mirror of
https://github.com/zitadel/zitadel.git
synced 2025-08-12 06:07:33 +00:00
feat: set private labeling setting on project (#2184)
* docs: add scope to request private labeling * feat: add enum to project * fix: remove unused code, add private labeling setting to query side * fix: set private labeling depending on setting * fix: private labeling depending on project setting * Update proto/zitadel/management.proto Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: rename sql file * fix: private labeling setting Co-authored-by: Livio Amstutz <livio.a@gmail.com>
This commit is contained in:
Fabi
@@ -2,7 +2,6 @@ package model
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"reflect"
|
||||
"time"
|
||||
|
||||
"github.com/caos/logging"
|
||||
@@ -35,187 +34,6 @@ type OIDCConfig struct {
|
||||
ClientKeys []*ClientKey `json:"-"`
|
||||
}
|
||||
|
||||
func (c *OIDCConfig) Changes(changed *OIDCConfig) map[string]interface{} {
|
||||
changes := make(map[string]interface{}, 1)
|
||||
changes["appId"] = c.AppID
|
||||
if !reflect.DeepEqual(c.RedirectUris, changed.RedirectUris) {
|
||||
changes["redirectUris"] = changed.RedirectUris
|
||||
}
|
||||
if !reflect.DeepEqual(c.ResponseTypes, changed.ResponseTypes) {
|
||||
changes["responseTypes"] = changed.ResponseTypes
|
||||
}
|
||||
if !reflect.DeepEqual(c.GrantTypes, changed.GrantTypes) {
|
||||
changes["grantTypes"] = changed.GrantTypes
|
||||
}
|
||||
if c.ApplicationType != changed.ApplicationType {
|
||||
changes["applicationType"] = changed.ApplicationType
|
||||
}
|
||||
if c.AuthMethodType != changed.AuthMethodType {
|
||||
changes["authMethodType"] = changed.AuthMethodType
|
||||
}
|
||||
if c.Version != changed.Version {
|
||||
changes["oidcVersion"] = changed.Version
|
||||
}
|
||||
if !reflect.DeepEqual(c.PostLogoutRedirectUris, changed.PostLogoutRedirectUris) {
|
||||
changes["postLogoutRedirectUris"] = changed.PostLogoutRedirectUris
|
||||
}
|
||||
if c.DevMode != changed.DevMode {
|
||||
changes["devMode"] = changed.DevMode
|
||||
}
|
||||
if c.AccessTokenType != changed.AccessTokenType {
|
||||
changes["accessTokenType"] = changed.AccessTokenType
|
||||
}
|
||||
if c.AccessTokenRoleAssertion != changed.AccessTokenRoleAssertion {
|
||||
changes["accessTokenRoleAssertion"] = changed.AccessTokenRoleAssertion
|
||||
}
|
||||
if c.IDTokenRoleAssertion != changed.IDTokenRoleAssertion {
|
||||
changes["idTokenRoleAssertion"] = changed.IDTokenRoleAssertion
|
||||
}
|
||||
if c.IDTokenUserinfoAssertion != changed.IDTokenUserinfoAssertion {
|
||||
changes["idTokenUserinfoAssertion"] = changed.IDTokenUserinfoAssertion
|
||||
}
|
||||
if c.ClockSkew != changed.ClockSkew {
|
||||
changes["clockSkew"] = changed.ClockSkew
|
||||
}
|
||||
return changes
|
||||
}
|
||||
|
||||
func OIDCConfigFromModel(config *model.OIDCConfig) *OIDCConfig {
|
||||
responseTypes := make([]int32, len(config.ResponseTypes))
|
||||
for i, rt := range config.ResponseTypes {
|
||||
responseTypes[i] = int32(rt)
|
||||
}
|
||||
grantTypes := make([]int32, len(config.GrantTypes))
|
||||
for i, rt := range config.GrantTypes {
|
||||
grantTypes[i] = int32(rt)
|
||||
}
|
||||
return &OIDCConfig{
|
||||
ObjectRoot: config.ObjectRoot,
|
||||
AppID: config.AppID,
|
||||
Version: int32(config.OIDCVersion),
|
||||
ClientID: config.ClientID,
|
||||
ClientSecret: config.ClientSecret,
|
||||
RedirectUris: config.RedirectUris,
|
||||
ResponseTypes: responseTypes,
|
||||
GrantTypes: grantTypes,
|
||||
ApplicationType: int32(config.ApplicationType),
|
||||
AuthMethodType: int32(config.AuthMethodType),
|
||||
PostLogoutRedirectUris: config.PostLogoutRedirectUris,
|
||||
DevMode: config.DevMode,
|
||||
AccessTokenType: int32(config.AccessTokenType),
|
||||
AccessTokenRoleAssertion: config.AccessTokenRoleAssertion,
|
||||
IDTokenRoleAssertion: config.IDTokenRoleAssertion,
|
||||
IDTokenUserinfoAssertion: config.IDTokenUserinfoAssertion,
|
||||
ClockSkew: config.ClockSkew,
|
||||
}
|
||||
}
|
||||
|
||||
func OIDCConfigToModel(config *OIDCConfig) *model.OIDCConfig {
|
||||
responseTypes := make([]model.OIDCResponseType, len(config.ResponseTypes))
|
||||
for i, rt := range config.ResponseTypes {
|
||||
responseTypes[i] = model.OIDCResponseType(rt)
|
||||
}
|
||||
grantTypes := make([]model.OIDCGrantType, len(config.GrantTypes))
|
||||
for i, rt := range config.GrantTypes {
|
||||
grantTypes[i] = model.OIDCGrantType(rt)
|
||||
}
|
||||
oidcConfig := &model.OIDCConfig{
|
||||
ObjectRoot: config.ObjectRoot,
|
||||
AppID: config.AppID,
|
||||
OIDCVersion: model.OIDCVersion(config.Version),
|
||||
ClientID: config.ClientID,
|
||||
ClientSecret: config.ClientSecret,
|
||||
RedirectUris: config.RedirectUris,
|
||||
ResponseTypes: responseTypes,
|
||||
GrantTypes: grantTypes,
|
||||
ApplicationType: model.OIDCApplicationType(config.ApplicationType),
|
||||
AuthMethodType: model.OIDCAuthMethodType(config.AuthMethodType),
|
||||
PostLogoutRedirectUris: config.PostLogoutRedirectUris,
|
||||
DevMode: config.DevMode,
|
||||
AccessTokenType: model.OIDCTokenType(config.AccessTokenType),
|
||||
AccessTokenRoleAssertion: config.AccessTokenRoleAssertion,
|
||||
IDTokenRoleAssertion: config.IDTokenRoleAssertion,
|
||||
IDTokenUserinfoAssertion: config.IDTokenUserinfoAssertion,
|
||||
ClockSkew: config.ClockSkew,
|
||||
ClientKeys: ClientKeysToModel(config.ClientKeys),
|
||||
}
|
||||
oidcConfig.FillCompliance()
|
||||
return oidcConfig
|
||||
}
|
||||
|
||||
func (p *Project) appendAddOIDCConfigEvent(event *es_models.Event) error {
|
||||
config := new(OIDCConfig)
|
||||
err := config.setData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
config.ObjectRoot.CreationDate = event.CreationDate
|
||||
if i, a := GetApplication(p.Applications, config.AppID); a != nil {
|
||||
p.Applications[i].Type = int32(model.AppTypeOIDC)
|
||||
p.Applications[i].OIDCConfig = config
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *Project) appendChangeOIDCConfigEvent(event *es_models.Event) error {
|
||||
config := new(OIDCConfig)
|
||||
err := config.setData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if i, a := GetApplication(p.Applications, config.AppID); a != nil {
|
||||
if p.Applications[i].OIDCConfig == nil {
|
||||
return errors.ThrowInvalidArgument(nil, "MODEL-aBR5G", "oidc config is nil")
|
||||
}
|
||||
return p.Applications[i].OIDCConfig.setData(event)
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *Project) appendAddClientKeyEvent(event *es_models.Event) error {
|
||||
key := new(ClientKey)
|
||||
err := key.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if i, a := GetApplication(p.Applications, key.ApplicationID); a != nil {
|
||||
if a.OIDCConfig != nil {
|
||||
p.Applications[i].OIDCConfig.ClientKeys = append(p.Applications[i].OIDCConfig.ClientKeys, key)
|
||||
}
|
||||
if a.APIConfig != nil {
|
||||
p.Applications[i].APIConfig.ClientKeys = append(p.Applications[i].APIConfig.ClientKeys, key)
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (p *Project) appendRemoveClientKeyEvent(event *es_models.Event) error {
|
||||
key := new(ClientKey)
|
||||
err := key.SetData(event)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
if i, a := GetApplication(p.Applications, key.ApplicationID); a != nil {
|
||||
if a.OIDCConfig != nil {
|
||||
if j, k := GetClientKey(p.Applications[i].OIDCConfig.ClientKeys, key.KeyID); k != nil {
|
||||
p.Applications[i].OIDCConfig.ClientKeys[j] = p.Applications[i].OIDCConfig.ClientKeys[len(p.Applications[i].OIDCConfig.ClientKeys)-1]
|
||||
p.Applications[i].OIDCConfig.ClientKeys[len(p.Applications[i].OIDCConfig.ClientKeys)-1] = nil
|
||||
p.Applications[i].OIDCConfig.ClientKeys = p.Applications[i].OIDCConfig.ClientKeys[:len(p.Applications[i].OIDCConfig.ClientKeys)-1]
|
||||
}
|
||||
}
|
||||
if a.APIConfig != nil {
|
||||
if j, k := GetClientKey(p.Applications[i].APIConfig.ClientKeys, key.KeyID); k != nil {
|
||||
p.Applications[i].APIConfig.ClientKeys[j] = p.Applications[i].APIConfig.ClientKeys[len(p.Applications[i].APIConfig.ClientKeys)-1]
|
||||
p.Applications[i].APIConfig.ClientKeys[len(p.Applications[i].APIConfig.ClientKeys)-1] = nil
|
||||
p.Applications[i].APIConfig.ClientKeys = p.Applications[i].APIConfig.ClientKeys[:len(p.Applications[i].APIConfig.ClientKeys)-1]
|
||||
}
|
||||
}
|
||||
}
|
||||
return nil
|
||||
}
|
||||
|
||||
func (o *OIDCConfig) setData(event *es_models.Event) error {
|
||||
o.ObjectRoot.AppendEvent(event)
|
||||
if err := json.Unmarshal(event.Data, o); err != nil {
|
||||
@@ -225,15 +43,6 @@ func (o *OIDCConfig) setData(event *es_models.Event) error {
|
||||
return nil
|
||||
}
|
||||
|
||||
func GetClientKey(keys []*ClientKey, id string) (int, *ClientKey) {
|
||||
for i, k := range keys {
|
||||
if k.KeyID == id {
|
||||
return i, k
|
||||
}
|
||||
}
|
||||
return -1, nil
|
||||
}
|
||||
|
||||
type ClientKey struct {
|
||||
es_models.ObjectRoot `json:"-"`
|
||||
ApplicationID string `json:"applicationId,omitempty"`
|
||||
@@ -278,17 +87,6 @@ func (key *ClientKey) AppendEvent(event *es_models.Event) (err error) {
|
||||
return err
|
||||
}
|
||||
|
||||
func ClientKeyFromModel(key *model.ClientKey) *ClientKey {
|
||||
return &ClientKey{
|
||||
ObjectRoot: key.ObjectRoot,
|
||||
ExpirationDate: key.ExpirationDate,
|
||||
ApplicationID: key.ApplicationID,
|
||||
ClientID: key.ClientID,
|
||||
KeyID: key.KeyID,
|
||||
Type: int32(key.Type),
|
||||
}
|
||||
}
|
||||
|
||||
func ClientKeysToModel(keys []*ClientKey) []*model.ClientKey {
|
||||
clientKeys := make([]*model.ClientKey, len(keys))
|
||||
for i, key := range keys {
|
||||
|
||||
Reference in New Issue
Block a user