feat: directly specify factors/idps on addCustomLoginPolicy and return on LoginPolicy responses (#3711)

* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses * fix proto * update login policy * feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses * fix: tests Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2025-08-12 04:37:31 +00:00 · 2022-05-30 13:51:07 +02:00
parent 2fc39c0da0
commit b3f50702f8
19 changed files with 494 additions and 142 deletions
--- a/internal/api/grpc/management/policy_login_converter.go
+++ b/internal/api/grpc/management/policy_login_converter.go
@@ -1,6 +1,7 @@
 package management

 import (
+	idp_grpc "github.com/zitadel/zitadel/internal/api/grpc/idp"
 	"github.com/zitadel/zitadel/internal/api/grpc/object"
 	policy_grpc "github.com/zitadel/zitadel/internal/api/grpc/policy"
 	"github.com/zitadel/zitadel/internal/domain"
@@ -23,8 +24,21 @@ func addLoginPolicyToDomain(p *mgmt_pb.AddCustomLoginPolicyRequest) *domain.Logi
 		MFAInitSkipLifetime:        p.MfaInitSkipLifetime.AsDuration(),
 		SecondFactorCheckLifetime:  p.SecondFactorCheckLifetime.AsDuration(),
 		MultiFactorCheckLifetime:   p.MultiFactorCheckLifetime.AsDuration(),
+		SecondFactors:              policy_grpc.SecondFactorsTypesToDomain(p.SecondFactors),
+		MultiFactors:               policy_grpc.MultiFactorsTypesToDomain(p.MultiFactors),
+		IDPProviders:               addLoginPolicyIDPsToDomain(p.Idps),
 	}
 }
+func addLoginPolicyIDPsToDomain(idps []*mgmt_pb.AddCustomLoginPolicyRequest_IDP) []*domain.IDPProvider {
+	providers := make([]*domain.IDPProvider, len(idps))
+	for i, idp := range idps {
+		providers[i] = &domain.IDPProvider{
+			Type:        idp_grpc.IDPProviderTypeFromPb(idp.OwnerType),
+			IDPConfigID: idp.IdpId,
+		}
+	}
+	return providers
+}

 func updateLoginPolicyToDomain(p *mgmt_pb.UpdateCustomLoginPolicyRequest) *domain.LoginPolicy {
 	return &domain.LoginPolicy{
--- a/internal/api/grpc/policy/second_factor.go
+++ b/internal/api/grpc/policy/second_factor.go
@@ -5,6 +5,14 @@ import (
 	policy_pb "github.com/zitadel/zitadel/pkg/grpc/policy"
 )

+func SecondFactorsTypesToDomain(secondFactorTypes []policy_pb.SecondFactorType) []domain.SecondFactorType {
+	types := make([]domain.SecondFactorType, len(secondFactorTypes))
+	for i, factorType := range secondFactorTypes {
+		types[i] = SecondFactorTypeToDomain(factorType)
+	}
+	return types
+}
+
 func SecondFactorTypeToDomain(secondFactorType policy_pb.SecondFactorType) domain.SecondFactorType {
 	switch secondFactorType {
 	case policy_pb.SecondFactorType_SECOND_FACTOR_TYPE_OTP:
@@ -35,6 +43,23 @@ func ModelSecondFactorTypeToPb(secondFactorType domain.SecondFactorType) policy_
 	}
 }

+func MultiFactorsTypesToDomain(multiFactorTypes []policy_pb.MultiFactorType) []domain.MultiFactorType {
+	types := make([]domain.MultiFactorType, len(multiFactorTypes))
+	for i, factorType := range multiFactorTypes {
+		types[i] = MultiFactorTypeToDomain(factorType)
+	}
+	return types
+}
+
+func MultiFactorTypeToDomain(multiFactorType policy_pb.MultiFactorType) domain.MultiFactorType {
+	switch multiFactorType {
+	case policy_pb.MultiFactorType_MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION:
+		return domain.MultiFactorTypeU2FWithPIN
+	default:
+		return domain.MultiFactorTypeUnspecified
+	}
+}
+
 func ModelMultiFactorTypesToPb(types []domain.MultiFactorType) []policy_pb.MultiFactorType {
 	t := make([]policy_pb.MultiFactorType, len(types))
 	for i, typ := range types {
--- a/internal/api/grpc/policy/login_policy.go
+++ b/internal/api/grpc/policy/login_policy.go
@@ -4,6 +4,7 @@ import (
 	"google.golang.org/protobuf/types/known/durationpb"
 	"google.golang.org/protobuf/types/known/timestamppb"

+	idp_grpc "github.com/zitadel/zitadel/internal/api/grpc/idp"
 	"github.com/zitadel/zitadel/internal/domain"
 	"github.com/zitadel/zitadel/internal/query"
 	"github.com/zitadel/zitadel/pkg/grpc/object"
@@ -26,6 +27,9 @@ func ModelLoginPolicyToPb(policy *query.LoginPolicy) *policy_pb.LoginPolicy {
 		MfaInitSkipLifetime:        durationpb.New(policy.MFAInitSkipLifetime),
 		SecondFactorCheckLifetime:  durationpb.New(policy.SecondFactorCheckLifetime),
 		MultiFactorCheckLifetime:   durationpb.New(policy.MultiFactorCheckLifetime),
+		SecondFactors:              ModelSecondFactorTypesToPb(policy.SecondFactors),
+		MultiFactors:               ModelMultiFactorTypesToPb(policy.MultiFactors),
+		Idps:                       idp_grpc.IDPLoginPolicyLinksToPb(policy.IDPLinks),
 		Details: &object.ObjectDetails{
 			Sequence:      policy.Sequence,
 			CreationDate:  timestamppb.New(policy.CreationDate),
--- a/internal/api/grpc/policy/multi_factor.go
+++ b/internal/api/grpc/policy/multi_factor.go
@@ -1,15 +0,0 @@
-package policy
-
-import (
-	"github.com/zitadel/zitadel/internal/domain"
-	policy_pb "github.com/zitadel/zitadel/pkg/grpc/policy"
-)
-
-func MultiFactorTypeToDomain(multiFactorType policy_pb.MultiFactorType) domain.MultiFactorType {
-	switch multiFactorType {
-	case policy_pb.MultiFactorType_MULTI_FACTOR_TYPE_U2F_WITH_VERIFICATION:
-		return domain.MultiFactorTypeU2FWithPIN
-	default:
-		return domain.MultiFactorTypeUnspecified
-	}
-}