fix: change to repository event types and removed unused code (#3386)

* fix: change to repository event types and removed unused code * some fixes * remove unused code
2025-08-11 21:37:32 +00:00 · 2022-03-31 11:36:26 +02:00
parent 55af4a18a2
commit 87560157c1
170 changed files with 999 additions and 9581 deletions
--- a/internal/auth_request/model/auth_request.go
+++ b/internal/auth_request/model/auth_request.go
@@ -1,169 +0,0 @@
-package model
-
-import (
-	"strings"
-	"time"
-
-	"golang.org/x/text/language"
-
-	"github.com/caos/zitadel/internal/iam/model"
-
-	"github.com/caos/zitadel/internal/errors"
-)
-
-type AuthRequest struct {
-	ID            string
-	AgentID       string
-	CreationDate  time.Time
-	ChangeDate    time.Time
-	BrowserInfo   *BrowserInfo
-	ApplicationID string
-	CallbackURI   string
-	TransferState string
-	Prompt        Prompt
-	PossibleLOAs  []LevelOfAssurance
-	UiLocales     []string
-	LoginHint     string
-	MaxAuthAge    uint32
-	Request       Request
-
-	levelOfAssurance       LevelOfAssurance
-	UserID                 string
-	UserName               string
-	LoginName              string
-	DisplayName            string
-	UserOrgID              string
-	RequestedOrgID         string
-	RequestedOrgName       string
-	RequestedPrimaryDomain string
-	SelectedIDPConfigID    string
-	LinkingUsers           []*ExternalUser
-	PossibleSteps          []NextStep
-	PasswordVerified       bool
-	MFAsVerified           []MFAType
-	Audience               []string
-	AuthTime               time.Time
-	Code                   string
-	LoginPolicy            *model.LoginPolicyView
-	LabelPolicy            *model.LabelPolicyView
-	AllowedExternalIDPs    []*model.IDPProviderView
-}
-
-type ExternalUser struct {
-	IDPConfigID       string
-	ExternalUserID    string
-	DisplayName       string
-	PreferredUsername string
-	FirstName         string
-	LastName          string
-	NickName          string
-	Email             string
-	IsEmailVerified   bool
-	PreferredLanguage language.Tag
-	Phone             string
-	IsPhoneVerified   bool
-}
-
-type Prompt int32
-
-const (
-	PromptUnspecified Prompt = iota
-	PromptNone
-	PromptLogin
-	PromptConsent
-	PromptSelectAccount
-)
-
-type LevelOfAssurance int
-
-const (
-	LevelOfAssuranceNone LevelOfAssurance = iota
-)
-
-func NewAuthRequest(id, agentID string, info *BrowserInfo, applicationID, callbackURI, transferState string,
-	prompt Prompt, possibleLOAs []LevelOfAssurance, uiLocales []string, loginHint, preselectedUserID string, maxAuthAge uint32, request Request) *AuthRequest {
-	return &AuthRequest{
-		ID:            id,
-		AgentID:       agentID,
-		BrowserInfo:   info,
-		ApplicationID: applicationID,
-		CallbackURI:   callbackURI,
-		TransferState: transferState,
-		Prompt:        prompt,
-		PossibleLOAs:  possibleLOAs,
-		UiLocales:     uiLocales,
-		LoginHint:     loginHint,
-		UserID:        preselectedUserID,
-		MaxAuthAge:    maxAuthAge,
-		Request:       request,
-	}
-}
-
-func NewAuthRequestFromType(requestType AuthRequestType) (*AuthRequest, error) {
-	request, ok := authRequestTypeMapping[requestType]
-	if !ok {
-		return nil, errors.ThrowInvalidArgument(nil, "MODEL-ds2kl", "invalid request type")
-	}
-	return &AuthRequest{Request: request}, nil
-}
-
-func (a *AuthRequest) IsValid() bool {
-	return a.ID != "" &&
-		a.AgentID != "" &&
-		a.BrowserInfo != nil && a.BrowserInfo.IsValid() &&
-		a.ApplicationID != "" &&
-		a.CallbackURI != "" &&
-		a.Request != nil && a.Request.IsValid()
-}
-
-func (a *AuthRequest) MFALevel() MFALevel {
-	return -1
-	//PLANNED: check a.PossibleLOAs (and Prompt Login?)
-}
-
-func (a *AuthRequest) WithCurrentInfo(info *BrowserInfo) *AuthRequest {
-	a.BrowserInfo = info
-	return a
-}
-
-func (a *AuthRequest) SetUserInfo(userID, userName, loginName, displayName, userOrgID string) {
-	a.UserID = userID
-	a.UserName = userName
-	a.LoginName = loginName
-	a.DisplayName = displayName
-	a.UserOrgID = userOrgID
-}
-
-func (a *AuthRequest) GetScopeOrgPrimaryDomain() string {
-	switch request := a.Request.(type) {
-	case *AuthRequestOIDC:
-		for _, scope := range request.Scopes {
-			if strings.HasPrefix(scope, OrgDomainPrimaryScope) {
-				return strings.TrimPrefix(scope, OrgDomainPrimaryScope)
-			}
-		}
-	}
-	return ""
-}
-
-func (a *AuthRequest) GetScopeProjectIDsForAud() []string {
-	projectIDs := make([]string, 0)
-	switch request := a.Request.(type) {
-	case *AuthRequestOIDC:
-		for _, scope := range request.Scopes {
-			if strings.HasPrefix(scope, ProjectIDScope) && strings.HasSuffix(scope, AudSuffix) {
-				projectIDs = append(projectIDs, strings.TrimSuffix(strings.TrimPrefix(scope, ProjectIDScope), AudSuffix))
-			}
-		}
-	}
-	return projectIDs
-}
-
-func (a *AuthRequest) AppendAudIfNotExisting(aud string) {
-	for _, a := range a.Audience {
-		if a == aud {
-			return
-		}
-	}
-	a.Audience = append(a.Audience, aud)
-}
--- a/internal/auth_request/model/auth_request_test.go
+++ b/internal/auth_request/model/auth_request_test.go
@@ -1,263 +0,0 @@
-package model
-
-import (
-	"net"
-	"reflect"
-	"testing"
-)
-
-func TestAuthRequest_IsValid(t *testing.T) {
-	type fields struct {
-		ID            string
-		AgentID       string
-		BrowserInfo   *BrowserInfo
-		ApplicationID string
-		CallbackURI   string
-		Request       Request
-	}
-	tests := []struct {
-		name   string
-		fields fields
-		want   bool
-	}{
-		{
-			"missing id, false",
-			fields{},
-			false,
-		},
-		{
-			"missing agent id, false",
-			fields{
-				ID: "id",
-			},
-			false,
-		},
-		{
-			"missing browser info, false",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-			},
-			false,
-		},
-		{
-			"browser info invalid, false",
-			fields{
-				ID:          "id",
-				AgentID:     "agentID",
-				BrowserInfo: &BrowserInfo{},
-			},
-			false,
-		},
-		{
-			"missing application id, false",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "user agent",
-					AcceptLanguage: "accept language",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-			},
-			false,
-		},
-		{
-			"missing callback uri, false",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "user agent",
-					AcceptLanguage: "accept language",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-				ApplicationID: "appID",
-			},
-			false,
-		},
-		{
-			"missing request, false",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "user agent",
-					AcceptLanguage: "accept language",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-				ApplicationID: "appID",
-				CallbackURI:   "schema://callback",
-			},
-			false,
-		},
-		{
-			"request invalid, false",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "user agent",
-					AcceptLanguage: "accept language",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-				ApplicationID: "appID",
-				CallbackURI:   "schema://callback",
-				Request:       &AuthRequestOIDC{},
-			},
-			false,
-		},
-		{
-			"valid auth request, true",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "user agent",
-					AcceptLanguage: "accept language",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-				ApplicationID: "appID",
-				CallbackURI:   "schema://callback",
-				Request: &AuthRequestOIDC{
-					Scopes: []string{"openid"},
-					CodeChallenge: &OIDCCodeChallenge{
-						Challenge: "challenge",
-						Method:    CodeChallengeMethodS256,
-					},
-				},
-			},
-			true,
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			a := &AuthRequest{
-				ID:            tt.fields.ID,
-				AgentID:       tt.fields.AgentID,
-				BrowserInfo:   tt.fields.BrowserInfo,
-				ApplicationID: tt.fields.ApplicationID,
-				CallbackURI:   tt.fields.CallbackURI,
-				Request:       tt.fields.Request,
-			}
-			if got := a.IsValid(); got != tt.want {
-				t.Errorf("IsValid() = %v, want %v", got, tt.want)
-			}
-		})
-	}
-}
-
-func TestAuthRequest_MFALevel(t *testing.T) {
-	type fields struct {
-		Prompt       Prompt
-		PossibleLOAs []LevelOfAssurance
-	}
-	tests := []struct {
-		name   string
-		fields fields
-		want   MFALevel
-	}{
-		//PLANNED: Add / replace test cases when LOA is set
-		{"-1",
-			fields{},
-			-1,
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			a := &AuthRequest{
-				Prompt:       tt.fields.Prompt,
-				PossibleLOAs: tt.fields.PossibleLOAs,
-			}
-			if got := a.MFALevel(); got != tt.want {
-				t.Errorf("MFALevel() = %v, want %v", got, tt.want)
-			}
-		})
-	}
-}
-
-func TestAuthRequest_WithCurrentInfo(t *testing.T) {
-	type fields struct {
-		ID          string
-		AgentID     string
-		BrowserInfo *BrowserInfo
-	}
-	type args struct {
-		info *BrowserInfo
-	}
-	tests := []struct {
-		name   string
-		fields fields
-		args   args
-		want   *AuthRequest
-	}{
-		{
-			"unchanged",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "ua",
-					AcceptLanguage: "de",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-			},
-			args{
-				&BrowserInfo{
-					UserAgent:      "ua",
-					AcceptLanguage: "de",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-			},
-			&AuthRequest{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "ua",
-					AcceptLanguage: "de",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-			},
-		},
-		{
-			"changed",
-			fields{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "ua",
-					AcceptLanguage: "de",
-					RemoteIP:       net.IPv4(29, 4, 20, 19),
-				},
-			},
-			args{
-				&BrowserInfo{
-					UserAgent:      "ua",
-					AcceptLanguage: "de",
-					RemoteIP:       net.IPv4(16, 12, 20, 19),
-				},
-			},
-			&AuthRequest{
-				ID:      "id",
-				AgentID: "agentID",
-				BrowserInfo: &BrowserInfo{
-					UserAgent:      "ua",
-					AcceptLanguage: "de",
-					RemoteIP:       net.IPv4(16, 12, 20, 19),
-				},
-			},
-		},
-	}
-	for _, tt := range tests {
-		t.Run(tt.name, func(t *testing.T) {
-			a := &AuthRequest{
-				ID:          tt.fields.ID,
-				AgentID:     tt.fields.AgentID,
-				BrowserInfo: tt.fields.BrowserInfo,
-			}
-			if got := a.WithCurrentInfo(tt.args.info); !reflect.DeepEqual(got, tt.want) {
-				t.Errorf("WithCurrentInfo() = %v, want %v", got, tt.want)
-			}
-		})
-	}
-}
--- a/internal/auth_request/model/browser_info.go
+++ b/internal/auth_request/model/browser_info.go
@@ -1,28 +0,0 @@
-package model
-
-import (
-	"net"
-	"net/http"
-
-	http_util "github.com/caos/zitadel/internal/api/http"
-)
-
-type BrowserInfo struct {
-	UserAgent      string
-	AcceptLanguage string
-	RemoteIP       net.IP
-}
-
-func BrowserInfoFromRequest(r *http.Request) *BrowserInfo {
-	return &BrowserInfo{
-		UserAgent:      r.Header.Get(http_util.UserAgentHeader),
-		AcceptLanguage: r.Header.Get(http_util.AcceptLanguage),
-		RemoteIP:       http_util.RemoteIPFromRequest(r),
-	}
-}
-
-func (i *BrowserInfo) IsValid() bool {
-	return i.UserAgent != "" &&
-		i.AcceptLanguage != "" &&
-		i.RemoteIP != nil && !i.RemoteIP.IsUnspecified()
-}
--- a/internal/auth_request/model/code_challenge.go
+++ b/internal/auth_request/model/code_challenge.go
@@ -1,17 +0,0 @@
-package model
-
-type OIDCCodeChallenge struct {
-	Challenge string
-	Method    OIDCCodeChallengeMethod
-}
-
-func (c *OIDCCodeChallenge) IsValid() bool {
-	return c.Challenge != ""
-}
-
-type OIDCCodeChallengeMethod int32
-
-const (
-	CodeChallengeMethodPlain OIDCCodeChallengeMethod = iota
-	CodeChallengeMethodS256
-)
--- a/internal/auth_request/model/next_step.go
+++ b/internal/auth_request/model/next_step.go
@@ -1,213 +0,0 @@
-package model
-
-import (
-	"github.com/caos/zitadel/internal/domain"
-)
-
-type NextStep interface {
-	Type() NextStepType
-}
-
-type NextStepType int32
-
-const (
-	NextStepUnspecified NextStepType = iota
-	NextStepLogin
-	NextStepUserSelection
-	NextStepInitUser
-	NextStepPassword
-	NextStepChangePassword
-	NextStepInitPassword
-	NextStepVerifyEmail
-	NextStepMFAPrompt
-	NextStepMFAVerify
-	NextStepRedirectToCallback
-	NextStepChangeUsername
-	NextStepLinkUsers
-	NextStepExternalNotFoundOption
-	NextStepExternalLogin
-	NextStepGrantRequired
-	NextStepPasswordless
-)
-
-type UserSessionState int32
-
-const (
-	UserSessionStateActive UserSessionState = iota
-	UserSessionStateTerminated
-)
-
-type LoginStep struct{}
-
-func (s *LoginStep) Type() NextStepType {
-	return NextStepLogin
-}
-
-type SelectUserStep struct {
-	Users []UserSelection
-}
-
-func (s *SelectUserStep) Type() NextStepType {
-	return NextStepUserSelection
-}
-
-type UserSelection struct {
-	UserID            string
-	DisplayName       string
-	UserName          string
-	LoginName         string
-	UserSessionState  UserSessionState
-	SelectionPossible bool
-}
-
-type InitUserStep struct {
-	PasswordSet bool
-}
-
-type ExternalNotFoundOptionStep struct{}
-
-func (s *ExternalNotFoundOptionStep) Type() NextStepType {
-	return NextStepExternalNotFoundOption
-}
-
-func (s *InitUserStep) Type() NextStepType {
-	return NextStepInitUser
-}
-
-type PasswordStep struct{}
-
-func (s *PasswordStep) Type() NextStepType {
-	return NextStepPassword
-}
-
-type ExternalLoginStep struct {
-	SelectedIDPConfigID string
-}
-
-func (s *ExternalLoginStep) Type() NextStepType {
-	return NextStepExternalLogin
-}
-
-type PasswordlessStep struct{}
-
-func (s *PasswordlessStep) Type() NextStepType {
-	return NextStepPasswordless
-}
-
-type ChangePasswordStep struct{}
-
-func (s *ChangePasswordStep) Type() NextStepType {
-	return NextStepChangePassword
-}
-
-type InitPasswordStep struct{}
-
-func (s *InitPasswordStep) Type() NextStepType {
-	return NextStepInitPassword
-}
-
-type ChangeUsernameStep struct{}
-
-func (s *ChangeUsernameStep) Type() NextStepType {
-	return NextStepChangeUsername
-}
-
-type VerifyEMailStep struct{}
-
-func (s *VerifyEMailStep) Type() NextStepType {
-	return NextStepVerifyEmail
-}
-
-type MFAPromptStep struct {
-	Required     bool
-	MFAProviders []MFAType
-}
-
-func (s *MFAPromptStep) Type() NextStepType {
-	return NextStepMFAPrompt
-}
-
-type MFAVerificationStep struct {
-	MFAProviders []MFAType
-}
-
-func (s *MFAVerificationStep) Type() NextStepType {
-	return NextStepMFAVerify
-}
-
-type LinkUsersStep struct{}
-
-func (s *LinkUsersStep) Type() NextStepType {
-	return NextStepLinkUsers
-}
-
-type GrantRequiredStep struct{}
-
-func (s *GrantRequiredStep) Type() NextStepType {
-	return NextStepGrantRequired
-}
-
-type RedirectToCallbackStep struct{}
-
-func (s *RedirectToCallbackStep) Type() NextStepType {
-	return NextStepRedirectToCallback
-}
-
-type MFAType int
-
-const (
-	MFATypeOTP MFAType = iota
-	MFATypeU2F
-	MFATypeU2FUserVerification
-)
-
-type MFALevel int
-
-const (
-	MFALevelNotSetUp MFALevel = iota
-	MFALevelSecondFactor
-	MFALevelMultiFactor
-	MFALevelMultiFactorCertified
-)
-
-func MFATypeToDomain(mfaType MFAType) domain.MFAType {
-	switch mfaType {
-	case MFATypeOTP:
-		return domain.MFATypeOTP
-	case MFATypeU2F:
-		return domain.MFATypeU2F
-	case MFATypeU2FUserVerification:
-		return domain.MFATypeU2FUserVerification
-	default:
-		return domain.MFATypeOTP
-	}
-
-}
-
-func MFALevelToDomain(mfaLevel MFALevel) domain.MFALevel {
-	switch mfaLevel {
-	case MFALevelNotSetUp:
-		return domain.MFALevelNotSetUp
-	case MFALevelSecondFactor:
-		return domain.MFALevelSecondFactor
-	case MFALevelMultiFactor:
-		return domain.MFALevelMultiFactor
-	case MFALevelMultiFactorCertified:
-		return domain.MFALevelMultiFactorCertified
-	default:
-		return domain.MFALevelNotSetUp
-	}
-
-}
-
-func UserSessionStateToDomain(state UserSessionState) domain.UserSessionState {
-	switch state {
-	case UserSessionStateActive:
-		return domain.UserSessionStateActive
-	case UserSessionStateTerminated:
-		return domain.UserSessionStateTerminated
-	default:
-		return domain.UserSessionStateActive
-	}
-
-}
--- a/internal/auth_request/model/request.go
+++ b/internal/auth_request/model/request.go
@@ -1,62 +0,0 @@
-package model
-
-type Request interface {
-	Type() AuthRequestType
-	IsValid() bool
-}
-
-type AuthRequestType int32
-
-var (
-	authRequestTypeMapping = map[AuthRequestType]Request{
-		AuthRequestTypeOIDC: &AuthRequestOIDC{},
-	}
-)
-
-const (
-	AuthRequestTypeOIDC AuthRequestType = iota
-	AuthRequestTypeSAML
-)
-
-const (
-	OrgDomainPrimaryScope = "urn:zitadel:iam:org:domain:primary:"
-	OrgDomainPrimaryClaim = "urn:zitadel:iam:org:domain:primary"
-	ProjectIDScope        = "urn:zitadel:iam:org:project:id:"
-	AudSuffix             = ":aud"
-	SelectIDPScope        = "urn:zitadel:iam:org:idp:id:"
-)
-
-type AuthRequestOIDC struct {
-	Scopes        []string
-	ResponseType  OIDCResponseType
-	Nonce         string
-	CodeChallenge *OIDCCodeChallenge
-}
-
-func (a *AuthRequestOIDC) Type() AuthRequestType {
-	return AuthRequestTypeOIDC
-}
-
-func (a *AuthRequestOIDC) IsValid() bool {
-	return len(a.Scopes) > 0 &&
-		a.CodeChallenge == nil || a.CodeChallenge != nil && a.CodeChallenge.IsValid()
-}
-
-type AuthRequestSAML struct {
-}
-
-func (a *AuthRequestSAML) Type() AuthRequestType {
-	return AuthRequestTypeSAML
-}
-
-func (a *AuthRequestSAML) IsValid() bool {
-	return true
-}
-
-type OIDCResponseType int32
-
-const (
-	OIDCResponseTypeCode OIDCResponseType = iota
-	OIDCResponseTypeIdToken
-	OIDCResponseTypeIdTokenToken
-)