TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-04 23:45:07 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(api): naming cleanup in user and session service (#6379)

Browse Source 
* fix(api): rename first and last name to given and family name, intent to idp_intent, remove _ actions

* fix merge

* fully rename intent to idp intent in api

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
This commit is contained in:
Livio Spring 2023-08-22 12:05:45 +02:00 committed by GitHub
parent f03a9d03b6
commit a9fb2a6e5c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
17 changed files with 146 additions and 145 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
README.md
View File

@ -32,11 +32,11 @@
Do you look for a user management that's quickly set up like Auth0 and open source like Keycloak?
Do you have project that requires a multi-tenant user management with self-service for your customers?
Do you have a project that requires multi-tenant user management with self-service for your customers?
Look no further — ZITADEL combines the ease of Auth0 with the versatility of Keycloak.
We provide you with a wide range of out of the box features to accelerate your project.
We provide you with a wide range of out-of-the-box features to accelerate your project.
Multi-tenancy with branding customization, secure login, self-service, OpenID Connect, OAuth2.x, SAML2, LDAP, Passwordless with FIDO2 (including Passkeys), OTP, U2F, and an unlimited audit trail is there for you, ready to use.
With ZITADEL you can rely on a hardened and extensible turnkey solution to solve all of your authentication and authorization needs.

4
docs/docs/guides/integrate/login-ui/_select-account.mdx
View File

@ -9,7 +9,7 @@ The list of session IDs can be sent in the “search sessions” request to get
```bash
curl --request POST \
--url https://$ZITADEL_DOMAIN/v2alpha/sessions/_search \
--url https://$ZITADEL_DOMAIN/v2alpha/sessions/search \
--header 'Accept: application/json' \
--header 'Authorization: Bearer '"$TOKEN"''\
--header 'Content-Type: application/json' \
@ -77,4 +77,4 @@ curl --request POST \
}
]
}
```
```

25
docs/docs/guides/integrate/login-ui/external-login.mdx
View File

@ -20,17 +20,18 @@ Send the following two URLs in the request body:
2. ErrorURL: Page that should be shown when an error happens during the authentication
In the response, you will get an authentication URL of the provider you like.
[Start Identity Provider Flow Documentation](/docs/apis/resources/user_service/user-service-start-identity-provider-flow)
[Start Identity Provider Intent Documentation](/docs/apis/resources/user_service/user-service-start-identity-provider-intent)
### Request
```bash
curl --request POST \
--url https://$ZITADEL_DOMAIN/v2alpha/users/idps/$IDP_ID/start \
--url https://$ZITADEL_DOMAIN/v2alpha/idp_intents/start \
--header 'Accept: application/json' \
--header 'Authorization: Bearer '"$TOKEN"''\
--header 'Content-Type: application/json' \
--data '{
"idp_id": "$IDP_ID",
"successUrl": "https://custom.com/login/idp/success",
"failureUrl": "https://custom.com/login/idp/fail"
}'
@ -62,15 +63,15 @@ After the user has successfully authenticated, a redirect to the ZITADEL backend
## Get Provider Information
ZITADEL will take the information of the provider. After this, a redirect will be made to either the success page in case of a successful login or to the error page in case of a failure will be performed. In the parameters, you will provide the intentID, a token, and optionally, if a user could be found, a user ID.
ZITADEL will take the information of the provider. After this, a redirect will be made to either the success page in case of a successful login or to the error page in case of a failure will be performed. In the parameters, you will provide the IDP intentID, a token, and optionally, if a user could be found, a user ID.
To get the information of the provider, make a request to ZITADEL.
[Get Identity Provider Information Documentation](/docs/apis/resources/user_service/user-service-retrieve-identity-provider-information)
[Retrieve Identity Provider Intent Documentation](/docs/apis/resources/user_service/user-service-retrieve-identity-provider-intent)
### Request
```bash
curl --request POST \
--url https://$ZITADEL_DOMAIN/v2alpha/users/intents/$INTENT_ID/information \
--url https://$ZITADEL_DOMAIN/v2alpha/idp_intents/$INTENT_ID \
--header 'Accept: application/json' \
--header 'Authorization: Bearer '"$TOKEN"''\
--header 'Content-Type: application/json' \
@ -120,7 +121,7 @@ After successfully authenticating using your identity provider, you have three p
### Login
If you did get a user ID in the parameters when calling your success page, you know that a user is already linked with the used identity provider and you are ready to perform the login.
Create a new session and include the intent ID and the token in the checks.
Create a new session and include the IDP intent ID and the token in the checks.
This check requires that the previous step ended on the successful page and didn'tt result in an error.
#### Request
@ -136,9 +137,9 @@ curl --request POST \
"user": {
"userId": "218662596918640897"
},
"intent": {
"intentId": "219647325729980673",
"token": "k86ihn-VLMMUGKy1q1b5i_foECspKYqei1l4mS8LT7Xzjw"
"idpIntent": {
"idpIntentId": "219647325729980673",
"idpIntentToken": "k86ihn-VLMMUGKy1q1b5i_foECspKYqei1l4mS8LT7Xzjw"
}
}
}'
@ -164,8 +165,8 @@ curl --request POST \
--data '{
"username": "minni-mouse@mouse.com",
"profile": {
"firstName": "Minnie",
"lastName": "Mouse",
"givenName": "Minnie",
"familyName": "Mouse",
"nickName": "Mini",
"displayName": "Minnie Mouse",
"preferredLanguage": "en",
@ -206,4 +207,4 @@ curl --request POST \
"displayName": "Minnie Mouse"
}
}'
```
```

4
docs/docs/guides/integrate/login-ui/mfa.mdx
View File

@ -69,7 +69,7 @@ Request Example:
```bash
curl --request POST \
--url https://$ZITADEL_DOMAIN/v2alpha/users/$USER_ID/totp/_verify \
--url https://$ZITADEL_DOMAIN/v2alpha/users/$USER_ID/totp/verify \
--header 'Accept: application/json' \
--header 'Authorization: Bearer '"$TOKEN"''
--header 'Content-Type: application/json' \
@ -188,4 +188,4 @@ curl --request POST \
}'
```
You have successfully registered a new U2F to the user.
You have successfully registered a new U2F to the user.

4
docs/docs/guides/integrate/login-ui/username-password.mdx
View File

@ -24,8 +24,8 @@ curl --request POST \
"userId": "d654e6ba-70a3-48ef-a95d-37c8d8a7901a",
"username": "minnie-mouse",
"profile": {
"firstName": "Minnie",
"lastName": "Mouse",
"givenName": "Minnie",
"familyName": "Mouse",
"nickName": "Mini",
"displayName": "Minnie Mouse",
"preferredLanguage": "en",

8
internal/api/grpc/org/v2/org_integration_test.go
View File

@ -89,8 +89,8 @@ func TestServer_AddOrganization(t *testing.T) {
UserType: &org.AddOrganizationRequest_Admin_Human{
Human: &user.AddHumanUserRequest{
Profile: &user.SetHumanProfile{
FirstName: "firstname",
LastName: "lastname",
GivenName: "firstname",
FamilyName: "lastname",
},
Email: &user.SetHumanEmail{
Email: fmt.Sprintf("%d@mouse.com", time.Now().UnixNano()),
@ -127,8 +127,8 @@ func TestServer_AddOrganization(t *testing.T) {
UserType: &org.AddOrganizationRequest_Admin_Human{
Human: &user.AddHumanUserRequest{
Profile: &user.SetHumanProfile{
FirstName: "firstname",
LastName: "lastname",
GivenName: "firstname",
FamilyName: "lastname",
},
Email: &user.SetHumanEmail{
Email: fmt.Sprintf("%d@mouse.com", time.Now().UnixNano()),

4
internal/api/grpc/org/v2/org_test.go
View File

@ -74,8 +74,8 @@ func Test_addOrganizationRequestToCommand(t *testing.T) {
UserType: &org.AddOrganizationRequest_Admin_Human{
Human: &user.AddHumanUserRequest{
Profile: &user.SetHumanProfile{
FirstName: "firstname",
LastName: "lastname",
GivenName: "firstname",
FamilyName: "lastname",
},
Email: &user.SetHumanEmail{
Email: "email@test.com",

4
internal/api/grpc/session/v2/session.go
View File

@ -251,8 +251,8 @@ func (s *Server) checksToCommand(ctx context.Context, checks *session.Checks) ([
if password := checks.GetPassword(); password != nil {
sessionChecks = append(sessionChecks, command.CheckPassword(password.GetPassword()))
}
if intent := checks.GetIntent(); intent != nil {
sessionChecks = append(sessionChecks, command.CheckIntent(intent.GetIntentId(), intent.GetToken()))
if intent := checks.GetIdpIntent(); intent != nil {
sessionChecks = append(sessionChecks, command.CheckIntent(intent.GetIdpIntentId(), intent.GetIdpIntentToken()))
}
if passkey := checks.GetWebAuthN(); passkey != nil {
sessionChecks = append(sessionChecks, s.command.CheckWebAuthN(passkey.GetCredentialAssertionData()))

24
internal/api/grpc/session/v2/session_integration_test.go
View File

@ -263,9 +263,9 @@ func TestServer_CreateSession_successfulIntent(t *testing.T) {
SessionId: createResp.GetSessionId(),
SessionToken: createResp.GetSessionToken(),
Checks: &session.Checks{
Intent: &session.CheckIntent{
IntentId: intentID,
Token: token,
IdpIntent: &session.CheckIDPIntent{
IdpIntentId: intentID,
IdpIntentToken: token,
},
},
})
@ -294,9 +294,9 @@ func TestServer_CreateSession_successfulIntentUnknownUserID(t *testing.T) {
SessionId: createResp.GetSessionId(),
SessionToken: createResp.GetSessionToken(),
Checks: &session.Checks{
Intent: &session.CheckIntent{
IntentId: intentID,
Token: token,
IdpIntent: &session.CheckIDPIntent{
IdpIntentId: intentID,
IdpIntentToken: token,
},
},
})
@ -306,9 +306,9 @@ func TestServer_CreateSession_successfulIntentUnknownUserID(t *testing.T) {
SessionId: createResp.GetSessionId(),
SessionToken: createResp.GetSessionToken(),
Checks: &session.Checks{
Intent: &session.CheckIntent{
IntentId: intentID,
Token: token,
IdpIntent: &session.CheckIDPIntent{
IdpIntentId: intentID,
IdpIntentToken: token,
},
},
})
@ -336,9 +336,9 @@ func TestServer_CreateSession_startedIntentFalseToken(t *testing.T) {
SessionId: createResp.GetSessionId(),
SessionToken: createResp.GetSessionToken(),
Checks: &session.Checks{
Intent: &session.CheckIntent{
IntentId: intentID,
Token: "false",
IdpIntent: &session.CheckIDPIntent{
IdpIntentId: intentID,
IdpIntentToken: "false",
},
},
})

36
internal/api/grpc/user/v2/user.go
View File

@ -72,8 +72,8 @@ func AddUserRequestToAddHuman(req *user.AddHumanUserRequest) (*command.AddHuman,
return &command.AddHuman{
ID: req.GetUserId(),
Username: username,
FirstName: req.GetProfile().GetFirstName(),
LastName: req.GetProfile().GetLastName(),
FirstName: req.GetProfile().GetGivenName(),
LastName: req.GetProfile().GetFamilyName(),
NickName: req.GetProfile().GetNickName(),
DisplayName: req.GetProfile().GetDisplayName(),
Email: command.Email{
@ -129,18 +129,18 @@ func (s *Server) AddIDPLink(ctx context.Context, req *user.AddIDPLinkRequest) (_
}, nil
}
func (s *Server) StartIdentityProviderFlow(ctx context.Context, req *user.StartIdentityProviderFlowRequest) (_ *user.StartIdentityProviderFlowResponse, err error) {
func (s *Server) StartIdentityProviderIntent(ctx context.Context, req *user.StartIdentityProviderIntentRequest) (_ *user.StartIdentityProviderIntentResponse, err error) {
switch t := req.GetContent().(type) {
case *user.StartIdentityProviderFlowRequest_Urls:
case *user.StartIdentityProviderIntentRequest_Urls:
return s.startIDPIntent(ctx, req.GetIdpId(), t.Urls)
case *user.StartIdentityProviderFlowRequest_Ldap:
case *user.StartIdentityProviderIntentRequest_Ldap:
return s.startLDAPIntent(ctx, req.GetIdpId(), t.Ldap)
default:
return nil, errors.ThrowUnimplementedf(nil, "USERv2-S2g21", "type oneOf %T in method StartIdentityProviderFlow not implemented", t)
return nil, errors.ThrowUnimplementedf(nil, "USERv2-S2g21", "type oneOf %T in method StartIdentityProviderIntent not implemented", t)
}
}
func (s *Server) startIDPIntent(ctx context.Context, idpID string, urls *user.RedirectURLs) (*user.StartIdentityProviderFlowResponse, error) {
func (s *Server) startIDPIntent(ctx context.Context, idpID string, urls *user.RedirectURLs) (*user.StartIdentityProviderIntentResponse, error) {
intentWriteModel, details, err := s.command.CreateIntent(ctx, idpID, urls.GetSuccessUrl(), urls.GetFailureUrl(), authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
@ -149,13 +149,13 @@ func (s *Server) startIDPIntent(ctx context.Context, idpID string, urls *user.Re
if err != nil {
return nil, err
}
return &user.StartIdentityProviderFlowResponse{
return &user.StartIdentityProviderIntentResponse{
Details: object.DomainToDetailsPb(details),
NextStep: &user.StartIdentityProviderFlowResponse_AuthUrl{AuthUrl: authURL},
NextStep: &user.StartIdentityProviderIntentResponse_AuthUrl{AuthUrl: authURL},
}, nil
}
func (s *Server) startLDAPIntent(ctx context.Context, idpID string, ldapCredentials *user.LDAPCredentials) (*user.StartIdentityProviderFlowResponse, error) {
func (s *Server) startLDAPIntent(ctx context.Context, idpID string, ldapCredentials *user.LDAPCredentials) (*user.StartIdentityProviderIntentResponse, error) {
intentWriteModel, details, err := s.command.CreateIntent(ctx, idpID, "", "", authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
@ -171,9 +171,9 @@ func (s *Server) startLDAPIntent(ctx context.Context, idpID string, ldapCredenti
if err != nil {
return nil, err
}
return &user.StartIdentityProviderFlowResponse{
return &user.StartIdentityProviderIntentResponse{
Details: object.DomainToDetailsPb(details),
NextStep: &user.StartIdentityProviderFlowResponse_Intent{Intent: &user.Intent{IntentId: intentWriteModel.AggregateID, Token: token}},
NextStep: &user.StartIdentityProviderIntentResponse_IdpIntent{IdpIntent: &user.IDPIntent{IdpIntentId: intentWriteModel.AggregateID, IdpIntentToken: token}},
}, nil
}
@ -228,27 +228,27 @@ func (s *Server) ldapLogin(ctx context.Context, idpID, username, password string
return externalUser, userID, attributes, nil
}
func (s *Server) RetrieveIdentityProviderInformation(ctx context.Context, req *user.RetrieveIdentityProviderInformationRequest) (_ *user.RetrieveIdentityProviderInformationResponse, err error) {
intent, err := s.command.GetIntentWriteModel(ctx, req.GetIntentId(), authz.GetCtxData(ctx).OrgID)
func (s *Server) RetrieveIdentityProviderIntent(ctx context.Context, req *user.RetrieveIdentityProviderIntentRequest) (_ *user.RetrieveIdentityProviderIntentResponse, err error) {
intent, err := s.command.GetIntentWriteModel(ctx, req.GetIdpIntentId(), authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
if err := s.checkIntentToken(req.GetToken(), intent.AggregateID); err != nil {
if err := s.checkIntentToken(req.GetIdpIntentToken(), intent.AggregateID); err != nil {
return nil, err
}
if intent.State != domain.IDPIntentStateSucceeded {
return nil, errors.ThrowPreconditionFailed(nil, "IDP-Hk38e", "Errors.Intent.NotSucceeded")
}
return intentToIDPInformationPb(intent, s.idpAlg)
return idpIntentToIDPIntentPb(intent, s.idpAlg)
}
func intentToIDPInformationPb(intent *command.IDPIntentWriteModel, alg crypto.EncryptionAlgorithm) (_ *user.RetrieveIdentityProviderInformationResponse, err error) {
func idpIntentToIDPIntentPb(intent *command.IDPIntentWriteModel, alg crypto.EncryptionAlgorithm) (_ *user.RetrieveIdentityProviderIntentResponse, err error) {
rawInformation := new(structpb.Struct)
err = rawInformation.UnmarshalJSON(intent.IDPUser)
if err != nil {
return nil, err
}
information := &user.RetrieveIdentityProviderInformationResponse{
information := &user.RetrieveIdentityProviderIntentResponse{
Details: intentToDetailsPb(intent),
IdpInformation: &user.IDPInformation{
IdpId: intent.IDPID,

94
internal/api/grpc/user/v2/user_integration_test.go
View File

@ -67,8 +67,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -108,8 +108,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -153,8 +153,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -199,8 +199,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -246,8 +246,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -318,8 +318,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -352,8 +352,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -399,8 +399,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -451,8 +451,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -490,8 +490,8 @@ func TestServer_AddHumanUser(t *testing.T) {
},
},
Profile: &user.SetHumanProfile{
FirstName: "Donald",
LastName: "Duck",
GivenName: "Donald",
FamilyName: "Duck",
NickName: gu.Ptr("Dukkie"),
DisplayName: gu.Ptr("Donald Duck"),
PreferredLanguage: gu.Ptr("en"),
@ -622,23 +622,23 @@ func TestServer_AddIDPLink(t *testing.T) {
}
}
func TestServer_StartIdentityProviderFlow(t *testing.T) {
func TestServer_StartIdentityProviderIntent(t *testing.T) {
idpID := Tester.AddGenericOAuthProvider(t)
type args struct {
ctx context.Context
req *user.StartIdentityProviderFlowRequest
req *user.StartIdentityProviderIntentRequest
}
tests := []struct {
name string
args args
want *user.StartIdentityProviderFlowResponse
want *user.StartIdentityProviderIntentResponse
wantErr bool
}{
{
name: "missing urls",
args: args{
CTX,
&user.StartIdentityProviderFlowRequest{
&user.StartIdentityProviderIntentRequest{
IdpId: idpID,
},
},
@ -649,9 +649,9 @@ func TestServer_StartIdentityProviderFlow(t *testing.T) {
name: "next step auth url",
args: args{
CTX,
&user.StartIdentityProviderFlowRequest{
&user.StartIdentityProviderIntentRequest{
IdpId: idpID,
Content: &user.StartIdentityProviderFlowRequest_Urls{
Content: &user.StartIdentityProviderIntentRequest_Urls{
Urls: &user.RedirectURLs{
SuccessUrl: "https://example.com/success",
FailureUrl: "https://example.com/failure",
@ -659,12 +659,12 @@ func TestServer_StartIdentityProviderFlow(t *testing.T) {
},
},
},
want: &user.StartIdentityProviderFlowResponse{
want: &user.StartIdentityProviderIntentResponse{
Details: &object.Details{
ChangeDate: timestamppb.Now(),
ResourceOwner: Tester.Organisation.ID,
},
NextStep: &user.StartIdentityProviderFlowResponse_AuthUrl{
NextStep: &user.StartIdentityProviderIntentResponse_AuthUrl{
AuthUrl: "https://example.com/oauth/v2/authorize?client_id=clientID&prompt=select_account&redirect_uri=http%3A%2F%2Flocalhost%3A8080%2Fidps%2Fcallback&response_type=code&scope=openid+profile+email&state=",
},
},
@ -673,7 +673,7 @@ func TestServer_StartIdentityProviderFlow(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := Client.StartIdentityProviderFlow(tt.args.ctx, tt.args.req)
got, err := Client.StartIdentityProviderIntent(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
} else {
@ -690,28 +690,28 @@ func TestServer_StartIdentityProviderFlow(t *testing.T) {
}
}
func TestServer_RetrieveIdentityProviderInformation(t *testing.T) {
func TestServer_RetrieveIdentityProviderIntent(t *testing.T) {
idpID := Tester.AddGenericOAuthProvider(t)
intentID := Tester.CreateIntent(t, idpID)
successfulID, token, changeDate, sequence := Tester.CreateSuccessfulOAuthIntent(t, idpID, "", "id")
ldapSuccessfulID, ldapToken, ldapChangeDate, ldapSequence := Tester.CreateSuccessfulLDAPIntent(t, idpID, "", "id")
type args struct {
ctx context.Context
req *user.RetrieveIdentityProviderInformationRequest
req *user.RetrieveIdentityProviderIntentRequest
}
tests := []struct {
name string
args args
want *user.RetrieveIdentityProviderInformationResponse
want *user.RetrieveIdentityProviderIntentResponse
wantErr bool
}{
{
name: "failed intent",
args: args{
CTX,
&user.RetrieveIdentityProviderInformationRequest{
IntentId: intentID,
Token: "",
&user.RetrieveIdentityProviderIntentRequest{
IdpIntentId: intentID,
IdpIntentToken: "",
},
},
wantErr: true,
@ -720,9 +720,9 @@ func TestServer_RetrieveIdentityProviderInformation(t *testing.T) {
name: "wrong token",
args: args{
CTX,
&user.RetrieveIdentityProviderInformationRequest{
IntentId: successfulID,
Token: "wrong token",
&user.RetrieveIdentityProviderIntentRequest{
IdpIntentId: successfulID,
IdpIntentToken: "wrong token",
},
},
wantErr: true,
@ -731,12 +731,12 @@ func TestServer_RetrieveIdentityProviderInformation(t *testing.T) {
name: "retrieve successful intent",
args: args{
CTX,
&user.RetrieveIdentityProviderInformationRequest{
IntentId: successfulID,
Token: token,
&user.RetrieveIdentityProviderIntentRequest{
IdpIntentId: successfulID,
IdpIntentToken: token,
},
},
want: &user.RetrieveIdentityProviderInformationResponse{
want: &user.RetrieveIdentityProviderIntentResponse{
Details: &object.Details{
ChangeDate: timestamppb.New(changeDate),
ResourceOwner: Tester.Organisation.ID,
@ -768,12 +768,12 @@ func TestServer_RetrieveIdentityProviderInformation(t *testing.T) {
name: "retrieve successful ldap intent",
args: args{
CTX,
&user.RetrieveIdentityProviderInformationRequest{
IntentId: ldapSuccessfulID,
Token: ldapToken,
&user.RetrieveIdentityProviderIntentRequest{
IdpIntentId: ldapSuccessfulID,
IdpIntentToken: ldapToken,
},
},
want: &user.RetrieveIdentityProviderInformationResponse{
want: &user.RetrieveIdentityProviderIntentResponse{
Details: &object.Details{
ChangeDate: timestamppb.New(ldapChangeDate),
ResourceOwner: Tester.Organisation.ID,
@ -812,7 +812,7 @@ func TestServer_RetrieveIdentityProviderInformation(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := Client.RetrieveIdentityProviderInformation(tt.args.ctx, tt.args.req)
got, err := Client.RetrieveIdentityProviderIntent(tt.args.ctx, tt.args.req)
if tt.wantErr {
require.Error(t, err)
} else {

10
internal/api/grpc/user/v2/user_test.go
View File

@ -24,7 +24,7 @@ import (
var ignoreTypes = []protoreflect.FullName{"google.protobuf.Duration", "google.protobuf.Struct"}
func Test_intentToIDPInformationPb(t *testing.T) {
func Test_idpIntentToIDPIntentPb(t *testing.T) {
decryption := func(err error) crypto.EncryptionAlgorithm {
mCrypto := crypto.NewMockEncryptionAlgorithm(gomock.NewController(t))
mCrypto.EXPECT().Algorithm().Return("enc")
@ -44,7 +44,7 @@ func Test_intentToIDPInformationPb(t *testing.T) {
alg crypto.EncryptionAlgorithm
}
type res struct {
resp *user.RetrieveIdentityProviderInformationResponse
resp *user.RetrieveIdentityProviderIntentResponse
err error
}
tests := []struct {
@ -113,7 +113,7 @@ func Test_intentToIDPInformationPb(t *testing.T) {
alg: decryption(nil),
},
res{
resp: &user.RetrieveIdentityProviderInformationResponse{
resp: &user.RetrieveIdentityProviderIntentResponse{
Details: &object_pb.Details{
Sequence: 123,
ChangeDate: timestamppb.New(time.Date(2019, 4, 1, 1, 1, 1, 1, time.Local)),
@ -166,7 +166,7 @@ func Test_intentToIDPInformationPb(t *testing.T) {
},
},
res{
resp: &user.RetrieveIdentityProviderInformationResponse{
resp: &user.RetrieveIdentityProviderIntentResponse{
Details: &object_pb.Details{
Sequence: 123,
ChangeDate: timestamppb.New(time.Date(2019, 4, 1, 1, 1, 1, 1, time.Local)),
@ -205,7 +205,7 @@ func Test_intentToIDPInformationPb(t *testing.T) {
}
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
got, err := intentToIDPInformationPb(tt.args.intent, tt.args.alg)
got, err := idpIntentToIDPIntentPb(tt.args.intent, tt.args.alg)
require.ErrorIs(t, err, tt.res.err)
grpc.AllFieldsEqual(t, tt.res.resp.ProtoReflect(), got.ProtoReflect(), grpc.CustomMappers)
})

4
internal/integration/client.go
View File

@ -87,8 +87,8 @@ func (s *Tester) CreateHumanUser(ctx context.Context) *user.AddHumanUserResponse
},
},
Profile: &user.SetHumanProfile{
FirstName: "Mickey",
LastName: "Mouse",
GivenName: "Mickey",
FamilyName: "Mouse",
},
Email: &user.SetHumanEmail{
Email: fmt.Sprintf("%d@mouse.com", time.Now().UnixNano()),

16
proto/zitadel/session/v2alpha/session_service.proto
View File

@ -79,7 +79,7 @@ service SessionService {
// Search sessions
rpc ListSessions (ListSessionsRequest) returns (ListSessionsResponse) {
option (google.api.http) = {
post: "/v2alpha/sessions/_search"
post: "/v2alpha/sessions/search"
body: "*"
};
@ -341,9 +341,9 @@ message Checks {
description: "\"Checks the public key credential issued by the WebAuthN client. Requires that the user is already checked and a WebAuthN challenge to be requested, in any previous request.\"";
}
];
optional CheckIntent intent = 4 [
optional CheckIDPIntent idp_intent = 4 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "\"Checks the intent. Requires that the userlink is already checked and a successful intent.\"";
description: "\"Checks the IDP intent. Requires that the userlink is already checked and a successful idp intent.\"";
}
];
optional CheckTOTP totp = 5 [
@ -397,20 +397,20 @@ message CheckWebAuthN {
];
}
message CheckIntent {
string intent_id = 1 [
message CheckIDPIntent {
string idp_intent_id = 1 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "ID of the intent, previously returned on the success response of the IDP callback"
description: "ID of the idp intent, previously returned on the success response of the IDP callback"
min_length: 1;
max_length: 200;
example: "\"d654e6ba-70a3-48ef-a95d-37c8d8a7901a\"";
}
];
string token = 2 [
string idp_intent_token = 2 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "token of the intent, previously returned on the success response of the IDP callback"
description: "token of the idp intent, previously returned on the success response of the IDP callback"
min_length: 1;
max_length: 200;
example: "\"SJKL3ioIDpo342ioqw98fjp3sdf32wahb=\"";

10
proto/zitadel/user/v2alpha/idp.proto
View File

@ -51,18 +51,18 @@ message RedirectURLs {
];
}
message Intent {
string intent_id = 1 [
message IDPIntent {
string idp_intent_id = 1 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "ID of the intent"
description: "ID of the IDP intent"
min_length: 1;
max_length: 200;
example: "\"163840776835432705=\"";
}
];
string token = 2 [
string idp_intent_token = 2 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "token of the intent"
description: "token of the IDP intent"
min_length: 1;
max_length: 200;
example: "\"SJKL3ioIDpo342ioqw98fjp3sdf32wahb=\"";

4
proto/zitadel/user/v2alpha/user.proto
View File

@ -20,7 +20,7 @@ enum Gender {
}
message SetHumanProfile {
string first_name = 1 [
string given_name = 1 [
(validate.rules).string = {min_len: 1, max_len: 200},
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
@ -29,7 +29,7 @@ message SetHumanProfile {
example: "\"Minnie\"";
}
];
string last_name = 2 [
string family_name = 2 [
(validate.rules).string = {min_len: 1, max_len: 200},
(google.api.field_behavior) = REQUIRED,
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {

36
proto/zitadel/user/v2alpha/user_service.proto
View File

@ -137,7 +137,7 @@ service UserService {
// Verify the email with the provided code
rpc VerifyEmail (VerifyEmailRequest) returns (VerifyEmailResponse) {
option (google.api.http) = {
post: "/v2alpha/users/{user_id}/email/_verify"
post: "/v2alpha/users/{user_id}/email/verify"
body: "*"
};
@ -187,7 +187,7 @@ service UserService {
// Verify the phone with the provided code
rpc VerifyPhone (VerifyPhoneRequest) returns (VerifyPhoneResponse) {
option (google.api.http) = {
post: "/v2alpha/users/{user_id}/phone/_verify"
post: "/v2alpha/users/{user_id}/phone/verify"
body: "*"
};
@ -347,7 +347,7 @@ service UserService {
rpc VerifyTOTPRegistration (VerifyTOTPRegistrationRequest) returns (VerifyTOTPRegistrationResponse) {
option (google.api.http) = {
post: "/v2alpha/users/{user_id}/totp/_verify"
post: "/v2alpha/users/{user_id}/totp/verify"
body: "*"
};
@ -459,9 +459,9 @@ service UserService {
}
// Start an IDP authentication (for external login, registration or linking)
rpc StartIdentityProviderFlow (StartIdentityProviderFlowRequest) returns (StartIdentityProviderFlowResponse) {
rpc StartIdentityProviderIntent (StartIdentityProviderIntentRequest) returns (StartIdentityProviderIntentResponse) {
option (google.api.http) = {
post: "/v2alpha/users/idps/{idp_id}/start"
post: "/v2alpha/idp_intents/start"
body: "*"
};
@ -483,9 +483,9 @@ service UserService {
};
}
rpc RetrieveIdentityProviderInformation (RetrieveIdentityProviderInformationRequest) returns (RetrieveIdentityProviderInformationResponse) {
rpc RetrieveIdentityProviderIntent (RetrieveIdentityProviderIntentRequest) returns (RetrieveIdentityProviderIntentResponse) {
option (google.api.http) = {
post: "/v2alpha/users/intents/{intent_id}/information"
post: "/v2alpha/idp_intents/{idp_intent_id}"
body: "*"
};
@ -510,7 +510,7 @@ service UserService {
// Link an IDP to an existing user
rpc AddIDPLink (AddIDPLinkRequest) returns (AddIDPLinkResponse) {
option (google.api.http) = {
post: "/v2alpha/users/users/{user_id}/links"
post: "/v2alpha/users/{user_id}/links"
body: "*"
};
@ -1072,7 +1072,7 @@ message CreatePasskeyRegistrationLinkResponse{
];
}
message StartIdentityProviderFlowRequest{
message StartIdentityProviderIntentRequest{
string idp_id = 1 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
@ -1089,7 +1089,7 @@ message StartIdentityProviderFlowRequest{
}
}
message StartIdentityProviderFlowResponse{
message StartIdentityProviderIntentResponse{
zitadel.object.v2alpha.Details details = 1;
oneof next_step {
string auth_url = 2 [
@ -1098,28 +1098,28 @@ message StartIdentityProviderFlowResponse{
example: "\"https://accounts.google.com/o/oauth2/v2/auth?client_id=clientID&callback=https%3A%2F%2Fzitadel.cloud%2Fidps%2Fcallback\"";
}
];
Intent intent = 3 [
IDPIntent idp_intent = 3 [
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "Intent information"
description: "IDP Intent information"
}
];
}
}
message RetrieveIdentityProviderInformationRequest{
string intent_id = 1 [
message RetrieveIdentityProviderIntentRequest{
string idp_intent_id = 1 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "ID of the intent, previously returned on the success response of the IDP callback"
description: "ID of the idp intent, previously returned on the success response of the IDP callback"
min_length: 1;
max_length: 200;
example: "\"163840776835432705\"";
}
];
string token = 2 [
string idp_intent_token = 2 [
(validate.rules).string = {min_len: 1, max_len: 200},
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
description: "token of the intent, previously returned on the success response of the IDP callback"
description: "token of the idp intent, previously returned on the success response of the IDP callback"
min_length: 1;
max_length: 200;
example: "\"SJKL3ioIDpo342ioqw98fjp3sdf32wahb=\"";
@ -1127,7 +1127,7 @@ message RetrieveIdentityProviderInformationRequest{
];
}
message RetrieveIdentityProviderInformationResponse{
message RetrieveIdentityProviderIntentResponse{
zitadel.object.v2alpha.Details details = 1;
IDPInformation idp_information = 2;
}