TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-01-06 14:17:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: apiurls, passwordpolicy, userbyid (#507)

Browse Source 
* feat: api doc request

* feat: return zitadel docs

* feat: return zitadel docs

* feat: pw policy min length

* feat: pw policy min length

* fix: semantic

* fix: read missing events on user by id
This commit is contained in:
Fabi 2020-07-22 16:15:11 +02:00 committed by GitHub
parent 7dcc5f9e58
commit c105bf483b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
15 changed files with 4455 additions and 4207 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
cmd/zitadel/system-defaults.yaml
View File

@ -1,5 +1,8 @@
SystemDefaults:
DefaultLanguage: 'de'
ZitadelDocs:
Issuer: $ZITADEL_ISSUER
DiscoveryEndpoint: '$ZITADEL_ISSUER/.well-known/openid-configuration'
UserVerificationKey:
EncryptionKeyID: $ZITADEL_USER_VERIFICATION_KEY
SecretGenerators:

4
console/src/app/pages/orgs/password-policy/password-policy.component.ts
View File

@ -164,13 +164,13 @@ export class PasswordPolicyComponent implements OnInit, OnDestroy {
}
public incrementLength(): void {
if (this.complexityData?.minLength !== undefined) {
if (this.complexityData?.minLength !== undefined && this.complexityData?.minLength <= 72) {
this.complexityData.minLength++;
}
}
public decrementLength(): void {
if (this.complexityData?.minLength && this.complexityData?.minLength > 0) {
if (this.complexityData?.minLength && this.complexityData?.minLength > 1) {
this.complexityData.minLength--;
}
}

1
docs/local.md
View File

@ -31,3 +31,4 @@ cockroachdb/cockroach:v19.2.2 start --insecure
#### Should show eventstore, management, admin, auth
`show databases;`

14
internal/api/grpc/management/zitadel_docs.go Normal file
View File

@ -0,0 +1,14 @@
package management
import (
"context"
"github.com/caos/zitadel/pkg/grpc/management"
"github.com/golang/protobuf/ptypes/empty"
)
func (s *Server) GetZitadelDocs(ctx context.Context, _ *empty.Empty) (*management.ZitadelDocs, error) {
return &management.ZitadelDocs{
Issuer: s.systemDefaults.ZitadelDocs.Issuer,
DiscoveryEndpoint: s.systemDefaults.ZitadelDocs.DiscoveryEndpoint,
}, nil
}

6
internal/config/systemdefaults/system_defaults.go
View File

@ -14,6 +14,7 @@ import (
type SystemDefaults struct {
DefaultLanguage language.Tag
ZitadelDocs ZitadelDocs
SecretGenerators SecretGenerators
UserVerificationKey *crypto.KeyConfig
Multifactors MultifactorConfig
@ -24,6 +25,11 @@ type SystemDefaults struct {
Notifications Notifications
}
type ZitadelDocs struct {
Issuer string
DiscoveryEndpoint string
}
type SecretGenerators struct {
PasswordSaltCost int
ClientSecretGenerator crypto.GeneratorConfig

19
internal/management/repository/eventsourcing/eventstore/user.go
View File

@ -2,6 +2,7 @@ package eventstore
import (
"context"
caos_errs "github.com/caos/zitadel/internal/errors"
"github.com/caos/logging"
@ -23,13 +24,19 @@ type UserRepo struct {
}
func (repo *UserRepo) UserByID(ctx context.Context, id string) (*usr_model.UserView, error) {
user, err := repo.View.UserByID(id)
if err != nil {
return nil, err
user, viewErr := repo.View.UserByID(id)
if viewErr != nil && !caos_errs.IsNotFound(viewErr) {
return nil, viewErr
}
events, err := repo.UserEvents.UserEventsByID(ctx, id, user.Sequence)
if err != nil {
logging.Log("EVENT-PSoc3").WithError(err).Debug("error retrieving new events")
if caos_errs.IsNotFound(viewErr) {
user = new(model.UserView)
}
events, esErr := repo.UserEvents.UserEventsByID(ctx, id, user.Sequence)
if caos_errs.IsNotFound(viewErr) && len(events) == 0 {
return nil, caos_errs.ThrowNotFound(nil, "EVENT-Lsoj7", "Errors.User.NotFound")
}
if esErr != nil {
logging.Log("EVENT-PSoc3").WithError(esErr).Debug("error retrieving new events")
return model.UserToModel(user), nil
}
userCopy := *user

7
internal/policy/model/policy_complexity.go
View File

@ -25,6 +25,13 @@ type PasswordComplexityPolicy struct {
HasSymbol bool
}
func (p *PasswordComplexityPolicy) IsValid() error {
if p.MinLength == 0 || p.MinLength > 72 {
return caos_errs.ThrowInvalidArgument(nil, "MODEL-Lsp0e", "Errors.User.PasswordComplexityPolicy.MinLengthNotAllowed")
}
return nil
}
func (p *PasswordComplexityPolicy) Check(password string) error {
if p.MinLength != 0 && uint64(len(password)) < p.MinLength {
return caos_errs.ThrowInvalidArgument(nil, "MODEL-HuJf6", "Errors.User.PasswordComplexityPolicy.MinLength")

6
internal/policy/repository/eventsourcing/eventstore_complexity.go
View File

@ -30,6 +30,9 @@ func (es *PolicyEventstore) GetPasswordComplexityPolicy(ctx context.Context, id
func (es *PolicyEventstore) CreatePasswordComplexityPolicy(ctx context.Context, policy *pol_model.PasswordComplexityPolicy) (*pol_model.PasswordComplexityPolicy, error) {
ctxData := authz.GetCtxData(ctx)
if err := policy.IsValid(); err != nil {
return nil, err
}
existingPolicy, err := es.GetPasswordComplexityPolicy(ctx, ctxData.OrgID)
if err != nil && !caos_errs.IsNotFound(err) {
return nil, err
@ -58,6 +61,9 @@ func (es *PolicyEventstore) CreatePasswordComplexityPolicy(ctx context.Context,
func (es *PolicyEventstore) UpdatePasswordComplexityPolicy(ctx context.Context, policy *pol_model.PasswordComplexityPolicy) (*pol_model.PasswordComplexityPolicy, error) {
ctxData := authz.GetCtxData(ctx)
if err := policy.IsValid(); err != nil {
return nil, err
}
existingPolicy, err := es.GetPasswordComplexityPolicy(ctx, ctxData.OrgID)
if err != nil {
return nil, err

45
internal/policy/repository/eventsourcing/eventstore_complexity_test.go
View File

@ -73,7 +73,6 @@ func TestCreatePasswordComplexityPolicy(t *testing.T) {
}
type res struct {
policy *model.PasswordComplexityPolicy
wantErr bool
errFunc func(err error) bool
}
tests := []struct {
@ -83,13 +82,24 @@ func TestCreatePasswordComplexityPolicy(t *testing.T) {
}{
{
name: "create policy, ok",
args: args{
es: GetMockPasswordComplexityPolicyNoEvents(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
policy: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID1", Sequence: 2}, Description: "Name", MinLength: 8},
},
res: res{
policy: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID1", Sequence: 2}, Description: "Name", MinLength: 8},
},
},
{
name: "create policy, no minlength",
args: args{
es: GetMockPasswordComplexityPolicyNoEvents(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
policy: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID1", Sequence: 2}, Description: "Name"},
},
res: res{
policy: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID1", Sequence: 2}, Description: "Name"},
errFunc: caos_errs.IsErrorInvalidArgument,
},
},
}
@ -97,13 +107,13 @@ func TestCreatePasswordComplexityPolicy(t *testing.T) {
t.Run(tt.name, func(t *testing.T) {
result, err := tt.args.es.CreatePasswordComplexityPolicy(tt.args.ctx, tt.args.policy)
if !tt.res.wantErr && result.AggregateID == "" {
if tt.res.errFunc == nil && result.AggregateID == "" {
t.Errorf("result has no id")
}
if !tt.res.wantErr && result.Description != tt.res.policy.Description {
if tt.res.errFunc == nil && result.Description != tt.res.policy.Description {
t.Errorf("got wrong result name: expected: %v, actual: %v ", tt.res.policy.Description, result.Description)
}
if tt.res.wantErr && !tt.res.errFunc(err) {
if tt.res.errFunc != nil && !tt.res.errFunc(err) {
t.Errorf("got wrong err: %v ", err)
}
})
@ -119,7 +129,6 @@ func TestUpdatePasswordComplexityPolicy(t *testing.T) {
}
type res struct {
policy *model.PasswordComplexityPolicy
wantErr bool
errFunc func(err error) bool
}
tests := []struct {
@ -132,10 +141,21 @@ func TestUpdatePasswordComplexityPolicy(t *testing.T) {
args: args{
es: GetMockPasswordComplexityPolicy(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
new: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, Description: "NameNew"},
new: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, Description: "NameNew", MinLength: 8},
},
res: res{
policy: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, Description: "NameNew"},
policy: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, Description: "NameNew", MinLength: 8},
},
},
{
name: "create policy, no minlength",
args: args{
es: GetMockPasswordComplexityPolicyNoEvents(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
new: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID1", Sequence: 2}, Description: "Name"},
},
res: res{
errFunc: caos_errs.IsErrorInvalidArgument,
},
},
{
@ -143,10 +163,9 @@ func TestUpdatePasswordComplexityPolicy(t *testing.T) {
args: args{
es: GetMockPasswordComplexityPolicyNoEvents(ctrl),
ctx: authz.NewMockContext("orgID", "userID"),
new: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, Description: "NameNew"},
new: &model.PasswordComplexityPolicy{ObjectRoot: es_models.ObjectRoot{AggregateID: "AggregateID", Sequence: 1}, Description: "NameNew", MinLength: 8},
},
res: res{
wantErr: true,
errFunc: caos_errs.IsNotFound,
},
},
@ -155,13 +174,13 @@ func TestUpdatePasswordComplexityPolicy(t *testing.T) {
t.Run(tt.name, func(t *testing.T) {
result, err := tt.args.es.UpdatePasswordComplexityPolicy(tt.args.ctx, tt.args.new)
if !tt.res.wantErr && result.AggregateID == "" {
if tt.res.errFunc == nil && result.AggregateID == "" {
t.Errorf("result has no id")
}
if !tt.res.wantErr && result.Description != tt.res.policy.Description {
if tt.res.errFunc == nil && result.Description != tt.res.policy.Description {
t.Errorf("got wrong result name: expected: %v, actual: %v ", tt.res.policy.Description, result.Description)
}
if tt.res.wantErr && !tt.res.errFunc(err) {
if tt.res.errFunc != nil && !tt.res.errFunc(err) {
t.Errorf("got wrong err: %v ", err)
}
})

1
internal/static/i18n/de.yaml
View File

@ -35,6 +35,7 @@ Errors:
PasswordComplexityPolicy:
NotFound: Passwort Policy konnte nicht gefunden werden
MinLength: Passwort ist zu kurz
MinLengthNotAllowed: Angegebene Mindestläng ist nicht erlaubt
HasLower: Passwort beinhaltet keinen Kleinbuchstaben
HasUpper: Passwort beinhaltet keinen Grossbuchstaben
HasNumber: Passwort beinhaltet keine Nummer

1
internal/static/i18n/en.yaml
View File

@ -35,6 +35,7 @@ Errors:
PasswordComplexityPolicy:
NotFound: Password policy not found
MinLength: Password is to short
MinLengthNotAllowed: Given minimum length is not allowed
HasLower: Password must contain lower case
HasUpper: Password must contain upper case
HasNumber: Password must contain number

8489
pkg/grpc/management/management.pb.go
View File

File diff suppressed because it is too large Load Diff

33
pkg/grpc/management/management.pb.gw.go
View File

@ -56,6 +56,15 @@ func request_ManagementService_Validate_0(ctx context.Context, marshaler runtime
}
func request_ManagementService_GetZitadelDocs_0(ctx context.Context, marshaler runtime.Marshaler, client ManagementServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
var protoReq empty.Empty
var metadata runtime.ServerMetadata
msg, err := client.GetZitadelDocs(ctx, &protoReq, grpc.Header(&metadata.HeaderMD), grpc.Trailer(&metadata.TrailerMD))
return msg, metadata, err
}
func request_ManagementService_GetIam_0(ctx context.Context, marshaler runtime.Marshaler, client ManagementServiceClient, req *http.Request, pathParams map[string]string) (proto.Message, runtime.ServerMetadata, error) {
var protoReq empty.Empty
var metadata runtime.ServerMetadata
@ -3767,6 +3776,26 @@ func RegisterManagementServiceHandlerClient(ctx context.Context, mux *runtime.Se
})
mux.Handle("GET", pattern_ManagementService_GetZitadelDocs_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
ctx, cancel := context.WithCancel(req.Context())
defer cancel()
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
rctx, err := runtime.AnnotateContext(ctx, mux, req)
if err != nil {
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
return
}
resp, md, err := request_ManagementService_GetZitadelDocs_0(rctx, inboundMarshaler, client, req, pathParams)
ctx = runtime.NewServerMetadataContext(ctx, md)
if err != nil {
runtime.HTTPError(ctx, mux, outboundMarshaler, w, req, err)
return
}
forward_ManagementService_GetZitadelDocs_0(ctx, mux, outboundMarshaler, w, req, resp, mux.GetForwardResponseOptions()...)
})
mux.Handle("GET", pattern_ManagementService_GetIam_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
ctx, cancel := context.WithCancel(req.Context())
defer cancel()
@ -6057,6 +6086,8 @@ var (
pattern_ManagementService_Validate_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0}, []string{"validate"}, ""))
pattern_ManagementService_GetZitadelDocs_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 2, 1}, []string{"zitadel", "docs"}, ""))
pattern_ManagementService_GetIam_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0}, []string{"iam"}, ""))
pattern_ManagementService_GetUserByID_0 = runtime.MustPattern(runtime.NewPattern(1, []int{2, 0, 1, 0, 4, 1, 5, 1}, []string{"users", "id"}, ""))
@ -6293,6 +6324,8 @@ var (
forward_ManagementService_Validate_0 = runtime.ForwardResponseMessage
forward_ManagementService_GetZitadelDocs_0 = runtime.ForwardResponseMessage
forward_ManagementService_GetIam_0 = runtime.ForwardResponseMessage
forward_ManagementService_GetUserByID_0 = runtime.ForwardResponseMessage

20
pkg/grpc/management/mock/management.proto.mock.go
View File

@ -1157,6 +1157,26 @@ func (mr *MockManagementServiceClientMockRecorder) GetUserProfile(arg0, arg1 int
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetUserProfile", reflect.TypeOf((*MockManagementServiceClient)(nil).GetUserProfile), varargs...)
}
// GetZitadelDocs mocks base method
func (m *MockManagementServiceClient) GetZitadelDocs(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc.CallOption) (*management.ZitadelDocs, error) {
m.ctrl.T.Helper()
varargs := []interface{}{arg0, arg1}
for _, a := range arg2 {
varargs = append(varargs, a)
}
ret := m.ctrl.Call(m, "GetZitadelDocs", varargs...)
ret0, _ := ret[0].(*management.ZitadelDocs)
ret1, _ := ret[1].(error)
return ret0, ret1
}
// GetZitadelDocs indicates an expected call of GetZitadelDocs
func (mr *MockManagementServiceClientMockRecorder) GetZitadelDocs(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call {
mr.mock.ctrl.T.Helper()
varargs := append([]interface{}{arg0, arg1}, arg2...)
return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "GetZitadelDocs", reflect.TypeOf((*MockManagementServiceClient)(nil).GetZitadelDocs), varargs...)
}
// Healthz mocks base method
func (m *MockManagementServiceClient) Healthz(arg0 context.Context, arg1 *emptypb.Empty, arg2 ...grpc.CallOption) (*emptypb.Empty, error) {
m.ctrl.T.Helper()

13
pkg/grpc/management/proto/management.proto
View File

@ -54,6 +54,12 @@ service ManagementService {
};
}
rpc GetZitadelDocs(google.protobuf.Empty) returns (ZitadelDocs) {
option (google.api.http) = {
get: "/zitadel/docs"
};
}
// GetIam returns some needed settings of the iam (Global Organisation ID, Zitadel Project ID)
rpc GetIam(google.protobuf.Empty) returns (Iam) {
option (google.api.http) = {
@ -1356,6 +1362,11 @@ service ManagementService {
}
}
message ZitadelDocs {
string issuer = 1;
string discovery_endpoint = 2;
}
message Iam {
string global_org_id = 1;
string iam_project_id = 2;
@ -1735,7 +1746,7 @@ message PasswordComplexityPolicy {
message PasswordComplexityPolicyCreate {
string description = 1 [(validate.rules).string = {max_len: 500}];
uint64 min_length = 2 [(validate.rules).uint64.gt = 0];
uint64 min_length = 2;
bool has_lowercase = 3;
bool has_uppercase = 4;
bool has_number = 5;