fix: provide domain in session, passkey and u2f (#6097)

This fix provides a possibility to pass a domain on the session, which will be used (as rpID) to create a passkey / u2f assertion and attestation. This is useful in cases where the login UI is served under a different domain / origin than the ZITADEL API.
2025-08-11 19:07:30 +00:00 · 2023-06-27 14:36:07 +02:00
parent d0cda1b479
commit bd5defa96a
32 changed files with 287 additions and 123 deletions
--- a/internal/repository/session/session.go
+++ b/internal/repository/session/session.go
@@ -26,6 +26,8 @@ const (

 type AddedEvent struct {
 	eventstore.BaseEvent `json:"-"`
+
+	Domain string `json:"domain,omitempty"`
 }

 func (e *AddedEvent) Data() interface{} {
@@ -38,6 +40,7 @@ func (e *AddedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {

 func NewAddedEvent(ctx context.Context,
 	aggregate *eventstore.Aggregate,
+	domain string,
 ) *AddedEvent {
 	return &AddedEvent{
 		BaseEvent: *eventstore.NewBaseEventForPush(
@@ -45,6 +48,7 @@ func NewAddedEvent(ctx context.Context,
 			aggregate,
 			AddedType,
 		),
+		Domain: domain,
 	}
 }