TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 11:34:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: migration, key rotation and org event reducing (#1403)

Browse Source 
* fix: migration, key rotation and org event reducing

* fix oidc app

* pointer receiver name
This commit is contained in:
Livio Amstutz 2021-03-10 14:32:56 +01:00 committed by GitHub
parent c71a30de76
commit 87a2e18a4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
8 changed files with 34 additions and 24 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
internal/authz/repository/eventsourcing/handler/user_membership.go
View File

@ -276,7 +276,11 @@ func (u *UserMembership) getOrgByID(ctx context.Context, orgID string) (*org_mod
return nil, err return nil, err
} }
var esOrg *org_es_model.Org esOrg := &org_es_model.Org{
ObjectRoot: es_models.ObjectRoot{
AggregateID: orgID,
},
}
err = es_sdk.Filter(ctx, u.Eventstore().FilterEvents, esOrg.AppendEvents, query) err = es_sdk.Filter(ctx, u.Eventstore().FilterEvents, esOrg.AppendEvents, query)
if err != nil && !errors.IsNotFound(err) { if err != nil && !errors.IsNotFound(err) {
return nil, err return nil, err

34
internal/domain/application_oidc.go
View File

@ -41,24 +41,24 @@ type OIDCApp struct {
State AppState State AppState
} }
func (h OIDCApp) GetApplicationName() string { func (a *OIDCApp) GetApplicationName() string {
return h.AppName return a.AppName
} }
func (h OIDCApp) GetState() AppState { func (a *OIDCApp) GetState() AppState {
return h.State return a.State
} }
func (h OIDCApp) setClientID(clientID string) { func (a *OIDCApp) setClientID(clientID string) {
h.ClientID = clientID a.ClientID = clientID
} }
func (h OIDCApp) setClientSecret(clientSecret *crypto.CryptoValue) { func (a *OIDCApp) setClientSecret(clientSecret *crypto.CryptoValue) {
h.ClientSecret = clientSecret a.ClientSecret = clientSecret
} }
func (h OIDCApp) requiresClientSecret() bool { func (a *OIDCApp) requiresClientSecret() bool {
return h.AuthMethodType == OIDCAuthMethodTypeBasic || h.AuthMethodType == OIDCAuthMethodTypePost return a.AuthMethodType == OIDCAuthMethodTypeBasic || a.AuthMethodType == OIDCAuthMethodTypePost
} }
type OIDCVersion int32 type OIDCVersion int32
@ -112,10 +112,10 @@ const (
OIDCTokenTypeJWT OIDCTokenTypeJWT
) )
func (c *OIDCApp) IsValid() bool { func (a *OIDCApp) IsValid() bool {
grantTypes := c.getRequiredGrantTypes() grantTypes := a.getRequiredGrantTypes()
for _, grantType := range grantTypes { for _, grantType := range grantTypes {
ok := containsOIDCGrantType(c.GrantTypes, grantType) ok := containsOIDCGrantType(a.GrantTypes, grantType)
if !ok { if !ok {
return false return false
} }
@ -123,10 +123,10 @@ func (c *OIDCApp) IsValid() bool {
return true return true
} }
func (c *OIDCApp) getRequiredGrantTypes() []OIDCGrantType { func (a *OIDCApp) getRequiredGrantTypes() []OIDCGrantType {
grantTypes := make([]OIDCGrantType, 0) grantTypes := make([]OIDCGrantType, 0)
implicit := false implicit := false
for _, r := range c.ResponseTypes { for _, r := range a.ResponseTypes {
switch r { switch r {
case OIDCResponseTypeCode: case OIDCResponseTypeCode:
grantTypes = append(grantTypes, OIDCGrantTypeAuthorizationCode) grantTypes = append(grantTypes, OIDCGrantTypeAuthorizationCode)
@ -149,8 +149,8 @@ func containsOIDCGrantType(grantTypes []OIDCGrantType, grantType OIDCGrantType)
return false return false
} }
func (c *OIDCApp) FillCompliance() { func (a *OIDCApp) FillCompliance() {
c.Compliance = GetOIDCCompliance(c.OIDCVersion, c.ApplicationType, c.GrantTypes, c.ResponseTypes, c.AuthMethodType, c.RedirectUris) a.Compliance = GetOIDCCompliance(a.OIDCVersion, a.ApplicationType, a.GrantTypes, a.ResponseTypes, a.AuthMethodType, a.RedirectUris)
} }
func GetOIDCCompliance(version OIDCVersion, appType OIDCApplicationType, grantTypes []OIDCGrantType, responseTypes []OIDCResponseType, authMethod OIDCAuthMethodType, redirectUris []string) *Compliance { func GetOIDCCompliance(version OIDCVersion, appType OIDCApplicationType, grantTypes []OIDCGrantType, responseTypes []OIDCResponseType, authMethod OIDCAuthMethodType, redirectUris []string) *Compliance {

4
internal/key/repository/view/query.go
View File

@ -3,9 +3,11 @@ package view
import ( import (
"github.com/caos/zitadel/internal/eventstore" "github.com/caos/zitadel/internal/eventstore"
"github.com/caos/zitadel/internal/repository/iam" "github.com/caos/zitadel/internal/repository/iam"
"github.com/caos/zitadel/internal/repository/keypair"
) )
func KeyPairQuery(latestSequence uint64) *eventstore.SearchQueryBuilder { func KeyPairQuery(latestSequence uint64) *eventstore.SearchQueryBuilder {
return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent, iam.AggregateType). return eventstore.NewSearchQueryBuilder(eventstore.ColumnsEvent, iam.AggregateType).
SequenceGreater(latestSequence) SequenceGreater(latestSequence).
EventTypes(keypair.AddedEventType)
} }

6
internal/notification/repository/eventsourcing/handler/notify_user.go
View File

@ -242,7 +242,11 @@ func (u *NotifyUser) getOrgByID(ctx context.Context, orgID string) (*org_model.O
return nil, err return nil, err
} }
var esOrg *org_es_model.Org esOrg := &org_es_model.Org{
ObjectRoot: es_models.ObjectRoot{
AggregateID: orgID,
},
}
err = es_sdk.Filter(ctx, u.Eventstore().FilterEvents, esOrg.AppendEvents, query) err = es_sdk.Filter(ctx, u.Eventstore().FilterEvents, esOrg.AppendEvents, query)
if err != nil && !caos_errs.IsNotFound(err) { if err != nil && !caos_errs.IsNotFound(err) {
return nil, err return nil, err

2
internal/repository/keypair/aggregate.go
View File

@ -1,4 +1,4 @@
package usergrant package keypair
import ( import (
"github.com/caos/zitadel/internal/eventstore" "github.com/caos/zitadel/internal/eventstore"

2
internal/repository/keypair/eventstore.go
View File

@ -1,4 +1,4 @@
package usergrant package keypair
import ( import (
"github.com/caos/zitadel/internal/eventstore" "github.com/caos/zitadel/internal/eventstore"

2
internal/repository/keypair/key_pair.go
View File

@ -1,4 +1,4 @@
package usergrant package keypair
import ( import (
"context" "context"

2
migrations/cockroach/V1.36__queries.sql
View File

@ -1,2 +1,2 @@
CREATE USER queries WITH PASSWORD ${queriespassword}; CREATE USER queries WITH PASSWORD ${queriespassword};
GRANT SELECT ON DATABASE eventstore TO queries; GRANT SELECT ON TABLE eventstore.events TO queries;