TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 19:07:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: project roles (#843)

Browse Source 
* fix logging

* token verification

* feat: assert roles

* feat: add project role assertion on project and token type on app

* id and access token role assertion

* add project role check

* user grant required step in login

* update library

* fix merge

* fix merge

* fix merge

* update oidc library

* fix tests

* add tests for GrantRequiredStep

* add missing field ProjectRoleCheck on project view model

* fix project create

* fix project create
This commit is contained in:
Livio Amstutz
2020-10-16 07:49:38 +02:00
committed by GitHub
parent f5a7a0a09f
commit a321d850ae
57 changed files with 10894 additions and 18297 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
internal/project/model/application_view.go
View File

@@ -7,12 +7,14 @@ import (
)
type ApplicationView struct {
ID string
ProjectID string
Name string
CreationDate time.Time
ChangeDate time.Time
State AppState
ID string
ProjectID string
Name string
CreationDate time.Time
ChangeDate time.Time
State AppState
ProjectRoleAssertion bool
ProjectRoleCheck bool
IsOIDC bool
OIDCVersion OIDCVersion
@@ -27,6 +29,9 @@ type ApplicationView struct {
ComplianceProblems []string
DevMode bool
OriginAllowList []string
AccessTokenType OIDCTokenType
IDTokenRoleAssertion bool
AccessTokenRoleAssertion bool
Sequence uint64
}

36
internal/project/model/oidc_config.go
View File

@@ -21,19 +21,22 @@ const (
type OIDCConfig struct {
es_models.ObjectRoot
AppID string
ClientID string
ClientSecret *crypto.CryptoValue
ClientSecretString string
RedirectUris []string
ResponseTypes []OIDCResponseType
GrantTypes []OIDCGrantType
ApplicationType OIDCApplicationType
AuthMethodType OIDCAuthMethodType
PostLogoutRedirectUris []string
OIDCVersion OIDCVersion
Compliance *Compliance
DevMode bool
AppID string
ClientID string
ClientSecret *crypto.CryptoValue
ClientSecretString string
RedirectUris []string
ResponseTypes []OIDCResponseType
GrantTypes []OIDCGrantType
ApplicationType OIDCApplicationType
AuthMethodType OIDCAuthMethodType
PostLogoutRedirectUris []string
OIDCVersion OIDCVersion
Compliance *Compliance
DevMode bool
AccessTokenType OIDCTokenType
AccessTokenRoleAssertion bool
IDTokenRoleAssertion bool
}
type OIDCVersion int32
@@ -79,6 +82,13 @@ type Compliance struct {
Problems []string
}
type OIDCTokenType int32
const (
OIDCTokenTypeBearer OIDCTokenType = iota
OIDCTokenTypeJWT
)
func (c *OIDCConfig) IsValid() bool {
grantTypes := c.getRequiredGrantTypes()
for _, grantType := range grantTypes {

17
internal/project/model/project.go
View File

@@ -1,19 +1,22 @@
package model
import (
es_models "github.com/caos/zitadel/internal/eventstore/models"
"github.com/golang/protobuf/ptypes/timestamp"
es_models "github.com/caos/zitadel/internal/eventstore/models"
)
type Project struct {
es_models.ObjectRoot
State ProjectState
Name string
Members []*ProjectMember
Roles []*ProjectRole
Applications []*Application
Grants []*ProjectGrant
State ProjectState
Name string
Members []*ProjectMember
Roles []*ProjectRole
Applications []*Application
Grants []*ProjectGrant
ProjectRoleAssertion bool
ProjectRoleCheck bool
}
type ProjectChanges struct {
Changes []*ProjectChange

19
internal/project/model/project_view.go
View File

@@ -1,18 +1,21 @@
package model
import (
"github.com/caos/zitadel/internal/model"
"time"
"github.com/caos/zitadel/internal/model"
)
type ProjectView struct {
ProjectID string
Name string
CreationDate time.Time
ChangeDate time.Time
State ProjectState
ResourceOwner string
Sequence uint64
ProjectID string
Name string
CreationDate time.Time
ChangeDate time.Time
State ProjectState
ResourceOwner string
ProjectRoleAssertion bool
ProjectRoleCheck bool
Sequence uint64
}
type ProjectViewSearchRequest struct {