedMessage{
+			Key: typ.LocalizationKey(),
+		},
+	}
+}
+
 func FlowToPb(flow *query.Flow) *action_pb.Flow {
 	return &action_pb.Flow{
 		Type:           FlowTypeToPb(flow.Type),
@@ -47,28 +83,6 @@ func TriggerActionToPb(trigger domain.TriggerType, actions []*query.Action) *act
 	}
 }
 
-func FlowTypeToPb(flowType domain.FlowType) action_pb.FlowType {
-	switch flowType {
-	case domain.FlowTypeExternalAuthentication:
-		return action_pb.FlowType_FLOW_TYPE_EXTERNAL_AUTHENTICATION
-	default:
-		return action_pb.FlowType_FLOW_TYPE_UNSPECIFIED
-	}
-}
-
-func TriggerTypeToPb(triggerType domain.TriggerType) action_pb.TriggerType {
-	switch triggerType {
-	case domain.TriggerTypePostAuthentication:
-		return action_pb.TriggerType_TRIGGER_TYPE_POST_AUTHENTICATION
-	case domain.TriggerTypePreCreation:
-		return action_pb.TriggerType_TRIGGER_TYPE_PRE_CREATION
-	case domain.TriggerTypePostCreation:
-		return action_pb.TriggerType_TRIGGER_TYPE_POST_CREATION
-	default:
-		return action_pb.TriggerType_TRIGGER_TYPE_UNSPECIFIED
-	}
-}
-
 func TriggerActionsToPb(triggers map[domain.TriggerType][]*query.Action) []*action_pb.TriggerAction {
 	list := make([]*action_pb.TriggerAction, 0)
 	for trigger, actions := range triggers {
@@ -92,7 +106,7 @@ func ActionToPb(action *query.Action) *action_pb.Action {
 		State:         ActionStateToPb(action.State),
 		Name:          action.Name,
 		Script:        action.Script,
-		Timeout:       durationpb.New(action.Timeout),
+		Timeout:       durationpb.New(action.Timeout()),
 		AllowedToFail: action.AllowedToFail,
 	}
 }