diff --git a/internal/command/instance.go b/internal/command/instance.go index 2f172450bb..4004aac31e 100644 --- a/internal/command/instance.go +++ b/internal/command/instance.go @@ -325,9 +325,11 @@ func (c *Commands) SetUpInstance(ctx context.Context, setup *InstanceSetup) (str AddOIDCAppCommand(console, nil), SetIAMConsoleID(instanceAgg, &console.ClientID, &setup.zitadel.consoleAppID), ) - validations = append(validations, - c.addGeneratedInstanceDomain(ctx, instanceAgg, setup.InstanceName)..., - ) + addGenerateddDomain, err := c.addGeneratedInstanceDomain(ctx, instanceAgg, setup.InstanceName) + if err != nil { + return "", nil, err + } + validations = append(validations, addGenerateddDomain...) if setup.CustomDomain != "" { validations = append(validations, c.addInstanceDomain(instanceAgg, setup.CustomDomain, false), diff --git a/internal/command/instance_domain.go b/internal/command/instance_domain.go index 061ed15917..80fd2e53cd 100644 --- a/internal/command/instance_domain.go +++ b/internal/command/instance_domain.go @@ -68,12 +68,15 @@ func (c *Commands) RemoveInstanceDomain(ctx context.Context, instanceDomain stri }, nil } -func (c *Commands) addGeneratedInstanceDomain(ctx context.Context, a *instance.Aggregate, instanceName string) []preparation.Validation { - domain := domain.NewGeneratedInstanceDomain(instanceName, authz.GetInstance(ctx).RequestedDomain()) +func (c *Commands) addGeneratedInstanceDomain(ctx context.Context, a *instance.Aggregate, instanceName string) ([]preparation.Validation, error) { + domain, err := domain.NewGeneratedInstanceDomain(instanceName, authz.GetInstance(ctx).RequestedDomain()) + if err != nil { + return nil, err + } return []preparation.Validation{ c.addInstanceDomain(a, domain, true), setPrimaryInstanceDomain(a, domain), - } + }, nil } func (c *Commands) addInstanceDomain(a *instance.Aggregate, instanceDomain string, generated bool) preparation.Validation { diff --git a/internal/crypto/code.go b/internal/crypto/code.go index 9f7122f0ab..8901b8e27e 100644 --- a/internal/crypto/code.go +++ b/internal/crypto/code.go @@ -102,7 +102,7 @@ func newGenerator(config GeneratorConfig) generator { } func NewCode(g Generator) (*CryptoValue, string, error) { - code, err := generateRandomString(g.Length(), g.Runes()) + code, err := GenerateRandomString(g.Length(), g.Runes()) if err != nil { return nil, "", err } @@ -133,7 +133,7 @@ func VerifyCode(creationDate time.Time, expiry time.Duration, cryptoCode *Crypto return errors.ThrowInvalidArgument(nil, "CODE-fW2gNa", "Errors.User.Code.GeneratorAlgNotSupported") } -func generateRandomString(length uint, chars []rune) (string, error) { +func GenerateRandomString(length uint, chars []rune) (string, error) { if length == 0 { return "", nil } diff --git a/internal/domain/instance_domain.go b/internal/domain/instance_domain.go index 14ecbce5f0..c58a96e5d5 100644 --- a/internal/domain/instance_domain.go +++ b/internal/domain/instance_domain.go @@ -2,6 +2,12 @@ package domain import ( "strings" + + "github.com/zitadel/zitadel/internal/crypto" +) + +var ( + domainRunes = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789") ) type InstanceDomainState int32 @@ -22,8 +28,11 @@ func (f InstanceDomainState) Exists() bool { return f == InstanceDomainStateActive } -func NewGeneratedInstanceDomain(instanceName, iamDomain string) string { - //TODO: Add random number/string to be unique +func NewGeneratedInstanceDomain(instanceName, iamDomain string) (string, error) { + randomString, err := crypto.GenerateRandomString(6, domainRunes) + if err != nil { + return "", err + } instanceName = strings.TrimSpace(instanceName) - return strings.ToLower(strings.ReplaceAll(instanceName, " ", "-") + "." + iamDomain) + return strings.ToLower(strings.ReplaceAll(instanceName, " ", "-") + "-" + randomString + "." + iamDomain), nil }