Merge remote-tracking branch 'origin/master' into new-eventstore

2025-08-12 01:37:31 +00:00 · 2020-11-23 11:40:50 +01:00
parent 4aadd290f4 855725c3c0
commit 6431fd2ec5
61 changed files with 449 additions and 982 deletions
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request.go
@@ -112,7 +112,7 @@ func (repo *AuthRequestRepo) CreateAuthRequest(ctx context.Context, request *mod
 	request.AppendAudIfNotExisting(app.ProjectID)
 	if request.LoginHint != "" {
 		err = repo.checkLoginName(ctx, request, request.LoginHint)
-		logging.LogWithFields("EVENT-aG311", "login name", request.LoginHint, "id", request.ID, "applicationID", request.ApplicationID).OnError(err).Debug("login hint invalid")
+		logging.LogWithFields("EVENT-aG311", "login name", request.LoginHint, "id", request.ID, "applicationID", request.ApplicationID, "traceID", tracing.TraceIDFromCtx(ctx)).OnError(err).Debug("login hint invalid")
 	}
 	err = repo.AuthRequests.SaveAuthRequest(ctx, request)
 	if err != nil {
@@ -547,7 +547,11 @@ func (repo *AuthRequestRepo) nextSteps(ctx context.Context, request *model.AuthR

 	if (request.SelectedIDPConfigID != "" || userSession.SelectedIDPConfigID != "") && (request.LinkingUsers == nil || len(request.LinkingUsers) == 0) {
 		if !checkVerificationTime(userSession.ExternalLoginVerification, repo.ExternalLoginCheckLifeTime) {
-			return append(steps, &model.ExternalLoginStep{}), nil
+			selectedIDPConfigID := request.SelectedIDPConfigID
+			if selectedIDPConfigID == "" {
+				selectedIDPConfigID = userSession.SelectedIDPConfigID
+			}
+			return append(steps, &model.ExternalLoginStep{SelectedIDPConfigID: selectedIDPConfigID}), nil
 		}
 	} else if (request.SelectedIDPConfigID == "" && userSession.SelectedIDPConfigID == "") || (request.SelectedIDPConfigID != "" && request.LinkingUsers != nil && len(request.LinkingUsers) > 0) {
 		if user.InitRequired {
@@ -723,7 +727,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
 	}
 	events, err := eventProvider.UserEventsByID(ctx, user.ID, session.Sequence)
 	if err != nil {
-		logging.Log("EVENT-Hse6s").WithError(err).Debug("error retrieving new events")
+		logging.Log("EVENT-Hse6s").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
 		return user_view_model.UserSessionToModel(session), nil
 	}
 	sessionCopy := *session
@@ -744,7 +748,7 @@ func userSessionByIDs(ctx context.Context, provider userSessionViewProvider, eve
 			es_model.HumanSignedOut:
 			eventData, err := user_view_model.UserSessionFromEvent(event)
 			if err != nil {
-				logging.Log("EVENT-sdgT3").WithError(err).Debug("error getting event data")
+				logging.Log("EVENT-sdgT3").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error getting event data")
 				return user_view_model.UserSessionToModel(session), nil
 			}
 			if eventData.UserAgentID != agentID {
@@ -793,7 +797,7 @@ func userByID(ctx context.Context, viewProvider userViewProvider, eventProvider
 	}
 	events, err := eventProvider.UserEventsByID(ctx, userID, user.Sequence)
 	if err != nil {
-		logging.Log("EVENT-dfg42").WithError(err).Debug("error retrieving new events")
+		logging.Log("EVENT-dfg42").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
 		return user_view_model.UserToModel(user), nil
 	}
 	if len(events) == 0 {
--- a/internal/auth/repository/eventsourcing/eventstore/auth_request_test.go
+++ b/internal/auth/repository/eventsourcing/eventstore/auth_request_test.go
@@ -3,11 +3,12 @@ package eventstore
 import (
 	"context"
 	"encoding/json"
-	iam_model "github.com/caos/zitadel/internal/iam/model"
-	iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
 	"testing"
 	"time"

+	iam_model "github.com/caos/zitadel/internal/iam/model"
+	iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
+
 	"github.com/stretchr/testify/assert"

 	"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
@@ -439,7 +440,7 @@ func TestAuthRequestRepo_nextSteps(t *testing.T) {
 				SecondFactorCheckLifeTime: 18 * time.Hour,
 			},
 			args{&model.AuthRequest{UserID: "UserID", SelectedIDPConfigID: "IDPConfigID"}, false},
-			[]model.NextStep{&model.ExternalLoginStep{}},
+			[]model.NextStep{&model.ExternalLoginStep{SelectedIDPConfigID: "IDPConfigID"}},
 			nil,
 		},
 		{
@@ -1296,7 +1297,6 @@ func Test_userSessionByIDs(t *testing.T) {

 func Test_userByID(t *testing.T) {
 	type args struct {
-		ctx           context.Context
 		viewProvider  userViewProvider
 		eventProvider userEventProvider
 		userID        string
@@ -1394,7 +1394,7 @@ func Test_userByID(t *testing.T) {
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
-			got, err := userByID(tt.args.ctx, tt.args.viewProvider, tt.args.eventProvider, tt.args.userID)
+			got, err := userByID(context.Background(), tt.args.viewProvider, tt.args.eventProvider, tt.args.userID)
 			if (err != nil && tt.wantErr == nil) || (tt.wantErr != nil && !tt.wantErr(err)) {
 				t.Errorf("nextSteps() wrong error = %v", err)
 				return
--- a/internal/auth/repository/eventsourcing/eventstore/org.go
+++ b/internal/auth/repository/eventsourcing/eventstore/org.go
@@ -2,12 +2,14 @@ package eventstore

 import (
 	"context"
+
 	"github.com/caos/logging"
 	"github.com/caos/zitadel/internal/api/authz"
 	"github.com/caos/zitadel/internal/config/systemdefaults"
 	"github.com/caos/zitadel/internal/errors"
 	iam_model "github.com/caos/zitadel/internal/iam/model"
 	iam_view_model "github.com/caos/zitadel/internal/iam/repository/view/model"
+	"github.com/caos/zitadel/internal/tracing"

 	auth_model "github.com/caos/zitadel/internal/auth/model"
 	auth_view "github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
@@ -35,7 +37,7 @@ type OrgRepository struct {
 func (repo *OrgRepository) SearchOrgs(ctx context.Context, request *org_model.OrgSearchRequest) (*org_model.OrgSearchResult, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, err := repo.View.GetLatestOrgSequence()
-	logging.Log("EVENT-7Udhz").OnError(err).Warn("could not read latest org sequence")
+	logging.Log("EVENT-7Udhz").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest org sequence")
 	members, count, err := repo.View.SearchOrgs(request)
 	if err != nil {
 		return nil, err
--- a/internal/auth/repository/eventsourcing/eventstore/token.go
+++ b/internal/auth/repository/eventsourcing/eventstore/token.go
@@ -2,17 +2,18 @@ package eventstore

 import (
 	"context"
-	"github.com/caos/logging"
-	auth_req_model "github.com/caos/zitadel/internal/auth_request/model"
-	"github.com/caos/zitadel/internal/errors"
-	"github.com/caos/zitadel/internal/eventstore/models"
-	usr_model "github.com/caos/zitadel/internal/user/model"
-	user_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
-	"github.com/caos/zitadel/internal/user/repository/view/model"
 	"strings"
 	"time"

+	"github.com/caos/logging"
 	"github.com/caos/zitadel/internal/auth/repository/eventsourcing/view"
+	auth_req_model "github.com/caos/zitadel/internal/auth_request/model"
+	"github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	"github.com/caos/zitadel/internal/tracing"
+	usr_model "github.com/caos/zitadel/internal/user/model"
+	user_event "github.com/caos/zitadel/internal/user/repository/eventsourcing"
+	"github.com/caos/zitadel/internal/user/repository/view/model"
 )

 type TokenRepo struct {
@@ -76,7 +77,7 @@ func (repo *TokenRepo) TokenByID(ctx context.Context, userID, tokenID string) (*
 	}

 	if esErr != nil {
-		logging.Log("EVENT-5Nm9s").WithError(viewErr).Debug("error retrieving new events")
+		logging.Log("EVENT-5Nm9s").WithError(viewErr).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
 		return model.TokenViewToModel(token), nil
 	}
 	viewToken := *token
--- a/internal/auth/repository/eventsourcing/eventstore/user.go
+++ b/internal/auth/repository/eventsourcing/eventstore/user.go
@@ -110,7 +110,7 @@ func (repo *UserRepo) ChangeMyProfile(ctx context.Context, profile *model.Profil
 func (repo *UserRepo) SearchMyExternalIDPs(ctx context.Context, request *model.ExternalIDPSearchRequest) (*model.ExternalIDPSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, seqErr := repo.View.GetLatestExternalIDPSequence()
-	logging.Log("EVENT-5Jsi8").OnError(seqErr).Warn("could not read latest user sequence")
+	logging.Log("EVENT-5Jsi8").OnError(seqErr).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest user sequence")
 	request.AppendUserQuery(authz.GetCtxData(ctx).UserID)
 	externalIDPS, count, err := repo.View.SearchExternalIDPs(request)
 	if err != nil {
@@ -268,7 +268,7 @@ func (repo *UserRepo) AddMfaOTP(ctx context.Context, userID string) (*model.OTP,
 	accountName := ""
 	user, err := repo.UserByID(ctx, userID)
 	if err != nil {
-		logging.Log("EVENT-Fk93s").WithError(err).Debug("unable to get user for loginname")
+		logging.Log("EVENT-Fk93s").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get user for loginname")
 	} else {
 		accountName = user.PreferredLoginName
 	}
@@ -279,7 +279,7 @@ func (repo *UserRepo) AddMyMfaOTP(ctx context.Context) (*model.OTP, error) {
 	accountName := ""
 	user, err := repo.UserByID(ctx, authz.GetCtxData(ctx).UserID)
 	if err != nil {
-		logging.Log("EVENT-Ml0sd").WithError(err).Debug("unable to get user for loginname")
+		logging.Log("EVENT-Ml0sd").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("unable to get user for loginname")
 	} else {
 		accountName = user.PreferredLoginName
 	}
@@ -370,7 +370,7 @@ func (repo *UserRepo) UserByID(ctx context.Context, id string) (*model.UserView,
 	}
 	events, err := repo.UserEvents.UserEventsByID(ctx, id, user.Sequence)
 	if err != nil {
-		logging.Log("EVENT-PSoc3").WithError(err).Debug("error retrieving new events")
+		logging.Log("EVENT-PSoc3").WithError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Debug("error retrieving new events")
 		return usr_view_model.UserToModel(user), nil
 	}
 	userCopy := *user
--- a/internal/auth/repository/eventsourcing/eventstore/user_grant.go
+++ b/internal/auth/repository/eventsourcing/eventstore/user_grant.go
@@ -12,6 +12,7 @@ import (
 	global_model "github.com/caos/zitadel/internal/model"
 	org_model "github.com/caos/zitadel/internal/org/model"
 	org_view_model "github.com/caos/zitadel/internal/org/repository/view/model"
+	"github.com/caos/zitadel/internal/tracing"
 	user_model "github.com/caos/zitadel/internal/user/model"
 	user_view_model "github.com/caos/zitadel/internal/user/repository/view/model"
 	grant_model "github.com/caos/zitadel/internal/usergrant/model"
@@ -29,7 +30,7 @@ type UserGrantRepo struct {
 func (repo *UserGrantRepo) SearchMyUserGrants(ctx context.Context, request *grant_model.UserGrantSearchRequest) (*grant_model.UserGrantSearchResponse, error) {
 	request.EnsureLimit(repo.SearchLimit)
 	sequence, err := repo.View.GetLatestUserGrantSequence()
-	logging.Log("EVENT-Hd7s3").OnError(err).Warn("could not read latest user grant sequence")
+	logging.Log("EVENT-Hd7s3").OnError(err).WithField("traceID", tracing.TraceIDFromCtx(ctx)).Warn("could not read latest user grant sequence")
 	request.Queries = append(request.Queries, &grant_model.UserGrantSearchQuery{Key: grant_model.UserGrantSearchKeyUserID, Method: global_model.SearchMethodEquals, Value: authz.GetCtxData(ctx).UserID})
 	grants, count, err := repo.View.SearchUserGrants(request)
 	if err != nil {
--- a/internal/auth/repository/eventsourcing/handler/user_session.go
+++ b/internal/auth/repository/eventsourcing/handler/user_session.go
@@ -76,7 +76,9 @@ func (u *UserSession) Reduce(event *models.Event) (err error) {
 		es_model.HumanMFAOTPRemoved,
 		es_model.HumanProfileChanged,
 		es_model.DomainClaimed,
-		es_model.UserUserNameChanged:
+		es_model.UserUserNameChanged,
+		es_model.HumanExternalIDPRemoved,
+		es_model.HumanExternalIDPCascadeRemoved:
 		sessions, err := u.view.UserSessionsByUserID(event.AggregateID)
 		if err != nil {
 			return err