fix: idps (#777)

* fix: update client secret, skip passwordsteps only if login not if linking

* fix: global policy for register

* fix: scope handling

* fix: back after error

* fix: change org id scope to primary domain

* fix: check if primarydomain empty

* fix: local sh

* fix: disable buttons on org login policy

internal/auth_request/model/auth_request.go

@@ -126,12 +126,12 @@ func (a *AuthRequest) SetUserInfo(userID, loginName, displayName, userOrgID stri
 	a.UserOrgID = userOrgID
 }
 
-func (a *AuthRequest) GetScopeOrgID() string {
+func (a *AuthRequest) GetScopeOrgPrimaryDomain() string {
 	switch request := a.Request.(type) {
 	case *AuthRequestOIDC:
 		for _, scope := range request.Scopes {
-			if strings.HasPrefix(scope, OrgIDScope) {
-				strings.TrimPrefix(scope, OrgIDScope)
+			if strings.HasPrefix(scope, OrgDomainPrimaryScope) {
+				return strings.TrimPrefix(scope, OrgDomainPrimaryScope)
 			}
 		}
 	}

internal/auth_request/model/request.go

@@ -19,7 +19,7 @@ const (
 )
 
 const (
-	OrgIDScope = "urn:zitadel:organisation:id:"
+	OrgDomainPrimaryScope = "urn:zitadel:org:domain:primary:"
 )
 
 type AuthRequestOIDC struct {