fix: use triggering origin for notification links (#6628)

* take baseurl if saved on event * refactor: make es mocks reusable * Revert "refactor: make es mocks reusable" This reverts commit 434ce12a6a. * make messages testable * test asset url * fmt * fmt * simplify notification.Start * test url combinations * support init code added * support password changed * support reset pw * support user domain claimed * support add pwless login * support verify phone * Revert "support verify phone" This reverts commit e40503303e. * save trigger origin from ctx * add ready for review check * camel * test email otp * fix variable naming * fix DefaultOTPEmailURLV2 * Revert "fix DefaultOTPEmailURLV2" This reverts commit fa34d4d2a8. * fix email otp challenged test * fix email otp challenged test * pass origin in login and gateway requests * take origin from header * take x-forwarded if present * Update internal/notification/handlers/queries.go Co-authored-by: Tim Möhlmann <tim+github@zitadel.com> * Update internal/notification/handlers/commands.go Co-authored-by: Tim Möhlmann <tim+github@zitadel.com> * move origin header to ctx if available * generate * cleanup * use forwarded header * support X-Forwarded-* headers * standardize context handling * fix linting --------- Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2025-08-11 21:07:31 +00:00 · 2023-10-10 15:20:53 +02:00
parent 0180779d6d
commit 8f6cb47567
47 changed files with 2405 additions and 508 deletions
--- a/internal/repository/user/human.go
+++ b/internal/repository/user/human.go
@@ -7,6 +7,7 @@ import (

 	"golang.org/x/text/language"

+	"github.com/zitadel/zitadel/internal/api/http"
 	"github.com/zitadel/zitadel/internal/crypto"
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/errors"
@@ -244,6 +245,7 @@ type HumanInitialCodeAddedEvent struct {
 	eventstore.BaseEvent `json:"-"`
 	Code                 *crypto.CryptoValue `json:"code,omitempty"`
 	Expiry               time.Duration       `json:"expiry,omitempty"`
+	TriggeredAtOrigin    string              `json:"triggerOrigin,omitempty"`
 }

 func (e *HumanInitialCodeAddedEvent) Data() interface{} {
@@ -254,6 +256,10 @@ func (e *HumanInitialCodeAddedEvent) UniqueConstraints() []*eventstore.EventUniq
 	return nil
 }

+func (e *HumanInitialCodeAddedEvent) TriggerOrigin() string {
+	return e.TriggeredAtOrigin
+}
+
 func NewHumanInitialCodeAddedEvent(
 	ctx context.Context,
 	aggregate *eventstore.Aggregate,
@@ -266,8 +272,9 @@ func NewHumanInitialCodeAddedEvent(
 			aggregate,
 			HumanInitialCodeAddedType,
 		),
-		Code:   code,
-		Expiry: expiry,
+		Code:              code,
+		Expiry:            expiry,
+		TriggeredAtOrigin: http.ComposedOrigin(ctx),
 	}
 }