TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-03-01 00:27:24 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix(api): add remove otp sms and email to management api (#6721)

Browse Source 
* fix(api): add remove otp sms and email to management api

* fix(console): remove otpsms and otpemail from user

---------

Co-authored-by: peintnermax <max@caos.ch>
This commit is contained in:
Livio Spring 2023-10-16 10:49:02 +03:00 committed by GitHub
parent ce719a3fa4
commit cb0a0f996e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 147 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
console/src/app/pages/users/user-detail/auth-user-detail/auth-user-mfa/auth-user-mfa.component.ts
View File

@ -157,7 +157,7 @@ export class AuthUserMfaComponent implements OnInit, OnDestroy {
this.service this.service
.removeMyAuthFactorOTPEmail() .removeMyAuthFactorOTPEmail()
.then(() => { .then(() => {
this.toast.showInfo('USER.TOAST.U2FREMOVED', true); this.toast.showInfo('USER.TOAST.OTPREMOVED', true);
this.cleanupList(); this.cleanupList();
this.getMFAs(); this.getMFAs();
@ -169,7 +169,7 @@ export class AuthUserMfaComponent implements OnInit, OnDestroy {
this.service this.service
.removeMyAuthFactorOTPSMS() .removeMyAuthFactorOTPSMS()
.then(() => { .then(() => {
this.toast.showInfo('USER.TOAST.U2FREMOVED', true); this.toast.showInfo('USER.TOAST.OTPREMOVED', true);
this.cleanupList(); this.cleanupList();
this.getMFAs(); this.getMFAs();

30
console/src/app/pages/users/user-detail/user-detail/user-mfa/user-mfa.component.ts
View File

@ -102,6 +102,36 @@ export class UserMfaComponent implements OnInit, OnDestroy {
.catch((error) => { .catch((error) => {
this.toast.showError(error); this.toast.showError(error);
}); });
} else if (factor.otpEmail) {
this.mgmtUserService
.removeHumanAuthFactorOTPEmail(this.user.id)
.then(() => {
this.toast.showInfo('USER.TOAST.OTPREMOVED', true);
const index = this.dataSource.data.findIndex((mfa) => !!mfa.otpEmail);
if (index > -1) {
this.dataSource.data.splice(index, 1);
}
this.getMFAs();
})
.catch((error) => {
this.toast.showError(error);
});
} else if (factor.otpSms) {
this.mgmtUserService
.removeHumanAuthFactorOTPSMS(this.user.id)
.then(() => {
this.toast.showInfo('USER.TOAST.OTPREMOVED', true);
const index = this.dataSource.data.findIndex((mfa) => !!mfa.otpSms);
if (index > -1) {
this.dataSource.data.splice(index, 1);
}
this.getMFAs();
})
.catch((error) => {
this.toast.showError(error);
});
} }
} }
}); });

16
console/src/app/services/mgmt.service.ts
View File

@ -322,8 +322,12 @@ import {
RemoveCustomLabelPolicyLogoDarkResponse, RemoveCustomLabelPolicyLogoDarkResponse,
RemoveCustomLabelPolicyLogoRequest, RemoveCustomLabelPolicyLogoRequest,
RemoveCustomLabelPolicyLogoResponse, RemoveCustomLabelPolicyLogoResponse,
RemoveHumanAuthFactorOTPEmailRequest,
RemoveHumanAuthFactorOTPEmailResponse,
RemoveHumanAuthFactorOTPRequest, RemoveHumanAuthFactorOTPRequest,
RemoveHumanAuthFactorOTPResponse, RemoveHumanAuthFactorOTPResponse,
RemoveHumanAuthFactorOTPSMSRequest,
RemoveHumanAuthFactorOTPSMSResponse,
RemoveHumanAuthFactorU2FRequest, RemoveHumanAuthFactorU2FRequest,
RemoveHumanAuthFactorU2FResponse, RemoveHumanAuthFactorU2FResponse,
RemoveHumanLinkedIDPRequest, RemoveHumanLinkedIDPRequest,
@ -1805,6 +1809,18 @@ export class ManagementService {
return this.grpcService.mgmt.removeHumanAuthFactorU2F(req, null).then((resp) => resp.toObject()); return this.grpcService.mgmt.removeHumanAuthFactorU2F(req, null).then((resp) => resp.toObject());
} }
public removeHumanAuthFactorOTPSMS(userId: string): Promise<RemoveHumanAuthFactorOTPSMSResponse.AsObject> {
const req = new RemoveHumanAuthFactorOTPSMSRequest();
req.setUserId(userId);
return this.grpcService.mgmt.removeHumanAuthFactorOTPSMS(req, null).then((resp) => resp.toObject());
}
public removeHumanAuthFactorOTPEmail(userId: string): Promise<RemoveHumanAuthFactorOTPEmailResponse.AsObject> {
const req = new RemoveHumanAuthFactorOTPEmailRequest();
req.setUserId(userId);
return this.grpcService.mgmt.removeHumanAuthFactorOTPEmail(req, null).then((resp) => resp.toObject());
}
public updateHumanProfile( public updateHumanProfile(
userId: string, userId: string,
firstName?: string, firstName?: string,

20
internal/api/grpc/management/user.go
View File

@ -646,6 +646,26 @@ func (s *Server) RemoveHumanAuthFactorU2F(ctx context.Context, req *mgmt_pb.Remo
}, nil }, nil
} }
func (s *Server) RemoveHumanAuthFactorOTPSMS(ctx context.Context, req *mgmt_pb.RemoveHumanAuthFactorOTPSMSRequest) (*mgmt_pb.RemoveHumanAuthFactorOTPSMSResponse, error) {
objectDetails, err := s.command.RemoveHumanOTPSMS(ctx, req.UserId, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return &mgmt_pb.RemoveHumanAuthFactorOTPSMSResponse{
Details: obj_grpc.DomainToChangeDetailsPb(objectDetails),
}, nil
}
func (s *Server) RemoveHumanAuthFactorOTPEmail(ctx context.Context, req *mgmt_pb.RemoveHumanAuthFactorOTPEmailRequest) (*mgmt_pb.RemoveHumanAuthFactorOTPEmailResponse, error) {
objectDetails, err := s.command.RemoveHumanOTPEmail(ctx, req.UserId, authz.GetCtxData(ctx).OrgID)
if err != nil {
return nil, err
}
return &mgmt_pb.RemoveHumanAuthFactorOTPEmailResponse{
Details: obj_grpc.DomainToChangeDetailsPb(objectDetails),
}, nil
}
func (s *Server) ListHumanPasswordless(ctx context.Context, req *mgmt_pb.ListHumanPasswordlessRequest) (*mgmt_pb.ListHumanPasswordlessResponse, error) { func (s *Server) ListHumanPasswordless(ctx context.Context, req *mgmt_pb.ListHumanPasswordlessRequest) (*mgmt_pb.ListHumanPasswordlessResponse, error) {
query := new(query.UserAuthMethodSearchQueries) query := new(query.UserAuthMethodSearchQueries)
err := query.AppendUserIDQuery(req.UserId) err := query.AppendUserIDQuery(req.UserId)

80
proto/zitadel/management.proto
View File

@ -1255,7 +1255,7 @@ service ManagementService {
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = { option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
summary: "Remove Multi-Factor OTP"; summary: "Remove Multi-Factor OTP";
description: "Remove the configured One-Time-Password (OTP) as a factor from the user. OTP is an authentication app, like Authy or Google/Microsoft Authenticator.." description: "Remove the configured One-Time-Password (OTP) as a factor from the user. OTP is an authentication app, like Authy or Google/Microsoft Authenticator."
tags: "Users"; tags: "Users";
tags: "User Human"; tags: "User Human";
responses: { responses: {
@ -1306,6 +1306,68 @@ service ManagementService {
}; };
} }
rpc RemoveHumanAuthFactorOTPSMS(RemoveHumanAuthFactorOTPSMSRequest) returns (RemoveHumanAuthFactorOTPSMSResponse) {
option (google.api.http) = {
delete: "/users/{user_id}/auth_factors/otp_sms"
};
option (zitadel.v1.auth_option) = {
permission: "user.write"
};
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
summary: "Remove Multi-Factor OTP SMS";
description: "Remove the configured One-Time-Password (OTP) SMS as a factor from the user. As only one OTP SMS per user is allowed, the user will not have OTP SMS as a second-factor afterward."
tags: "Users";
tags: "User Human";
responses: {
key: "200"
value: {
description: "OK";
}
};
parameters: {
headers: {
name: "x-zitadel-orgid";
description: "The default is always the organization of the requesting user. If you like to get a user from another organization include the header. Make sure the requesting user has permission in the requested organization.";
type: STRING,
required: false;
};
};
};
}
rpc RemoveHumanAuthFactorOTPEmail(RemoveHumanAuthFactorOTPEmailRequest) returns (RemoveHumanAuthFactorOTPEmailResponse) {
option (google.api.http) = {
delete: "/users/{user_id}/auth_factors/otp_email"
};
option (zitadel.v1.auth_option) = {
permission: "user.write"
};
option (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_operation) = {
summary: "Remove Multi-Factor OTP SMS";
description: "Remove the configured One-Time-Password (OTP) Email as a factor from the user. As only one OTP Email per user is allowed, the user will not have OTP Email as a second-factor afterward."
tags: "Users";
tags: "User Human";
responses: {
key: "200"
value: {
description: "OK";
}
};
parameters: {
headers: {
name: "x-zitadel-orgid";
description: "The default is always the organization of the requesting user. If you like to get a user from another organization include the header. Make sure the requesting user has permission in the requested organization.";
type: STRING,
required: false;
};
};
};
}
rpc ListHumanPasswordless(ListHumanPasswordlessRequest) returns (ListHumanPasswordlessResponse) { rpc ListHumanPasswordless(ListHumanPasswordlessRequest) returns (ListHumanPasswordlessResponse) {
option (google.api.http) = { option (google.api.http) = {
post: "/users/{user_id}/passwordless/_search" post: "/users/{user_id}/passwordless/_search"
@ -8246,6 +8308,22 @@ message RemoveHumanAuthFactorU2FResponse {
zitadel.v1.ObjectDetails details = 1; zitadel.v1.ObjectDetails details = 1;
} }
message RemoveHumanAuthFactorOTPSMSRequest {
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
}
message RemoveHumanAuthFactorOTPSMSResponse {
zitadel.v1.ObjectDetails details = 1;
}
message RemoveHumanAuthFactorOTPEmailRequest {
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
}
message RemoveHumanAuthFactorOTPEmailResponse {
zitadel.v1.ObjectDetails details = 1;
}
message ListHumanPasswordlessRequest { message ListHumanPasswordlessRequest {
string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}]; string user_id = 1 [(validate.rules).string = {min_len: 1, max_len: 200}];
} }