TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-21 10:47:53 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'main' into saml-2

Browse Source
This commit is contained in:
Max Peintner
2025-02-14 13:41:16 +01:00
parent 7a83345428 5c5a8d5395
commit 8bd673dd28
72 changed files with 775 additions and 628 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.dockerignore Normal file
View File

@@ -0,0 +1,2 @@
*
!docker

72
.github/workflows/docker.yml vendored Normal file
View File

@@ -0,0 +1,72 @@
name: Docker
on:
push:
branches:
- main
jobs:
build:
runs-on: ubuntu-latest
steps:
- name: Check out code
uses: actions/checkout@v4
with:
fetch-depth: 2
- name: Install pnpm
uses: pnpm/action-setup@v4
- name: Cache turbo build setup
uses: actions/cache@v4
with:
path: .turbo
key: ${{ runner.os }}-turbo-${{ github.sha }}
restore-keys: |
${{ runner.os }}-turbo-
- name: Setup Node.js environment
uses: actions/setup-node@v4
with:
node-version: 20
cache: 'pnpm'
- name: Set up QEMU
uses: docker/setup-qemu-action@v3
- name: Set up Docker Buildx
uses: docker/setup-buildx-action@v3
with:
driver-opts: 'image=moby/buildkit:v0.11.6'
- name: Login
uses: docker/login-action@v3
with:
registry: ${{ secrets.DOCKER_REGISTRY }}
username: ${{ secrets.DOCKER_REGISTRY_USERNAME }}
password: ${{ secrets.DOCKER_REGISTRY_PASSWORD }}
- name: Docker meta
id: meta
uses: docker/metadata-action@v5
with:
images: ${{ secrets.DOCKER_IMAGE }}
# generate Docker tags based on the following events/attributes
tags: type=sha
- name: Install dependencies
run: pnpm install
- name: Build for Docker
run: NEXT_PUBLIC_BASE_PATH=/new-login pnpm build:docker
- name: Build and Push Image
id: build
uses: docker/build-push-action@v5
timeout-minutes: 10
with:
cache-from: type=gha
cache-to: type=gha,mode=max
tags: ${{ steps.meta.outputs.tags }}
labels: ${{ steps.meta.outputs.labels }}
push: true

2
.gitignore vendored
View File

@@ -22,3 +22,5 @@ packages/zitadel-server/src/app/proto
/playwright-report/
/blob-report/
/playwright/.cache/
/out
/docker

1
.nvmrc Normal file
View File

@@ -0,0 +1 @@
lts/iron

2
CONTRIBUTING.md
View File

@@ -67,7 +67,7 @@ export ZITADEL_SERVICE_USER_TOKEN=<your service account personal access token he
### Setting up local environment
```sh
# Install dependencies. Developing requires Node.js v16
# Install dependencies. Developing requires Node.js v20
pnpm install
# Generate gRPC stubs

18
Dockerfile Normal file
View File

@@ -0,0 +1,18 @@
FROM node:20-alpine
WORKDIR /app
RUN addgroup --system --gid 1001 nodejs
RUN adduser --system --uid 1001 nextjs
# If /.env-file/.env is mounted into the container, its variables are made available to the server before it starts up.
RUN mkdir -p /.env-file && touch /.env-file/.env && chown -R nextjs:nodejs /.env-file
COPY --chown=nextjs:nodejs ./docker/apps/login/.next/standalone ./
COPY --chown=nextjs:nodejs ./docker/apps/login/.next/static ./apps/login/.next/static
COPY --chown=nextjs:nodejs ./docker/apps/login/public ./apps/login/public
USER nextjs
ENV HOSTNAME="0.0.0.0"
CMD ["/bin/sh", "-c", " set -o allexport && . /.env-file/.env && set +o allexport && node apps/login/server.js"]

2
README.md
View File

@@ -8,7 +8,7 @@ Login UI.
[![npm package](https://img.shields.io/npm/v/@zitadel/proto.svg?style=for-the-badge&logo=npm&logoColor=white)](https://www.npmjs.com/package/@zitadel/proto)
[![npm package](https://img.shields.io/npm/v/@zitadel/client.svg?style=for-the-badge&logo=npm&logoColor=white)](https://www.npmjs.com/package/@zitadel/client)
**⚠️ This repo and packages are in alpha state and subject to change ⚠️**
**⚠️ This repo and packages are in beta state and subject to change ⚠️**
The scope of functionality of this repo and packages is under active development.

10
apps/login/next-env-vars.d.ts vendored
View File

@@ -10,10 +10,18 @@ declare namespace NodeJS {
SYSTEM_USER_PRIVATE_KEY: string; // The fallback service user private key
/**
* Self hosting: The instance url
* Self hosting: The Zitadel API url
*/
ZITADEL_API_URL: string;
/**
* Takes effect only if ZITADEL_API_URL is not empty.
* This is only relevant if Zitadels runtime has the ZITADEL_INSTANCEHOSTHEADERS config changed.
* The default is x-zitadel-instance-host.
* Most users don't need to set this variable.
*/
ZITADEL_INSTANCE_HOST_HEADER: string;
/**
* Self hosting: The service user id
*/

40
apps/login/next.config.mjs
View File

@@ -34,27 +34,39 @@ const secureHeaders = [
},
];
const imageRemotePatterns = [
{
protocol: "http",
hostname: "localhost",
port: "8080",
pathname: "/**",
},
{
protocol: "https",
hostname: "*.zitadel.*",
port: "",
pathname: "/**",
},
];
if (process.env.ZITADEL_API_URL) {
imageRemotePatterns.push({
protocol: "https",
hostname: process.env.ZITADEL_API_URL?.replace("https://", "") || "",
port: "",
pathname: "/**",
});
}
const nextConfig = {
basePath: process.env.NEXT_PUBLIC_BASE_PATH,
output: process.env.NEXT_OUTPUT_MODE || undefined,
reactStrictMode: true, // Recommended for the `pages` directory, default in `app`.
experimental: {
dynamicIO: true,
},
images: {
remotePatterns: [
{
protocol: "https",
hostname: process.env.ZITADEL_API_URL?.replace("https://", "") || "",
port: "",
pathname: "/**",
},
{
protocol: "http",
hostname: "localhost",
port: "8080",
pathname: "/**",
},
],
remotePatterns: imageRemotePatterns,
},
async headers() {
return [

3
apps/login/package.json
View File

@@ -23,6 +23,7 @@
"lint:fix": "prettier --write .",
"lint-staged": "lint-staged",
"build": "next build",
"build:standalone": "NEXT_OUTPUT_MODE=standalone pnpm build",
"prestart": "pnpm build",
"start": "next start",
"start:built": "next start",
@@ -62,7 +63,7 @@
"@testing-library/jest-dom": "^6.6.3",
"@testing-library/react": "^16.0.1",
"@types/ms": "0.7.34",
"@types/node": "22.9.0",
"@types/node": "^20.17.17",
"@types/react": "19.0.2",
"@types/react-dom": "19.0.2",
"@types/tinycolor2": "1.4.3",

17
apps/login/src/app/(login)/accounts/page.tsx
View File

@@ -13,19 +13,13 @@ import { getLocale, getTranslations } from "next-intl/server";
import { headers } from "next/headers";
import Link from "next/link";
async function loadSessions({
serviceUrl,
serviceRegion,
}: {
serviceUrl: string;
serviceRegion: string;
}) {
async function loadSessions({ serviceUrl }: { serviceUrl: string }) {
const ids: (string | undefined)[] = await getAllSessionCookieIds();
if (ids && ids.length) {
const response = await listSessions({
serviceUrl,
serviceRegion,
ids: ids.filter((id) => !!id) as string[],
});
return response?.sessions ?? [];
@@ -46,24 +40,23 @@ export default async function Page(props: {
const organization = searchParams?.organization;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
let defaultOrganization;
if (!organization) {
const org: Organization | null = await getDefaultOrg({
serviceUrl,
serviceRegion,
});
if (org) {
defaultOrganization = org.id;
}
}
let sessions = await loadSessions({ serviceUrl, serviceRegion });
let sessions = await loadSessions({ serviceUrl });
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization: organization ?? defaultOrganization,
});

22
apps/login/src/app/(login)/authenticator/set/page.tsx
View File

@@ -30,7 +30,7 @@ export default async function Page(props: {
const { loginName, requestId, organization, sessionId } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionWithData = sessionId
? await loadSessionById(serviceUrl, sessionId, organization)
@@ -38,7 +38,7 @@ export default async function Page(props: {
async function getAuthMethodsAndUser(
serviceUrl: string,
serviceRegion: string,
session?: Session,
) {
const userId = session?.factors?.user?.id;
@@ -49,10 +49,10 @@ export default async function Page(props: {
return listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId,
}).then((methods) => {
return getUserByID({ serviceUrl, serviceRegion, userId }).then((user) => {
return getUserByID({ serviceUrl, userId }).then((user) => {
const humanUser =
user.user?.type.case === "human" ? user.user?.type.value : undefined;
@@ -74,13 +74,13 @@ export default async function Page(props: {
) {
return loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
},
}).then((session) => {
return getAuthMethodsAndUser(serviceUrl, serviceRegion, session);
return getAuthMethodsAndUser(serviceUrl, session);
});
}
@@ -92,13 +92,13 @@ export default async function Page(props: {
const recent = await getSessionCookieById({ sessionId, organization });
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((sessionResponse) => {
return getAuthMethodsAndUser(
serviceUrl,
serviceRegion,
sessionResponse.session,
);
});
@@ -110,19 +110,19 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization: sessionWithData.factors?.user?.organizationId,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: sessionWithData.factors?.user?.organizationId,
});
const identityProviders = await getActiveIdentityProviders({
serviceUrl,
serviceRegion,
orgId: sessionWithData.factors?.user?.organizationId,
linking_allowed: true,
}).then((resp) => {

93
apps/login/src/app/(login)/idp/[provider]/failure/page.tsx
View File

@@ -1,19 +1,19 @@
import { Alert, AlertType } from "@/components/alert";
import { ChooseAuthenticatorToLogin } from "@/components/choose-authenticator-to-login";
import { DynamicTheme } from "@/components/dynamic-theme";
import { UserAvatar } from "@/components/user-avatar";
import { getServiceUrlFromHeaders } from "@/lib/service";
import { getBrandingSettings } from "@/lib/zitadel";
import { IdentityProviderType } from "@zitadel/proto/zitadel/settings/v2/login_settings_pb";
import {
getBrandingSettings,
getLoginSettings,
getUserByID,
listAuthenticationMethodTypes,
} from "@/lib/zitadel";
import { HumanUser, User } from "@zitadel/proto/zitadel/user/v2/user_pb";
import { AuthenticationMethodType } from "@zitadel/proto/zitadel/user/v2/user_service_pb";
import { getLocale, getTranslations } from "next-intl/server";
import { headers } from "next/headers";
// This configuration shows the given name in the respective IDP button as fallback
const PROVIDER_NAME_MAPPING: {
[provider: string]: string;
} = {
[IdentityProviderType.GOOGLE]: "Google",
[IdentityProviderType.GITHUB]: "GitHub",
[IdentityProviderType.AZURE_AD]: "Microsoft",
};
export default async function Page(props: {
searchParams: Promise<Record<string | number | symbol, string | undefined>>;
params: Promise<{ provider: string }>;
@@ -22,22 +22,85 @@ export default async function Page(props: {
const locale = getLocale();
const t = await getTranslations({ locale, namespace: "idp" });
const { organization } = searchParams;
const { organization, userId } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const loginSettings = await getLoginSettings({
serviceUrl,
organization,
});
let authMethods: AuthenticationMethodType[] = [];
let user: User | undefined = undefined;
let human: HumanUser | undefined = undefined;
const params = new URLSearchParams({});
if (organization) {
params.set("organization", organization);
}
if (userId) {
params.set("userId", userId);
}
if (userId) {
const userResponse = await getUserByID({
serviceUrl,
userId,
});
if (userResponse) {
user = userResponse.user;
if (user?.type.case === "human") {
human = user.type.value as HumanUser;
}
if (user?.preferredLoginName) {
params.set("loginName", user.preferredLoginName);
}
}
const authMethodsResponse = await listAuthenticationMethodTypes({
serviceUrl,
userId,
});
if (authMethodsResponse.authMethodTypes) {
authMethods = authMethodsResponse.authMethodTypes;
}
}
return (
<DynamicTheme branding={branding}>
<div className="flex flex-col items-center space-y-4">
<h1>{t("loginError.title")}</h1>
<p className="ztdl-p">{t("loginError.description")}</p>
<Alert type={AlertType.ALERT}>{t("loginError.description")}</Alert>
{userId && authMethods.length && (
<>
{user && human && (
<UserAvatar
loginName={user.preferredLoginName}
displayName={human?.profile?.displayName}
showDropdown={false}
/>
)}
<ChooseAuthenticatorToLogin
authMethods={authMethods}
loginSettings={loginSettings}
params={params}
></ChooseAuthenticatorToLogin>
</>
)}
</div>
</DynamicTheme>
);

32
apps/login/src/app/(login)/idp/[provider]/success/page.tsx
View File

@@ -40,11 +40,11 @@ export default async function Page(props: {
const { provider } = params;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -54,7 +54,7 @@ export default async function Page(props: {
const intent = await retrieveIDPIntent({
serviceUrl,
serviceRegion,
id,
token,
});
@@ -79,7 +79,7 @@ export default async function Page(props: {
const idp = await getIDPByID({
serviceUrl,
serviceRegion,
id: idpInformation.idpId,
});
const options = idp?.config?.options;
@@ -100,7 +100,7 @@ export default async function Page(props: {
try {
idpLink = await addIDPLink({
serviceUrl,
serviceRegion,
idp: {
id: idpInformation.idpId,
userId: idpInformation.userId,
@@ -131,23 +131,21 @@ export default async function Page(props: {
const email = PROVIDER_MAPPING[providerType](idpInformation).email?.email;
if (options.autoLinking === AutoLinkingOption.EMAIL && email) {
foundUser = await listUsers({ serviceUrl, serviceRegion, email }).then(
(response) => {
return response.result ? response.result[0] : null;
},
);
foundUser = await listUsers({ serviceUrl, email }).then((response) => {
return response.result ? response.result[0] : null;
});
} else if (options.autoLinking === AutoLinkingOption.USERNAME) {
foundUser = await listUsers(
options.autoLinking === AutoLinkingOption.USERNAME
? { serviceUrl, serviceRegion, userName: idpInformation.userName }
: { serviceUrl, serviceRegion, email },
? { serviceUrl, userName: idpInformation.userName }
: { serviceUrl, email },
).then((response) => {
return response.result ? response.result[0] : null;
});
} else {
foundUser = await listUsers({
serviceUrl,
serviceRegion,
userName: idpInformation.userName,
email,
}).then((response) => {
@@ -160,7 +158,7 @@ export default async function Page(props: {
try {
idpLink = await addIDPLink({
serviceUrl,
serviceRegion,
idp: {
id: idpInformation.idpId,
userId: idpInformation.userId,
@@ -203,7 +201,7 @@ export default async function Page(props: {
// this just returns orgs where the suffix is set as primary domain
const orgs = await getOrgsByDomain({
serviceUrl,
serviceRegion,
domain: suffix,
});
const orgToCheckForDiscovery =
@@ -211,7 +209,7 @@ export default async function Page(props: {
const orgLoginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: orgToCheckForDiscovery,
});
if (orgLoginSettings?.allowDomainDiscovery) {
@@ -232,7 +230,7 @@ export default async function Page(props: {
const newUser = await addHuman({
serviceUrl,
serviceRegion,
request: userData,
});

6
apps/login/src/app/(login)/idp/page.tsx
View File

@@ -16,11 +16,11 @@ export default async function Page(props: {
const organization = searchParams?.organization;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const identityProviders = await getActiveIdentityProviders({
serviceUrl,
serviceRegion,
orgId: organization,
}).then((resp) => {
return resp.identityProviders;
@@ -28,7 +28,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});

10
apps/login/src/app/(login)/invite/page.tsx
View File

@@ -21,10 +21,10 @@ export default async function Page(props: {
let { firstname, lastname, email, organization } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
if (!organization) {
const org = await getDefaultOrg({ serviceUrl, serviceRegion });
const org = await getDefaultOrg({ serviceUrl });
if (!org) {
throw new Error("No default organization found");
}
@@ -34,19 +34,19 @@ export default async function Page(props: {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
const passwordComplexitySettings = await getPasswordComplexitySettings({
serviceUrl,
serviceRegion,
organization,
});
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});

8
apps/login/src/app/(login)/invite/success/page.tsx
View File

@@ -19,10 +19,10 @@ export default async function Page(props: {
let { userId, organization } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
if (!organization) {
const org = await getDefaultOrg({ serviceUrl, serviceRegion });
const org = await getDefaultOrg({ serviceUrl });
if (!org) {
throw new Error("No default organization found");
}
@@ -32,7 +32,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -41,7 +41,7 @@ export default async function Page(props: {
if (userId) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId,
});
if (userResponse) {

11
apps/login/src/app/(login)/loginname/page.tsx
View File

@@ -26,13 +26,12 @@ export default async function Page(props: {
const submit: boolean = searchParams?.submit === "true";
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
let defaultOrganization;
if (!organization) {
const org: Organization | null = await getDefaultOrg({
serviceUrl,
serviceRegion,
});
if (org) {
defaultOrganization = org.id;
@@ -41,19 +40,19 @@ export default async function Page(props: {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: organization ?? defaultOrganization,
});
const contextLoginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
const identityProviders = await getActiveIdentityProviders({
serviceUrl,
serviceRegion,
orgId: organization ?? defaultOrganization,
}).then((resp) => {
return resp.identityProviders;
@@ -61,7 +60,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization: organization ?? defaultOrganization,
});

12
apps/login/src/app/(login)/mfa/page.tsx
View File

@@ -25,7 +25,7 @@ export default async function Page(props: {
const { loginName, requestId, organization, sessionId } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionFactors = sessionId
? await loadSessionById(serviceUrl, sessionId, organization)
@@ -38,7 +38,7 @@ export default async function Page(props: {
) {
return loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -47,7 +47,7 @@ export default async function Page(props: {
if (session && session.factors?.user?.id) {
return listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
}).then((methods) => {
return {
@@ -67,14 +67,14 @@ export default async function Page(props: {
const recent = await getSessionCookieById({ sessionId, organization });
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((response) => {
if (response?.session && response.session.factors?.user?.id) {
return listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: response.session.factors.user.id,
}).then((methods) => {
return {
@@ -88,7 +88,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});

14
apps/login/src/app/(login)/mfa/set/page.tsx
View File

@@ -46,7 +46,7 @@ export default async function Page(props: {
searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionWithData = sessionId
? await loadSessionById(serviceUrl, sessionId, organization)
@@ -61,10 +61,10 @@ export default async function Page(props: {
return listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId,
}).then((methods) => {
return getUserByID({ serviceUrl, serviceRegion, userId }).then((user) => {
return getUserByID({ serviceUrl, userId }).then((user) => {
const humanUser =
user.user?.type.case === "human" ? user.user?.type.value : undefined;
@@ -86,7 +86,7 @@ export default async function Page(props: {
) {
return loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -104,7 +104,7 @@ export default async function Page(props: {
const recent = await getSessionCookieById({ sessionId, organization });
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((sessionResponse) => {
@@ -114,12 +114,12 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: sessionWithData.factors?.user?.organizationId,
});

10
apps/login/src/app/(login)/otp/[method]/page.tsx
View File

@@ -24,7 +24,7 @@ export default async function Page(props: {
const tError = await getTranslations({ locale, namespace: "error" });
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -47,7 +47,7 @@ export default async function Page(props: {
? await loadSessionById(serviceUrl, sessionId, organization)
: await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: { loginName, organization },
});
@@ -59,7 +59,7 @@ export default async function Page(props: {
const recent = await getSessionCookieById({ sessionId, organization });
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((response) => {
@@ -72,13 +72,13 @@ export default async function Page(props: {
// email links do not come with organization, thus we need to use the session's organization
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization: organization ?? session?.factors?.user?.organizationId,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: organization ?? session?.factors?.user?.organizationId,
});

14
apps/login/src/app/(login)/otp/[method]/set/page.tsx
View File

@@ -34,22 +34,22 @@ export default async function Page(props: {
const { method } = params;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
const session = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -61,7 +61,7 @@ export default async function Page(props: {
if (method === "time-based") {
await registerTOTP({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
})
.then((resp) => {
@@ -76,7 +76,7 @@ export default async function Page(props: {
// does not work
await addOTPSMS({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
}).catch((error) => {
error = new Error("Could not add OTP via SMS");
@@ -85,7 +85,7 @@ export default async function Page(props: {
// works
await addOTPEmail({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
}).catch((error) => {
error = new Error("Could not add OTP via Email");

8
apps/login/src/app/(login)/passkey/page.tsx
View File

@@ -21,13 +21,13 @@ export default async function Page(props: {
searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionFactors = sessionId
? await loadSessionById(serviceUrl, sessionId, organization)
: await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: { loginName, organization },
});
@@ -39,7 +39,7 @@ export default async function Page(props: {
const recent = await getSessionCookieById({ sessionId, organization });
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((response) => {
@@ -51,7 +51,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});

6
apps/login/src/app/(login)/passkey/set/page.tsx
View File

@@ -19,11 +19,11 @@ export default async function Page(props: {
const { loginName, prompt, organization, requestId, userId } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const session = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -32,7 +32,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});

10
apps/login/src/app/(login)/password/change/page.tsx
View File

@@ -16,7 +16,7 @@ export default async function Page(props: {
searchParams: Promise<Record<string | number | symbol, string | undefined>>;
}) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const searchParams = await props.searchParams;
const locale = getLocale();
@@ -28,7 +28,7 @@ export default async function Page(props: {
// also allow no session to be found (ignoreUnkownUsername)
const sessionFactors = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -37,19 +37,19 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const passwordComplexity = await getPasswordComplexitySettings({
serviceUrl,
serviceRegion,
organization: sessionFactors?.factors?.user?.organizationId,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: sessionFactors?.factors?.user?.organizationId,
});

9
apps/login/src/app/(login)/password/page.tsx
View File

@@ -25,13 +25,12 @@ export default async function Page(props: {
let { loginName, organization, requestId, alt } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
let defaultOrganization;
if (!organization) {
const org: Organization | null = await getDefaultOrg({
serviceUrl,
serviceRegion,
});
if (org) {
@@ -44,7 +43,7 @@ export default async function Page(props: {
try {
sessionFactors = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -57,12 +56,12 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization: organization ?? defaultOrganization,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: organization ?? defaultOrganization,
});

12
apps/login/src/app/(login)/password/set/page.tsx
View File

@@ -27,14 +27,14 @@ export default async function Page(props: {
searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
// also allow no session to be found (ignoreUnkownUsername)
let session: Session | undefined;
if (loginName) {
session = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -44,19 +44,19 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const passwordComplexity = await getPasswordComplexitySettings({
serviceUrl,
serviceRegion,
organization: session?.factors?.user?.organizationId,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -65,7 +65,7 @@ export default async function Page(props: {
if (userId) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId,
});
user = userResponse.user;

11
apps/login/src/app/(login)/register/page.tsx
View File

@@ -22,12 +22,11 @@ export default async function Page(props: {
let { firstname, lastname, email, organization, requestId } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
if (!organization) {
const org: Organization | null = await getDefaultOrg({
serviceUrl,
serviceRegion,
});
if (org) {
organization = org.id;
@@ -36,24 +35,24 @@ export default async function Page(props: {
const legal = await getLegalAndSupportSettings({
serviceUrl,
serviceRegion,
organization,
});
const passwordComplexitySettings = await getPasswordComplexitySettings({
serviceUrl,
serviceRegion,
organization,
});
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});

11
apps/login/src/app/(login)/register/password/page.tsx
View File

@@ -22,12 +22,11 @@ export default async function Page(props: {
let { firstname, lastname, email, organization, requestId } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
if (!organization) {
const org: Organization | null = await getDefaultOrg({
serviceUrl,
serviceRegion,
});
if (org) {
organization = org.id;
@@ -38,24 +37,24 @@ export default async function Page(props: {
const legal = await getLegalAndSupportSettings({
serviceUrl,
serviceRegion,
organization,
});
const passwordComplexitySettings = await getPasswordComplexitySettings({
serviceUrl,
serviceRegion,
organization,
});
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});

14
apps/login/src/app/(login)/signedin/page.tsx
View File

@@ -24,7 +24,7 @@ import { redirect } from "next/navigation";
async function loadSession(
serviceUrl: string,
serviceRegion: string,
loginName: string,
requestId?: string,
) {
@@ -33,7 +33,7 @@ async function loadSession(
if (requestId && requestId.startsWith("oidc_")) {
return createCallback({
serviceUrl,
serviceRegion,
req: create(CreateCallbackRequestSchema, {
authRequestId: requestId,
callbackKind: {
@@ -68,7 +68,7 @@ async function loadSession(
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((response) => {
@@ -84,19 +84,19 @@ export default async function Page(props: { searchParams: Promise<any> }) {
const t = await getTranslations({ locale, namespace: "signedin" });
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const { loginName, requestId, organization } = searchParams;
const sessionFactors = await loadSession(
serviceUrl,
serviceRegion,
loginName,
requestId,
);
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -104,7 +104,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
if (!requestId) {
loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
}

8
apps/login/src/app/(login)/u2f/page.tsx
View File

@@ -20,7 +20,7 @@ export default async function Page(props: {
const { loginName, requestId, sessionId, organization } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -29,7 +29,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -37,7 +37,7 @@ export default async function Page(props: {
? await loadSessionById(serviceUrl, sessionId, organization)
: await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: { loginName, organization },
});
@@ -49,7 +49,7 @@ export default async function Page(props: {
const recent = await getSessionCookieById({ sessionId, organization });
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((response) => {

6
apps/login/src/app/(login)/u2f/set/page.tsx
View File

@@ -19,11 +19,11 @@ export default async function Page(props: {
const { loginName, organization, requestId, checkAfter } = searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionFactors = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -32,7 +32,7 @@ export default async function Page(props: {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});

12
apps/login/src/app/(login)/verify/page.tsx
View File

@@ -26,7 +26,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
searchParams;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -35,7 +35,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
const branding = await getBrandingSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -49,7 +49,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
if ("loginName" in searchParams) {
sessionFactors = await loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -59,7 +59,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
if (doSend && sessionFactors?.factors?.user?.id) {
await sendEmailCode({
serviceUrl,
serviceRegion,
userId: sessionFactors?.factors?.user?.id,
urlTemplate:
`${host.includes("localhost") ? "http://" : "https://"}${host}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}&invite=true` +
@@ -73,7 +73,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
if (doSend) {
await sendEmailCode({
serviceUrl,
serviceRegion,
userId,
urlTemplate:
`${host.includes("localhost") ? "http://" : "https://"}${host}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}&invite=true` +
@@ -86,7 +86,7 @@ export default async function Page(props: { searchParams: Promise<any> }) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId,
});
if (userResponse) {

30
apps/login/src/app/login/route.ts
View File

@@ -56,16 +56,14 @@ const gotoAccounts = ({
async function loadSessions({
serviceUrl,
serviceRegion,
ids,
}: {
serviceUrl: string;
serviceRegion: string;
ids: string[];
}): Promise<Session[]> {
const response = await listSessions({
serviceUrl,
serviceRegion,
ids: ids.filter((id: string | undefined) => !!id),
});
@@ -78,7 +76,7 @@ const IDP_SCOPE_REGEX = /urn:zitadel:iam:org:idp:id:(.+)/;
export async function GET(request: NextRequest) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const searchParams = request.nextUrl.searchParams;
@@ -103,7 +101,7 @@ export async function GET(request: NextRequest) {
const ids = sessionCookies.map((s) => s.id);
let sessions: Session[] = [];
if (ids && ids.length) {
sessions = await loadSessions({ serviceUrl, serviceRegion, ids });
sessions = await loadSessions({ serviceUrl, ids });
}
if (requestId && sessionId) {
@@ -111,7 +109,6 @@ export async function GET(request: NextRequest) {
// this finishes the login process for OIDC
await loginWithOIDCandSession({
serviceUrl,
serviceRegion,
authRequest: requestId.replace("oidc_", ""),
sessionId,
sessions,
@@ -122,7 +119,6 @@ export async function GET(request: NextRequest) {
// this finishes the login process for SAML
await loginWithSAMLandSession({
serviceUrl,
serviceRegion,
samlRequest: requestId.replace("saml_", ""),
sessionId,
sessions,
@@ -134,7 +130,6 @@ export async function GET(request: NextRequest) {
if (requestId && requestId.startsWith("oidc_")) {
const { authRequest } = await getAuthRequest({
serviceUrl,
serviceRegion,
authRequestId: requestId.replace("oidc_", ""),
});
@@ -165,7 +160,7 @@ export async function GET(request: NextRequest) {
if (orgDomain) {
const orgs = await getOrgsByDomain({
serviceUrl,
serviceRegion,
domain: orgDomain,
});
if (orgs.result && orgs.result.length === 1) {
@@ -182,7 +177,7 @@ export async function GET(request: NextRequest) {
const identityProviders = await getActiveIdentityProviders({
serviceUrl,
serviceRegion,
orgId: organization ? organization : undefined,
}).then((resp) => {
return resp.identityProviders;
@@ -208,7 +203,7 @@ export async function GET(request: NextRequest) {
return startIdentityProviderFlow({
serviceUrl,
serviceRegion,
idpId,
urls: {
successUrl:
@@ -305,7 +300,7 @@ export async function GET(request: NextRequest) {
**/
const selectedSession = await findValidSession({
serviceUrl,
serviceRegion,
sessions,
authRequest,
});
@@ -335,7 +330,7 @@ export async function GET(request: NextRequest) {
const { callbackUrl } = await createCallback({
serviceUrl,
serviceRegion,
req: create(CreateCallbackRequestSchema, {
authRequestId: requestId.replace("oidc_", ""),
callbackKind: {
@@ -349,7 +344,6 @@ export async function GET(request: NextRequest) {
// check for loginHint, userId hint and valid sessions
let selectedSession = await findValidSession({
serviceUrl,
serviceRegion,
sessions,
authRequest,
});
@@ -384,7 +378,7 @@ export async function GET(request: NextRequest) {
try {
const { callbackUrl } = await createCallback({
serviceUrl,
serviceRegion,
req: create(CreateCallbackRequestSchema, {
authRequestId: requestId.replace("oidc_", ""),
callbackKind: {
@@ -426,7 +420,8 @@ export async function GET(request: NextRequest) {
}
if (organization) {
loginNameUrl.searchParams.set("organization", organization);
loginNameUrl.searchParams.append("organization", organization);
// loginNameUrl.searchParams.set("organization", organization);
}
return NextResponse.redirect(loginNameUrl);
@@ -435,11 +430,8 @@ export async function GET(request: NextRequest) {
// handle saml request
const { samlRequest } = await getSAMLRequest({
serviceUrl,
serviceRegion,
samlRequestId: requestId.replace("saml_", ""),
});
samlRequest?.
} else {
return NextResponse.json(
{ error: "No authRequest nor samlRequest provided" },

38
apps/login/src/components/choose-authenticator-to-login.tsx Normal file
View File

@@ -0,0 +1,38 @@
import {
LoginSettings,
PasskeysType,
} from "@zitadel/proto/zitadel/settings/v2/login_settings_pb";
import { AuthenticationMethodType } from "@zitadel/proto/zitadel/user/v2/user_service_pb";
import { useTranslations } from "next-intl";
import { PASSKEYS, PASSWORD } from "./auth-methods";
type Props = {
authMethods: AuthenticationMethodType[];
params: URLSearchParams;
loginSettings: LoginSettings | undefined;
};
export function ChooseAuthenticatorToLogin({
authMethods,
params,
loginSettings,
}: Props) {
const t = useTranslations("idp");
return (
<>
{authMethods.includes(AuthenticationMethodType.PASSWORD) &&
loginSettings?.allowUsernamePassword && (
<div className="ztdl-p">Choose an alternative method to login </div>
)}
<div className="grid grid-cols-1 gap-5 w-full pt-4">
{authMethods.includes(AuthenticationMethodType.PASSWORD) &&
loginSettings?.allowUsernamePassword &&
PASSWORD(false, "/password?" + params)}
{authMethods.includes(AuthenticationMethodType.PASSKEY) &&
loginSettings?.passkeysType == PasskeysType.ALLOWED &&
PASSKEYS(false, "/passkey?" + params)}
</div>
</>
);
}

35
apps/login/src/lib/api.ts
View File

@@ -1,37 +1,14 @@
import { newSystemToken } from "@zitadel/client/node";
export async function systemAPIToken({
serviceRegion,
}: {
serviceRegion: string;
}) {
const prefix = serviceRegion.toUpperCase();
export async function systemAPIToken() {
const token = {
audience: process.env[prefix + "_AUDIENCE"],
userID: process.env[prefix + "_SYSTEM_USER_ID"],
token: Buffer.from(
process.env[prefix.toUpperCase() + "_SYSTEM_USER_PRIVATE_KEY"] as string,
"base64",
).toString("utf-8"),
audience: process.env.AUDIENCE,
userID: process.env.SYSTEM_USER_ID,
token: Buffer.from(process.env.SYSTEM_USER_PRIVATE_KEY, "base64").toString(
"utf-8",
),
};
if (!token.audience || !token.userID || !token.token) {
const fallbackToken = {
audience: process.env.AUDIENCE,
userID: process.env.SYSTEM_USER_ID,
token: Buffer.from(
process.env.SYSTEM_USER_PRIVATE_KEY,
"base64",
).toString("utf-8"),
};
return newSystemToken({
audience: fallbackToken.audience,
subject: fallbackToken.userID,
key: fallbackToken.token,
});
}
return newSystemToken({
audience: token.audience,
subject: token.userID,

5
apps/login/src/lib/oidc.ts
View File

@@ -12,7 +12,6 @@ import { isSessionValid } from "./session";
type LoginWithOIDCandSession = {
serviceUrl: string;
serviceRegion: string;
authRequest: string;
sessionId: string;
sessions: Session[];
@@ -21,7 +20,6 @@ type LoginWithOIDCandSession = {
};
export async function loginWithOIDCandSession({
serviceUrl,
serviceRegion,
authRequest,
sessionId,
sessions,
@@ -39,7 +37,6 @@ export async function loginWithOIDCandSession({
const isValid = await isSessionValid({
serviceUrl,
serviceRegion,
session: selectedSession,
});
@@ -76,7 +73,6 @@ export async function loginWithOIDCandSession({
try {
const { callbackUrl } = await createCallback({
serviceUrl,
serviceRegion,
req: create(CreateCallbackRequestSchema, {
authRequestId: authRequest,
callbackKind: {
@@ -104,7 +100,6 @@ export async function loginWithOIDCandSession({
) {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: selectedSession.factors?.user?.organizationId,
});

5
apps/login/src/lib/saml.ts
View File

@@ -9,7 +9,6 @@ import { isSessionValid } from "./session";
type LoginWithSAMLandSession = {
serviceUrl: string;
serviceRegion: string;
samlRequest: string;
sessionId: string;
sessions: Session[];
@@ -19,7 +18,6 @@ type LoginWithSAMLandSession = {
export async function loginWithSAMLandSession({
serviceUrl,
serviceRegion,
samlRequest,
sessionId,
sessions,
@@ -37,7 +35,6 @@ export async function loginWithSAMLandSession({
const isValid = await isSessionValid({
serviceUrl,
serviceRegion,
session: selectedSession,
});
@@ -74,7 +71,6 @@ export async function loginWithSAMLandSession({
try {
const { url } = await createResponse({
serviceUrl,
serviceRegion,
req: create(CreateResponseRequestSchema, {
samlRequestId: samlRequest,
responseKind: {
@@ -102,7 +98,6 @@ export async function loginWithSAMLandSession({
) {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: selectedSession.factors?.user?.organizationId,
});

4
apps/login/src/lib/self.ts
View File

@@ -26,13 +26,13 @@ export async function setMyPassword({
password: string;
}) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionCookie = await getSessionCookieById({ sessionId });
const { session } = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});

18
apps/login/src/lib/server/cookie.ts
View File

@@ -53,11 +53,11 @@ export async function createSessionAndUpdateCookie(
lifetime?: Duration,
): Promise<Session> {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const createdSession = await createSessionFromChecks({
serviceUrl,
serviceRegion,
checks,
challenges,
lifetime,
@@ -66,7 +66,7 @@ export async function createSessionAndUpdateCookie(
if (createdSession) {
return getSession({
serviceUrl,
serviceRegion,
sessionId: createdSession.sessionId,
sessionToken: createdSession.sessionToken,
}).then((response) => {
@@ -117,11 +117,11 @@ export async function createSessionForIdpAndUpdateCookie(
lifetime?: Duration,
): Promise<Session> {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const createdSession = await createSessionForUserIdAndIdpIntent({
serviceUrl,
serviceRegion,
userId,
idpIntent,
lifetime,
@@ -142,7 +142,7 @@ export async function createSessionForIdpAndUpdateCookie(
const { session } = await getSession({
serviceUrl,
serviceRegion,
sessionId: createdSession.sessionId,
sessionToken: createdSession.sessionToken,
});
@@ -190,11 +190,11 @@ export async function setSessionAndUpdateCookie(
lifetime?: Duration,
) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
return setSession({
serviceUrl,
serviceRegion,
sessionId: recentCookie.id,
sessionToken: recentCookie.token,
challenges,
@@ -222,7 +222,7 @@ export async function setSessionAndUpdateCookie(
return getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
}).then((response) => {

10
apps/login/src/lib/server/idp.ts
View File

@@ -19,7 +19,7 @@ export type StartIDPFlowCommand = {
export async function startIDPFlow(command: StartIDPFlowCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -28,7 +28,7 @@ export async function startIDPFlow(command: StartIDPFlowCommand) {
return startIdentityProviderFlow({
serviceUrl,
serviceRegion,
idpId: command.idpId,
urls: {
successUrl: `${host.includes("localhost") ? "http://" : "https://"}${host}${command.successUrl}`,
@@ -61,7 +61,7 @@ export async function createNewSessionFromIdpIntent(
command: CreateNewSessionCommand,
) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -74,7 +74,7 @@ export async function createNewSessionFromIdpIntent(
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: command.userId,
});
@@ -84,7 +84,7 @@ export async function createNewSessionFromIdpIntent(
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: userResponse.user.details?.resourceOwner,
});

6
apps/login/src/lib/server/invite.ts
View File

@@ -22,7 +22,7 @@ export type RegisterUserResponse = {
export async function inviteUser(command: InviteUserCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -31,7 +31,7 @@ export async function inviteUser(command: InviteUserCommand) {
const human = await addHumanUser({
serviceUrl,
serviceRegion,
email: command.email,
firstName: command.firstName,
lastName: command.lastName,
@@ -45,7 +45,7 @@ export async function inviteUser(command: InviteUserCommand) {
const codeResponse = await createInviteCode({
serviceUrl,
serviceRegion,
urlTemplate: `${host.includes("localhost") ? "http://" : "https://"}${host}/verify?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}&invite=true`,
userId: human.userId,
});

30
apps/login/src/lib/server/loginname.ts
View File

@@ -34,7 +34,7 @@ const ORG_SUFFIX_REGEX = /(?<=@)(.+)/;
export async function sendLoginname(command: SendLoginnameCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -43,7 +43,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const loginSettingsByContext = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: command.organization,
});
@@ -53,7 +53,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
let searchUsersRequest: SearchUsersCommand = {
serviceUrl,
serviceRegion,
searchValue: command.loginName,
organizationId: command.organization,
loginSettings: loginSettingsByContext,
@@ -75,7 +75,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const redirectUserToSingleIDPIfAvailable = async () => {
const identityProviders = await getActiveIdentityProviders({
serviceUrl,
serviceRegion,
orgId: command.organization,
}).then((resp) => {
return resp.identityProviders;
@@ -83,7 +83,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
if (identityProviders.length === 1) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -106,7 +106,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const resp = await startIdentityProviderFlow({
serviceUrl,
serviceRegion,
idpId: identityProviders[0].id,
urls: {
successUrl:
@@ -127,7 +127,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const redirectUserToIDP = async (userId: string) => {
const identityProviders = await listIDPLinks({
serviceUrl,
serviceRegion,
userId,
}).then((resp) => {
return resp.result;
@@ -135,7 +135,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
if (identityProviders.length === 1) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -146,7 +146,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const idp = await getIDPByID({
serviceUrl,
serviceRegion,
id: identityProviderId,
});
@@ -159,7 +159,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const identityProviderType = idpTypeToIdentityProviderType(idpType);
const provider = idpTypeToSlug(identityProviderType);
const params = new URLSearchParams();
const params = new URLSearchParams({ userId });
if (command.requestId) {
params.set("requestId", command.requestId);
@@ -171,7 +171,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const resp = await startIdentityProviderFlow({
serviceUrl,
serviceRegion,
idpId: idp.id,
urls: {
successUrl:
@@ -197,7 +197,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const userLoginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: user.details?.resourceOwner,
});
@@ -256,7 +256,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const methods = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: session.factors?.user?.id,
});
@@ -415,7 +415,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
// this just returns orgs where the suffix is set as primary domain
const orgs = await getOrgsByDomain({
serviceUrl,
serviceRegion,
domain: suffix,
});
const orgToCheckForDiscovery =
@@ -423,7 +423,7 @@ export async function sendLoginname(command: SendLoginnameCommand) {
const orgLoginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: orgToCheckForDiscovery,
});
if (orgLoginSettings?.allowDomainDiscovery) {

4
apps/login/src/lib/server/otp.ts
View File

@@ -27,7 +27,7 @@ export type SetOTPCommand = {
export async function setOTP(command: SetOTPCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const recentSession = command.sessionId
? await getSessionCookieById({ sessionId: command.sessionId }).catch(
@@ -64,7 +64,7 @@ export async function setOTP(command: SetOTPCommand) {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: command.organization,
});

20
apps/login/src/lib/server/passkeys.ts
View File

@@ -43,7 +43,7 @@ export async function registerPasskeyLink(
const { sessionId } = command;
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -53,7 +53,7 @@ export async function registerPasskeyLink(
const sessionCookie = await getSessionCookieById({ sessionId });
const session = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});
@@ -74,7 +74,7 @@ export async function registerPasskeyLink(
// use session token to add the passkey
const registerLink = await createPasskeyRegistrationLink({
serviceUrl,
serviceRegion,
userId,
});
@@ -84,7 +84,7 @@ export async function registerPasskeyLink(
return registerPasskey({
serviceUrl,
serviceRegion,
userId,
code: registerLink.code,
domain: hostname,
@@ -93,7 +93,7 @@ export async function registerPasskeyLink(
export async function verifyPasskeyRegistration(command: VerifyPasskeyCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
// if no name is provided, try to generate one from the user agent
let passkeyName = command.passkeyName;
@@ -112,7 +112,7 @@ export async function verifyPasskeyRegistration(command: VerifyPasskeyCommand) {
});
const session = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});
@@ -124,7 +124,7 @@ export async function verifyPasskeyRegistration(command: VerifyPasskeyCommand) {
return zitadelVerifyPasskeyRegistration({
serviceUrl,
serviceRegion,
request: create(VerifyPasskeyRegistrationRequestSchema, {
passkeyId: command.passkeyId,
publicKeyCredential: command.publicKeyCredential,
@@ -158,11 +158,11 @@ export async function sendPasskey(command: SendPasskeyCommand) {
}
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -186,7 +186,7 @@ export async function sendPasskey(command: SendPasskeyCommand) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: session?.factors?.user?.id,
});

56
apps/login/src/lib/server/password.ts
View File

@@ -47,7 +47,7 @@ type ResetPasswordCommand = {
export async function resetPassword(command: ResetPasswordCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -56,7 +56,7 @@ export async function resetPassword(command: ResetPasswordCommand) {
const users = await listUsers({
serviceUrl,
serviceRegion,
loginName: command.loginName,
organizationId: command.organization,
});
@@ -72,7 +72,7 @@ export async function resetPassword(command: ResetPasswordCommand) {
return passwordReset({
serviceUrl,
serviceRegion,
userId,
urlTemplate:
`${host.includes("localhost") ? "http://" : "https://"}${host}/password/set?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}` +
@@ -89,7 +89,7 @@ export type UpdateSessionCommand = {
export async function sendPassword(command: UpdateSessionCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
let sessionCookie = await getSessionCookieByLoginName({
loginName: command.loginName,
@@ -105,7 +105,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
if (!sessionCookie) {
const users = await listUsers({
serviceUrl,
serviceRegion,
loginName: command.loginName,
organizationId: command.organization,
});
@@ -120,7 +120,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: command.organization,
});
@@ -135,7 +135,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
if ("failedAttempts" in error && error.failedAttempts) {
const lockoutSettings = await getLockoutSettings({
serviceUrl,
serviceRegion,
orgId: command.organization,
});
@@ -167,7 +167,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
if ("failedAttempts" in error && error.failedAttempts) {
const lockoutSettings = await getLockoutSettings({
serviceUrl,
serviceRegion,
orgId: command.organization,
});
@@ -189,7 +189,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: session?.factors?.user?.id,
});
@@ -203,7 +203,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
if (!loginSettings) {
loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization:
command.organization ?? session.factors?.user?.organizationId,
});
@@ -217,7 +217,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
const expirySettings = await getPasswordExpirySettings({
serviceUrl,
serviceRegion,
orgId: command.organization ?? session.factors?.user?.organizationId,
});
@@ -256,7 +256,7 @@ export async function sendPassword(command: UpdateSessionCommand) {
if (command.checks && command.checks.password && session.factors?.user?.id) {
const response = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
});
if (response.authMethodTypes && response.authMethodTypes.length) {
@@ -311,12 +311,12 @@ export async function changePassword(command: {
password: string;
}) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
// check for init state
const { user } = await getUserByID({
serviceUrl,
serviceRegion,
userId: command.userId,
});
@@ -327,7 +327,7 @@ export async function changePassword(command: {
return setUserPassword({
serviceUrl,
serviceRegion,
userId,
password: command.password,
user,
@@ -345,13 +345,13 @@ export async function checkSessionAndSetPassword({
password,
}: CheckSessionAndSetPasswordCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionCookie = await getSessionCookieById({ sessionId });
const { session } = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});
@@ -370,7 +370,7 @@ export async function checkSessionAndSetPassword({
// check if the user has no password set in order to set a password
const authmethods = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
});
@@ -391,7 +391,7 @@ export async function checkSessionAndSetPassword({
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: session.factors.user.organizationId,
});
@@ -401,16 +401,14 @@ export async function checkSessionAndSetPassword({
// if the user has no MFA but MFA is enforced, we can set a password otherwise we use the token of the user
if (forceMfa && hasNoMFAMethods) {
return setPassword({ serviceUrl, serviceRegion, payload }).catch(
(error) => {
// throw error if failed precondition (ex. User is not yet initialized)
if (error.code === 9 && error.message) {
return { error: "Failed precondition" };
} else {
throw error;
}
},
);
return setPassword({ serviceUrl, payload }).catch((error) => {
// throw error if failed precondition (ex. User is not yet initialized)
if (error.code === 9 && error.message) {
return { error: "Failed precondition" };
} else {
throw error;
}
});
} else {
const transport = async (serviceUrl: string, token: string) => {
return createServerTransport(token, {

8
apps/login/src/lib/server/register.ts
View File

@@ -29,7 +29,7 @@ export type RegisterUserResponse = {
};
export async function registerUser(command: RegisterUserCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -38,7 +38,7 @@ export async function registerUser(command: RegisterUserCommand) {
const addResponse = await addHumanUser({
serviceUrl,
serviceRegion,
email: command.email,
firstName: command.firstName,
lastName: command.lastName,
@@ -52,7 +52,7 @@ export async function registerUser(command: RegisterUserCommand) {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: command.organization,
});
@@ -94,7 +94,7 @@ export async function registerUser(command: RegisterUserCommand) {
} else {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: session?.factors?.user?.id,
});

18
apps/login/src/lib/server/session.ts
View File

@@ -25,11 +25,11 @@ export async function continueWithSession({
...session
}: Session & { requestId?: string }) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: session.factors?.user?.organizationId,
});
@@ -83,7 +83,7 @@ export async function updateSession(options: UpdateSessionCommand) {
}
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -103,7 +103,7 @@ export async function updateSession(options: UpdateSessionCommand) {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization,
});
@@ -130,7 +130,7 @@ export async function updateSession(options: UpdateSessionCommand) {
if (checks && checks.password && session.factors?.user?.id) {
const response = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
});
if (response.authMethodTypes && response.authMethodTypes.length) {
@@ -152,7 +152,7 @@ type ClearSessionOptions = {
export async function clearSession(options: ClearSessionOptions) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const { sessionId } = options;
@@ -160,7 +160,7 @@ export async function clearSession(options: ClearSessionOptions) {
const deletedSession = await deleteSession({
serviceUrl,
serviceRegion,
sessionId: session.id,
sessionToken: session.token,
});
@@ -176,13 +176,13 @@ type CleanupSessionCommand = {
export async function cleanupSession({ sessionId }: CleanupSessionCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const sessionCookie = await getSessionCookieById({ sessionId });
const deleteResponse = await deleteSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});

12
apps/login/src/lib/server/u2f.ts
View File

@@ -21,7 +21,7 @@ type VerifyU2FCommand = {
export async function addU2F(command: RegisterU2FCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -38,7 +38,7 @@ export async function addU2F(command: RegisterU2FCommand) {
const session = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});
@@ -55,12 +55,12 @@ export async function addU2F(command: RegisterU2FCommand) {
return { error: "Could not get session" };
}
return registerU2F({ serviceUrl, serviceRegion, userId, domain: hostname });
return registerU2F({ serviceUrl, userId, domain: hostname });
}
export async function verifyU2F(command: VerifyU2FCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host || typeof host !== "string") {
@@ -83,7 +83,7 @@ export async function verifyU2F(command: VerifyU2FCommand) {
const session = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
});
@@ -101,5 +101,5 @@ export async function verifyU2F(command: VerifyU2FCommand) {
userId,
});
return verifyU2FRegistration({ serviceUrl, serviceRegion, request });
return verifyU2FRegistration({ serviceUrl, request });
}

43
apps/login/src/lib/server/verify.ts
View File

@@ -30,11 +30,11 @@ export async function verifyTOTP(
organization?: string,
) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
return loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams: {
loginName,
organization,
@@ -43,7 +43,7 @@ export async function verifyTOTP(
if (session?.factors?.user?.id) {
return verifyTOTPRegistration({
serviceUrl,
serviceRegion,
code,
userId: session.factors.user.id,
});
@@ -64,12 +64,12 @@ type VerifyUserByEmailCommand = {
export async function sendVerification(command: VerifyUserByEmailCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const verifyResponse = command.isInvite
? await verifyInviteCode({
serviceUrl,
serviceRegion,
userId: command.userId,
verificationCode: command.code,
}).catch(() => {
@@ -77,7 +77,7 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
})
: await verifyEmail({
serviceUrl,
serviceRegion,
userId: command.userId,
verificationCode: command.code,
}).catch(() => {
@@ -109,7 +109,7 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
session = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
}).then((response) => {
@@ -124,7 +124,7 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: session?.factors?.user?.id,
});
@@ -136,7 +136,7 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
} else {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: command.userId,
});
@@ -176,13 +176,13 @@ export async function sendVerification(command: VerifyUserByEmailCommand) {
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: user.details?.resourceOwner,
});
const authMethodResponse = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: user.userId,
});
@@ -253,7 +253,7 @@ type resendVerifyEmailCommand = {
export async function resendVerification(command: resendVerifyEmailCommand) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const host = _headers.get("host");
if (!host) {
@@ -261,11 +261,11 @@ export async function resendVerification(command: resendVerifyEmailCommand) {
}
return command.isInvite
? resendInviteCode({ serviceUrl, serviceRegion, userId: command.userId })
? resendInviteCode({ serviceUrl, userId: command.userId })
: resendEmailCode({
userId: command.userId,
serviceUrl,
serviceRegion,
urlTemplate:
`${host.includes("localhost") ? "http://" : "https://"}${host}/password/set?code={{.Code}}&userId={{.UserID}}&organization={{.OrgID}}` +
(command.requestId ? `&requestId=${command.requestId}` : ""),
@@ -274,7 +274,7 @@ export async function resendVerification(command: resendVerifyEmailCommand) {
type sendEmailCommand = {
serviceUrl: string;
serviceRegion: string;
userId: string;
urlTemplate: string;
};
@@ -282,7 +282,6 @@ type sendEmailCommand = {
export async function sendEmailCode(command: sendEmailCommand) {
return zitadelSendEmailCode({
serviceUrl: command.serviceUrl,
serviceRegion: command.serviceRegion,
userId: command.userId,
urlTemplate: command.urlTemplate,
});
@@ -300,7 +299,7 @@ export async function sendVerificationRedirectWithoutCheck(
command: SendVerificationRedirectWithoutCheckCommand,
) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
if (!("loginName" in command || "userId" in command)) {
return { error: "No userId, nor loginname provided" };
@@ -323,7 +322,7 @@ export async function sendVerificationRedirectWithoutCheck(
session = await getSession({
serviceUrl,
serviceRegion,
sessionId: sessionCookie.id,
sessionToken: sessionCookie.token,
}).then((response) => {
@@ -338,7 +337,7 @@ export async function sendVerificationRedirectWithoutCheck(
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: session?.factors?.user?.id,
});
@@ -350,7 +349,7 @@ export async function sendVerificationRedirectWithoutCheck(
} else if ("userId" in command) {
const userResponse = await getUserByID({
serviceUrl,
serviceRegion,
userId: command.userId,
});
@@ -390,7 +389,7 @@ export async function sendVerificationRedirectWithoutCheck(
const authMethodResponse = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: user.userId,
});
@@ -416,7 +415,7 @@ export async function sendVerificationRedirectWithoutCheck(
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: user.details?.resourceOwner,
});

52
apps/login/src/lib/service.ts
View File

@@ -22,17 +22,16 @@ type ServiceClass =
export async function createServiceForHost<T extends ServiceClass>(
service: T,
serviceUrl: string,
serviceRegion: string,
) {
let token;
// if we are running in a multitenancy context, use the system user token
if (
process.env[serviceRegion + "_AUDIENCE"] &&
process.env[serviceRegion + "_SYSTEM_USER_ID"] &&
process.env[serviceRegion + "_SYSTEM_USER_PRIVATE_KEY"]
process.env.AUDIENCE &&
process.env.SYSTEM_USER_ID &&
process.env.SYSTEM_USER_PRIVATE_KEY
) {
token = await systemAPIToken({ serviceRegion });
token = await systemAPIToken();
} else if (process.env.ZITADEL_SERVICE_USER_TOKEN) {
token = process.env.ZITADEL_SERVICE_USER_TOKEN;
}
@@ -45,39 +44,70 @@ export async function createServiceForHost<T extends ServiceClass>(
throw new Error("No token found");
}
const instanceHost = new URL(serviceUrl).host;
const transport = createServerTransport(token, {
baseUrl: serviceUrl,
baseUrl: process.env.ZITADEL_API_URL ?? serviceUrl,
interceptors:
(process.env.ZITADEL_API_URL &&
process.env.ZITADEL_API_URL != serviceUrl) ||
process.env.ZITADEL_INSTANCE_HOST_HEADER
? [
(next) => {
return (req) => {
req.header.set(
process.env.ZITADEL_INSTANCE_HOST_HEADER ??
"x-zitadel-instance-host",
instanceHost,
);
return next(req);
};
},
]
: undefined,
});
return createClientFor<T>(service)(transport);
}
/**
* Extracts the service url and region from the headers if used in a multitenant context (host, x-zitadel-forward-host header)
* or falls back to the ZITADEL_API_URL for a self hosting deployment
* or falls back to the host header for a self hosting deployment using custom domains
* @param headers
* @returns the service url and region from the headers
* @throws if the service url could not be determined
*
*/
export function getServiceUrlFromHeaders(headers: ReadonlyHeaders): {
serviceUrl: string;
serviceRegion: string;
} {
let instanceUrl: string = process.env.ZITADEL_API_URL;
let instanceUrl;
const forwardedHost = headers.get("x-zitadel-forward-host");
// use the forwarded host if available (multitenant), otherwise fall back to the host of the deployment itself
if (forwardedHost) {
instanceUrl = forwardedHost;
instanceUrl = instanceUrl.startsWith("https://")
instanceUrl = instanceUrl.startsWith("http://")
? instanceUrl
: `https://${instanceUrl}`;
} else if (process.env.ZITADEL_API_URL) {
instanceUrl = process.env.ZITADEL_API_URL;
} else {
const host = headers.get("host");
if (host) {
const [hostname, port] = host.split(":");
if (hostname !== "localhost") {
instanceUrl = host;
instanceUrl = host.startsWith("http") ? host : `https://${host}`;
}
}
}
if (!instanceUrl) {
throw new Error("Service URL could not be determined");
}
return {
serviceUrl: instanceUrl,
serviceRegion: headers.get("x-zitadel-region") || "",
};
}

15
apps/login/src/lib/session.ts
View File

@@ -12,7 +12,7 @@ import {
type LoadMostRecentSessionParams = {
serviceUrl: string;
serviceRegion: string;
sessionParams: {
loginName?: string;
organization?: string;
@@ -21,7 +21,7 @@ type LoadMostRecentSessionParams = {
export async function loadMostRecentSession({
serviceUrl,
serviceRegion,
sessionParams,
}: LoadMostRecentSessionParams): Promise<Session | undefined> {
const recent = await getMostRecentCookieWithLoginname({
@@ -31,7 +31,7 @@ export async function loadMostRecentSession({
return getSession({
serviceUrl,
serviceRegion,
sessionId: recent.id,
sessionToken: recent.token,
}).then((resp: GetSessionResponse) => resp.session);
@@ -43,11 +43,9 @@ export async function loadMostRecentSession({
**/
export async function isSessionValid({
serviceUrl,
serviceRegion,
session,
}: {
serviceUrl: string;
serviceRegion: string;
session: Session;
}): Promise<boolean> {
// session can't be checked without user
@@ -60,7 +58,6 @@ export async function isSessionValid({
const authMethodTypes = await listAuthenticationMethodTypes({
serviceUrl,
serviceRegion,
userId: session.factors.user.id,
});
@@ -110,7 +107,6 @@ export async function isSessionValid({
// only check settings if no auth methods are available, as this would require a setup
const loginSettings = await getLoginSettings({
serviceUrl,
serviceRegion,
organization: session.factors?.user?.organizationId,
});
if (loginSettings?.forceMfa || loginSettings?.forceMfaLocalOnly) {
@@ -154,12 +150,11 @@ export async function isSessionValid({
export async function findValidSession({
serviceUrl,
serviceRegion,
sessions,
authRequest,
}: {
serviceUrl: string;
serviceRegion: string;
sessions: Session[];
authRequest: AuthRequest;
}): Promise<Session | undefined> {
@@ -186,7 +181,7 @@ export async function findValidSession({
// return the first valid session according to settings
for (const session of sessionsWithHint) {
if (await isSessionValid({ serviceUrl, serviceRegion, session })) {
if (await isSessionValid({ serviceUrl, session })) {
return session;
}
}

285
apps/login/src/lib/zitadel.ts
View File

File diff suppressed because it is too large Load Diff

2
apps/login/src/middleware.ts
View File

@@ -23,7 +23,7 @@ export async function middleware(request: NextRequest) {
const _headers = await headers();
const { serviceUrl, serviceRegion } = getServiceUrlFromHeaders(_headers);
const { serviceUrl } = getServiceUrlFromHeaders(_headers);
const instanceHost = `${serviceUrl}`.replace("https://", "");

3
package.json
View File

@@ -5,6 +5,7 @@
"scripts": {
"generate": "turbo run generate",
"build": "turbo run build",
"build:docker": "rm -rf ./out ./docker && mkdir -p ./docker && turbo prune @zitadel/login --docker && cd ./docker && cp -r ../out/json/* . && pnpm install --frozen-lockfile && cp -r ../out/full/* . && turbo run build:standalone && cd ..",
"build:packages": "turbo run build --filter=./packages/*",
"build:apps": "turbo run build --filter=./apps/*",
"test": "turbo run test",
@@ -39,7 +40,7 @@
"@faker-js/faker": "^9.2.0",
"@changesets/cli": "^2.27.9",
"@playwright/test": "^1.48.2",
"@types/node": "^22.9.0",
"@types/node": "^20.17.17",
"@vitejs/plugin-react": "^4.3.3",
"@zitadel/prettier-config": "workspace:*",
"axios": "^1.7.7",

14
packages/zitadel-client/CHANGELOG.md
View File

@@ -1,5 +1,19 @@
# @zitadel/client
## 1.0.6
### Patch Changes
- 90fbdd1: use node16/nodenext module resolution
- Updated dependencies [90fbdd1]
- @zitadel/proto@1.0.3
## 1.0.5
### Patch Changes
- 4fa22c0: fix export for grpcweb transport
## 1.0.4
### Patch Changes

7
packages/zitadel-client/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@zitadel/client",
"version": "1.0.4",
"version": "1.0.6",
"license": "MIT",
"publishConfig": {
"access": "public"
@@ -31,6 +31,11 @@
"types": "./dist/node.d.ts",
"import": "./dist/node.js",
"require": "./dist/node.cjs"
},
"./web": {
"types": "./dist/web.d.ts",
"import": "./dist/web.js",
"require": "./dist/web.cjs"
}
},
"files": [

4
packages/zitadel-client/src/index.ts
View File

@@ -1,5 +1,5 @@
export { createClientFor, toDate } from "./helpers";
export { NewAuthorizationBearerInterceptor } from "./interceptors";
export { createClientFor, toDate } from "./helpers.js";
export { NewAuthorizationBearerInterceptor } from "./interceptors.js";
// TODO: Move this to `./protobuf.ts` and export it from there
export { create, fromJson, toJson } from "@bufbuild/protobuf";

2
packages/zitadel-client/src/interceptors.test.ts
View File

@@ -2,7 +2,7 @@ import { Int32Value } from "@bufbuild/protobuf/wkt";
import { compileService } from "@bufbuild/protocompile";
import { createRouterTransport, HandlerContext } from "@connectrpc/connect";
import { describe, expect, test, vitest } from "vitest";
import { NewAuthorizationBearerInterceptor } from "./interceptors";
import { NewAuthorizationBearerInterceptor } from "./interceptors.js";
const TestService = compileService(`
syntax = "proto3";

15
packages/zitadel-client/src/node.ts
View File

@@ -1,7 +1,6 @@
import { createGrpcTransport, GrpcTransportOptions } from "@connectrpc/connect-node";
import { createGrpcWebTransport } from "@connectrpc/connect-web";
import { importPKCS8, SignJWT } from "jose";
import { NewAuthorizationBearerInterceptor } from "./interceptors";
import { NewAuthorizationBearerInterceptor } from "./interceptors.js";
/**
* Create a server transport using grpc with the given token and configuration options.
@@ -15,18 +14,6 @@ export function createServerTransport(token: string, opts: GrpcTransportOptions)
});
}
/**
* Create a client transport using grpc web with the given token and configuration options.
* @param token
* @param opts
*/
export function createClientTransport(token: string, opts: GrpcTransportOptions) {
return createGrpcWebTransport({
...opts,
interceptors: [...(opts.interceptors || []), NewAuthorizationBearerInterceptor(token)],
});
}
export async function newSystemToken({
audience,
subject,

10
packages/zitadel-client/src/v1.ts
View File

@@ -1,9 +1,9 @@
import { createClientFor } from "./helpers";
import { createClientFor } from "./helpers.js";
import { AdminService } from "@zitadel/proto/zitadel/admin_pb";
import { AuthService } from "@zitadel/proto/zitadel/auth_pb";
import { ManagementService } from "@zitadel/proto/zitadel/management_pb";
import { SystemService } from "@zitadel/proto/zitadel/system_pb";
import { AdminService } from "@zitadel/proto/zitadel/admin_pb.js";
import { AuthService } from "@zitadel/proto/zitadel/auth_pb.js";
import { ManagementService } from "@zitadel/proto/zitadel/management_pb.js";
import { SystemService } from "@zitadel/proto/zitadel/system_pb.js";
export const createAdminServiceClient = createClientFor(AdminService);
export const createAuthServiceClient = createClientFor(AuthService);

20
packages/zitadel-client/src/v2.ts
View File

@@ -1,15 +1,15 @@
import { create } from "@bufbuild/protobuf";
import { FeatureService } from "@zitadel/proto/zitadel/feature/v2/feature_service_pb";
import { IdentityProviderService } from "@zitadel/proto/zitadel/idp/v2/idp_service_pb";
import { RequestContextSchema } from "@zitadel/proto/zitadel/object/v2/object_pb";
import { OIDCService } from "@zitadel/proto/zitadel/oidc/v2/oidc_service_pb";
import { OrganizationService } from "@zitadel/proto/zitadel/org/v2/org_service_pb";
import { SAMLService } from "@zitadel/proto/zitadel/saml/v2/saml_service_pb";
import { SessionService } from "@zitadel/proto/zitadel/session/v2/session_service_pb";
import { SettingsService } from "@zitadel/proto/zitadel/settings/v2/settings_service_pb";
import { UserService } from "@zitadel/proto/zitadel/user/v2/user_service_pb";
import { FeatureService } from "@zitadel/proto/zitadel/feature/v2/feature_service_pb.js";
import { IdentityProviderService } from "@zitadel/proto/zitadel/idp/v2/idp_service_pb.js";
import { RequestContextSchema } from "@zitadel/proto/zitadel/object/v2/object_pb.js";
import { OIDCService } from "@zitadel/proto/zitadel/oidc/v2/oidc_service_pb.js";
import { OrganizationService } from "@zitadel/proto/zitadel/org/v2/org_service_pb.js";
import { SAMLService } from "@zitadel/proto/zitadel/saml/v2/saml_service_pb.js";
import { SessionService } from "@zitadel/proto/zitadel/session/v2/session_service_pb.js";
import { SettingsService } from "@zitadel/proto/zitadel/settings/v2/settings_service_pb.js";
import { UserService } from "@zitadel/proto/zitadel/user/v2/user_service_pb.js";
import { createClientFor } from "./helpers";
import { createClientFor } from "./helpers.js";
export const createUserServiceClient = createClientFor(UserService);
export const createSettingsServiceClient = createClientFor(SettingsService);

6
packages/zitadel-client/src/v3alpha.ts
View File

@@ -1,6 +1,6 @@
import { ZITADELUsers } from "@zitadel/proto/zitadel/resources/user/v3alpha/user_service_pb";
import { ZITADELUserSchemas } from "@zitadel/proto/zitadel/resources/userschema/v3alpha/user_schema_service_pb";
import { createClientFor } from "./helpers";
import { ZITADELUsers } from "@zitadel/proto/zitadel/resources/user/v3alpha/user_service_pb.js";
import { ZITADELUserSchemas } from "@zitadel/proto/zitadel/resources/userschema/v3alpha/user_schema_service_pb.js";
import { createClientFor } from "./helpers.js";
export const createUserSchemaServiceClient = createClientFor(ZITADELUserSchemas);
export const createUserServiceClient = createClientFor(ZITADELUsers);

15
packages/zitadel-client/src/web.ts Normal file
View File

@@ -0,0 +1,15 @@
import { GrpcTransportOptions } from "@connectrpc/connect-node";
import { createGrpcWebTransport } from "@connectrpc/connect-web";
import { NewAuthorizationBearerInterceptor } from "./interceptors.js";
/**
* Create a client transport using grpc web with the given token and configuration options.
* @param token
* @param opts
*/
export function createClientTransport(token: string, opts: GrpcTransportOptions) {
return createGrpcWebTransport({
...opts,
interceptors: [...(opts.interceptors || []), NewAuthorizationBearerInterceptor(token)],
});
}

2
packages/zitadel-client/tsup.config.ts
View File

@@ -1,7 +1,7 @@
import { defineConfig, Options } from "tsup";
export default defineConfig((options: Options) => ({
entry: ["src/index.ts", "src/v1.ts", "src/v2.ts", "src/v3alpha.ts", "src/node.ts"],
entry: ["src/index.ts", "src/v1.ts", "src/v2.ts", "src/v3alpha.ts", "src/node.ts", "src/web.ts"],
format: ["esm", "cjs"],
treeshake: false,
splitting: true,

16
packages/zitadel-client/turbo.json
View File

@@ -1,15 +1,13 @@
{
"extends": [
"//"
],
"extends": ["//"],
"tasks": {
"build": {
"outputs": [
"dist/**"
],
"dependsOn": [
"@zitadel/proto#generate"
]
"outputs": ["dist/**"],
"dependsOn": ["@zitadel/proto#generate"]
},
"build:standalone": {
"outputs": ["dist/**"],
"dependsOn": ["@zitadel/proto#generate"]
}
}
}

6
packages/zitadel-proto/CHANGELOG.md
View File

@@ -1,5 +1,11 @@
# @zitadel/proto
## 1.0.3
### Patch Changes
- 90fbdd1: use node16/nodenext module resolution
## 1.0.2
### Patch Changes

1
packages/zitadel-proto/buf.gen.yaml
View File

@@ -7,3 +7,4 @@ plugins:
include_imports: true
opt:
- json_types=true
- import_extension=js

2
packages/zitadel-proto/package.json
View File

@@ -1,6 +1,6 @@
{
"name": "@zitadel/proto",
"version": "1.0.2",
"version": "1.0.3",
"license": "MIT",
"publishConfig": {
"access": "public"

6
packages/zitadel-tsconfig/tsup.json
View File

@@ -1,9 +1,5 @@
{
"$schema": "https://json.schemastore.org/tsconfig",
"display": "tsup",
"extends": "./node20.json",
"compilerOptions": {
"module": "preserve",
"moduleResolution": "Bundler"
}
"extends": "./node20.json"
}

60
pnpm-lock.yaml generated
View File

@@ -30,11 +30,11 @@ importers:
specifier: ^1.48.2
version: 1.48.2
'@types/node':
specifier: ^22.9.0
version: 22.9.0
specifier: ^20.17.17
version: 20.17.17
'@vitejs/plugin-react':
specifier: ^4.3.3
version: 4.3.3(vite@5.4.11(@types/node@22.9.0)(sass@1.80.7))
version: 4.3.3(vite@5.4.11(@types/node@20.17.17)(sass@1.80.7))
'@zitadel/eslint-config':
specifier: workspace:*
version: link:packages/zitadel-eslint-config
@@ -67,10 +67,10 @@ importers:
version: 5.6.3
vite-tsconfig-paths:
specifier: ^5.1.2
version: 5.1.2(typescript@5.6.3)(vite@5.4.11(@types/node@22.9.0)(sass@1.80.7))
version: 5.1.2(typescript@5.6.3)(vite@5.4.11(@types/node@20.17.17)(sass@1.80.7))
vitest:
specifier: ^2.1.4
version: 2.1.4(@types/node@22.9.0)(jsdom@25.0.1)(sass@1.80.7)
version: 2.1.4(@types/node@20.17.17)(jsdom@25.0.1)(sass@1.80.7)
apps/login:
dependencies:
@@ -151,8 +151,8 @@ importers:
specifier: 0.7.34
version: 0.7.34
'@types/node':
specifier: 22.9.0
version: 22.9.0
specifier: ^20.17.17
version: 20.17.17
'@types/react':
specifier: 19.0.2
version: 19.0.2
@@ -1554,8 +1554,8 @@ packages:
'@types/node@12.20.55':
resolution: {integrity: sha512-J8xLz7q2OFulZ2cyGTLE1TbbZcjpno7FaN6zdJNrgAdrJ+DZzh/uFR6YrTb4C+nXakvud8Q4+rbhoIWlYQbUFQ==}
'@types/node@22.9.0':
resolution: {integrity: sha512-vuyHg81vvWA1Z1ELfvLko2c8f34gyA0zaic0+Rllc5lbCnbSyuvb2Oxpm6TAUAC/2xZN3QGqxBNggD1nNR2AfQ==}
'@types/node@20.17.17':
resolution: {integrity: sha512-/WndGO4kIfMicEQLTi/mDANUu/iVUhT7KboZPdEqqHQ4aTS+3qT3U5gIqWDFV+XouorjfgGqvKILJeHhuQgFYg==}
'@types/react-dom@19.0.2':
resolution: {integrity: sha512-c1s+7TKFaDRRxr1TxccIX2u7sfCnc3RxkVyBIUA2lCpyqCF+QoAwQ/CBg7bsMdVwP120HEH143VQezKtef5nCg==}
@@ -6011,7 +6011,7 @@ snapshots:
'@types/node@12.20.55': {}
'@types/node@22.9.0':
'@types/node@20.17.17':
dependencies:
undici-types: 6.19.8
@@ -6033,7 +6033,7 @@ snapshots:
'@types/yauzl@2.10.3':
dependencies:
'@types/node': 22.9.0
'@types/node': 20.17.17
optional: true
'@typescript-eslint/eslint-plugin@8.15.0(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint@8.57.1)(typescript@5.6.3)':
@@ -6156,14 +6156,14 @@ snapshots:
'@vercel/git-hooks@1.0.0': {}
'@vitejs/plugin-react@4.3.3(vite@5.4.11(@types/node@22.9.0)(sass@1.80.7))':
'@vitejs/plugin-react@4.3.3(vite@5.4.11(@types/node@20.17.17)(sass@1.80.7))':
dependencies:
'@babel/core': 7.26.0
'@babel/plugin-transform-react-jsx-self': 7.25.9(@babel/core@7.26.0)
'@babel/plugin-transform-react-jsx-source': 7.25.9(@babel/core@7.26.0)
'@types/babel__core': 7.20.5
react-refresh: 0.14.2
vite: 5.4.11(@types/node@22.9.0)(sass@1.80.7)
vite: 5.4.11(@types/node@20.17.17)(sass@1.80.7)
transitivePeerDependencies:
- supports-color
@@ -6174,13 +6174,13 @@ snapshots:
chai: 5.1.2
tinyrainbow: 1.2.0
'@vitest/mocker@2.1.4(vite@5.4.11(@types/node@22.9.0)(sass@1.80.7))':
'@vitest/mocker@2.1.4(vite@5.4.11(@types/node@20.17.17)(sass@1.80.7))':
dependencies:
'@vitest/spy': 2.1.4
estree-walker: 3.0.3
magic-string: 0.30.12
optionalDependencies:
vite: 5.4.11(@types/node@22.9.0)(sass@1.80.7)
vite: 5.4.11(@types/node@20.17.17)(sass@1.80.7)
'@vitest/pretty-format@2.1.4':
dependencies:
@@ -7107,7 +7107,7 @@ snapshots:
debug: 4.3.7(supports-color@5.5.0)
enhanced-resolve: 5.17.1
eslint: 8.57.1
eslint-module-utils: 2.8.2(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3)(eslint@8.57.1)
eslint-module-utils: 2.8.2(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.29.1)(eslint@8.57.1))(eslint@8.57.1)
fast-glob: 3.3.2
get-tsconfig: 4.8.0
is-bun-module: 1.1.0
@@ -7120,7 +7120,7 @@ snapshots:
- eslint-import-resolver-webpack
- supports-color
eslint-module-utils@2.8.2(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3)(eslint@8.57.1):
eslint-module-utils@2.8.2(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.29.1)(eslint@8.57.1))(eslint@8.57.1):
dependencies:
debug: 3.2.7(supports-color@8.1.1)
optionalDependencies:
@@ -7141,7 +7141,7 @@ snapshots:
doctrine: 2.1.0
eslint: 8.57.1
eslint-import-resolver-node: 0.3.9
eslint-module-utils: 2.8.2(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3)(eslint@8.57.1)
eslint-module-utils: 2.8.2(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-import-resolver-typescript@3.6.3(@typescript-eslint/parser@7.18.0(eslint@8.57.1)(typescript@5.6.3))(eslint-import-resolver-node@0.3.9)(eslint-plugin-import@2.29.1)(eslint@8.57.1))(eslint@8.57.1)
hasown: 2.0.2
is-core-module: 2.15.1
is-glob: 4.0.3
@@ -8586,7 +8586,7 @@ snapshots:
'@protobufjs/path': 1.1.2
'@protobufjs/pool': 1.1.0
'@protobufjs/utf8': 1.1.0
'@types/node': 22.9.0
'@types/node': 20.17.17
long: 5.2.3
proxy-from-env@1.0.0: {}
@@ -9391,12 +9391,12 @@ snapshots:
core-util-is: 1.0.2
extsprintf: 1.3.0
vite-node@2.1.4(@types/node@22.9.0)(sass@1.80.7):
vite-node@2.1.4(@types/node@20.17.17)(sass@1.80.7):
dependencies:
cac: 6.7.14
debug: 4.3.7(supports-color@5.5.0)
pathe: 1.1.2
vite: 5.4.11(@types/node@22.9.0)(sass@1.80.7)
vite: 5.4.11(@types/node@20.17.17)(sass@1.80.7)
transitivePeerDependencies:
- '@types/node'
- less
@@ -9408,31 +9408,31 @@ snapshots:
- supports-color
- terser
vite-tsconfig-paths@5.1.2(typescript@5.6.3)(vite@5.4.11(@types/node@22.9.0)(sass@1.80.7)):
vite-tsconfig-paths@5.1.2(typescript@5.6.3)(vite@5.4.11(@types/node@20.17.17)(sass@1.80.7)):
dependencies:
debug: 4.3.7(supports-color@5.5.0)
globrex: 0.1.2
tsconfck: 3.1.4(typescript@5.6.3)
optionalDependencies:
vite: 5.4.11(@types/node@22.9.0)(sass@1.80.7)
vite: 5.4.11(@types/node@20.17.17)(sass@1.80.7)
transitivePeerDependencies:
- supports-color
- typescript
vite@5.4.11(@types/node@22.9.0)(sass@1.80.7):
vite@5.4.11(@types/node@20.17.17)(sass@1.80.7):
dependencies:
esbuild: 0.21.5
postcss: 8.4.49
rollup: 4.25.0
optionalDependencies:
'@types/node': 22.9.0
'@types/node': 20.17.17
fsevents: 2.3.3
sass: 1.80.7
vitest@2.1.4(@types/node@22.9.0)(jsdom@25.0.1)(sass@1.80.7):
vitest@2.1.4(@types/node@20.17.17)(jsdom@25.0.1)(sass@1.80.7):
dependencies:
'@vitest/expect': 2.1.4
'@vitest/mocker': 2.1.4(vite@5.4.11(@types/node@22.9.0)(sass@1.80.7))
'@vitest/mocker': 2.1.4(vite@5.4.11(@types/node@20.17.17)(sass@1.80.7))
'@vitest/pretty-format': 2.1.4
'@vitest/runner': 2.1.4
'@vitest/snapshot': 2.1.4
@@ -9448,11 +9448,11 @@ snapshots:
tinyexec: 0.3.1
tinypool: 1.0.1
tinyrainbow: 1.2.0
vite: 5.4.11(@types/node@22.9.0)(sass@1.80.7)
vite-node: 2.1.4(@types/node@22.9.0)(sass@1.80.7)
vite: 5.4.11(@types/node@20.17.17)(sass@1.80.7)
vite-node: 2.1.4(@types/node@20.17.17)(sass@1.80.7)
why-is-node-running: 2.3.0
optionalDependencies:
'@types/node': 22.9.0
'@types/node': 20.17.17
jsdom: 25.0.1
transitivePeerDependencies:
- less

10
turbo.json
View File

@@ -6,25 +6,21 @@
"DEBUG",
"VERCEL_URL",
"EMAIL_VERIFICATION",
"EU1_AUDIENCE",
"EU1_SYSTEM_USER_ID",
"EU1_SYSTEM_USER_PRIVATE_KEY",
"US1_AUDIENCE",
"US1_SYSTEM_USER_ID",
"US1_SYSTEM_USER_PRIVATE_KEY",
"AUDIENCE",
"SYSTEM_USER_ID",
"SYSTEM_USER_PRIVATE_KEY",
"ZITADEL_API_URL",
"ZITADEL_SERVICE_USER_ID",
"ZITADEL_SERVICE_USER_TOKEN",
"NEXT_PUBLIC_BASE_PATH"
"NEXT_PUBLIC_BASE_PATH",
"ZITADEL_INSTANCE_HOST_HEADER"
],
"tasks": {
"generate": {
"cache": true
},
"build": {},
"build:standalone": {},
"test": {},
"start": {},
"start:built": {},