get key by id and cache them

2025-12-10 00:53:46 +00:00 · 2023-11-01 15:59:23 +02:00
parent 814e09f1d5
commit 85e22c1521
6 changed files with 218 additions and 21 deletions
--- a/internal/query/query.go
+++ b/internal/query/query.go
@@ -38,9 +38,10 @@ type Queries struct {
 	eventstore *eventstore.Eventstore
 	client     *database.DB

-	idpConfigEncryption  crypto.EncryptionAlgorithm
-	sessionTokenVerifier func(ctx context.Context, sessionToken string, sessionID string, tokenID string) (err error)
-	checkPermission      domain.PermissionCheck
+	keyEncryptionAlgorithm crypto.EncryptionAlgorithm
+	idpConfigEncryption    crypto.EncryptionAlgorithm
+	sessionTokenVerifier   func(ctx context.Context, sessionToken string, sessionID string, tokenID string) (err error)
+	checkPermission        domain.PermissionCheck

 	DefaultLanguage                     language.Tag
 	LoginDir                            http.FileSystem
@@ -86,8 +87,16 @@ func StartQueries(
 		LoginTranslationFileContents:        make(map[string][]byte),
 		NotificationTranslationFileContents: make(map[string][]byte),
 		zitadelRoles:                        zitadelRoles,
+		keyEncryptionAlgorithm:              keyEncryptionAlgorithm,
+		idpConfigEncryption:                 idpConfigEncryption,
 		sessionTokenVerifier:                sessionTokenVerifier,
-		defaultAuditLogRetention:            defaultAuditLogRetention,
+		multifactors: domain.MultifactorConfigs{
+			OTP: domain.OTPConfig{
+				CryptoMFA: otpEncryption,
+				Issuer:    defaults.Multifactors.OTP.Issuer,
+			},
+		},
+		defaultAuditLogRetention: defaultAuditLogRetention,
 	}
 	iam_repo.RegisterEventMappers(repo.eventstore)
 	usr_repo.RegisterEventMappers(repo.eventstore)
@@ -103,14 +112,6 @@ func StartQueries(
 	quota.RegisterEventMappers(repo.eventstore)
 	limits.RegisterEventMappers(repo.eventstore)

-	repo.idpConfigEncryption = idpConfigEncryption
-	repo.multifactors = domain.MultifactorConfigs{
-		OTP: domain.OTPConfig{
-			CryptoMFA: otpEncryption,
-			Issuer:    defaults.Multifactors.OTP.Issuer,
-		},
-	}
-
 	repo.checkPermission = permissionCheck(repo)

 	err = projection.Create(ctx, sqlClient, es, projections, keyEncryptionAlgorithm, certEncryptionAlgorithm, systemAPIUsers)