feat: add user metadata scope and claim (#2268)

* feat: add user metadata scope and claime

* docs: scope

* docs: metadata base 64 encoded

* docs: metadata base 64 encoded

* docs: metadata base 64 encoded

internal/auth/repository/eventsourcing/eventstore/user.go

@@ -307,16 +307,27 @@ func (repo *UserRepo) GetMyMetadataByKey(ctx context.Context, key string) (*doma
 	return iam_model.MetadataViewToDomain(data), nil
 }
 
+func (repo *UserRepo) SearchUserMetadata(ctx context.Context, userID string) (*domain.MetadataSearchResponse, error) {
+	req := new(domain.MetadataSearchRequest)
+	return repo.searchUserMetadata(userID, "", req)
+}
+
 func (repo *UserRepo) SearchMyMetadata(ctx context.Context, req *domain.MetadataSearchRequest) (*domain.MetadataSearchResponse, error) {
 	ctxData := authz.GetCtxData(ctx)
 	err := req.EnsureLimit(repo.SearchLimit)
 	if err != nil {
 		return nil, err
 	}
+	return repo.searchUserMetadata(ctxData.UserID, ctxData.ResourceOwner, req)
+}
+
+func (repo *UserRepo) searchUserMetadata(userID, resourceOwner string, req *domain.MetadataSearchRequest) (*domain.MetadataSearchResponse, error) {
 	sequence, sequenceErr := repo.View.GetLatestUserSequence()
 	logging.Log("EVENT-N9fsd").OnError(sequenceErr).Warn("could not read latest user sequence")
-	req.AppendAggregateIDQuery(ctxData.UserID)
-	req.AppendResourceOwnerQuery(ctxData.ResourceOwner)
+	req.AppendAggregateIDQuery(userID)
+	if resourceOwner != "" {
+		req.AppendResourceOwnerQuery(resourceOwner)
+	}
 	metadata, count, err := repo.View.SearchMetadata(req)
 	if err != nil {
 		return nil, err

internal/auth/repository/user.go

@@ -21,6 +21,8 @@ type UserRepository interface {
 	MachineKeyByID(ctx context.Context, keyID string) (*key_model.AuthNKeyView, error)
 
 	SearchUsers(ctx context.Context, request *model.UserSearchRequest) (*model.UserSearchResponse, error)
+
+	SearchUserMetadata(ctx context.Context, userID string) (*domain.MetadataSearchResponse, error)
 }
 
 type myUserRepo interface {