feat(console): identity providers and login policies (#722)

* idp list, idp create route * idp modules, lazy import, i18n, routing * generic service, i18n * seperate lockout, age policy component * seperate component modules * routing * enum class * login policy * iam policy grid * login policy providers * idps login policy * add idp dialog component * add idp to loginpolicy * delete idp config, iam policy grid * remove idp from loginpolicy * idp detail component, generic idp create * lint * idp detail clientid-secrets, issuer, scopes * hide clientsecret on update * rm background style, idp config * app tooltip fix * lint * dont refresh on idp select * Update console/src/app/modules/idp-create/idp-create.component.html Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com> Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2025-08-22 13:57:51 +00:00 · 2020-09-17 10:22:41 +02:00
parent 845026e43f
commit 58b01cdf3f
96 changed files with 3401 additions and 735 deletions
--- a/console/src/assets/i18n/de.json
+++ b/console/src/assets/i18n/de.json
@@ -260,7 +260,9 @@
            "DEACTIVATED":"User deaktiviert!",
            "SELECTEDREACTIVATED":"Selektierte User reaktiviert!",
            "SELECTEDDEACTIVATED":"Selektierte Benutzer deaktiviert!",
-            "SELECTEDKEYSDELETED":"Selektierte Schlüssel gelöscht!"
+            "SELECTEDKEYSDELETED":"Selektierte Schlüssel gelöscht!",
+            "KEYADDED":"Schlüssel hinzugefügt!",
+            "MACHINEADDED":"Service User erstellt!"
        },
        "MEMBERSHIPS": {
            "TITLE":"Zitadel Manager Rollen",
@@ -395,6 +397,12 @@
                "TITLECREATE":"IAM Zugangseinstellungen festlegen",
                "DESCRIPTIONCREATE":"Emails als Benutzername sind nicht erlaubt wenn UserLoginMustBeDomain gesetzt ist."
            },
+            "LOGIN_POLICY": {
+                "TITLE":"Login Richtlinien",
+                "DESCRIPTION":"Definiere die Loginmethoden für Benutzer",
+                "TITLECREATE":"Definiere die Loginmethoden für Benutzer",
+                "DESCRIPTIONCREATE":"Nutzer können Sich mit den verfügbaren Idps authentifizieren."
+            },
            "BTN_INSTALL":"Installieren",
            "BTN_EDIT":"Modifizieren",
            "DATA": {
@@ -408,7 +416,10 @@
                "MAXATTEMPTS":"Maximale Anzahl an Versuchen",
                "EXPIREWARNDAYS":"Ablauf Warnung nach Tagen",
                "MAXAGEDAYS":"Maximale Gültigkeit in Tagen",
-                "USERLOGINMUSTBEDOMAIN":"User Login must be Domain"
+                "USERLOGINMUSTBEDOMAIN":"User Login must be Domain",
+                "ALLOWUSERNAMEPASSWORD":"Benutzername Password erlaubt",
+                "ALLOWEXTERNALIDP":"Externer IDP erlaubt",
+                "ALLOWREGISTER":"Registrieren erlaubt"
            },
            "DELETE":"Richtlinie entfernen / zurücksetzen"
        },
@@ -612,6 +623,51 @@
            "DELETED":"Projekt gelöscht!"
        }
    },
+    "IDP":{
+        "LIST": {
+            "TITLE":"Identity Providers",
+            "DESCRIPTION":"Definieren Sie hier Ihre zusätzlichen Idps, die sie für die Authentifizierung in Ihren Organisationen verwenden können."
+        },
+        "CREATE": {
+            "TITLE":"Neuer Identity Provider",
+            "DESCRIPTION":"Definieren Sie hier die Zugangsdaten des neuen Identity Providers"
+        },
+        "TYPES": {
+            "0":"unknown",
+            "1":"System",
+            "2":"Organisation"
+        },
+        "STATES":{
+            "0":"aktiv",
+            "1":"inaktiv"
+        },
+        "TYPE":"Typ",
+        "NAME":"Name",
+        "CONFIG":"Konfiguration",
+        "STATE":"Status",
+        "LOGOSRC":"Logo Src",
+        "ISSUER":"Issuer",
+        "SCOPESLIST":"Scopes List",
+        "CLIENTID":"Client ID",
+        "CLIENTSECRET":"Client Secret",
+        "CREATIONDATE":"Erstelldatum",
+        "CHANGEDATE":"Letzte Änderung",
+        "DEACTIVATE":"Deaktivieren",
+        "ACTIVATE":"Aktivieren",
+        "DELETE":"Löschen"
+    },
+    "LOGINPOLICY": {
+        "CREATE": {
+            "TITLE":"Login Policy",
+            "DESCRIPTION":"Definieren Sie hier, mit welchen Idps sich Ihre Benutzer anmelden können."
+        },
+        "IDPS":"Identity Providers",
+        "ADDIDP": {
+            "TITLE":"Identity Provider hinzufügen",
+            "DESCRIPTION":"Sie können vordefinierte oder selbsterstellten Provider auswählen",
+            "SELECTIDPS":"Identity Provider"
+        }
+    },
    "APP": {
        "LIST": "Applications",
        "PAGES": {
--- a/console/src/assets/i18n/en.json
+++ b/console/src/assets/i18n/en.json
@@ -260,7 +260,9 @@
            "DEACTIVATED":"User deactivated",
            "SELECTEDREACTIVATED":"Selected Users reactivated",
            "SELECTEDDEACTIVATED":"Selected Users deactivated",
-            "SELECTEDKEYSDELETED":"Selected Keys deleted!"
+            "SELECTEDKEYSDELETED":"Selected Keys deleted!",
+            "KEYADDED":"Key added!",
+            "MACHINEADDED":"Service User created!"
        },
        "MEMBERSHIPS": {
            "TITLE":"Zitadel Manager Roles",
@@ -395,6 +397,12 @@
                "TITLECREATE":"Set IAM Access preferences",
                "DESCRIPTIONCREATE":"Emails as username is not allowed for enabled UserLoginMustBeDomain"
            },
+            "LOGIN_POLICY": {
+                "TITLE":"Login Policy",
+                "DESCRIPTION":"Define how Users can be authenticated",
+                "TITLECREATE":"Define how Users can be authenticated",
+                "DESCRIPTIONCREATE":"Users can choose from all of the available identity providers."
+            },
            "BTN_INSTALL":"Setup",
            "BTN_EDIT":"Modify",
            "DATA": {
@@ -408,7 +416,10 @@
                "MAXATTEMPTS":"Max Attempts",
                "EXPIREWARNDAYS":"Expiration Warning after day",
                "MAXAGEDAYS":"Max Age in days",
-                "USERLOGINMUSTBEDOMAIN":"User Login must be Domain"
+                "USERLOGINMUSTBEDOMAIN":"User Login must be Domain",
+                "ALLOWUSERNAMEPASSWORD":"Username Password allowed",
+                "ALLOWEXTERNALIDP":"External IDP allowed",
+                "ALLOWREGISTER":"Register allowed"
            },
            "DELETE":"Uninstall / Reset Policy"
        },
@@ -612,6 +623,51 @@
            "DELETED":"Deleted Project!"
        }
    },
+    "IDP":{
+        "LIST": {
+            "TITLE":"Identity Providers",
+            "DESCRIPTION":"Define additional Identity Providers, which can be used to authenticate in your organisations."
+        },
+        "CREATE": {
+            "TITLE":"New Identity Provider",
+            "DESCRIPTION":"Configure the Endpoint of your new service provider."
+        },
+        "TYPES": {
+            "0":"unknown",
+            "1":"System",
+            "2":"Organisation"
+        },
+        "STATES":{
+            "0":"active",
+            "1":"inactive"
+        },
+        "TYPE":"Type",
+        "NAME":"Name",
+        "CONFIG":"Configuration",
+        "STATE":"State",
+        "LOGOSRC":"Logo Src",
+        "ISSUER":"Issuer",
+        "SCOPESLIST":"Scopes List",
+        "CLIENTID":"Client ID",
+        "CLIENTSECRET":"Client Secret",
+        "CREATIONDATE":"Created At",
+        "CHANGEDATE":"Last Modified",
+        "DEACTIVATE":"Deactivate",
+        "ACTIVATE":"Activate",
+        "DELETE":"Delete"
+    },
+    "LOGINPOLICY": {
+        "CREATE": {
+            "TITLE":"Login Policy",
+            "DESCRIPTION":"Define how your users can be authenticated on your organisation."
+        },
+        "IDPS":"Identity Providers",
+        "ADDIDP": {
+            "TITLE":"Add Identity Provider",
+            "DESCRIPTION":"You can select predefined or selfcreated providers for authentication.",
+            "SELECTIDPS":"Identity providers"
+        }
+    },
    "APP": {
        "LIST": "Applications",
        "PAGES": {