feat: token introspection, api clients and auth method private_key_jwt (#1276)

* introspect * testingapplication key * date * client keys * fix client keys * fix client keys * access tokens only for users * AuthMethodPrivateKeyJWT * client keys * set introspection info correctly * managae apis * update oidc pkg * cleanup * merge msater * set current sequence in migration * set current sequence in migration * set current sequence in migration * Apply suggestions from code review Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com> * DeleteAuthNKeysByObjectID * ensure authn keys uptodate * update oidc version * merge master * merge master Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2025-12-07 06:12:04 +00:00 · 2021-02-17 15:31:47 +01:00
parent 39eb172804
commit 744185449e
64 changed files with 2275 additions and 836 deletions
--- a/internal/management/repository/eventsourcing/view/authn_keys.go
+++ b/internal/management/repository/eventsourcing/view/authn_keys.go
@@ -0,0 +1,74 @@
+package view
+
+import (
+	"github.com/caos/zitadel/internal/errors"
+	"github.com/caos/zitadel/internal/eventstore/models"
+	key_model "github.com/caos/zitadel/internal/key/model"
+	"github.com/caos/zitadel/internal/key/repository/view"
+	"github.com/caos/zitadel/internal/key/repository/view/model"
+	"github.com/caos/zitadel/internal/view/repository"
+)
+
+const (
+	authNKeyTable = "management.authn_keys"
+)
+
+func (v *View) AuthNKeyByIDs(objectID, keyID string) (*model.AuthNKeyView, error) {
+	return view.AuthNKeyByIDs(v.Db, authNKeyTable, objectID, keyID)
+}
+
+func (v *View) AuthNKeysByObjectID(objectID string) ([]*model.AuthNKeyView, error) {
+	return view.AuthNKeysByObjectID(v.Db, authNKeyTable, objectID)
+}
+
+func (v *View) AuthNKeyByID(keyID string) (*model.AuthNKeyView, error) {
+	return view.AuthNKeyByID(v.Db, authNKeyTable, keyID)
+}
+
+func (v *View) SearchAuthNKeys(request *key_model.AuthNKeySearchRequest) ([]*model.AuthNKeyView, uint64, error) {
+	return view.SearchAuthNKeys(v.Db, authNKeyTable, request)
+}
+
+func (v *View) PutAuthNKey(key *model.AuthNKeyView, event *models.Event) error {
+	err := view.PutAuthNKey(v.Db, authNKeyTable, key)
+	if err != nil {
+		return err
+	}
+	return v.ProcessedAuthNKeySequence(event)
+}
+
+func (v *View) DeleteAuthNKey(keyID string, event *models.Event) error {
+	err := view.DeleteAuthNKey(v.Db, authNKeyTable, keyID)
+	if err != nil && !errors.IsNotFound(err) {
+		return err
+	}
+	return v.ProcessedAuthNKeySequence(event)
+}
+
+func (v *View) DeleteAuthNKeysByObjectID(objectID string, event *models.Event) error {
+	err := view.DeleteAuthNKey(v.Db, authNKeyTable, objectID)
+	if err != nil && !errors.IsNotFound(err) {
+		return err
+	}
+	return v.ProcessedAuthNKeySequence(event)
+}
+
+func (v *View) GetLatestAuthNKeySequence() (*repository.CurrentSequence, error) {
+	return v.latestSequence(authNKeyTable)
+}
+
+func (v *View) ProcessedAuthNKeySequence(event *models.Event) error {
+	return v.saveCurrentSequence(authNKeyTable, event)
+}
+
+func (v *View) UpdateAuthNKeySpoolerRunTimestamp() error {
+	return v.updateSpoolerRunSequence(authNKeyTable)
+}
+
+func (v *View) GetLatestAuthNKeyFailedEvent(sequence uint64) (*repository.FailedEvent, error) {
+	return v.latestFailedEvent(authNKeyTable, sequence)
+}
+
+func (v *View) ProcessedAuthNKeyFailedEvent(failedEvent *repository.FailedEvent) error {
+	return v.saveFailedEvent(failedEvent)
+}
--- a/internal/management/repository/eventsourcing/view/machine_keys.go
+++ b/internal/management/repository/eventsourcing/view/machine_keys.go
@@ -1,70 +0,0 @@
-package view
-
-import (
-	"github.com/caos/zitadel/internal/errors"
-	"github.com/caos/zitadel/internal/eventstore/models"
-	usr_model "github.com/caos/zitadel/internal/user/model"
-	"github.com/caos/zitadel/internal/user/repository/view"
-	"github.com/caos/zitadel/internal/user/repository/view/model"
-	"github.com/caos/zitadel/internal/view/repository"
-)
-
-const (
-	machineKeyTable = "management.machine_keys"
-)
-
-func (v *View) MachineKeyByIDs(userID, keyID string) (*model.MachineKeyView, error) {
-	return view.MachineKeyByIDs(v.Db, machineKeyTable, userID, keyID)
-}
-
-func (v *View) MachineKeysByUserID(userID string) ([]*model.MachineKeyView, error) {
-	return view.MachineKeysByUserID(v.Db, machineKeyTable, userID)
-}
-
-func (v *View) SearchMachineKeys(request *usr_model.MachineKeySearchRequest) ([]*model.MachineKeyView, uint64, error) {
-	return view.SearchMachineKeys(v.Db, machineKeyTable, request)
-}
-
-func (v *View) PutMachineKey(org *model.MachineKeyView, event *models.Event) error {
-	err := view.PutMachineKey(v.Db, machineKeyTable, org)
-	if err != nil {
-		return err
-	}
-	return v.ProcessedMachineKeySequence(event)
-}
-
-func (v *View) DeleteMachineKey(keyID string, event *models.Event) error {
-	err := view.DeleteMachineKey(v.Db, machineKeyTable, keyID)
-	if err != nil && !errors.IsNotFound(err) {
-		return err
-	}
-	return v.ProcessedMachineKeySequence(event)
-}
-
-func (v *View) DeleteMachineKeysByUserID(userID string, event *models.Event) error {
-	err := view.DeleteMachineKey(v.Db, machineKeyTable, userID)
-	if err != nil && !errors.IsNotFound(err) {
-		return err
-	}
-	return v.ProcessedMachineKeySequence(event)
-}
-
-func (v *View) GetLatestMachineKeySequence() (*repository.CurrentSequence, error) {
-	return v.latestSequence(machineKeyTable)
-}
-
-func (v *View) ProcessedMachineKeySequence(event *models.Event) error {
-	return v.saveCurrentSequence(machineKeyTable, event)
-}
-
-func (v *View) UpdateMachineKeySpoolerRunTimestamp() error {
-	return v.updateSpoolerRunSequence(machineKeyTable)
-}
-
-func (v *View) GetLatestMachineKeyFailedEvent(sequence uint64) (*repository.FailedEvent, error) {
-	return v.latestFailedEvent(machineKeyTable, sequence)
-}
-
-func (v *View) ProcessedMachineKeyFailedEvent(failedEvent *repository.FailedEvent) error {
-	return v.saveFailedEvent(failedEvent)
-}