fix: return absolute asset urls (#3676)

2025-02-28 19:57:22 +00:00 · 2022-05-20 10:30:12 +02:00 · 2022-05-20 10:30:12 +02:00 · 62c4a4d08d
commit 62c4a4d08d
parent db0e7495e7
16 changed files with 45 additions and 34 deletions
--- a/cmd/admin/start/start.go
+++ b/cmd/admin/start/start.go
@ -164,13 +164,13 @@ func startAPIs(ctx context.Context, router *mux.Router, commands *command.Comman
 	if err := authenticatedAPIs.RegisterServer(ctx, system.CreateServer(commands, queries, adminRepo, config.DefaultInstance)); err != nil {
 		return err
 	}
-	if err := authenticatedAPIs.RegisterServer(ctx, admin.CreateServer(commands, queries, adminRepo, assets.HandlerPrefix, keys.User)); err != nil {
+	if err := authenticatedAPIs.RegisterServer(ctx, admin.CreateServer(commands, queries, adminRepo, config.ExternalSecure, keys.User)); err != nil {
 		return err
 	}
-	if err := authenticatedAPIs.RegisterServer(ctx, management.CreateServer(commands, queries, config.SystemDefaults, assets.HandlerPrefix, keys.User, config.ExternalSecure, oidc.HandlerPrefix, config.AuditLogRetention)); err != nil {
+	if err := authenticatedAPIs.RegisterServer(ctx, management.CreateServer(commands, queries, config.SystemDefaults, keys.User, config.ExternalSecure, oidc.HandlerPrefix, config.AuditLogRetention)); err != nil {
 		return err
 	}
-	if err := authenticatedAPIs.RegisterServer(ctx, auth.CreateServer(commands, queries, authRepo, config.SystemDefaults, assets.HandlerPrefix, keys.User, config.ExternalSecure, config.AuditLogRetention)); err != nil {
+	if err := authenticatedAPIs.RegisterServer(ctx, auth.CreateServer(commands, queries, authRepo, config.SystemDefaults, keys.User, config.ExternalSecure, config.AuditLogRetention)); err != nil {
 		return err
 	}

--- a/internal/api/assets/asset.go
+++ b/internal/api/assets/asset.go
@ -50,6 +50,12 @@ func (h *Handler) Storage() static.Storage {
 	return h.storage
 }

+func AssetAPI(externalSecure bool) func(context.Context) string {
+	return func(ctx context.Context) string {
+		return http_util.BuildOrigin(authz.GetInstance(ctx).RequestedHost(), externalSecure) + HandlerPrefix
+	}
+}
+
 type Uploader interface {
 	UploadAsset(ctx context.Context, info string, asset *command.AssetUpload, commands *command.Commands) error
 	ObjectName(data authz.CtxData) (string, error)
--- a/internal/api/grpc/admin/label_policy.go
+++ b/internal/api/grpc/admin/label_policy.go
@ -13,7 +13,7 @@ func (s *Server) GetLabelPolicy(ctx context.Context, req *admin_pb.GetLabelPolic
 	if err != nil {
 		return nil, err
 	}
-	return &admin_pb.GetLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetsAPIDomain)}, nil
+	return &admin_pb.GetLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetsAPIDomain(ctx))}, nil
 }

 func (s *Server) GetPreviewLabelPolicy(ctx context.Context, req *admin_pb.GetPreviewLabelPolicyRequest) (*admin_pb.GetPreviewLabelPolicyResponse, error) {
@ -21,7 +21,7 @@ func (s *Server) GetPreviewLabelPolicy(ctx context.Context, req *admin_pb.GetPre
 	if err != nil {
 		return nil, err
 	}
-	return &admin_pb.GetPreviewLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetsAPIDomain)}, nil
+	return &admin_pb.GetPreviewLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetsAPIDomain(ctx))}, nil
 }

 func (s *Server) UpdateLabelPolicy(ctx context.Context, req *admin_pb.UpdateLabelPolicyRequest) (*admin_pb.UpdateLabelPolicyResponse, error) {
--- a/internal/api/grpc/admin/server.go
+++ b/internal/api/grpc/admin/server.go
@ -1,10 +1,13 @@
 package admin

 import (
+	"context"
+
 	"google.golang.org/grpc"

 	"github.com/zitadel/zitadel/internal/admin/repository"
 	"github.com/zitadel/zitadel/internal/admin/repository/eventsourcing"
+	"github.com/zitadel/zitadel/internal/api/assets"
 	"github.com/zitadel/zitadel/internal/api/authz"
 	"github.com/zitadel/zitadel/internal/api/grpc/server"
 	"github.com/zitadel/zitadel/internal/command"
@ -24,7 +27,7 @@ type Server struct {
 	command         *command.Commands
 	query           *query.Queries
 	administrator   repository.AdministratorRepository
-	assetsAPIDomain string
+	assetsAPIDomain func(context.Context) string
 	userCodeAlg     crypto.EncryptionAlgorithm
 }

@ -35,14 +38,14 @@ type Config struct {
 func CreateServer(command *command.Commands,
 	query *query.Queries,
 	repo repository.Repository,
-	assetsAPIDomain string,
+	externalSecure bool,
 	userCodeAlg crypto.EncryptionAlgorithm,
 ) *Server {
 	return &Server{
 		command:         command,
 		query:           query,
 		administrator:   repo,
-		assetsAPIDomain: assetsAPIDomain,
+		assetsAPIDomain: assets.AssetAPI(externalSecure),
 		userCodeAlg:     userCodeAlg,
 	}
 }
--- a/internal/api/grpc/auth/profile.go
+++ b/internal/api/grpc/auth/profile.go
@ -15,7 +15,7 @@ func (s *Server) GetMyProfile(ctx context.Context, req *auth_pb.GetMyProfileRequ
 		return nil, err
 	}
 	return &auth_pb.GetMyProfileResponse{
-		Profile: user_grpc.ProfileToPb(profile, s.assetsAPIDomain),
+		Profile: user_grpc.ProfileToPb(profile, s.assetsAPIDomain(ctx)),
 		Details: object_grpc.ToViewDetailsPb(
 			profile.Sequence,
 			profile.CreationDate,
--- a/internal/api/grpc/auth/server.go
+++ b/internal/api/grpc/auth/server.go
@ -1,10 +1,12 @@
 package auth

 import (
+	"context"
 	"time"

 	"google.golang.org/grpc"

+	"github.com/zitadel/zitadel/internal/api/assets"
 	"github.com/zitadel/zitadel/internal/api/authz"
 	"github.com/zitadel/zitadel/internal/api/grpc/server"
 	"github.com/zitadel/zitadel/internal/auth/repository"
@ -28,7 +30,7 @@ type Server struct {
 	query             *query.Queries
 	repo              repository.Repository
 	defaults          systemdefaults.SystemDefaults
-	assetsAPIDomain   string
+	assetsAPIDomain   func(context.Context) string
 	userCodeAlg       crypto.EncryptionAlgorithm
 	externalSecure    bool
 	auditLogRetention time.Duration
@ -42,7 +44,6 @@ func CreateServer(command *command.Commands,
 	query *query.Queries,
 	authRepo repository.Repository,
 	defaults systemdefaults.SystemDefaults,
-	assetsAPIDomain string,
 	userCodeAlg crypto.EncryptionAlgorithm,
 	externalSecure bool,
 	auditLogRetention time.Duration,
@ -52,7 +53,7 @@ func CreateServer(command *command.Commands,
 		query:             query,
 		repo:              authRepo,
 		defaults:          defaults,
-		assetsAPIDomain:   assetsAPIDomain,
+		assetsAPIDomain:   assets.AssetAPI(externalSecure),
 		userCodeAlg:       userCodeAlg,
 		externalSecure:    externalSecure,
 		auditLogRetention: auditLogRetention,
--- a/internal/api/grpc/auth/user.go
+++ b/internal/api/grpc/auth/user.go
@ -20,7 +20,7 @@ func (s *Server) GetMyUser(ctx context.Context, _ *auth_pb.GetMyUserRequest) (*a
 	if err != nil {
 		return nil, err
 	}
-	return &auth_pb.GetMyUserResponse{User: user_grpc.UserToPb(user, s.assetsAPIDomain)}, nil
+	return &auth_pb.GetMyUserResponse{User: user_grpc.UserToPb(user, s.assetsAPIDomain(ctx))}, nil
 }

 func (s *Server) RemoveMyUser(ctx context.Context, _ *auth_pb.RemoveMyUserRequest) (*auth_pb.RemoveMyUserResponse, error) {
@ -61,7 +61,7 @@ func (s *Server) ListMyUserChanges(ctx context.Context, req *auth_pb.ListMyUserC
 		return nil, err
 	}
 	return &auth_pb.ListMyUserChangesResponse{
-		Result: change.ChangesToPb(changes.Changes, s.assetsAPIDomain),
+		Result: change.ChangesToPb(changes.Changes, s.assetsAPIDomain(ctx)),
 	}, nil
 }

--- a/internal/api/grpc/management/org.go
+++ b/internal/api/grpc/management/org.go
@ -39,7 +39,7 @@ func (s *Server) ListOrgChanges(ctx context.Context, req *mgmt_pb.ListOrgChanges
 		return nil, err
 	}
 	return &mgmt_pb.ListOrgChangesResponse{
-		Result: change_grpc.ChangesToPb(response.Changes, s.assetAPIPrefix),
+		Result: change_grpc.ChangesToPb(response.Changes, s.assetAPIPrefix(ctx)),
 	}, nil
 }

@ -233,7 +233,7 @@ func (s *Server) ListOrgMembers(ctx context.Context, req *mgmt_pb.ListOrgMembers
 		return nil, err
 	}
 	return &mgmt_pb.ListOrgMembersResponse{
-		Result: member_grpc.MembersToPb(s.assetAPIPrefix, members.Members),
+		Result: member_grpc.MembersToPb(s.assetAPIPrefix(ctx), members.Members),
 		Details: object.ToListDetails(
 			members.Count,
 			members.Sequence,
--- a/internal/api/grpc/management/policy_label.go
+++ b/internal/api/grpc/management/policy_label.go
@ -14,7 +14,7 @@ func (s *Server) GetLabelPolicy(ctx context.Context, req *mgmt_pb.GetLabelPolicy
 	if err != nil {
 		return nil, err
 	}
-	return &mgmt_pb.GetLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetAPIPrefix), IsDefault: policy.IsDefault}, nil
+	return &mgmt_pb.GetLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetAPIPrefix(ctx)), IsDefault: policy.IsDefault}, nil
 }

 func (s *Server) GetPreviewLabelPolicy(ctx context.Context, req *mgmt_pb.GetPreviewLabelPolicyRequest) (*mgmt_pb.GetPreviewLabelPolicyResponse, error) {
@ -22,7 +22,7 @@ func (s *Server) GetPreviewLabelPolicy(ctx context.Context, req *mgmt_pb.GetPrev
 	if err != nil {
 		return nil, err
 	}
-	return &mgmt_pb.GetPreviewLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetAPIPrefix), IsDefault: policy.IsDefault}, nil
+	return &mgmt_pb.GetPreviewLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetAPIPrefix(ctx)), IsDefault: policy.IsDefault}, nil
 }

 func (s *Server) GetDefaultLabelPolicy(ctx context.Context, req *mgmt_pb.GetDefaultLabelPolicyRequest) (*mgmt_pb.GetDefaultLabelPolicyResponse, error) {
@ -30,7 +30,7 @@ func (s *Server) GetDefaultLabelPolicy(ctx context.Context, req *mgmt_pb.GetDefa
 	if err != nil {
 		return nil, err
 	}
-	return &mgmt_pb.GetDefaultLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetAPIPrefix)}, nil
+	return &mgmt_pb.GetDefaultLabelPolicyResponse{Policy: policy_grpc.ModelLabelPolicyToPb(policy, s.assetAPIPrefix(ctx))}, nil
 }

 func (s *Server) AddCustomLabelPolicy(ctx context.Context, req *mgmt_pb.AddCustomLabelPolicyRequest) (*mgmt_pb.AddCustomLabelPolicyResponse, error) {
--- a/internal/api/grpc/management/project.go
+++ b/internal/api/grpc/management/project.go
@ -116,7 +116,7 @@ func (s *Server) ListProjectChanges(ctx context.Context, req *mgmt_pb.ListProjec
 		return nil, err
 	}
 	return &mgmt_pb.ListProjectChangesResponse{
-		Result: change_grpc.ChangesToPb(res.Changes, s.assetAPIPrefix),
+		Result: change_grpc.ChangesToPb(res.Changes, s.assetAPIPrefix(ctx)),
 	}, nil
 }

@ -302,7 +302,7 @@ func (s *Server) ListProjectMembers(ctx context.Context, req *mgmt_pb.ListProjec
 		return nil, err
 	}
 	return &mgmt_pb.ListProjectMembersResponse{
-		Result: member_grpc.MembersToPb(s.assetAPIPrefix, members.Members),
+		Result: member_grpc.MembersToPb(s.assetAPIPrefix(ctx), members.Members),
 		Details: object_grpc.ToListDetails(
 			members.Count,
 			members.Sequence,
--- a/internal/api/grpc/management/project_application.go
+++ b/internal/api/grpc/management/project_application.go
@ -49,7 +49,7 @@ func (s *Server) ListAppChanges(ctx context.Context, req *mgmt_pb.ListAppChanges
 		return nil, err
 	}
 	return &mgmt_pb.ListAppChangesResponse{
-		Result: change_grpc.ChangesToPb(res.Changes, s.assetAPIPrefix),
+		Result: change_grpc.ChangesToPb(res.Changes, s.assetAPIPrefix(ctx)),
 	}, nil
 }

--- a/internal/api/grpc/management/project_grant.go
+++ b/internal/api/grpc/management/project_grant.go
@ -177,7 +177,7 @@ func (s *Server) ListProjectGrantMembers(ctx context.Context, req *mgmt_pb.ListP
 		return nil, err
 	}
 	return &mgmt_pb.ListProjectGrantMembersResponse{
-		Result: member_grpc.MembersToPb(s.assetAPIPrefix, response.Members),
+		Result: member_grpc.MembersToPb(s.assetAPIPrefix(ctx), response.Members),
 		Details: object_grpc.ToListDetails(
 			response.Count,
 			response.Sequence,
--- a/internal/api/grpc/management/server.go
+++ b/internal/api/grpc/management/server.go
@ -1,10 +1,12 @@
 package management

 import (
+	"context"
 	"time"

 	"google.golang.org/grpc"

+	"github.com/zitadel/zitadel/internal/api/assets"
 	"github.com/zitadel/zitadel/internal/api/authz"
 	"github.com/zitadel/zitadel/internal/api/grpc/server"
 	"github.com/zitadel/zitadel/internal/command"
@ -25,7 +27,7 @@ type Server struct {
 	command           *command.Commands
 	query             *query.Queries
 	systemDefaults    systemdefaults.SystemDefaults
-	assetAPIPrefix    string
+	assetAPIPrefix    func(context.Context) string
 	passwordHashAlg   crypto.HashAlgorithm
 	userCodeAlg       crypto.EncryptionAlgorithm
 	externalSecure    bool
@ -37,7 +39,6 @@ func CreateServer(
 	command *command.Commands,
 	query *query.Queries,
 	sd systemdefaults.SystemDefaults,
-	assetAPIPrefix string,
 	userCodeAlg crypto.EncryptionAlgorithm,
 	externalSecure bool,
 	issuerPath string,
@ -47,7 +48,7 @@ func CreateServer(
 		command:           command,
 		query:             query,
 		systemDefaults:    sd,
-		assetAPIPrefix:    assetAPIPrefix,
+		assetAPIPrefix:    assets.AssetAPI(externalSecure),
 		passwordHashAlg:   crypto.NewBCrypt(sd.SecretGenerators.PasswordSaltCost),
 		userCodeAlg:       userCodeAlg,
 		externalSecure:    externalSecure,
--- a/internal/api/grpc/management/user.go
+++ b/internal/api/grpc/management/user.go
@ -35,7 +35,7 @@ func (s *Server) GetUserByID(ctx context.Context, req *mgmt_pb.GetUserByIDReques
 		return nil, err
 	}
 	return &mgmt_pb.GetUserByIDResponse{
-		User: user_grpc.UserToPb(user, s.assetAPIPrefix),
+		User: user_grpc.UserToPb(user, s.assetAPIPrefix(ctx)),
 	}, nil
 }

@ -49,7 +49,7 @@ func (s *Server) GetUserByLoginNameGlobal(ctx context.Context, req *mgmt_pb.GetU
 		return nil, err
 	}
 	return &mgmt_pb.GetUserByLoginNameGlobalResponse{
-		User: user_grpc.UserToPb(user, s.assetAPIPrefix),
+		User: user_grpc.UserToPb(user, s.assetAPIPrefix(ctx)),
 	}, nil
 }

@ -68,7 +68,7 @@ func (s *Server) ListUsers(ctx context.Context, req *mgmt_pb.ListUsersRequest) (
 		return nil, err
 	}
 	return &mgmt_pb.ListUsersResponse{
-		Result: user_grpc.UsersToPb(res.Users, s.assetAPIPrefix),
+		Result: user_grpc.UsersToPb(res.Users, s.assetAPIPrefix(ctx)),
 		Details: obj_grpc.ToListDetails(
 			res.Count,
 			res.Sequence,
@ -84,7 +84,7 @@ func (s *Server) ListUserChanges(ctx context.Context, req *mgmt_pb.ListUserChang
 		return nil, err
 	}
 	return &mgmt_pb.ListUserChangesResponse{
-		Result: change_grpc.ChangesToPb(res.Changes, s.assetAPIPrefix),
+		Result: change_grpc.ChangesToPb(res.Changes, s.assetAPIPrefix(ctx)),
 	}, nil
 }

@ -383,7 +383,7 @@ func (s *Server) GetHumanProfile(ctx context.Context, req *mgmt_pb.GetHumanProfi
 		return nil, err
 	}
 	return &mgmt_pb.GetHumanProfileResponse{
-		Profile: user_grpc.ProfileToPb(profile, s.assetAPIPrefix),
+		Profile: user_grpc.ProfileToPb(profile, s.assetAPIPrefix(ctx)),
 		Details: obj_grpc.ToViewDetailsPb(
 			profile.Sequence,
 			profile.CreationDate,
--- a/internal/api/grpc/management/user_grant.go
+++ b/internal/api/grpc/management/user_grant.go
@ -24,7 +24,7 @@ func (s *Server) GetUserGrantByID(ctx context.Context, req *mgmt_pb.GetUserGrant
 		return nil, err
 	}
 	return &mgmt_pb.GetUserGrantByIDResponse{
-		UserGrant: user.UserGrantToPb(s.assetAPIPrefix, grant),
+		UserGrant: user.UserGrantToPb(s.assetAPIPrefix(ctx), grant),
 	}, nil
 }

@ -38,7 +38,7 @@ func (s *Server) ListUserGrants(ctx context.Context, req *mgmt_pb.ListUserGrantR
 		return nil, err
 	}
 	return &mgmt_pb.ListUserGrantResponse{
-		Result: user.UserGrantsToPb(s.assetAPIPrefix, res.UserGrants),
+		Result: user.UserGrantsToPb(s.assetAPIPrefix(ctx), res.UserGrants),
 		Details: obj_grpc.ToListDetails(
 			res.Count,
 			res.Sequence,
--- a/internal/domain/asset.go
+++ b/internal/domain/asset.go
@ -42,5 +42,5 @@ func AssetURL(prefix, resourceOwner, key string) string {
 	if prefix == "" || resourceOwner == "" || key == "" {
 		return ""
 	}
-	return prefix + resourceOwner + "/" + key
+	return prefix + "/" + resourceOwner + "/" + key
 }