fix: remove resourceowner read from context in user v2 api (#7641)

* fix: remove resourceowner read from context in user v2 api

* fix: lint

* fix: remove orgID in addIDPLink

* fix: remove comment as unnecessary

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>

internal/api/grpc/user/v2/passkey.go

@@ -5,7 +5,6 @@ import (
 
 	"google.golang.org/protobuf/types/known/structpb"
 
-	"github.com/zitadel/zitadel/internal/api/authz"
 	"github.com/zitadel/zitadel/internal/api/grpc/object/v2"
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/zerrors"
@@ -15,16 +14,15 @@ import (
 
 func (s *Server) RegisterPasskey(ctx context.Context, req *user.RegisterPasskeyRequest) (resp *user.RegisterPasskeyResponse, err error) {
 	var (
-		resourceOwner = authz.GetCtxData(ctx).OrgID
 		authenticator = passkeyAuthenticatorToDomain(req.GetAuthenticator())
 	)
 	if code := req.GetCode(); code != nil {
 		return passkeyRegistrationDetailsToPb(
-			s.command.RegisterUserPasskeyWithCode(ctx, req.GetUserId(), resourceOwner, authenticator, code.Id, code.Code, req.GetDomain(), s.userCodeAlg),
+			s.command.RegisterUserPasskeyWithCode(ctx, req.GetUserId(), "", authenticator, code.Id, code.Code, req.GetDomain(), s.userCodeAlg),
 		)
 	}
 	return passkeyRegistrationDetailsToPb(
-		s.command.RegisterUserPasskey(ctx, req.GetUserId(), resourceOwner, req.GetDomain(), authenticator),
+		s.command.RegisterUserPasskey(ctx, req.GetUserId(), "", req.GetDomain(), authenticator),
 	)
 }
 
@@ -65,12 +63,11 @@ func passkeyRegistrationDetailsToPb(details *domain.WebAuthNRegistrationDetails,
 }
 
 func (s *Server) VerifyPasskeyRegistration(ctx context.Context, req *user.VerifyPasskeyRegistrationRequest) (*user.VerifyPasskeyRegistrationResponse, error) {
-	resourceOwner := authz.GetCtxData(ctx).OrgID
 	pkc, err := req.GetPublicKeyCredential().MarshalJSON()
 	if err != nil {
 		return nil, zerrors.ThrowInternal(err, "USERv2-Pha2o", "Errors.Internal")
 	}
-	objectDetails, err := s.command.HumanHumanPasswordlessSetup(ctx, req.GetUserId(), resourceOwner, req.GetPasskeyName(), "", pkc)
+	objectDetails, err := s.command.HumanHumanPasswordlessSetup(ctx, req.GetUserId(), "", req.GetPasskeyName(), "", pkc)
 	if err != nil {
 		return nil, err
 	}
@@ -80,20 +77,18 @@ func (s *Server) VerifyPasskeyRegistration(ctx context.Context, req *user.Verify
 }
 
 func (s *Server) CreatePasskeyRegistrationLink(ctx context.Context, req *user.CreatePasskeyRegistrationLinkRequest) (resp *user.CreatePasskeyRegistrationLinkResponse, err error) {
-	resourceOwner := authz.GetCtxData(ctx).OrgID
-
 	switch medium := req.Medium.(type) {
 	case nil:
 		return passkeyDetailsToPb(
-			s.command.AddUserPasskeyCode(ctx, req.GetUserId(), resourceOwner, s.userCodeAlg),
+			s.command.AddUserPasskeyCode(ctx, req.GetUserId(), "", s.userCodeAlg),
 		)
 	case *user.CreatePasskeyRegistrationLinkRequest_SendLink:
 		return passkeyDetailsToPb(
-			s.command.AddUserPasskeyCodeURLTemplate(ctx, req.GetUserId(), resourceOwner, s.userCodeAlg, medium.SendLink.GetUrlTemplate()),
+			s.command.AddUserPasskeyCodeURLTemplate(ctx, req.GetUserId(), "", s.userCodeAlg, medium.SendLink.GetUrlTemplate()),
 		)
 	case *user.CreatePasskeyRegistrationLinkRequest_ReturnCode:
 		return passkeyCodeDetailsToPb(
-			s.command.AddUserPasskeyCodeReturn(ctx, req.GetUserId(), resourceOwner, s.userCodeAlg),
+			s.command.AddUserPasskeyCodeReturn(ctx, req.GetUserId(), "", s.userCodeAlg),
 		)
 	default:
 		return nil, zerrors.ThrowUnimplementedf(nil, "USERv2-gaD8y", "verification oneOf %T in method CreatePasskeyRegistrationLink not implemented", medium)