TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-12 09:37:45 +00:00
Code Issues Packages Projects Releases Wiki Activity

chore: move the go code into a subfolder

Browse Source
This commit is contained in:
Florian Forster
2025-08-05 15:20:32 -07:00
parent 4ad22ba456
commit cd2921de26
2978 changed files with 373 additions and 300 deletions
Download Patch File Download Diff File Expand all files Collapse all files

25
apps/api/internal/repository/user/aggregate.go Normal file
View File

@@ -0,0 +1,25 @@
package user
import (
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
AggregateType = "user"
AggregateVersion = "v2"
)
type Aggregate struct {
eventstore.Aggregate
}
func NewAggregate(id, resourceOwner string) *Aggregate {
return &Aggregate{
Aggregate: eventstore.Aggregate{
Type: AggregateType,
Version: AggregateVersion,
ID: id,
ResourceOwner: resourceOwner,
},
}
}

16
apps/api/internal/repository/user/auth_request_info.go Normal file
View File

@@ -0,0 +1,16 @@
package user
import "net"
type AuthRequestInfo struct {
ID string `json:"id,omitempty"`
UserAgentID string `json:"userAgentID,omitempty"`
SelectedIDPConfigID string `json:"selectedIDPConfigID,omitempty"`
*BrowserInfo
}
type BrowserInfo struct {
UserAgent string `json:"userAgent,omitempty"`
AcceptLanguage string `json:"acceptLanguage,omitempty"`
RemoteIP net.IP `json:"remoteIP,omitempty"`
}

144
apps/api/internal/repository/user/eventstore.go Normal file
View File

@@ -0,0 +1,144 @@
package user
import (
"github.com/zitadel/zitadel/internal/eventstore"
)
func init() {
eventstore.RegisterFilterEventMapper(AggregateType, UserV1AddedType, HumanAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1RegisteredType, HumanRegisteredEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1InitialCodeAddedType, HumanInitialCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1InitialCodeSentType, HumanInitialCodeSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1InitializedCheckSucceededType, HumanInitializedCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1InitializedCheckFailedType, HumanInitializedCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1SignedOutType, HumanSignedOutEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PasswordChangedType, HumanPasswordChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PasswordCodeAddedType, HumanPasswordCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PasswordCodeSentType, eventstore.GenericEventMapper[HumanPasswordCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PasswordCheckSucceededType, HumanPasswordCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PasswordCheckFailedType, HumanPasswordCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1EmailChangedType, HumanEmailChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1EmailVerifiedType, HumanEmailVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1EmailVerificationFailedType, HumanEmailVerificationFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1EmailCodeAddedType, HumanEmailCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1EmailCodeSentType, HumanEmailCodeSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PhoneChangedType, HumanPhoneChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PhoneRemovedType, HumanPhoneRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PhoneVerifiedType, HumanPhoneVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PhoneVerificationFailedType, HumanPhoneVerificationFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PhoneCodeAddedType, HumanPhoneCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1PhoneCodeSentType, eventstore.GenericEventMapper[HumanPhoneCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UserV1ProfileChangedType, HumanProfileChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1AddressChangedType, HumanAddressChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1MFAInitSkippedType, HumanMFAInitSkippedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1MFAOTPAddedType, HumanOTPAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1MFAOTPVerifiedType, HumanOTPVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1MFAOTPRemovedType, HumanOTPRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1MFAOTPCheckSucceededType, HumanOTPCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserV1MFAOTPCheckFailedType, HumanOTPCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserLockedType, UserLockedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserUnlockedType, UserUnlockedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserDeactivatedType, UserDeactivatedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserReactivatedType, UserReactivatedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserRemovedType, UserRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserTokenAddedType, UserTokenAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserTokenV2AddedType, eventstore.GenericEventMapper[UserTokenV2AddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UserImpersonatedType, eventstore.GenericEventMapper[UserImpersonatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UserTokenRemovedType, UserTokenRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserDomainClaimedType, DomainClaimedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserDomainClaimedSentType, DomainClaimedSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserUserNameChangedType, UsernameChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MetadataSetType, MetadataSetEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MetadataRemovedType, MetadataRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MetadataRemovedAllType, MetadataRemovedAllEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanAddedType, HumanAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanRegisteredType, HumanRegisteredEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanInitialCodeAddedType, HumanInitialCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanInitialCodeSentType, HumanInitialCodeSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanInitializedCheckSucceededType, HumanInitializedCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanInitializedCheckFailedType, HumanInitializedCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanSignedOutType, HumanSignedOutEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordChangedType, HumanPasswordChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordCodeAddedType, HumanPasswordCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordCodeSentType, eventstore.GenericEventMapper[HumanPasswordCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordChangeSentType, HumanPasswordChangeSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordCheckSucceededType, HumanPasswordCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordCheckFailedType, HumanPasswordCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordHashUpdatedType, eventstore.GenericEventMapper[HumanPasswordHashUpdatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UserIDPLinkAddedType, UserIDPLinkAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserIDPLinkRemovedType, UserIDPLinkRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserIDPLinkCascadeRemovedType, UserIDPLinkCascadeRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserIDPLoginCheckSucceededType, UserIDPCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, UserIDPExternalIDMigratedType, eventstore.GenericEventMapper[UserIDPExternalIDMigratedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UserIDPExternalUsernameChangedType, eventstore.GenericEventMapper[UserIDPExternalUsernameEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanEmailChangedType, HumanEmailChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanEmailVerifiedType, HumanEmailVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanEmailVerificationFailedType, HumanEmailVerificationFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanEmailCodeAddedType, HumanEmailCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanEmailCodeSentType, HumanEmailCodeSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPhoneChangedType, HumanPhoneChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPhoneRemovedType, HumanPhoneRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPhoneVerifiedType, HumanPhoneVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPhoneVerificationFailedType, HumanPhoneVerificationFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPhoneCodeAddedType, HumanPhoneCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPhoneCodeSentType, eventstore.GenericEventMapper[HumanPhoneCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanProfileChangedType, HumanProfileChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanAvatarAddedType, HumanAvatarAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanAvatarRemovedType, HumanAvatarRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanAddressChangedType, HumanAddressChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanMFAInitSkippedType, HumanMFAInitSkippedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanMFAOTPAddedType, HumanOTPAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanMFAOTPVerifiedType, HumanOTPVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanMFAOTPRemovedType, HumanOTPRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanMFAOTPCheckSucceededType, HumanOTPCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanMFAOTPCheckFailedType, HumanOTPCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPSMSAddedType, eventstore.GenericEventMapper[HumanOTPSMSAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPSMSRemovedType, eventstore.GenericEventMapper[HumanOTPSMSRemovedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPSMSCodeAddedType, eventstore.GenericEventMapper[HumanOTPSMSCodeAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPSMSCodeSentType, eventstore.GenericEventMapper[HumanOTPSMSCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPSMSCheckSucceededType, eventstore.GenericEventMapper[HumanOTPSMSCheckSucceededEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPSMSCheckFailedType, eventstore.GenericEventMapper[HumanOTPSMSCheckFailedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPEmailAddedType, eventstore.GenericEventMapper[HumanOTPEmailAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPEmailRemovedType, eventstore.GenericEventMapper[HumanOTPEmailRemovedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPEmailCodeAddedType, eventstore.GenericEventMapper[HumanOTPEmailCodeAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPEmailCodeSentType, eventstore.GenericEventMapper[HumanOTPEmailCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPEmailCheckSucceededType, eventstore.GenericEventMapper[HumanOTPEmailCheckSucceededEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanOTPEmailCheckFailedType, eventstore.GenericEventMapper[HumanOTPEmailCheckFailedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenAddedType, HumanU2FAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenVerifiedType, HumanU2FVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenSignCountChangedType, HumanU2FSignCountChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenRemovedType, HumanU2FRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenBeginLoginType, HumanU2FBeginLoginEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenCheckSucceededType, HumanU2FCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanU2FTokenCheckFailedType, HumanU2FCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenAddedType, HumanPasswordlessAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenVerifiedType, HumanPasswordlessVerifiedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenSignCountChangedType, HumanPasswordlessSignCountChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenRemovedType, HumanPasswordlessRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenBeginLoginType, HumanPasswordlessBeginLoginEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenCheckSucceededType, HumanPasswordlessCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessTokenCheckFailedType, HumanPasswordlessCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessInitCodeAddedType, HumanPasswordlessInitCodeAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessInitCodeRequestedType, HumanPasswordlessInitCodeRequestedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessInitCodeSentType, HumanPasswordlessInitCodeSentEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessInitCodeCheckFailedType, HumanPasswordlessInitCodeCodeCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanPasswordlessInitCodeCheckSucceededType, HumanPasswordlessInitCodeCodeCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanRefreshTokenAddedType, HumanRefreshTokenAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanRefreshTokenRenewedType, HumanRefreshTokenRenewedEventEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, HumanRefreshTokenRemovedType, HumanRefreshTokenRemovedEventEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineAddedEventType, MachineAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineChangedEventType, MachineChangedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineKeyAddedEventType, MachineKeyAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineKeyRemovedEventType, MachineKeyRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, PersonalAccessTokenAddedType, PersonalAccessTokenAddedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, PersonalAccessTokenRemovedType, PersonalAccessTokenRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineSecretSetType, MachineSecretSetEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineSecretRemovedType, MachineSecretRemovedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineSecretCheckSucceededType, MachineSecretCheckSucceededEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineSecretCheckFailedType, MachineSecretCheckFailedEventMapper)
eventstore.RegisterFilterEventMapper(AggregateType, MachineSecretHashUpdatedType, eventstore.GenericEventMapper[MachineSecretHashUpdatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanInviteCodeAddedType, eventstore.GenericEventMapper[HumanInviteCodeAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanInviteCodeSentType, eventstore.GenericEventMapper[HumanInviteCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanInviteCheckSucceededType, eventstore.GenericEventMapper[HumanInviteCheckSucceededEvent])
eventstore.RegisterFilterEventMapper(AggregateType, HumanInviteCheckFailedType, eventstore.GenericEventMapper[HumanInviteCheckFailedEvent])
}

567
apps/api/internal/repository/user/human.go Normal file
View File

@@ -0,0 +1,567 @@
package user
import (
"context"
"time"
"golang.org/x/text/language"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
humanEventPrefix = userEventTypePrefix + "human."
HumanAddedType = humanEventPrefix + "added"
HumanRegisteredType = humanEventPrefix + "selfregistered"
HumanInitialCodeAddedType = humanEventPrefix + "initialization.code.added"
HumanInitialCodeSentType = humanEventPrefix + "initialization.code.sent"
HumanInitializedCheckSucceededType = humanEventPrefix + "initialization.check.succeeded"
HumanInitializedCheckFailedType = humanEventPrefix + "initialization.check.failed"
HumanInviteCodeAddedType = humanEventPrefix + "invite.code.added"
HumanInviteCodeSentType = humanEventPrefix + "invite.code.sent"
HumanInviteCheckSucceededType = humanEventPrefix + "invite.check.succeeded"
HumanInviteCheckFailedType = humanEventPrefix + "invite.check.failed"
HumanSignedOutType = humanEventPrefix + "signed.out"
)
type HumanAddedEvent struct {
eventstore.BaseEvent `json:"-"`
UserName string `json:"userName"`
orgScopedUsername bool
FirstName string `json:"firstName,omitempty"`
LastName string `json:"lastName,omitempty"`
NickName string `json:"nickName,omitempty"`
DisplayName string `json:"displayName,omitempty"`
PreferredLanguage language.Tag `json:"preferredLanguage,omitempty"`
Gender domain.Gender `json:"gender,omitempty"`
EmailAddress domain.EmailAddress `json:"email,omitempty"`
PhoneNumber domain.PhoneNumber `json:"phone,omitempty"`
Country string `json:"country,omitempty"`
Locality string `json:"locality,omitempty"`
PostalCode string `json:"postalCode,omitempty"`
Region string `json:"region,omitempty"`
StreetAddress string `json:"streetAddress,omitempty"`
// New events only use EncodedHash. However, the secret field
// is preserved to handle events older than the switch to Passwap.
Secret *crypto.CryptoValue `json:"secret,omitempty"`
EncodedHash string `json:"encodedHash,omitempty"`
ChangeRequired bool `json:"changeRequired,omitempty"`
}
func (e *HumanAddedEvent) Payload() interface{} {
return e
}
func (e *HumanAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewAddUsernameUniqueConstraint(e.UserName, e.Aggregate().ResourceOwner, e.orgScopedUsername)}
}
func (e *HumanAddedEvent) AddAddressData(
country,
locality,
postalCode,
region,
streetAddress string,
) {
e.Country = country
e.Locality = locality
e.PostalCode = postalCode
e.Region = region
e.StreetAddress = streetAddress
}
func (e *HumanAddedEvent) AddPhoneData(
phoneNumber domain.PhoneNumber,
) {
e.PhoneNumber = phoneNumber
}
func (e *HumanAddedEvent) AddPasswordData(
encoded string,
changeRequired bool,
) {
e.EncodedHash = encoded
e.ChangeRequired = changeRequired
}
func NewHumanAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userName,
firstName,
lastName,
nickName,
displayName string,
preferredLanguage language.Tag,
gender domain.Gender,
emailAddress domain.EmailAddress,
orgScopedUsername bool,
) *HumanAddedEvent {
return &HumanAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanAddedType,
),
UserName: userName,
FirstName: firstName,
LastName: lastName,
NickName: nickName,
DisplayName: displayName,
PreferredLanguage: preferredLanguage,
Gender: gender,
EmailAddress: emailAddress,
orgScopedUsername: orgScopedUsername,
}
}
func HumanAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanAdded := &HumanAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-vGlhy", "unable to unmarshal human added")
}
return humanAdded, nil
}
type HumanRegisteredEvent struct {
eventstore.BaseEvent `json:"-"`
UserName string `json:"userName"`
orgScopedUsername bool
FirstName string `json:"firstName,omitempty"`
LastName string `json:"lastName,omitempty"`
NickName string `json:"nickName,omitempty"`
DisplayName string `json:"displayName,omitempty"`
PreferredLanguage language.Tag `json:"preferredLanguage,omitempty"`
Gender domain.Gender `json:"gender,omitempty"`
EmailAddress domain.EmailAddress `json:"email,omitempty"`
PhoneNumber domain.PhoneNumber `json:"phone,omitempty"`
Country string `json:"country,omitempty"`
Locality string `json:"locality,omitempty"`
PostalCode string `json:"postalCode,omitempty"`
Region string `json:"region,omitempty"`
StreetAddress string `json:"streetAddress,omitempty"`
// New events only use EncodedHash. However, the secret field
// is preserved to handle events older than the switch to Passwap.
Secret *crypto.CryptoValue `json:"secret,omitempty"` // legacy
EncodedHash string `json:"encodedHash,omitempty"`
ChangeRequired bool `json:"changeRequired,omitempty"`
UserAgentID string `json:"userAgentID,omitempty"`
}
func (e *HumanRegisteredEvent) Payload() interface{} {
return e
}
func (e *HumanRegisteredEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewAddUsernameUniqueConstraint(e.UserName, e.Aggregate().ResourceOwner, e.orgScopedUsername)}
}
func (e *HumanRegisteredEvent) AddAddressData(
country,
locality,
postalCode,
region,
streetAddress string,
) {
e.Country = country
e.Locality = locality
e.PostalCode = postalCode
e.Region = region
e.StreetAddress = streetAddress
}
func (e *HumanRegisteredEvent) AddPhoneData(
phoneNumber domain.PhoneNumber,
) {
e.PhoneNumber = phoneNumber
}
func (e *HumanRegisteredEvent) AddPasswordData(
encoded string,
changeRequired bool,
) {
e.EncodedHash = encoded
e.ChangeRequired = changeRequired
}
func NewHumanRegisteredEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userName,
firstName,
lastName,
nickName,
displayName string,
preferredLanguage language.Tag,
gender domain.Gender,
emailAddress domain.EmailAddress,
orgScopedUsername bool,
userAgentID string,
) *HumanRegisteredEvent {
return &HumanRegisteredEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanRegisteredType,
),
UserName: userName,
FirstName: firstName,
LastName: lastName,
NickName: nickName,
DisplayName: displayName,
PreferredLanguage: preferredLanguage,
Gender: gender,
EmailAddress: emailAddress,
orgScopedUsername: orgScopedUsername,
UserAgentID: userAgentID,
}
}
func HumanRegisteredEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanRegistered := &HumanRegisteredEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanRegistered)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-3Vm9s", "unable to unmarshal human registered")
}
return humanRegistered, nil
}
type HumanInitialCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
AuthRequestID string `json:"authRequestID,omitempty"`
}
func (e *HumanInitialCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanInitialCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanInitialCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanInitialCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
authRequestID string,
) *HumanInitialCodeAddedEvent {
return &HumanInitialCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInitialCodeAddedType,
),
Code: code,
Expiry: expiry,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
AuthRequestID: authRequestID,
}
}
func HumanInitialCodeAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanRegistered := &HumanInitialCodeAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanRegistered)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-bM9se", "unable to unmarshal human initial code added")
}
return humanRegistered, nil
}
type HumanInitialCodeSentEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanInitialCodeSentEvent) Payload() interface{} {
return nil
}
func (e *HumanInitialCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanInitialCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanInitialCodeSentEvent {
return &HumanInitialCodeSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInitialCodeSentType,
),
}
}
func HumanInitialCodeSentEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanInitialCodeSentEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanInitializedCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanInitializedCheckSucceededEvent) Payload() interface{} {
return nil
}
func (e *HumanInitializedCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanInitializedCheckSucceededEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanInitializedCheckSucceededEvent {
return &HumanInitializedCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInitializedCheckSucceededType,
),
}
}
func HumanInitializedCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanInitializedCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanInitializedCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanInitializedCheckFailedEvent) Payload() interface{} {
return nil
}
func (e *HumanInitializedCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanInitializedCheckFailedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanInitializedCheckFailedEvent {
return &HumanInitializedCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInitializedCheckFailedType,
),
}
}
func HumanInitializedCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanInitializedCheckFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanInviteCodeAddedEvent struct {
*eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
URLTemplate string `json:"urlTemplate,omitempty"`
CodeReturned bool `json:"codeReturned,omitempty"`
ApplicationName string `json:"applicationName,omitempty"`
AuthRequestID string `json:"authRequestID,omitempty"`
}
func (e *HumanInviteCodeAddedEvent) SetBaseEvent(b *eventstore.BaseEvent) {
e.BaseEvent = b
}
func (e *HumanInviteCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanInviteCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanInviteCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanInviteCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
urlTemplate string,
codeReturned bool,
applicationName string,
authRequestID string,
) *HumanInviteCodeAddedEvent {
return &HumanInviteCodeAddedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInviteCodeAddedType,
),
Code: code,
Expiry: expiry,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
URLTemplate: urlTemplate,
CodeReturned: codeReturned,
ApplicationName: applicationName,
AuthRequestID: authRequestID,
}
}
type HumanInviteCodeSentEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *HumanInviteCodeSentEvent) SetBaseEvent(b *eventstore.BaseEvent) {
e.BaseEvent = b
}
func (e *HumanInviteCodeSentEvent) Payload() interface{} {
return nil
}
func (e *HumanInviteCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanInviteCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanInviteCodeSentEvent {
return &HumanInviteCodeSentEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInviteCodeSentType,
),
}
}
type HumanInviteCheckSucceededEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *HumanInviteCheckSucceededEvent) SetBaseEvent(b *eventstore.BaseEvent) {
e.BaseEvent = b
}
func (e *HumanInviteCheckSucceededEvent) Payload() interface{} {
return nil
}
func (e *HumanInviteCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanInviteCheckSucceededEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanInviteCheckSucceededEvent {
return &HumanInviteCheckSucceededEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInviteCheckSucceededType,
),
}
}
type HumanInviteCheckFailedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *HumanInviteCheckFailedEvent) SetBaseEvent(b *eventstore.BaseEvent) {
e.BaseEvent = b
}
func (e *HumanInviteCheckFailedEvent) Payload() interface{} {
return nil
}
func (e *HumanInviteCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanInviteCheckFailedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanInviteCheckFailedEvent {
return &HumanInviteCheckFailedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanInviteCheckFailedType,
),
}
}
type HumanSignedOutEvent struct {
eventstore.BaseEvent `json:"-"`
UserAgentID string `json:"userAgentID"`
SessionID string `json:"sessionID,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
}
func (e *HumanSignedOutEvent) Payload() interface{} {
return e
}
func (e *HumanSignedOutEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanSignedOutEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanSignedOutEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userAgentID,
sessionID string,
) *HumanSignedOutEvent {
return &HumanSignedOutEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanSignedOutType,
),
UserAgentID: userAgentID,
SessionID: sessionID,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
func HumanSignedOutEventMapper(event eventstore.Event) (eventstore.Event, error) {
signedOut := &HumanSignedOutEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(signedOut)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-WFS3g", "unable to unmarshal human signed out")
}
return signedOut, nil
}

96
apps/api/internal/repository/user/human_address.go Normal file
View File

@@ -0,0 +1,96 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
addressEventPrefix = humanEventPrefix + "address."
HumanAddressChangedType = addressEventPrefix + "changed"
)
type HumanAddressChangedEvent struct {
eventstore.BaseEvent `json:"-"`
Country *string `json:"country,omitempty"`
Locality *string `json:"locality,omitempty"`
PostalCode *string `json:"postalCode,omitempty"`
Region *string `json:"region,omitempty"`
StreetAddress *string `json:"streetAddress,omitempty"`
}
func (e *HumanAddressChangedEvent) Payload() interface{} {
return e
}
func (e *HumanAddressChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewAddressChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
changes []AddressChanges,
) (*HumanAddressChangedEvent, error) {
if len(changes) == 0 {
return nil, zerrors.ThrowPreconditionFailed(nil, "USER-3n8fs", "Errors.NoChangesFound")
}
changeEvent := &HumanAddressChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanAddressChangedType,
),
}
for _, change := range changes {
change(changeEvent)
}
return changeEvent, nil
}
type AddressChanges func(event *HumanAddressChangedEvent)
func ChangeCountry(country string) func(event *HumanAddressChangedEvent) {
return func(e *HumanAddressChangedEvent) {
e.Country = &country
}
}
func ChangeLocality(locality string) func(event *HumanAddressChangedEvent) {
return func(e *HumanAddressChangedEvent) {
e.Locality = &locality
}
}
func ChangePostalCode(code string) func(event *HumanAddressChangedEvent) {
return func(e *HumanAddressChangedEvent) {
e.PostalCode = &code
}
}
func ChangeRegion(region string) func(event *HumanAddressChangedEvent) {
return func(e *HumanAddressChangedEvent) {
e.Region = &region
}
}
func ChangeStreetAddress(street string) func(event *HumanAddressChangedEvent) {
return func(e *HumanAddressChangedEvent) {
e.StreetAddress = &street
}
}
func HumanAddressChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
addressChanged := &HumanAddressChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(addressChanged)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-5M0pd", "unable to unmarshal human address changed")
}
return addressChanged, nil
}

62
apps/api/internal/repository/user/human_avatar.go Normal file
View File

@@ -0,0 +1,62 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/repository/asset"
)
const (
avatarEventPrefix = humanEventPrefix + "avatar."
HumanAvatarAddedType = avatarEventPrefix + "added"
HumanAvatarRemovedType = avatarEventPrefix + "removed"
)
type HumanAvatarAddedEvent struct {
asset.AddedEvent
}
func NewHumanAvatarAddedEvent(ctx context.Context, aggregate *eventstore.Aggregate, storageKey string) *HumanAvatarAddedEvent {
return &HumanAvatarAddedEvent{
AddedEvent: *asset.NewAddedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanAvatarAddedType),
storageKey),
}
}
func HumanAvatarAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := asset.AddedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanAvatarAddedEvent{AddedEvent: *e.(*asset.AddedEvent)}, nil
}
type HumanAvatarRemovedEvent struct {
asset.RemovedEvent
}
func NewHumanAvatarRemovedEvent(ctx context.Context, aggregate *eventstore.Aggregate, storageKey string) *HumanAvatarRemovedEvent {
return &HumanAvatarRemovedEvent{
RemovedEvent: *asset.NewRemovedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanAvatarRemovedType),
storageKey),
}
}
func HumanAvatarRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := asset.RemovedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanAvatarRemovedEvent{RemovedEvent: *e.(*asset.RemovedEvent)}, nil
}

217
apps/api/internal/repository/user/human_email.go Normal file
View File

@@ -0,0 +1,217 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
emailEventPrefix = humanEventPrefix + "email."
HumanEmailChangedType = emailEventPrefix + "changed"
HumanEmailVerifiedType = emailEventPrefix + "verified"
HumanEmailVerificationFailedType = emailEventPrefix + "verification.failed"
HumanEmailCodeAddedType = emailEventPrefix + "code.added"
HumanEmailCodeSentType = emailEventPrefix + "code.sent"
HumanEmailConfirmURLAddedType = emailEventPrefix + "confirm_url.added"
)
type HumanEmailChangedEvent struct {
eventstore.BaseEvent `json:"-"`
EmailAddress domain.EmailAddress `json:"email,omitempty"`
}
func (e *HumanEmailChangedEvent) Payload() interface{} {
return e
}
func (e *HumanEmailChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanEmailChangedEvent(ctx context.Context, aggregate *eventstore.Aggregate, emailAddress domain.EmailAddress) *HumanEmailChangedEvent {
return &HumanEmailChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanEmailChangedType,
),
EmailAddress: emailAddress,
}
}
func HumanEmailChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
emailChangedEvent := &HumanEmailChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(emailChangedEvent)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-4M0sd", "unable to unmarshal human password changed")
}
return emailChangedEvent, nil
}
type HumanEmailVerifiedEvent struct {
eventstore.BaseEvent `json:"-"`
IsEmailVerified bool `json:"-"`
}
func (e *HumanEmailVerifiedEvent) Payload() interface{} {
return nil
}
func (e *HumanEmailVerifiedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanEmailVerifiedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanEmailVerifiedEvent {
return &HumanEmailVerifiedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanEmailVerifiedType,
),
}
}
func HumanEmailVerifiedEventMapper(event eventstore.Event) (eventstore.Event, error) {
emailVerified := &HumanEmailVerifiedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
IsEmailVerified: true,
}
return emailVerified, nil
}
type HumanEmailVerificationFailedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanEmailVerificationFailedEvent) Payload() interface{} {
return nil
}
func (e *HumanEmailVerificationFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanEmailVerificationFailedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanEmailVerificationFailedEvent {
return &HumanEmailVerificationFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanEmailVerificationFailedType,
),
}
}
func HumanEmailVerificationFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanEmailVerificationFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanEmailCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
URLTemplate string `json:"url_template,omitempty"`
CodeReturned bool `json:"code_returned,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
// AuthRequest is only used in V1 Login UI
AuthRequestID string `json:"authRequestID,omitempty"`
}
func (e *HumanEmailCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanEmailCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanEmailCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanEmailCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
authRequestID string,
) *HumanEmailCodeAddedEvent {
return NewHumanEmailCodeAddedEventV2(ctx, aggregate, code, expiry, "", false, authRequestID)
}
func NewHumanEmailCodeAddedEventV2(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
urlTemplate string,
codeReturned bool,
authRequestID string,
) *HumanEmailCodeAddedEvent {
return &HumanEmailCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanEmailCodeAddedType,
),
Code: code,
Expiry: expiry,
URLTemplate: urlTemplate,
CodeReturned: codeReturned,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
AuthRequestID: authRequestID,
}
}
func HumanEmailCodeAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
codeAdded := &HumanEmailCodeAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(codeAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-3M0sd", "unable to unmarshal human email code added")
}
return codeAdded, nil
}
type HumanEmailCodeSentEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanEmailCodeSentEvent) Payload() interface{} {
return nil
}
func (e *HumanEmailCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanEmailCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanEmailCodeSentEvent {
return &HumanEmailCodeSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanEmailCodeSentType,
),
}
}
func HumanEmailCodeSentEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanEmailCodeSentEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}

289
apps/api/internal/repository/user/human_external_idp.go Normal file
View File

@@ -0,0 +1,289 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
UniqueUserIDPLinkType = "external_idps"
UserIDPLinkEventPrefix = humanEventPrefix + "externalidp."
idpLoginEventPrefix = humanEventPrefix + "externallogin."
UserIDPLinkAddedType = UserIDPLinkEventPrefix + "added"
UserIDPLinkRemovedType = UserIDPLinkEventPrefix + "removed"
UserIDPLinkCascadeRemovedType = UserIDPLinkEventPrefix + "cascade.removed"
UserIDPExternalIDMigratedType = UserIDPLinkEventPrefix + "id.migrated"
UserIDPExternalUsernameChangedType = UserIDPLinkEventPrefix + "username.changed"
UserIDPLoginCheckSucceededType = idpLoginEventPrefix + "check.succeeded"
)
func NewAddUserIDPLinkUniqueConstraint(idpConfigID, externalUserID string) *eventstore.UniqueConstraint {
return eventstore.NewAddEventUniqueConstraint(
UniqueUserIDPLinkType,
idpConfigID+externalUserID,
"Errors.User.ExternalIDP.AlreadyExists")
}
func NewRemoveUserIDPLinkUniqueConstraint(idpConfigID, externalUserID string) *eventstore.UniqueConstraint {
return eventstore.NewRemoveUniqueConstraint(
UniqueUserIDPLinkType,
idpConfigID+externalUserID)
}
type UserIDPLinkAddedEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId,omitempty"`
ExternalUserID string `json:"userId,omitempty"`
DisplayName string `json:"displayName,omitempty"`
}
func (e *UserIDPLinkAddedEvent) Payload() interface{} {
return e
}
func (e *UserIDPLinkAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewAddUserIDPLinkUniqueConstraint(e.IDPConfigID, e.ExternalUserID)}
}
func NewUserIDPLinkAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
idpConfigID,
displayName,
externalUserID string,
) *UserIDPLinkAddedEvent {
return &UserIDPLinkAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserIDPLinkAddedType,
),
IDPConfigID: idpConfigID,
DisplayName: displayName,
ExternalUserID: externalUserID,
}
}
func UserIDPLinkAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e := &UserIDPLinkAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(e)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-6M9sd", "unable to unmarshal user external idp added")
}
return e, nil
}
type UserIDPLinkRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId"`
ExternalUserID string `json:"userId,omitempty"`
}
func (e *UserIDPLinkRemovedEvent) Payload() interface{} {
return e
}
func (e *UserIDPLinkRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewRemoveUserIDPLinkUniqueConstraint(e.IDPConfigID, e.ExternalUserID)}
}
func NewUserIDPLinkRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
idpConfigID,
externalUserID string,
) *UserIDPLinkRemovedEvent {
return &UserIDPLinkRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserIDPLinkRemovedType,
),
IDPConfigID: idpConfigID,
ExternalUserID: externalUserID,
}
}
func UserIDPLinkRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e := &UserIDPLinkRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(e)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-eAWoT", "unable to unmarshal user external idp removed")
}
return e, nil
}
type UserIDPLinkCascadeRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId"`
ExternalUserID string `json:"userId,omitempty"`
}
func (e *UserIDPLinkCascadeRemovedEvent) Payload() interface{} {
return e
}
func (e *UserIDPLinkCascadeRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewRemoveUserIDPLinkUniqueConstraint(e.IDPConfigID, e.ExternalUserID)}
}
func NewUserIDPLinkCascadeRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
idpConfigID,
externalUserID string,
) *UserIDPLinkCascadeRemovedEvent {
return &UserIDPLinkCascadeRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserIDPLinkCascadeRemovedType,
),
IDPConfigID: idpConfigID,
ExternalUserID: externalUserID,
}
}
func UserIDPLinkCascadeRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e := &UserIDPLinkCascadeRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(e)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-dKGqO", "unable to unmarshal user external idp cascade removed")
}
return e, nil
}
type UserIDPCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *UserIDPCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *UserIDPCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserIDPCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo) *UserIDPCheckSucceededEvent {
return &UserIDPCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserIDPLoginCheckSucceededType,
),
AuthRequestInfo: info,
}
}
func UserIDPCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
e := &UserIDPCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(e)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-oikSS", "unable to unmarshal user external idp check succeeded")
}
return e, nil
}
type UserIDPExternalIDMigratedEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId"`
PreviousID string `json:"previousId"`
NewID string `json:"newId"`
}
func (e *UserIDPExternalIDMigratedEvent) Payload() interface{} {
return e
}
func (e *UserIDPExternalIDMigratedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *UserIDPExternalIDMigratedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewUserIDPExternalIDMigratedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
idpConfigID,
previousID,
newID string,
) *UserIDPExternalIDMigratedEvent {
return &UserIDPExternalIDMigratedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserIDPExternalIDMigratedType,
),
IDPConfigID: idpConfigID,
PreviousID: previousID,
NewID: newID,
}
}
type UserIDPExternalUsernameEvent struct {
eventstore.BaseEvent `json:"-"`
IDPConfigID string `json:"idpConfigId"`
ExternalUserID string `json:"userId"`
ExternalUsername string `json:"username"`
}
func (e *UserIDPExternalUsernameEvent) Payload() interface{} {
return e
}
func (e *UserIDPExternalUsernameEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *UserIDPExternalUsernameEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewUserIDPExternalUsernameEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
idpConfigID,
externalUserID,
externalUsername string,
) *UserIDPExternalUsernameEvent {
return &UserIDPExternalUsernameEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserIDPExternalUsernameChangedType,
),
IDPConfigID: idpConfigID,
ExternalUserID: externalUserID,
ExternalUsername: externalUsername,
}
}

40
apps/api/internal/repository/user/human_mfa_events.go Normal file
View File

@@ -0,0 +1,40 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
mfaEventPrefix = humanEventPrefix + "mfa."
HumanMFAInitSkippedType = mfaEventPrefix + "init.skipped"
)
type HumanMFAInitSkippedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanMFAInitSkippedEvent) Payload() interface{} {
return e
}
func (e *HumanMFAInitSkippedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanMFAInitSkippedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanMFAInitSkippedEvent {
return &HumanMFAInitSkippedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanMFAInitSkippedType,
),
}
}
func HumanMFAInitSkippedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanMFAInitSkippedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}

622
apps/api/internal/repository/user/human_mfa_otp.go Normal file
View File

@@ -0,0 +1,622 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/notification/senders"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
otpEventPrefix = mfaEventPrefix + "otp."
HumanMFAOTPAddedType = otpEventPrefix + "added"
HumanMFAOTPVerifiedType = otpEventPrefix + "verified"
HumanMFAOTPRemovedType = otpEventPrefix + "removed"
HumanMFAOTPCheckSucceededType = otpEventPrefix + "check.succeeded"
HumanMFAOTPCheckFailedType = otpEventPrefix + "check.failed"
otpSMSEventPrefix = otpEventPrefix + "sms."
HumanOTPSMSAddedType = otpSMSEventPrefix + "added"
HumanOTPSMSRemovedType = otpSMSEventPrefix + "removed"
HumanOTPSMSCodeAddedType = otpSMSEventPrefix + "code.added"
HumanOTPSMSCodeSentType = otpSMSEventPrefix + "code.sent"
HumanOTPSMSCheckSucceededType = otpSMSEventPrefix + "check.succeeded"
HumanOTPSMSCheckFailedType = otpSMSEventPrefix + "check.failed"
otpEmailEventPrefix = otpEventPrefix + "email."
HumanOTPEmailAddedType = otpEmailEventPrefix + "added"
HumanOTPEmailRemovedType = otpEmailEventPrefix + "removed"
HumanOTPEmailCodeAddedType = otpEmailEventPrefix + "code.added"
HumanOTPEmailCodeSentType = otpEmailEventPrefix + "code.sent"
HumanOTPEmailCheckSucceededType = otpEmailEventPrefix + "check.succeeded"
HumanOTPEmailCheckFailedType = otpEmailEventPrefix + "check.failed"
)
type HumanOTPAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Secret *crypto.CryptoValue `json:"otpSecret,omitempty"`
}
func (e *HumanOTPAddedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanOTPAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
secret *crypto.CryptoValue,
) *HumanOTPAddedEvent {
return &HumanOTPAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanMFAOTPAddedType,
),
Secret: secret,
}
}
func HumanOTPAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
otpAdded := &HumanOTPAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(otpAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Ns9df", "unable to unmarshal human otp added")
}
return otpAdded, nil
}
type HumanOTPVerifiedEvent struct {
eventstore.BaseEvent `json:"-"`
UserAgentID string `json:"userAgentID,omitempty"`
}
func (e *HumanOTPVerifiedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPVerifiedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanOTPVerifiedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userAgentID string,
) *HumanOTPVerifiedEvent {
return &HumanOTPVerifiedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanMFAOTPVerifiedType,
),
UserAgentID: userAgentID,
}
}
func HumanOTPVerifiedEventMapper(event eventstore.Event) (eventstore.Event, error) {
out := &HumanOTPVerifiedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
return out, nil
}
type HumanOTPRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanOTPRemovedEvent) Payload() interface{} {
return nil
}
func (e *HumanOTPRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanOTPRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *HumanOTPRemovedEvent {
return &HumanOTPRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanMFAOTPRemovedType,
),
}
}
func HumanOTPRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanOTPRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanOTPCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanOTPCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *HumanOTPCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanOTPCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanOTPCheckSucceededEvent {
return &HumanOTPCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanMFAOTPCheckSucceededType,
),
AuthRequestInfo: info,
}
}
func HumanOTPCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
otpAdded := &HumanOTPCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(otpAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Ns9df", "unable to unmarshal human otp check succeeded")
}
return otpAdded, nil
}
type HumanOTPCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanOTPCheckFailedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanOTPCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanOTPCheckFailedEvent {
return &HumanOTPCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanMFAOTPCheckFailedType,
),
AuthRequestInfo: info,
}
}
func HumanOTPCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
otpAdded := &HumanOTPCheckFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(otpAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Ns9df", "unable to unmarshal human otp check failed")
}
return otpAdded, nil
}
type HumanOTPSMSAddedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanOTPSMSAddedEvent) Payload() interface{} {
return nil
}
func (e *HumanOTPSMSAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPSMSAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPSMSAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *HumanOTPSMSAddedEvent {
return &HumanOTPSMSAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPSMSAddedType,
),
}
}
type HumanOTPSMSRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanOTPSMSRemovedEvent) Payload() interface{} {
return nil
}
func (e *HumanOTPSMSRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPSMSRemovedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPSMSRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *HumanOTPSMSRemovedEvent {
return &HumanOTPSMSRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPSMSRemovedType,
),
}
}
type HumanOTPSMSCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
GeneratorID string `json:"generatorId,omitempty"`
*AuthRequestInfo
}
func (e *HumanOTPSMSCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPSMSCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPSMSCodeAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func (e *HumanOTPSMSCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanOTPSMSCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
info *AuthRequestInfo,
generatorID string,
) *HumanOTPSMSCodeAddedEvent {
return &HumanOTPSMSCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPSMSCodeAddedType,
),
Code: code,
Expiry: expiry,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
AuthRequestInfo: info,
GeneratorID: generatorID,
}
}
type HumanOTPSMSCodeSentEvent struct {
eventstore.BaseEvent `json:"-"`
GeneratorInfo *senders.CodeGeneratorInfo `json:"generatorInfo,omitempty"`
}
func (e *HumanOTPSMSCodeSentEvent) Payload() interface{} {
return e
}
func (e *HumanOTPSMSCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPSMSCodeSentEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPSMSCodeSentEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
generatorInfo *senders.CodeGeneratorInfo,
) *HumanOTPSMSCodeSentEvent {
return &HumanOTPSMSCodeSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPSMSCodeSentType,
),
GeneratorInfo: generatorInfo,
}
}
type HumanOTPSMSCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanOTPSMSCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *HumanOTPSMSCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPSMSCheckSucceededEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPSMSCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanOTPSMSCheckSucceededEvent {
return &HumanOTPSMSCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPSMSCheckSucceededType,
),
AuthRequestInfo: info,
}
}
type HumanOTPSMSCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanOTPSMSCheckFailedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPSMSCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPSMSCheckFailedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPSMSCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanOTPSMSCheckFailedEvent {
return &HumanOTPSMSCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPSMSCheckFailedType,
),
AuthRequestInfo: info,
}
}
type HumanOTPEmailAddedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanOTPEmailAddedEvent) Payload() interface{} {
return nil
}
func (e *HumanOTPEmailAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPEmailAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPEmailAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *HumanOTPEmailAddedEvent {
return &HumanOTPEmailAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPEmailAddedType,
),
}
}
type HumanOTPEmailRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanOTPEmailRemovedEvent) Payload() interface{} {
return nil
}
func (e *HumanOTPEmailRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPEmailRemovedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPEmailRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *HumanOTPEmailRemovedEvent {
return &HumanOTPEmailRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPEmailRemovedType,
),
}
}
type HumanOTPEmailCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
*AuthRequestInfo
}
func (e *HumanOTPEmailCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPEmailCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPEmailCodeAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func (e *HumanOTPEmailCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanOTPEmailCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
info *AuthRequestInfo,
) *HumanOTPEmailCodeAddedEvent {
return &HumanOTPEmailCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPEmailCodeAddedType,
),
Code: code,
Expiry: expiry,
AuthRequestInfo: info,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
type HumanOTPEmailCodeSentEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
*AuthRequestInfo
}
func (e *HumanOTPEmailCodeSentEvent) Payload() interface{} {
return e
}
func (e *HumanOTPEmailCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPEmailCodeSentEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPEmailCodeSentEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *HumanOTPEmailCodeSentEvent {
return &HumanOTPEmailCodeSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPEmailCodeSentType,
),
}
}
type HumanOTPEmailCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanOTPEmailCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *HumanOTPEmailCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPEmailCheckSucceededEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPEmailCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanOTPEmailCheckSucceededEvent {
return &HumanOTPEmailCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPEmailCheckSucceededType,
),
AuthRequestInfo: info,
}
}
type HumanOTPEmailCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanOTPEmailCheckFailedEvent) Payload() interface{} {
return e
}
func (e *HumanOTPEmailCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanOTPEmailCheckFailedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = *event
}
func NewHumanOTPEmailCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanOTPEmailCheckFailedEvent {
return &HumanOTPEmailCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanOTPEmailCheckFailedType,
),
AuthRequestInfo: info,
}
}

492
apps/api/internal/repository/user/human_mfa_passwordless.go Normal file
View File

@@ -0,0 +1,492 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
passwordlessEventPrefix = humanEventPrefix + "passwordless."
humanPasswordlessTokenEventPrefix = passwordlessEventPrefix + "token."
HumanPasswordlessTokenAddedType = humanPasswordlessTokenEventPrefix + "added"
HumanPasswordlessTokenVerifiedType = humanPasswordlessTokenEventPrefix + "verified"
HumanPasswordlessTokenSignCountChangedType = humanPasswordlessTokenEventPrefix + "signcount.changed"
HumanPasswordlessTokenRemovedType = humanPasswordlessTokenEventPrefix + "removed"
HumanPasswordlessTokenBeginLoginType = humanPasswordlessTokenEventPrefix + "begin.login"
HumanPasswordlessTokenCheckSucceededType = humanPasswordlessTokenEventPrefix + "check.succeeded"
HumanPasswordlessTokenCheckFailedType = humanPasswordlessTokenEventPrefix + "check.failed"
humanPasswordlessInitCodePrefix = passwordlessEventPrefix + "initialization.code."
HumanPasswordlessInitCodeAddedType = humanPasswordlessInitCodePrefix + "added"
HumanPasswordlessInitCodeRequestedType = humanPasswordlessInitCodePrefix + "requested"
HumanPasswordlessInitCodeSentType = humanPasswordlessInitCodePrefix + "sent"
HumanPasswordlessInitCodeCheckFailedType = humanPasswordlessInitCodePrefix + "check.failed"
HumanPasswordlessInitCodeCheckSucceededType = humanPasswordlessInitCodePrefix + "check.succeeded"
)
type HumanPasswordlessAddedEvent struct {
HumanWebAuthNAddedEvent
}
func NewHumanPasswordlessAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID,
challenge string,
rpID string,
) *HumanPasswordlessAddedEvent {
return &HumanPasswordlessAddedEvent{
HumanWebAuthNAddedEvent: *NewHumanWebAuthNAddedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenAddedType,
),
webAuthNTokenID,
challenge,
rpID,
),
}
}
func HumanPasswordlessAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNAddedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessAddedEvent{HumanWebAuthNAddedEvent: *e.(*HumanWebAuthNAddedEvent)}, nil
}
type HumanPasswordlessVerifiedEvent struct {
HumanWebAuthNVerifiedEvent
}
func NewHumanPasswordlessVerifiedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID,
webAuthNTokenName,
attestationType string,
keyID,
publicKey,
aaguid []byte,
signCount uint32,
userAgentID string,
) *HumanPasswordlessVerifiedEvent {
return &HumanPasswordlessVerifiedEvent{
HumanWebAuthNVerifiedEvent: *NewHumanWebAuthNVerifiedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenVerifiedType,
),
webAuthNTokenID,
webAuthNTokenName,
attestationType,
keyID,
publicKey,
aaguid,
signCount,
userAgentID,
),
}
}
func HumanPasswordlessVerifiedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNVerifiedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessVerifiedEvent{HumanWebAuthNVerifiedEvent: *e.(*HumanWebAuthNVerifiedEvent)}, nil
}
type HumanPasswordlessSignCountChangedEvent struct {
HumanWebAuthNSignCountChangedEvent
}
func NewHumanPasswordlessSignCountChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID string,
signCount uint32,
) *HumanPasswordlessSignCountChangedEvent {
return &HumanPasswordlessSignCountChangedEvent{
HumanWebAuthNSignCountChangedEvent: *NewHumanWebAuthNSignCountChangedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenSignCountChangedType,
),
webAuthNTokenID,
signCount,
),
}
}
func HumanPasswordlessSignCountChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNSignCountChangedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessSignCountChangedEvent{HumanWebAuthNSignCountChangedEvent: *e.(*HumanWebAuthNSignCountChangedEvent)}, nil
}
type HumanPasswordlessRemovedEvent struct {
HumanWebAuthNRemovedEvent
}
func PrepareHumanPasswordlessRemovedEvent(ctx context.Context, webAuthNTokenID string) func(*eventstore.Aggregate) eventstore.Command {
return func(a *eventstore.Aggregate) eventstore.Command {
return NewHumanPasswordlessRemovedEvent(ctx, a, webAuthNTokenID)
}
}
func NewHumanPasswordlessRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID string,
) *HumanPasswordlessRemovedEvent {
return &HumanPasswordlessRemovedEvent{
HumanWebAuthNRemovedEvent: *NewHumanWebAuthNRemovedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenRemovedType,
),
webAuthNTokenID,
),
}
}
func HumanPasswordlessRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNRemovedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessRemovedEvent{HumanWebAuthNRemovedEvent: *e.(*HumanWebAuthNRemovedEvent)}, nil
}
type HumanPasswordlessBeginLoginEvent struct {
HumanWebAuthNBeginLoginEvent
}
func NewHumanPasswordlessBeginLoginEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
challenge string,
allowedCredentialIDs [][]byte,
userVerification domain.UserVerificationRequirement,
info *AuthRequestInfo,
) *HumanPasswordlessBeginLoginEvent {
return &HumanPasswordlessBeginLoginEvent{
HumanWebAuthNBeginLoginEvent: *NewHumanWebAuthNBeginLoginEvent(eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenBeginLoginType,
),
challenge,
allowedCredentialIDs,
userVerification,
info),
}
}
func HumanPasswordlessBeginLoginEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNBeginLoginEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessBeginLoginEvent{HumanWebAuthNBeginLoginEvent: *e.(*HumanWebAuthNBeginLoginEvent)}, nil
}
type HumanPasswordlessCheckSucceededEvent struct {
HumanWebAuthNCheckSucceededEvent
}
func NewHumanPasswordlessCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo) *HumanPasswordlessCheckSucceededEvent {
return &HumanPasswordlessCheckSucceededEvent{
HumanWebAuthNCheckSucceededEvent: *NewHumanWebAuthNCheckSucceededEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenCheckSucceededType,
),
info,
),
}
}
func HumanPasswordlessCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNCheckSucceededEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessCheckSucceededEvent{HumanWebAuthNCheckSucceededEvent: *e.(*HumanWebAuthNCheckSucceededEvent)}, nil
}
type HumanPasswordlessCheckFailedEvent struct {
HumanWebAuthNCheckFailedEvent
}
func NewHumanPasswordlessCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo) *HumanPasswordlessCheckFailedEvent {
return &HumanPasswordlessCheckFailedEvent{
HumanWebAuthNCheckFailedEvent: *NewHumanWebAuthNCheckFailedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessTokenCheckFailedType,
),
info,
),
}
}
func HumanPasswordlessCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNCheckFailedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanPasswordlessCheckFailedEvent{HumanWebAuthNCheckFailedEvent: *e.(*HumanWebAuthNCheckFailedEvent)}, nil
}
type HumanPasswordlessInitCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
ID string `json:"id"`
Code *crypto.CryptoValue `json:"code"`
Expiry time.Duration `json:"expiry"`
}
func (e *HumanPasswordlessInitCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordlessInitCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordlessInitCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
id string,
code *crypto.CryptoValue,
expiry time.Duration,
) *HumanPasswordlessInitCodeAddedEvent {
return &HumanPasswordlessInitCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessInitCodeAddedType,
),
ID: id,
Code: code,
Expiry: expiry,
}
}
func HumanPasswordlessInitCodeAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanPasswordlessInitCodeAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-BDf32", "unable to unmarshal human passwordless code added")
}
return webAuthNAdded, nil
}
type HumanPasswordlessInitCodeRequestedEvent struct {
eventstore.BaseEvent `json:"-"`
ID string `json:"id"`
Code *crypto.CryptoValue `json:"code"`
Expiry time.Duration `json:"expiry"`
URLTemplate string `json:"url_template,omitempty"`
CodeReturned bool `json:"code_returned,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
}
func (e *HumanPasswordlessInitCodeRequestedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordlessInitCodeRequestedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanPasswordlessInitCodeRequestedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanPasswordlessInitCodeRequestedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
id string,
code *crypto.CryptoValue,
expiry time.Duration,
urlTmpl string,
codeReturned bool,
) *HumanPasswordlessInitCodeRequestedEvent {
return &HumanPasswordlessInitCodeRequestedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessInitCodeRequestedType,
),
ID: id,
Code: code,
Expiry: expiry,
URLTemplate: urlTmpl,
CodeReturned: codeReturned,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
func HumanPasswordlessInitCodeRequestedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanPasswordlessInitCodeRequestedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-VGfg3", "unable to unmarshal human passwordless code delivery added")
}
return webAuthNAdded, nil
}
type HumanPasswordlessInitCodeSentEvent struct {
eventstore.BaseEvent `json:"-"`
ID string `json:"id"`
}
func (e *HumanPasswordlessInitCodeSentEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordlessInitCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordlessInitCodeSentEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
id string,
) *HumanPasswordlessInitCodeSentEvent {
return &HumanPasswordlessInitCodeSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessInitCodeSentType,
),
ID: id,
}
}
func HumanPasswordlessInitCodeSentEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanPasswordlessInitCodeSentEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Gtg4j", "unable to unmarshal human passwordless code sent")
}
return webAuthNAdded, nil
}
type HumanPasswordlessInitCodeCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
ID string `json:"id"`
}
func (e *HumanPasswordlessInitCodeCheckFailedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordlessInitCodeCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordlessInitCodeCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
id string,
) *HumanPasswordlessInitCodeCheckFailedEvent {
return &HumanPasswordlessInitCodeCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessInitCodeCheckFailedType,
),
ID: id,
}
}
func HumanPasswordlessInitCodeCodeCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanPasswordlessInitCodeCheckFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Gtg4j", "unable to unmarshal human passwordless code check failed")
}
return webAuthNAdded, nil
}
type HumanPasswordlessInitCodeCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
ID string `json:"id"`
}
func (e *HumanPasswordlessInitCodeCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordlessInitCodeCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordlessInitCodeCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
id string,
) *HumanPasswordlessInitCodeCheckSucceededEvent {
return &HumanPasswordlessInitCodeCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordlessInitCodeCheckSucceededType,
),
ID: id,
}
}
func HumanPasswordlessInitCodeCodeCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanPasswordlessInitCodeCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Gtg4j", "unable to unmarshal human passwordless code check succeeded")
}
return webAuthNAdded, nil
}

252
apps/api/internal/repository/user/human_mfa_u2f.go Normal file
View File

@@ -0,0 +1,252 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
u2fEventPrefix = mfaEventPrefix + "u2f.token."
HumanU2FTokenAddedType = u2fEventPrefix + "added"
HumanU2FTokenVerifiedType = u2fEventPrefix + "verified"
HumanU2FTokenSignCountChangedType = u2fEventPrefix + "signcount.changed"
HumanU2FTokenRemovedType = u2fEventPrefix + "removed"
HumanU2FTokenBeginLoginType = u2fEventPrefix + "begin.login"
HumanU2FTokenCheckSucceededType = u2fEventPrefix + "check.succeeded"
HumanU2FTokenCheckFailedType = u2fEventPrefix + "check.failed"
)
type HumanU2FAddedEvent struct {
HumanWebAuthNAddedEvent
}
func NewHumanU2FAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID,
challenge string,
rpID string,
) *HumanU2FAddedEvent {
return &HumanU2FAddedEvent{
HumanWebAuthNAddedEvent: *NewHumanWebAuthNAddedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenAddedType,
),
webAuthNTokenID,
challenge,
rpID,
),
}
}
func HumanU2FAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNAddedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FAddedEvent{HumanWebAuthNAddedEvent: *e.(*HumanWebAuthNAddedEvent)}, nil
}
type HumanU2FVerifiedEvent struct {
HumanWebAuthNVerifiedEvent
}
func NewHumanU2FVerifiedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID,
webAuthNTokenName,
attestationType string,
keyID,
publicKey,
aaguid []byte,
signCount uint32,
userAgentID string,
) *HumanU2FVerifiedEvent {
return &HumanU2FVerifiedEvent{
HumanWebAuthNVerifiedEvent: *NewHumanWebAuthNVerifiedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenVerifiedType,
),
webAuthNTokenID,
webAuthNTokenName,
attestationType,
keyID,
publicKey,
aaguid,
signCount,
userAgentID,
),
}
}
func HumanU2FVerifiedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNVerifiedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FVerifiedEvent{HumanWebAuthNVerifiedEvent: *e.(*HumanWebAuthNVerifiedEvent)}, nil
}
type HumanU2FSignCountChangedEvent struct {
HumanWebAuthNSignCountChangedEvent
}
func NewHumanU2FSignCountChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID string,
signCount uint32,
) *HumanU2FSignCountChangedEvent {
return &HumanU2FSignCountChangedEvent{
HumanWebAuthNSignCountChangedEvent: *NewHumanWebAuthNSignCountChangedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenSignCountChangedType,
),
webAuthNTokenID,
signCount,
),
}
}
func HumanU2FSignCountChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNSignCountChangedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FSignCountChangedEvent{HumanWebAuthNSignCountChangedEvent: *e.(*HumanWebAuthNSignCountChangedEvent)}, nil
}
type HumanU2FRemovedEvent struct {
HumanWebAuthNRemovedEvent
}
func PrepareHumanU2FRemovedEvent(ctx context.Context, webAuthNTokenID string) func(*eventstore.Aggregate) eventstore.Command {
return func(a *eventstore.Aggregate) eventstore.Command {
return NewHumanU2FRemovedEvent(ctx, a, webAuthNTokenID)
}
}
func NewHumanU2FRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
webAuthNTokenID string,
) *HumanU2FRemovedEvent {
return &HumanU2FRemovedEvent{
HumanWebAuthNRemovedEvent: *NewHumanWebAuthNRemovedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenRemovedType,
),
webAuthNTokenID,
),
}
}
func HumanU2FRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNRemovedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FRemovedEvent{HumanWebAuthNRemovedEvent: *e.(*HumanWebAuthNRemovedEvent)}, nil
}
type HumanU2FBeginLoginEvent struct {
HumanWebAuthNBeginLoginEvent
}
func NewHumanU2FBeginLoginEvent(ctx context.Context, aggregate *eventstore.Aggregate, challenge string, allowedCredentialIDs [][]byte, userVerification domain.UserVerificationRequirement, info *AuthRequestInfo) *HumanU2FBeginLoginEvent {
return &HumanU2FBeginLoginEvent{
HumanWebAuthNBeginLoginEvent: *NewHumanWebAuthNBeginLoginEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenBeginLoginType,
),
challenge,
allowedCredentialIDs,
userVerification,
info,
),
}
}
func HumanU2FBeginLoginEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNBeginLoginEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FBeginLoginEvent{HumanWebAuthNBeginLoginEvent: *e.(*HumanWebAuthNBeginLoginEvent)}, nil
}
type HumanU2FCheckSucceededEvent struct {
HumanWebAuthNCheckSucceededEvent
}
func NewHumanU2FCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo) *HumanU2FCheckSucceededEvent {
return &HumanU2FCheckSucceededEvent{
HumanWebAuthNCheckSucceededEvent: *NewHumanWebAuthNCheckSucceededEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenCheckSucceededType,
),
info,
),
}
}
func HumanU2FCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNCheckSucceededEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FCheckSucceededEvent{HumanWebAuthNCheckSucceededEvent: *e.(*HumanWebAuthNCheckSucceededEvent)}, nil
}
type HumanU2FCheckFailedEvent struct {
HumanWebAuthNCheckFailedEvent
}
func NewHumanU2FCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo) *HumanU2FCheckFailedEvent {
return &HumanU2FCheckFailedEvent{
HumanWebAuthNCheckFailedEvent: *NewHumanWebAuthNCheckFailedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanU2FTokenCheckFailedType,
),
info,
),
}
}
func HumanU2FCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := HumanWebAuthNCheckFailedEventMapper(event)
if err != nil {
return nil, err
}
return &HumanU2FCheckFailedEvent{HumanWebAuthNCheckFailedEvent: *e.(*HumanWebAuthNCheckFailedEvent)}, nil
}

282
apps/api/internal/repository/user/human_mfa_web_auth_n.go Normal file
View File

@@ -0,0 +1,282 @@
package user
import (
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
type HumanWebAuthNAddedEvent struct {
eventstore.BaseEvent `json:"-"`
WebAuthNTokenID string `json:"webAuthNTokenId"`
Challenge string `json:"challenge"`
RPID string `json:"rpID,omitempty"`
}
func (e *HumanWebAuthNAddedEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNAddedEvent(
base *eventstore.BaseEvent,
webAuthNTokenID,
challenge string,
rpID string,
) *HumanWebAuthNAddedEvent {
return &HumanWebAuthNAddedEvent{
BaseEvent: *base,
WebAuthNTokenID: webAuthNTokenID,
Challenge: challenge,
RPID: rpID,
}
}
func HumanWebAuthNAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanWebAuthNAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-tB8sf", "unable to unmarshal human webAuthN added")
}
return webAuthNAdded, nil
}
type HumanWebAuthNVerifiedEvent struct {
eventstore.BaseEvent `json:"-"`
WebAuthNTokenID string `json:"webAuthNTokenId"`
KeyID []byte `json:"keyId"`
PublicKey []byte `json:"publicKey"`
AttestationType string `json:"attestationType"`
AAGUID []byte `json:"aaguid"`
SignCount uint32 `json:"signCount"`
WebAuthNTokenName string `json:"webAuthNTokenName"`
UserAgentID string `json:"userAgentID,omitempty"`
}
func (e *HumanWebAuthNVerifiedEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNVerifiedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNVerifiedEvent(
base *eventstore.BaseEvent,
webAuthNTokenID,
webAuthNTokenName,
attestationType string,
keyID,
publicKey,
aaguid []byte,
signCount uint32,
userAgentID string,
) *HumanWebAuthNVerifiedEvent {
return &HumanWebAuthNVerifiedEvent{
BaseEvent: *base,
WebAuthNTokenID: webAuthNTokenID,
KeyID: keyID,
PublicKey: publicKey,
AttestationType: attestationType,
AAGUID: aaguid,
SignCount: signCount,
WebAuthNTokenName: webAuthNTokenName,
UserAgentID: userAgentID,
}
}
func HumanWebAuthNVerifiedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webauthNVerified := &HumanWebAuthNVerifiedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webauthNVerified)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-B0zDs", "unable to unmarshal human webAuthN verified")
}
return webauthNVerified, nil
}
type HumanWebAuthNSignCountChangedEvent struct {
eventstore.BaseEvent `json:"-"`
WebAuthNTokenID string `json:"webAuthNTokenId"`
SignCount uint32 `json:"signCount"`
}
func (e *HumanWebAuthNSignCountChangedEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNSignCountChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNSignCountChangedEvent(
base *eventstore.BaseEvent,
webAuthNTokenID string,
signCount uint32,
) *HumanWebAuthNSignCountChangedEvent {
return &HumanWebAuthNSignCountChangedEvent{
BaseEvent: *base,
WebAuthNTokenID: webAuthNTokenID,
SignCount: signCount,
}
}
func HumanWebAuthNSignCountChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webauthNVerified := &HumanWebAuthNSignCountChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webauthNVerified)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-5Gm0s", "unable to unmarshal human webAuthN sign count")
}
return webauthNVerified, nil
}
type HumanWebAuthNRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
WebAuthNTokenID string `json:"webAuthNTokenId"`
State domain.MFAState `json:"-"`
}
func (e *HumanWebAuthNRemovedEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNRemovedEvent(
base *eventstore.BaseEvent,
webAuthNTokenID string,
) *HumanWebAuthNRemovedEvent {
return &HumanWebAuthNRemovedEvent{
BaseEvent: *base,
WebAuthNTokenID: webAuthNTokenID,
}
}
func HumanWebAuthNRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webauthNVerified := &HumanWebAuthNRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webauthNVerified)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-gM9sd", "unable to unmarshal human webAuthN token removed")
}
return webauthNVerified, nil
}
type HumanWebAuthNBeginLoginEvent struct {
eventstore.BaseEvent `json:"-"`
Challenge string `json:"challenge"`
AllowedCredentialIDs [][]byte `json:"allowedCredentialIDs"`
UserVerification domain.UserVerificationRequirement `json:"userVerification"`
*AuthRequestInfo
}
func (e *HumanWebAuthNBeginLoginEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNBeginLoginEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNBeginLoginEvent(base *eventstore.BaseEvent, challenge string, allowedCredentialIDs [][]byte, userVerification domain.UserVerificationRequirement, info *AuthRequestInfo) *HumanWebAuthNBeginLoginEvent {
return &HumanWebAuthNBeginLoginEvent{
BaseEvent: *base,
Challenge: challenge,
AllowedCredentialIDs: allowedCredentialIDs,
UserVerification: userVerification,
AuthRequestInfo: info,
}
}
func HumanWebAuthNBeginLoginEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanWebAuthNBeginLoginEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-rMb8x", "unable to unmarshal human webAuthN begin login")
}
return webAuthNAdded, nil
}
type HumanWebAuthNCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanWebAuthNCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNCheckSucceededEvent(
base *eventstore.BaseEvent,
info *AuthRequestInfo) *HumanWebAuthNCheckSucceededEvent {
return &HumanWebAuthNCheckSucceededEvent{
BaseEvent: *base,
AuthRequestInfo: info,
}
}
func HumanWebAuthNCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanWebAuthNCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-2M0fg", "unable to unmarshal human webAuthN check succeeded")
}
return webAuthNAdded, nil
}
type HumanWebAuthNCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanWebAuthNCheckFailedEvent) Payload() interface{} {
return e
}
func (e *HumanWebAuthNCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanWebAuthNCheckFailedEvent(
base *eventstore.BaseEvent,
info *AuthRequestInfo) *HumanWebAuthNCheckFailedEvent {
return &HumanWebAuthNCheckFailedEvent{
BaseEvent: *base,
AuthRequestInfo: info,
}
}
func HumanWebAuthNCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
webAuthNAdded := &HumanWebAuthNCheckFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(webAuthNAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-O0dse", "unable to unmarshal human webAuthN check failed")
}
return webAuthNAdded, nil
}

337
apps/api/internal/repository/user/human_password.go Normal file
View File

@@ -0,0 +1,337 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/notification/senders"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
passwordEventPrefix = humanEventPrefix + "password."
HumanPasswordChangedType = passwordEventPrefix + "changed"
HumanPasswordChangeSentType = passwordEventPrefix + "change.sent"
HumanPasswordCodeAddedType = passwordEventPrefix + "code.added"
HumanPasswordCodeSentType = passwordEventPrefix + "code.sent"
HumanPasswordCheckSucceededType = passwordEventPrefix + "check.succeeded"
HumanPasswordCheckFailedType = passwordEventPrefix + "check.failed"
HumanPasswordHashUpdatedType = passwordEventPrefix + "hash.updated"
)
type HumanPasswordChangedEvent struct {
eventstore.BaseEvent `json:"-"`
// New events only use EncodedHash. However, the secret field
// is preserved to handle events older than the switch to Passwap.
Secret *crypto.CryptoValue `json:"secret,omitempty"`
EncodedHash string `json:"encodedHash,omitempty"`
ChangeRequired bool `json:"changeRequired"`
UserAgentID string `json:"userAgentID,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
}
func (e *HumanPasswordChangedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanPasswordChangedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanPasswordChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
encodeHash string,
changeRequired bool,
userAgentID string,
) *HumanPasswordChangedEvent {
return &HumanPasswordChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordChangedType,
),
EncodedHash: encodeHash,
ChangeRequired: changeRequired,
UserAgentID: userAgentID,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
func HumanPasswordChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanAdded := &HumanPasswordChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-4M0sd", "unable to unmarshal human password changed")
}
return humanAdded, nil
}
type HumanPasswordCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
NotificationType domain.NotificationType `json:"notificationType,omitempty"`
URLTemplate string `json:"url_template,omitempty"`
CodeReturned bool `json:"code_returned,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
// AuthRequest is only used in V1 Login UI
AuthRequestID string `json:"authRequestID,omitempty"`
GeneratorID string `json:"generatorId,omitempty"`
}
func (e *HumanPasswordCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanPasswordCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanPasswordCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
notificationType domain.NotificationType,
authRequestID,
generatorID string,
) *HumanPasswordCodeAddedEvent {
return &HumanPasswordCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordCodeAddedType,
),
Code: code,
Expiry: expiry,
NotificationType: notificationType,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
AuthRequestID: authRequestID,
GeneratorID: generatorID,
}
}
func NewHumanPasswordCodeAddedEventV2(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
notificationType domain.NotificationType,
urlTemplate string,
codeReturned bool,
generatorID string,
) *HumanPasswordCodeAddedEvent {
return &HumanPasswordCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordCodeAddedType,
),
Code: code,
Expiry: expiry,
NotificationType: notificationType,
URLTemplate: urlTemplate,
CodeReturned: codeReturned,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
GeneratorID: generatorID,
}
}
func HumanPasswordCodeAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanAdded := &HumanPasswordCodeAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Ms90d", "unable to unmarshal human password code added")
}
return humanAdded, nil
}
type HumanPasswordCodeSentEvent struct {
*eventstore.BaseEvent `json:"-"`
GeneratorInfo *senders.CodeGeneratorInfo `json:"generatorInfo,omitempty"`
}
func (e *HumanPasswordCodeSentEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *HumanPasswordCodeSentEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate, generatorInfo *senders.CodeGeneratorInfo) *HumanPasswordCodeSentEvent {
return &HumanPasswordCodeSentEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordCodeSentType,
),
GeneratorInfo: generatorInfo,
}
}
type HumanPasswordChangeSentEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanPasswordChangeSentEvent) Payload() interface{} {
return nil
}
func (e *HumanPasswordChangeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordChangeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanPasswordChangeSentEvent {
return &HumanPasswordChangeSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordChangeSentType,
),
}
}
func HumanPasswordChangeSentEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanPasswordChangeSentEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanPasswordCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanPasswordCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanPasswordCheckSucceededEvent {
return &HumanPasswordCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordCheckSucceededType,
),
AuthRequestInfo: info,
}
}
func HumanPasswordCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanAdded := &HumanPasswordCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-5M9sd", "unable to unmarshal human password check succeeded")
}
return humanAdded, nil
}
type HumanPasswordCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
*AuthRequestInfo
}
func (e *HumanPasswordCheckFailedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPasswordCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
info *AuthRequestInfo,
) *HumanPasswordCheckFailedEvent {
return &HumanPasswordCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordCheckFailedType,
),
AuthRequestInfo: info,
}
}
func HumanPasswordCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
humanAdded := &HumanPasswordCheckFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(humanAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-4m9fs", "unable to unmarshal human password check failed")
}
return humanAdded, nil
}
type HumanPasswordHashUpdatedEvent struct {
eventstore.BaseEvent `json:"-"`
EncodedHash string `json:"encodedHash,omitempty"`
}
func (e *HumanPasswordHashUpdatedEvent) Payload() interface{} {
return e
}
func (e *HumanPasswordHashUpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanPasswordHashUpdatedEvent) SetBaseEvent(base *eventstore.BaseEvent) {
e.BaseEvent = *base
}
func NewHumanPasswordHashUpdatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
encoded string,
) *HumanPasswordHashUpdatedEvent {
return &HumanPasswordHashUpdatedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPasswordHashUpdatedType,
),
EncodedHash: encoded,
}
}

242
apps/api/internal/repository/user/human_phone.go Normal file
View File

@@ -0,0 +1,242 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/notification/senders"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
phoneEventPrefix = humanEventPrefix + "phone."
HumanPhoneChangedType = phoneEventPrefix + "changed"
HumanPhoneRemovedType = phoneEventPrefix + "removed"
HumanPhoneVerifiedType = phoneEventPrefix + "verified"
HumanPhoneVerificationFailedType = phoneEventPrefix + "verification.failed"
HumanPhoneCodeAddedType = phoneEventPrefix + "code.added"
HumanPhoneCodeSentType = phoneEventPrefix + "code.sent"
)
type HumanPhoneChangedEvent struct {
eventstore.BaseEvent `json:"-"`
PhoneNumber domain.PhoneNumber `json:"phone,omitempty"`
}
func (e *HumanPhoneChangedEvent) Payload() interface{} {
return e
}
func (e *HumanPhoneChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPhoneChangedEvent(ctx context.Context, aggregate *eventstore.Aggregate, phone domain.PhoneNumber) *HumanPhoneChangedEvent {
return &HumanPhoneChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPhoneChangedType,
),
PhoneNumber: phone,
}
}
func HumanPhoneChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
phoneChangedEvent := &HumanPhoneChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(phoneChangedEvent)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-5M0pd", "unable to unmarshal human phone changed")
}
return phoneChangedEvent, nil
}
type HumanPhoneRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanPhoneRemovedEvent) Payload() interface{} {
return nil
}
func (e *HumanPhoneRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPhoneRemovedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanPhoneRemovedEvent {
return &HumanPhoneRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPhoneRemovedType,
),
}
}
func HumanPhoneRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanPhoneRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanPhoneVerifiedEvent struct {
eventstore.BaseEvent `json:"-"`
IsPhoneVerified bool `json:"-"`
}
func (e *HumanPhoneVerifiedEvent) Payload() interface{} {
return nil
}
func (e *HumanPhoneVerifiedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPhoneVerifiedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanPhoneVerifiedEvent {
return &HumanPhoneVerifiedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPhoneVerifiedType,
),
}
}
func HumanPhoneVerifiedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanPhoneVerifiedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
IsPhoneVerified: true,
}, nil
}
type HumanPhoneVerificationFailedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *HumanPhoneVerificationFailedEvent) Payload() interface{} {
return nil
}
func (e *HumanPhoneVerificationFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPhoneVerificationFailedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *HumanPhoneVerificationFailedEvent {
return &HumanPhoneVerificationFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPhoneVerificationFailedType,
),
}
}
func HumanPhoneVerificationFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &HumanPhoneVerificationFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type HumanPhoneCodeAddedEvent struct {
eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
CodeReturned bool `json:"code_returned,omitempty"`
GeneratorID string `json:"generatorId,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
}
func (e *HumanPhoneCodeAddedEvent) Payload() interface{} {
return e
}
func (e *HumanPhoneCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanPhoneCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewHumanPhoneCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
generatorID string,
) *HumanPhoneCodeAddedEvent {
return NewHumanPhoneCodeAddedEventV2(ctx, aggregate, code, expiry, false, generatorID)
}
func NewHumanPhoneCodeAddedEventV2(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
codeReturned bool,
generatorID string,
) *HumanPhoneCodeAddedEvent {
return &HumanPhoneCodeAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPhoneCodeAddedType,
),
Code: code,
Expiry: expiry,
CodeReturned: codeReturned,
GeneratorID: generatorID,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
func HumanPhoneCodeAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
codeAdded := &HumanPhoneCodeAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(codeAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-6Ms9d", "unable to unmarshal human phone code added")
}
return codeAdded, nil
}
type HumanPhoneCodeSentEvent struct {
*eventstore.BaseEvent `json:"-"`
GeneratorInfo *senders.CodeGeneratorInfo `json:"generatorInfo,omitempty"`
}
func (e *HumanPhoneCodeSentEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *HumanPhoneCodeSentEvent) Payload() interface{} {
return e
}
func (e *HumanPhoneCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanPhoneCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate, generatorInfo *senders.CodeGeneratorInfo) *HumanPhoneCodeSentEvent {
return &HumanPhoneCodeSentEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanPhoneCodeSentType,
),
GeneratorInfo: generatorInfo,
}
}

106
apps/api/internal/repository/user/human_profile.go Normal file
View File

@@ -0,0 +1,106 @@
package user
import (
"context"
"golang.org/x/text/language"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
profileEventPrefix = humanEventPrefix + "profile."
HumanProfileChangedType = profileEventPrefix + "changed"
)
type HumanProfileChangedEvent struct {
eventstore.BaseEvent `json:"-"`
FirstName string `json:"firstName,omitempty"`
LastName string `json:"lastName,omitempty"`
NickName *string `json:"nickName,omitempty"`
DisplayName *string `json:"displayName,omitempty"`
PreferredLanguage *language.Tag `json:"preferredLanguage,omitempty"`
Gender *domain.Gender `json:"gender,omitempty"`
}
func (e *HumanProfileChangedEvent) Payload() interface{} {
return e
}
func (e *HumanProfileChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewHumanProfileChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
changes []ProfileChanges,
) (*HumanProfileChangedEvent, error) {
if len(changes) == 0 {
return nil, zerrors.ThrowPreconditionFailed(nil, "USER-33n8F", "Errors.NoChangesFound")
}
changeEvent := &HumanProfileChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanProfileChangedType,
),
}
for _, change := range changes {
change(changeEvent)
}
return changeEvent, nil
}
type ProfileChanges func(event *HumanProfileChangedEvent)
func ChangeFirstName(firstName string) func(event *HumanProfileChangedEvent) {
return func(e *HumanProfileChangedEvent) {
e.FirstName = firstName
}
}
func ChangeLastName(lastName string) func(event *HumanProfileChangedEvent) {
return func(e *HumanProfileChangedEvent) {
e.LastName = lastName
}
}
func ChangeNickName(nickName string) func(event *HumanProfileChangedEvent) {
return func(e *HumanProfileChangedEvent) {
e.NickName = &nickName
}
}
func ChangeDisplayName(displayName string) func(event *HumanProfileChangedEvent) {
return func(e *HumanProfileChangedEvent) {
e.DisplayName = &displayName
}
}
func ChangePreferredLanguage(language language.Tag) func(event *HumanProfileChangedEvent) {
return func(e *HumanProfileChangedEvent) {
e.PreferredLanguage = &language
}
}
func ChangeGender(gender domain.Gender) func(event *HumanProfileChangedEvent) {
return func(e *HumanProfileChangedEvent) {
e.Gender = &gender
}
}
func HumanProfileChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
profileChanged := &HumanProfileChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(profileChanged)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-5M0pd", "unable to unmarshal human profile changed")
}
return profileChanged, nil
}

188
apps/api/internal/repository/user/human_refresh_token.go Normal file
View File

@@ -0,0 +1,188 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
refreshTokenEventPrefix = humanEventPrefix + "refresh.token."
HumanRefreshTokenAddedType = refreshTokenEventPrefix + "added"
HumanRefreshTokenRenewedType = refreshTokenEventPrefix + "renewed"
HumanRefreshTokenRemovedType = refreshTokenEventPrefix + "removed"
)
type HumanRefreshTokenAddedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId"`
ClientID string `json:"clientId"`
UserAgentID string `json:"userAgentId"`
Audience []string `json:"audience"`
Scopes []string `json:"scopes"`
AuthMethodsReferences []string `json:"authMethodReferences"`
AuthTime time.Time `json:"authTime"`
IdleExpiration time.Duration `json:"idleExpiration"`
Expiration time.Duration `json:"expiration"`
PreferredLanguage string `json:"preferredLanguage"`
Actor *domain.TokenActor `json:"actor,omitempty"`
}
func (e *HumanRefreshTokenAddedEvent) Payload() interface{} {
return e
}
func (e *HumanRefreshTokenAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanRefreshTokenAddedEvent) Assets() []*eventstore.Asset {
return nil
}
func NewHumanRefreshTokenAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID,
clientID,
userAgentID,
preferredLanguage string,
audience,
scopes,
authMethodsReferences []string,
authTime time.Time,
idleExpiration,
expiration time.Duration,
actor *domain.TokenActor,
) *HumanRefreshTokenAddedEvent {
return &HumanRefreshTokenAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanRefreshTokenAddedType,
),
TokenID: tokenID,
ClientID: clientID,
UserAgentID: userAgentID,
Audience: audience,
Scopes: scopes,
AuthMethodsReferences: authMethodsReferences,
AuthTime: authTime,
IdleExpiration: idleExpiration,
Expiration: expiration,
PreferredLanguage: preferredLanguage,
Actor: actor,
}
}
func HumanRefreshTokenAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
refreshTokenAdded := &HumanRefreshTokenAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(refreshTokenAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-DGr14", "unable to unmarshal refresh token added")
}
return refreshTokenAdded, nil
}
type HumanRefreshTokenRenewedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId"`
RefreshToken string `json:"refreshToken"`
IdleExpiration time.Duration `json:"idleExpiration"`
}
func (e *HumanRefreshTokenRenewedEvent) Payload() interface{} {
return e
}
func (e *HumanRefreshTokenRenewedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanRefreshTokenRenewedEvent) Assets() []*eventstore.Asset {
return nil
}
func NewHumanRefreshTokenRenewedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID,
refreshToken string,
idleExpiration time.Duration,
) *HumanRefreshTokenRenewedEvent {
return &HumanRefreshTokenRenewedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanRefreshTokenRenewedType,
),
TokenID: tokenID,
IdleExpiration: idleExpiration,
RefreshToken: refreshToken,
}
}
func HumanRefreshTokenRenewedEventEventMapper(event eventstore.Event) (eventstore.Event, error) {
tokenAdded := &HumanRefreshTokenRenewedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(tokenAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-GBt21", "unable to unmarshal refresh token renewed")
}
return tokenAdded, nil
}
type HumanRefreshTokenRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId"`
}
func (e *HumanRefreshTokenRemovedEvent) Payload() interface{} {
return e
}
func (e *HumanRefreshTokenRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *HumanRefreshTokenRemovedEvent) Assets() []*eventstore.Asset {
return nil
}
func NewHumanRefreshTokenRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID string,
) *HumanRefreshTokenRemovedEvent {
return &HumanRefreshTokenRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
HumanRefreshTokenRemovedType,
),
TokenID: tokenID,
}
}
func HumanRefreshTokenRemovedEventEventMapper(event eventstore.Event) (eventstore.Event, error) {
tokenAdded := &HumanRefreshTokenRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(tokenAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Dggs2", "unable to unmarshal refresh token removed")
}
return tokenAdded, nil
}

135
apps/api/internal/repository/user/machine.go Normal file
View File

@@ -0,0 +1,135 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
machineEventPrefix = userEventTypePrefix + "machine."
MachineAddedEventType = machineEventPrefix + "added"
MachineChangedEventType = machineEventPrefix + "changed"
)
type MachineAddedEvent struct {
eventstore.BaseEvent `json:"-"`
UserName string `json:"userName"`
orgScopedUsername bool
Name string `json:"name,omitempty"`
Description string `json:"description,omitempty"`
AccessTokenType domain.OIDCTokenType `json:"accessTokenType,omitempty"`
}
func (e *MachineAddedEvent) Payload() interface{} {
return e
}
func (e *MachineAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewAddUsernameUniqueConstraint(e.UserName, e.Aggregate().ResourceOwner, e.orgScopedUsername)}
}
func NewMachineAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userName,
name,
description string,
orgScopedUsername bool,
accessTokenType domain.OIDCTokenType,
) *MachineAddedEvent {
return &MachineAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineAddedEventType,
),
UserName: userName,
Name: name,
Description: description,
orgScopedUsername: orgScopedUsername,
AccessTokenType: accessTokenType,
}
}
func MachineAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
machineAdded := &MachineAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(machineAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-tMv9s", "unable to unmarshal machine added")
}
return machineAdded, nil
}
type MachineChangedEvent struct {
eventstore.BaseEvent `json:"-"`
Name *string `json:"name,omitempty"`
Description *string `json:"description,omitempty"`
AccessTokenType *domain.OIDCTokenType `json:"accessTokenType,omitempty"`
}
func (e *MachineChangedEvent) Payload() interface{} {
return e
}
func (e *MachineChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
changes []MachineChanges,
) *MachineChangedEvent {
changeEvent := &MachineChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineChangedEventType,
),
}
for _, change := range changes {
change(changeEvent)
}
return changeEvent
}
type MachineChanges func(event *MachineChangedEvent)
func ChangeName(name string) func(event *MachineChangedEvent) {
return func(e *MachineChangedEvent) {
e.Name = &name
}
}
func ChangeDescription(description string) func(event *MachineChangedEvent) {
return func(e *MachineChangedEvent) {
e.Description = &description
}
}
func ChangeAccessTokenType(accessTokenType domain.OIDCTokenType) func(event *MachineChangedEvent) {
return func(e *MachineChangedEvent) {
e.AccessTokenType = &accessTokenType
}
}
func MachineChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
machineChanged := &MachineChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(machineChanged)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-4M9ds", "unable to unmarshal machine changed")
}
return machineChanged, nil
}

114
apps/api/internal/repository/user/machine_key.go Normal file
View File

@@ -0,0 +1,114 @@
package user
import (
"context"
"encoding/json"
"time"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
machineKeyEventPrefix = machineEventPrefix + "key."
MachineKeyAddedEventType = machineKeyEventPrefix + "added"
MachineKeyRemovedEventType = machineKeyEventPrefix + "removed"
)
type MachineKeyAddedEvent struct {
eventstore.BaseEvent `json:"-"`
KeyID string `json:"keyId,omitempty"`
KeyType domain.AuthNKeyType `json:"type,omitempty"`
ExpirationDate time.Time `json:"expirationDate,omitempty"`
PublicKey []byte `json:"publicKey,omitempty"`
}
func (e *MachineKeyAddedEvent) Payload() interface{} {
return e
}
func (e *MachineKeyAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineKeyAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
keyID string,
keyType domain.AuthNKeyType,
expirationDate time.Time,
publicKey []byte,
) *MachineKeyAddedEvent {
return &MachineKeyAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineKeyAddedEventType,
),
KeyID: keyID,
KeyType: keyType,
ExpirationDate: expirationDate,
PublicKey: publicKey,
}
}
func MachineKeyAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
machineKeyAdded := &MachineKeyAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(machineKeyAdded)
if err != nil {
// first events had wrong payload.
// the keys were removed later, that's why we ignore them here.
//nolint:errorlint
if unwrapErr, ok := err.(*json.UnmarshalTypeError); ok && unwrapErr.Field == "publicKey" {
return machineKeyAdded, nil
}
return nil, zerrors.ThrowInternal(err, "USER-p0ovS", "unable to unmarshal machine key added")
}
return machineKeyAdded, nil
}
type MachineKeyRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
KeyID string `json:"keyId,omitempty"`
}
func (e *MachineKeyRemovedEvent) Payload() interface{} {
return e
}
func (e *MachineKeyRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineKeyRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
keyID string,
) *MachineKeyRemovedEvent {
return &MachineKeyRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineKeyRemovedEventType,
),
KeyID: keyID,
}
}
func MachineKeyRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
machineRemoved := &MachineKeyRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(machineRemoved)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-5Gm9s", "unable to unmarshal machine key removed")
}
return machineRemoved, nil
}

205
apps/api/internal/repository/user/machine_secret.go Normal file
View File

@@ -0,0 +1,205 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
machineSecretPrefix = machineEventPrefix + "secret."
MachineSecretSetType = machineSecretPrefix + "set"
MachineSecretHashUpdatedType = machineSecretPrefix + "updated"
MachineSecretRemovedType = machineSecretPrefix + "removed"
MachineSecretCheckSucceededType = machineSecretPrefix + "check.succeeded"
MachineSecretCheckFailedType = machineSecretPrefix + "check.failed"
)
type MachineSecretSetEvent struct {
eventstore.BaseEvent `json:"-"`
// New events only use EncodedHash. However, the ClientSecret field
// is preserved to handle events older than the switch to Passwap.
ClientSecret *crypto.CryptoValue `json:"clientSecret,omitempty"`
HashedSecret string `json:"hashedSecret,omitempty"`
}
func (e *MachineSecretSetEvent) Payload() interface{} {
return e
}
func (e *MachineSecretSetEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineSecretSetEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
hashedSecret string,
) *MachineSecretSetEvent {
return &MachineSecretSetEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineSecretSetType,
),
HashedSecret: hashedSecret,
}
}
func MachineSecretSetEventMapper(event eventstore.Event) (eventstore.Event, error) {
credentialsSet := &MachineSecretSetEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(credentialsSet)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-lopbqu", "unable to unmarshal machine secret set")
}
return credentialsSet, nil
}
type MachineSecretRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *MachineSecretRemovedEvent) Payload() interface{} {
return e
}
func (e *MachineSecretRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineSecretRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *MachineSecretRemovedEvent {
return &MachineSecretRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineSecretRemovedType,
),
}
}
func MachineSecretRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
credentialsRemoved := &MachineSecretRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(credentialsRemoved)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-quox9j2", "unable to unmarshal machine secret removed")
}
return credentialsRemoved, nil
}
type MachineSecretCheckSucceededEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *MachineSecretCheckSucceededEvent) Payload() interface{} {
return e
}
func (e *MachineSecretCheckSucceededEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineSecretCheckSucceededEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *MachineSecretCheckSucceededEvent {
return &MachineSecretCheckSucceededEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineSecretCheckSucceededType,
),
}
}
func MachineSecretCheckSucceededEventMapper(event eventstore.Event) (eventstore.Event, error) {
check := &MachineSecretCheckSucceededEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(check)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-x002n1p", "unable to unmarshal machine secret check succeeded")
}
return check, nil
}
type MachineSecretCheckFailedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *MachineSecretCheckFailedEvent) Payload() interface{} {
return e
}
func (e *MachineSecretCheckFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewMachineSecretCheckFailedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *MachineSecretCheckFailedEvent {
return &MachineSecretCheckFailedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineSecretCheckFailedType,
),
}
}
func MachineSecretCheckFailedEventMapper(event eventstore.Event) (eventstore.Event, error) {
check := &MachineSecretCheckFailedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(check)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-x7901b1l", "unable to unmarshal machine secret check failed")
}
return check, nil
}
type MachineSecretHashUpdatedEvent struct {
*eventstore.BaseEvent `json:"-"`
HashedSecret string `json:"hashedSecret,omitempty"`
}
func NewMachineSecretHashUpdatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
encoded string,
) *MachineSecretHashUpdatedEvent {
return &MachineSecretHashUpdatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
MachineSecretHashUpdatedType,
),
HashedSecret: encoded,
}
}
func (e *MachineSecretHashUpdatedEvent) SetBaseEvent(b *eventstore.BaseEvent) {
e.BaseEvent = b
}
func (e *MachineSecretHashUpdatedEvent) Payload() interface{} {
return e
}
func (e *MachineSecretHashUpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}

87
apps/api/internal/repository/user/metadata.go Normal file
View File

@@ -0,0 +1,87 @@
package user
import (
"context"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/repository/metadata"
)
const (
MetadataSetType = userEventTypePrefix + metadata.SetEventType
MetadataRemovedType = userEventTypePrefix + metadata.RemovedEventType
MetadataRemovedAllType = userEventTypePrefix + metadata.RemovedAllEventType
)
type MetadataSetEvent struct {
metadata.SetEvent
}
func NewMetadataSetEvent(ctx context.Context, aggregate *eventstore.Aggregate, key string, value []byte) *MetadataSetEvent {
return &MetadataSetEvent{
SetEvent: *metadata.NewSetEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
MetadataSetType),
key,
value),
}
}
func MetadataSetEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := metadata.SetEventMapper(event)
if err != nil {
return nil, err
}
return &MetadataSetEvent{SetEvent: *e.(*metadata.SetEvent)}, nil
}
type MetadataRemovedEvent struct {
metadata.RemovedEvent
}
func NewMetadataRemovedEvent(ctx context.Context, aggregate *eventstore.Aggregate, key string) *MetadataRemovedEvent {
return &MetadataRemovedEvent{
RemovedEvent: *metadata.NewRemovedEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
MetadataRemovedType),
key),
}
}
func MetadataRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := metadata.RemovedEventMapper(event)
if err != nil {
return nil, err
}
return &MetadataRemovedEvent{RemovedEvent: *e.(*metadata.RemovedEvent)}, nil
}
type MetadataRemovedAllEvent struct {
metadata.RemovedAllEvent
}
func NewMetadataRemovedAllEvent(ctx context.Context, aggregate *eventstore.Aggregate) *MetadataRemovedAllEvent {
return &MetadataRemovedAllEvent{
RemovedAllEvent: *metadata.NewRemovedAllEvent(
eventstore.NewBaseEventForPush(
ctx,
aggregate,
MetadataRemovedAllType),
),
}
}
func MetadataRemovedAllEventMapper(event eventstore.Event) (eventstore.Event, error) {
e, err := metadata.RemovedAllEventMapper(event)
if err != nil {
return nil, err
}
return &MetadataRemovedAllEvent{RemovedAllEvent: *e.(*metadata.RemovedAllEvent)}, nil
}

103
apps/api/internal/repository/user/personal_access_token.go Normal file
View File

@@ -0,0 +1,103 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
personalAccessTokenEventPrefix = userEventTypePrefix + "pat."
PersonalAccessTokenAddedType = personalAccessTokenEventPrefix + "added"
PersonalAccessTokenRemovedType = personalAccessTokenEventPrefix + "removed"
)
type PersonalAccessTokenAddedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId"`
Expiration time.Time `json:"expiration"`
Scopes []string `json:"scopes"`
}
func (e *PersonalAccessTokenAddedEvent) Payload() interface{} {
return e
}
func (e *PersonalAccessTokenAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewPersonalAccessTokenAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID string,
expiration time.Time,
scopes []string,
) *PersonalAccessTokenAddedEvent {
return &PersonalAccessTokenAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
PersonalAccessTokenAddedType,
),
TokenID: tokenID,
Expiration: expiration,
Scopes: scopes,
}
}
func PersonalAccessTokenAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
tokenAdded := &PersonalAccessTokenAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(tokenAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Dbges", "unable to unmarshal token added")
}
return tokenAdded, nil
}
type PersonalAccessTokenRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId"`
}
func (e *PersonalAccessTokenRemovedEvent) Payload() interface{} {
return e
}
func (e *PersonalAccessTokenRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewPersonalAccessTokenRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID string,
) *PersonalAccessTokenRemovedEvent {
return &PersonalAccessTokenRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
PersonalAccessTokenRemovedType,
),
TokenID: tokenID,
}
}
func PersonalAccessTokenRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
tokenRemoved := &PersonalAccessTokenRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(tokenRemoved)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-Dbneg", "unable to unmarshal token removed")
}
return tokenRemoved, nil
}

25
apps/api/internal/repository/user/schema/aggregate.go Normal file
View File

@@ -0,0 +1,25 @@
package schema
import (
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
AggregateType = "user_schema"
AggregateVersion = "v1"
)
type Aggregate struct {
eventstore.Aggregate
}
func NewAggregate(id, resourceOwner string) *Aggregate {
return &Aggregate{
Aggregate: eventstore.Aggregate{
Type: AggregateType,
Version: AggregateVersion,
ID: id,
ResourceOwner: resourceOwner,
},
}
}

11
apps/api/internal/repository/user/schema/eventstore.go Normal file
View File

@@ -0,0 +1,11 @@
package schema
import "github.com/zitadel/zitadel/internal/eventstore"
func init() {
eventstore.RegisterFilterEventMapper(AggregateType, CreatedType, eventstore.GenericEventMapper[CreatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UpdatedType, eventstore.GenericEventMapper[UpdatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, DeactivatedType, eventstore.GenericEventMapper[DeactivatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, ReactivatedType, eventstore.GenericEventMapper[ReactivatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, DeletedType, eventstore.GenericEventMapper[DeletedEvent])
}

244
apps/api/internal/repository/user/schema/schema.go Normal file
View File

@@ -0,0 +1,244 @@
package schema
import (
"context"
"encoding/json"
"github.com/muhlemmer/gu"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
eventPrefix = "user_schema."
CreatedType = eventPrefix + "created"
UpdatedType = eventPrefix + "updated"
DeactivatedType = eventPrefix + "deactivated"
ReactivatedType = eventPrefix + "reactivated"
DeletedType = eventPrefix + "deleted"
uniqueSchemaType = "user_schema_type"
)
func NewAddSchemaTypeUniqueConstraint(schemaType string) *eventstore.UniqueConstraint {
return eventstore.NewAddEventUniqueConstraint(
uniqueSchemaType,
schemaType,
"Errors.UserSchema.Type.AlreadyExists")
}
func NewRemoveSchemaTypeUniqueConstraint(schemaType string) *eventstore.UniqueConstraint {
return eventstore.NewRemoveUniqueConstraint(
uniqueSchemaType,
schemaType,
)
}
type CreatedEvent struct {
*eventstore.BaseEvent `json:"-"`
SchemaType string `json:"schemaType"`
Schema json.RawMessage `json:"schema,omitempty"`
PossibleAuthenticators []domain.AuthenticatorType `json:"possibleAuthenticators,omitempty"`
}
func (e *CreatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *CreatedEvent) Payload() interface{} {
return e
}
func (e *CreatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{NewAddSchemaTypeUniqueConstraint(e.SchemaType)}
}
func NewCreatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
schemaType string,
schema json.RawMessage,
possibleAuthenticators []domain.AuthenticatorType,
) *CreatedEvent {
return &CreatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
CreatedType,
),
SchemaType: schemaType,
Schema: schema,
PossibleAuthenticators: possibleAuthenticators,
}
}
type UpdatedEvent struct {
*eventstore.BaseEvent `json:"-"`
SchemaType *string `json:"schemaType,omitempty"`
Schema json.RawMessage `json:"schema,omitempty"`
PossibleAuthenticators []domain.AuthenticatorType `json:"possibleAuthenticators,omitempty"`
SchemaRevision *uint64 `json:"schemaRevision,omitempty"`
oldSchemaType string
oldRevision uint64
}
func (e *UpdatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *UpdatedEvent) Payload() interface{} {
return e
}
func (e *UpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
if e.oldSchemaType == "" {
return nil
}
return []*eventstore.UniqueConstraint{
NewRemoveSchemaTypeUniqueConstraint(e.oldSchemaType),
NewAddSchemaTypeUniqueConstraint(*e.SchemaType),
}
}
func NewUpdatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
changes []Changes,
) *UpdatedEvent {
updatedEvent := &UpdatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
UpdatedType,
),
}
for _, change := range changes {
change(updatedEvent)
}
return updatedEvent
}
type Changes func(event *UpdatedEvent)
func ChangeSchemaType(oldSchemaType, schemaType string) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.SchemaType = &schemaType
e.oldSchemaType = oldSchemaType
}
}
func ChangeSchema(schema json.RawMessage) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.Schema = schema
}
}
func ChangePossibleAuthenticators(possibleAuthenticators []domain.AuthenticatorType) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.PossibleAuthenticators = possibleAuthenticators
}
}
func IncreaseRevision(oldRevision uint64) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.SchemaRevision = gu.Ptr(oldRevision + 1)
e.oldRevision = oldRevision
}
}
type DeactivatedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *DeactivatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *DeactivatedEvent) Payload() interface{} {
return e
}
func (e *DeactivatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewDeactivatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *DeactivatedEvent {
return &DeactivatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
DeactivatedType,
),
}
}
type ReactivatedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *ReactivatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *ReactivatedEvent) Payload() interface{} {
return e
}
func (e *ReactivatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewReactivatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *ReactivatedEvent {
return &ReactivatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
ReactivatedType,
),
}
}
type DeletedEvent struct {
*eventstore.BaseEvent `json:"-"`
schemaType string
}
func (e *DeletedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *DeletedEvent) Payload() interface{} {
return e
}
func (e *DeletedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{
NewRemoveSchemaTypeUniqueConstraint(e.schemaType),
}
}
func NewDeletedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
schemaType string,
) *DeletedEvent {
return &DeletedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
DeletedType,
),
schemaType: schemaType,
}
}

25
apps/api/internal/repository/user/schemauser/aggregate.go Normal file
View File

@@ -0,0 +1,25 @@
package schemauser
import (
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
AggregateType = "schemauser"
AggregateVersion = "v1"
)
type Aggregate struct {
eventstore.Aggregate
}
func NewAggregate(id, resourceOwner string) *Aggregate {
return &Aggregate{
Aggregate: eventstore.Aggregate{
Type: AggregateType,
Version: AggregateVersion,
ID: id,
ResourceOwner: resourceOwner,
},
}
}

175
apps/api/internal/repository/user/schemauser/email.go Normal file
View File

@@ -0,0 +1,175 @@
package schemauser
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
emailEventPrefix = eventPrefix + "email."
EmailUpdatedType = emailEventPrefix + "updated"
EmailVerifiedType = emailEventPrefix + "verified"
EmailVerificationFailedType = emailEventPrefix + "verification.failed"
EmailCodeAddedType = emailEventPrefix + "code.added"
EmailCodeSentType = emailEventPrefix + "code.sent"
)
type EmailUpdatedEvent struct {
*eventstore.BaseEvent `json:"-"`
EmailAddress domain.EmailAddress `json:"email,omitempty"`
}
func (e *EmailUpdatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *EmailUpdatedEvent) Payload() interface{} {
return e
}
func (e *EmailUpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewEmailUpdatedEvent(ctx context.Context, aggregate *eventstore.Aggregate, emailAddress domain.EmailAddress) *EmailUpdatedEvent {
return &EmailUpdatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
EmailUpdatedType,
),
EmailAddress: emailAddress,
}
}
type EmailVerifiedEvent struct {
*eventstore.BaseEvent `json:"-"`
IsEmailVerified bool `json:"-"`
}
func (e *EmailVerifiedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *EmailVerifiedEvent) Payload() interface{} {
return nil
}
func (e *EmailVerifiedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewEmailVerifiedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *EmailVerifiedEvent {
return &EmailVerifiedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
EmailVerifiedType,
),
}
}
type EmailVerificationFailedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *EmailVerificationFailedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *EmailVerificationFailedEvent) Payload() interface{} {
return nil
}
func (e *EmailVerificationFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewEmailVerificationFailedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *EmailVerificationFailedEvent {
return &EmailVerificationFailedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
EmailVerificationFailedType,
),
}
}
type EmailCodeAddedEvent struct {
*eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
URLTemplate string `json:"url_template,omitempty"`
CodeReturned bool `json:"code_returned,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
}
func (e *EmailCodeAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *EmailCodeAddedEvent) Payload() interface{} {
return e
}
func (e *EmailCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *EmailCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewEmailCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
urlTemplate string,
codeReturned bool,
) *EmailCodeAddedEvent {
return &EmailCodeAddedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
EmailCodeAddedType,
),
Code: code,
Expiry: expiry,
URLTemplate: urlTemplate,
CodeReturned: codeReturned,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
type EmailCodeSentEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *EmailCodeSentEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *EmailCodeSentEvent) Payload() interface{} {
return nil
}
func (e *EmailCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewEmailCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate) *EmailCodeSentEvent {
return &EmailCodeSentEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
EmailCodeSentType,
),
}
}

23
apps/api/internal/repository/user/schemauser/eventstore.go Normal file
View File

@@ -0,0 +1,23 @@
package schemauser
import "github.com/zitadel/zitadel/internal/eventstore"
func init() {
eventstore.RegisterFilterEventMapper(AggregateType, CreatedType, eventstore.GenericEventMapper[CreatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UpdatedType, eventstore.GenericEventMapper[UpdatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, DeletedType, eventstore.GenericEventMapper[DeletedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, LockedType, eventstore.GenericEventMapper[LockedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, UnlockedType, eventstore.GenericEventMapper[UnlockedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, ActivatedType, eventstore.GenericEventMapper[ActivatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, DeactivatedType, eventstore.GenericEventMapper[DeactivatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, EmailUpdatedType, eventstore.GenericEventMapper[EmailUpdatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, EmailCodeAddedType, eventstore.GenericEventMapper[EmailCodeAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, EmailCodeSentType, eventstore.GenericEventMapper[EmailCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, EmailVerifiedType, eventstore.GenericEventMapper[EmailVerifiedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, EmailVerificationFailedType, eventstore.GenericEventMapper[EmailVerificationFailedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, PhoneUpdatedType, eventstore.GenericEventMapper[PhoneUpdatedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, PhoneCodeAddedType, eventstore.GenericEventMapper[PhoneCodeAddedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, PhoneCodeSentType, eventstore.GenericEventMapper[PhoneCodeSentEvent])
eventstore.RegisterFilterEventMapper(AggregateType, PhoneVerifiedType, eventstore.GenericEventMapper[PhoneVerifiedEvent])
eventstore.RegisterFilterEventMapper(AggregateType, PhoneVerificationFailedType, eventstore.GenericEventMapper[PhoneVerificationFailedEvent])
}

180
apps/api/internal/repository/user/schemauser/phone.go Normal file
View File

@@ -0,0 +1,180 @@
package schemauser
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/crypto"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/notification/senders"
)
const (
phoneEventPrefix = eventPrefix + "phone."
PhoneUpdatedType = phoneEventPrefix + "updated"
PhoneVerifiedType = phoneEventPrefix + "verified"
PhoneVerificationFailedType = phoneEventPrefix + "verification.failed"
PhoneCodeAddedType = phoneEventPrefix + "code.added"
PhoneCodeSentType = phoneEventPrefix + "code.sent"
)
type PhoneUpdatedEvent struct {
*eventstore.BaseEvent `json:"-"`
PhoneNumber domain.PhoneNumber `json:"phone,omitempty"`
}
func (e *PhoneUpdatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *PhoneUpdatedEvent) Payload() interface{} {
return e
}
func (e *PhoneUpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewPhoneUpdatedEvent(ctx context.Context, aggregate *eventstore.Aggregate, phone domain.PhoneNumber) *PhoneUpdatedEvent {
return &PhoneUpdatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
PhoneUpdatedType,
),
PhoneNumber: phone,
}
}
type PhoneVerifiedEvent struct {
*eventstore.BaseEvent `json:"-"`
IsPhoneVerified bool `json:"-"`
}
func (e *PhoneVerifiedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *PhoneVerifiedEvent) Payload() interface{} {
return nil
}
func (e *PhoneVerifiedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewPhoneVerifiedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *PhoneVerifiedEvent {
return &PhoneVerifiedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
PhoneVerifiedType,
),
}
}
type PhoneVerificationFailedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *PhoneVerificationFailedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *PhoneVerificationFailedEvent) Payload() interface{} {
return nil
}
func (e *PhoneVerificationFailedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewPhoneVerificationFailedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *PhoneVerificationFailedEvent {
return &PhoneVerificationFailedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
PhoneVerificationFailedType,
),
}
}
type PhoneCodeAddedEvent struct {
*eventstore.BaseEvent `json:"-"`
Code *crypto.CryptoValue `json:"code,omitempty"`
Expiry time.Duration `json:"expiry,omitempty"`
CodeReturned bool `json:"code_returned,omitempty"`
GeneratorID string `json:"generatorId,omitempty"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
}
func (e *PhoneCodeAddedEvent) Payload() interface{} {
return e
}
func (e *PhoneCodeAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *PhoneCodeAddedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func (e *PhoneCodeAddedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func NewPhoneCodeAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
code *crypto.CryptoValue,
expiry time.Duration,
codeReturned bool,
generatorID string,
) *PhoneCodeAddedEvent {
return &PhoneCodeAddedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
PhoneCodeAddedType,
),
Code: code,
Expiry: expiry,
CodeReturned: codeReturned,
GeneratorID: generatorID,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
type PhoneCodeSentEvent struct {
*eventstore.BaseEvent `json:"-"`
GeneratorInfo *senders.CodeGeneratorInfo `json:"generatorInfo,omitempty"`
}
func (e *PhoneCodeSentEvent) Payload() interface{} {
return e
}
func (e *PhoneCodeSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *PhoneCodeSentEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func NewPhoneCodeSentEvent(ctx context.Context, aggregate *eventstore.Aggregate, generatorInfo *senders.CodeGeneratorInfo) *PhoneCodeSentEvent {
return &PhoneCodeSentEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
PhoneCodeSentType,
),
GeneratorInfo: generatorInfo,
}
}

260
apps/api/internal/repository/user/schemauser/user.go Normal file
View File

@@ -0,0 +1,260 @@
package schemauser
import (
"context"
"encoding/json"
"github.com/zitadel/zitadel/internal/eventstore"
)
const (
eventPrefix = "schemauser."
CreatedType = eventPrefix + "created"
UpdatedType = eventPrefix + "updated"
DeletedType = eventPrefix + "deleted"
LockedType = eventPrefix + "locked"
UnlockedType = eventPrefix + "unlocked"
DeactivatedType = eventPrefix + "deactivated"
ActivatedType = eventPrefix + "activated"
)
type CreatedEvent struct {
*eventstore.BaseEvent `json:"-"`
ID string `json:"id"`
SchemaID string `json:"schemaID"`
SchemaRevision uint64 `json:"schemaRevision"`
Data json.RawMessage `json:"user,omitempty"`
}
func (e *CreatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *CreatedEvent) Payload() interface{} {
return e
}
func (e *CreatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewCreatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
schemaID string,
schemaRevision uint64,
data json.RawMessage,
) *CreatedEvent {
return &CreatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
CreatedType,
),
SchemaID: schemaID,
SchemaRevision: schemaRevision,
Data: data,
}
}
type UpdatedEvent struct {
*eventstore.BaseEvent `json:"-"`
SchemaID *string `json:"schemaID,omitempty"`
SchemaRevision *uint64 `json:"schemaRevision,omitempty"`
Data json.RawMessage `json:"schema,omitempty"`
}
func (e *UpdatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *UpdatedEvent) Payload() interface{} {
return e
}
func (e *UpdatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUpdatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
changes []Changes,
) *UpdatedEvent {
updatedEvent := &UpdatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
UpdatedType,
),
}
for _, change := range changes {
change(updatedEvent)
}
return updatedEvent
}
type Changes func(event *UpdatedEvent)
func ChangeSchemaID(schemaID string) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.SchemaID = &schemaID
}
}
func ChangeSchemaRevision(schemaRevision uint64) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.SchemaRevision = &schemaRevision
}
}
func ChangeData(data json.RawMessage) func(event *UpdatedEvent) {
return func(e *UpdatedEvent) {
e.Data = data
}
}
type DeletedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *DeletedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *DeletedEvent) Payload() interface{} {
return e
}
func (e *DeletedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewDeletedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *DeletedEvent {
return &DeletedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
DeletedType,
),
}
}
type LockedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *LockedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *LockedEvent) Payload() interface{} {
return e
}
func (e *LockedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewLockedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *LockedEvent {
return &LockedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
LockedType,
),
}
}
type UnlockedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *UnlockedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *UnlockedEvent) Payload() interface{} {
return e
}
func (e *UnlockedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUnlockedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *UnlockedEvent {
return &UnlockedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
UnlockedType,
),
}
}
type DeactivatedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *DeactivatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *DeactivatedEvent) Payload() interface{} {
return e
}
func (e *DeactivatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewDeactivatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *DeactivatedEvent {
return &DeactivatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
DeactivatedType,
),
}
}
type ActivatedEvent struct {
*eventstore.BaseEvent `json:"-"`
}
func (e *ActivatedEvent) SetBaseEvent(event *eventstore.BaseEvent) {
e.BaseEvent = event
}
func (e *ActivatedEvent) Payload() interface{} {
return e
}
func (e *ActivatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewActivatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *ActivatedEvent {
return &ActivatedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
ActivatedType,
),
}
}

571
apps/api/internal/repository/user/user.go Normal file
View File

@@ -0,0 +1,571 @@
package user
import (
"context"
"time"
"github.com/zitadel/zitadel/internal/api/http"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/eventstore"
"github.com/zitadel/zitadel/internal/zerrors"
)
const (
UniqueUsername = "usernames"
userEventTypePrefix = eventstore.EventType("user.")
UserLockedType = userEventTypePrefix + "locked"
UserUnlockedType = userEventTypePrefix + "unlocked"
UserDeactivatedType = userEventTypePrefix + "deactivated"
UserReactivatedType = userEventTypePrefix + "reactivated"
UserRemovedType = userEventTypePrefix + "removed"
UserTokenAddedType = userEventTypePrefix + "token.added"
UserTokenV2AddedType = userEventTypePrefix + "token.v2.added"
UserTokenRemovedType = userEventTypePrefix + "token.removed"
UserImpersonatedType = userEventTypePrefix + "impersonated"
UserDomainClaimedType = userEventTypePrefix + "domain.claimed"
UserDomainClaimedSentType = userEventTypePrefix + "domain.claimed.sent"
UserUserNameChangedType = userEventTypePrefix + "username.changed"
)
func NewAddUsernameUniqueConstraint(userName, resourceOwner string, orgScopedUsername bool) *eventstore.UniqueConstraint {
uniqueUserName := userName
if orgScopedUsername {
uniqueUserName = userName + resourceOwner
}
return eventstore.NewAddEventUniqueConstraint(
UniqueUsername,
uniqueUserName,
"Errors.User.AlreadyExists")
}
func NewRemoveUsernameUniqueConstraint(userName, resourceOwner string, orgScopedUsername bool) *eventstore.UniqueConstraint {
uniqueUserName := userName
if orgScopedUsername {
uniqueUserName = userName + resourceOwner
}
return eventstore.NewRemoveUniqueConstraint(
UniqueUsername,
uniqueUserName)
}
func NewUsernameUniqueConstraints(usernameChanges []string, resourceOwner string, orgScopedUsername, oldOrgScopedUsername bool) []*eventstore.UniqueConstraint {
if len(usernameChanges) == 0 || oldOrgScopedUsername == orgScopedUsername {
return []*eventstore.UniqueConstraint{}
}
changes := make([]*eventstore.UniqueConstraint, len(usernameChanges)*2)
for i, username := range usernameChanges {
changes[i*2] = NewRemoveUsernameUniqueConstraint(username, resourceOwner, oldOrgScopedUsername)
changes[i*2+1] = NewAddUsernameUniqueConstraint(username, resourceOwner, orgScopedUsername)
}
return changes
}
type UserLockedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *UserLockedEvent) Payload() interface{} {
return nil
}
func (e *UserLockedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserLockedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *UserLockedEvent {
return &UserLockedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserLockedType,
),
}
}
func UserLockedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &UserLockedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type UserUnlockedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *UserUnlockedEvent) Payload() interface{} {
return nil
}
func (e *UserUnlockedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserUnlockedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *UserUnlockedEvent {
return &UserUnlockedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserUnlockedType,
),
}
}
func UserUnlockedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &UserUnlockedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type UserDeactivatedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *UserDeactivatedEvent) Payload() interface{} {
return nil
}
func (e *UserDeactivatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserDeactivatedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *UserDeactivatedEvent {
return &UserDeactivatedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserDeactivatedType,
),
}
}
func UserDeactivatedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &UserDeactivatedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type UserReactivatedEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *UserReactivatedEvent) Payload() interface{} {
return nil
}
func (e *UserReactivatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserReactivatedEvent(ctx context.Context, aggregate *eventstore.Aggregate) *UserReactivatedEvent {
return &UserReactivatedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserReactivatedType,
),
}
}
func UserReactivatedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &UserReactivatedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type UserRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
userName string
externalIDPs []*domain.UserIDPLink
orgScopedUsername bool
}
func (e *UserRemovedEvent) Payload() interface{} {
return nil
}
func (e *UserRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
events := make([]*eventstore.UniqueConstraint, 0)
if e.userName != "" {
events = append(events, NewRemoveUsernameUniqueConstraint(e.userName, e.Aggregate().ResourceOwner, e.orgScopedUsername))
}
for _, idp := range e.externalIDPs {
events = append(events, NewRemoveUserIDPLinkUniqueConstraint(idp.IDPConfigID, idp.ExternalUserID))
}
return events
}
func NewUserRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userName string,
externalIDPs []*domain.UserIDPLink,
orgScopedUsername bool,
) *UserRemovedEvent {
return &UserRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserRemovedType,
),
userName: userName,
externalIDPs: externalIDPs,
orgScopedUsername: orgScopedUsername,
}
}
func UserRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &UserRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type UserTokenAddedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId,omitempty"`
ApplicationID string `json:"applicationId,omitempty"`
UserAgentID string `json:"userAgentId,omitempty"`
RefreshTokenID string `json:"refreshTokenID,omitempty"`
Audience []string `json:"audience,omitempty"`
Scopes []string `json:"scopes,omitempty"`
AuthMethodsReferences []string `json:"authMethodsReferences,omitempty"`
AuthTime time.Time `json:"authTime,omitempty"`
Expiration time.Time `json:"expiration,omitempty"`
PreferredLanguage string `json:"preferredLanguage,omitempty"`
Reason domain.TokenReason `json:"reason,omitempty"`
Actor *domain.TokenActor `json:"actor,omitempty"`
}
func (e *UserTokenAddedEvent) Payload() interface{} {
return e
}
func (e *UserTokenAddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserTokenAddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID,
applicationID,
userAgentID,
preferredLanguage,
refreshTokenID string,
audience,
scopes,
authMethodsReferences []string,
authTime,
expiration time.Time,
reason domain.TokenReason,
actor *domain.TokenActor,
) *UserTokenAddedEvent {
return &UserTokenAddedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserTokenAddedType,
),
TokenID: tokenID,
ApplicationID: applicationID,
UserAgentID: userAgentID,
RefreshTokenID: refreshTokenID,
Audience: audience,
Scopes: scopes,
Expiration: expiration,
PreferredLanguage: preferredLanguage,
Reason: reason,
Actor: actor,
}
}
func UserTokenAddedEventMapper(event eventstore.Event) (eventstore.Event, error) {
tokenAdded := &UserTokenAddedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(tokenAdded)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-7M9sd", "unable to unmarshal token added")
}
return tokenAdded, nil
}
type UserTokenV2AddedEvent struct {
*eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId,omitempty"`
}
func (e *UserTokenV2AddedEvent) Payload() interface{} {
return e
}
func (e *UserTokenV2AddedEvent) SetBaseEvent(b *eventstore.BaseEvent) {
e.BaseEvent = b
}
func (e *UserTokenV2AddedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserTokenV2AddedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID string,
) *UserTokenV2AddedEvent {
return &UserTokenV2AddedEvent{
BaseEvent: eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserTokenV2AddedType,
),
TokenID: tokenID,
}
}
type UserImpersonatedEvent struct {
eventstore.BaseEvent `json:"-"`
ApplicationID string `json:"applicationId,omitempty"`
Actor *domain.TokenActor `json:"actor,omitempty"`
}
func (e *UserImpersonatedEvent) Payload() interface{} {
return e
}
func (e *UserImpersonatedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func (e *UserImpersonatedEvent) SetBaseEvent(base *eventstore.BaseEvent) {
e.BaseEvent = *base
}
func NewUserImpersonatedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
applicationID string,
actor *domain.TokenActor,
) *UserImpersonatedEvent {
return &UserImpersonatedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserImpersonatedType,
),
ApplicationID: applicationID,
Actor: actor,
}
}
type UserTokenRemovedEvent struct {
eventstore.BaseEvent `json:"-"`
TokenID string `json:"tokenId"`
}
func (e *UserTokenRemovedEvent) Payload() interface{} {
return e
}
func (e *UserTokenRemovedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewUserTokenRemovedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
tokenID string,
) *UserTokenRemovedEvent {
return &UserTokenRemovedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserTokenRemovedType,
),
TokenID: tokenID,
}
}
func UserTokenRemovedEventMapper(event eventstore.Event) (eventstore.Event, error) {
tokenRemoved := &UserTokenRemovedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(tokenRemoved)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-7M9sd", "unable to unmarshal token added")
}
return tokenRemoved, nil
}
type DomainClaimedEvent struct {
eventstore.BaseEvent `json:"-"`
UserName string `json:"userName"`
TriggeredAtOrigin string `json:"triggerOrigin,omitempty"`
oldUserName string
orgScopedUsername bool
}
func (e *DomainClaimedEvent) Payload() interface{} {
return e
}
func (e *DomainClaimedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return []*eventstore.UniqueConstraint{
NewRemoveUsernameUniqueConstraint(e.oldUserName, e.Aggregate().ResourceOwner, e.orgScopedUsername),
NewAddUsernameUniqueConstraint(e.UserName, e.Aggregate().ResourceOwner, e.orgScopedUsername),
}
}
func (e *DomainClaimedEvent) TriggerOrigin() string {
return e.TriggeredAtOrigin
}
func NewDomainClaimedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
userName,
oldUserName string,
orgScopedUsername bool,
) *DomainClaimedEvent {
return &DomainClaimedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserDomainClaimedType,
),
UserName: userName,
oldUserName: oldUserName,
orgScopedUsername: orgScopedUsername,
TriggeredAtOrigin: http.DomainContext(ctx).Origin(),
}
}
func DomainClaimedEventMapper(event eventstore.Event) (eventstore.Event, error) {
domainClaimed := &DomainClaimedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(domainClaimed)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-aR8jc", "unable to unmarshal domain claimed")
}
return domainClaimed, nil
}
type DomainClaimedSentEvent struct {
eventstore.BaseEvent `json:"-"`
}
func (e *DomainClaimedSentEvent) Payload() interface{} {
return nil
}
func (e *DomainClaimedSentEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
return nil
}
func NewDomainClaimedSentEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
) *DomainClaimedSentEvent {
return &DomainClaimedSentEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserDomainClaimedSentType,
),
}
}
func DomainClaimedSentEventMapper(event eventstore.Event) (eventstore.Event, error) {
return &DomainClaimedSentEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}, nil
}
type UsernameChangedEvent struct {
eventstore.BaseEvent `json:"-"`
UserName string `json:"userName"`
oldUserName string
userLoginMustBeDomain bool
oldUserLoginMustBeDomain bool
organizationScopedUsernames bool
}
func (e *UsernameChangedEvent) Payload() interface{} {
return e
}
func (e *UsernameChangedEvent) UniqueConstraints() []*eventstore.UniqueConstraint {
newSetting := e.userLoginMustBeDomain || e.organizationScopedUsernames
oldSetting := e.oldUserLoginMustBeDomain || e.organizationScopedUsernames
// changes only necessary if username changed or setting for usernames changed
// if user login must be domain is set, there is a possibility that the username changes
// organization scoped usernames are included here so that the unique constraint only gets changed if necessary
if e.oldUserName == e.UserName &&
newSetting == oldSetting {
return []*eventstore.UniqueConstraint{}
}
return []*eventstore.UniqueConstraint{
NewRemoveUsernameUniqueConstraint(e.oldUserName, e.Aggregate().ResourceOwner, oldSetting),
NewAddUsernameUniqueConstraint(e.UserName, e.Aggregate().ResourceOwner, newSetting),
}
}
func NewUsernameChangedEvent(
ctx context.Context,
aggregate *eventstore.Aggregate,
oldUserName,
newUserName string,
userLoginMustBeDomain bool,
organizationScopedUsernames bool,
opts ...UsernameChangedEventOption,
) *UsernameChangedEvent {
event := &UsernameChangedEvent{
BaseEvent: *eventstore.NewBaseEventForPush(
ctx,
aggregate,
UserUserNameChangedType,
),
UserName: newUserName,
oldUserName: oldUserName,
userLoginMustBeDomain: userLoginMustBeDomain,
oldUserLoginMustBeDomain: userLoginMustBeDomain,
organizationScopedUsernames: organizationScopedUsernames,
}
for _, opt := range opts {
opt(event)
}
return event
}
type UsernameChangedEventOption func(*UsernameChangedEvent)
// UsernameChangedEventWithPolicyChange signals that the change occurs because of / during a domain policy change
// (will ensure the unique constraint change is handled correctly)
func UsernameChangedEventWithPolicyChange(oldUserLoginMustBeDomain bool) UsernameChangedEventOption {
return func(e *UsernameChangedEvent) {
e.oldUserLoginMustBeDomain = oldUserLoginMustBeDomain
}
}
func UsernameChangedEventMapper(event eventstore.Event) (eventstore.Event, error) {
domainClaimed := &UsernameChangedEvent{
BaseEvent: *eventstore.BaseEventFromRepo(event),
}
err := event.Unmarshal(domainClaimed)
if err != nil {
return nil, zerrors.ThrowInternal(err, "USER-4Bm9s", "unable to unmarshal username changed")
}
return domainClaimed, nil
}

49
apps/api/internal/repository/user/v1.go Normal file
View File

@@ -0,0 +1,49 @@
package user
const (
UserV1AddedType = userEventTypePrefix + "added"
UserV1RegisteredType = userEventTypePrefix + "selfregistered"
UserV1InitialCodeAddedType = userEventTypePrefix + "initialization.code.added"
UserV1InitialCodeSentType = userEventTypePrefix + "initialization.code.sent"
UserV1InitializedCheckSucceededType = userEventTypePrefix + "initialization.check.succeeded"
UserV1InitializedCheckFailedType = userEventTypePrefix + "initialization.check.failed"
UserV1SignedOutType = userEventTypePrefix + "signed.out"
userV1PasswordEventTypePrefix = userEventTypePrefix + "password."
UserV1PasswordChangedType = userV1PasswordEventTypePrefix + "changed"
UserV1PasswordCodeAddedType = userV1PasswordEventTypePrefix + "code.added"
UserV1PasswordCodeSentType = userV1PasswordEventTypePrefix + "code.sent"
UserV1PasswordCheckSucceededType = userV1PasswordEventTypePrefix + "check.succeeded"
UserV1PasswordCheckFailedType = userV1PasswordEventTypePrefix + "check.failed"
userV1EmailEventTypePrefix = userEventTypePrefix + "email."
UserV1EmailChangedType = userV1EmailEventTypePrefix + "changed"
UserV1EmailVerifiedType = userV1EmailEventTypePrefix + "verified"
UserV1EmailVerificationFailedType = userV1EmailEventTypePrefix + "verification.failed"
UserV1EmailCodeAddedType = userV1EmailEventTypePrefix + "code.added"
UserV1EmailCodeSentType = userV1EmailEventTypePrefix + "code.sent"
userV1PhoneEventTypePrefix = userEventTypePrefix + "phone."
UserV1PhoneChangedType = userV1PhoneEventTypePrefix + "changed"
UserV1PhoneRemovedType = userV1PhoneEventTypePrefix + "removed"
UserV1PhoneVerifiedType = userV1PhoneEventTypePrefix + "verified"
UserV1PhoneVerificationFailedType = userV1PhoneEventTypePrefix + "verification.failed"
UserV1PhoneCodeAddedType = userV1PhoneEventTypePrefix + "code.added"
UserV1PhoneCodeSentType = userV1PhoneEventTypePrefix + "code.sent"
userV1ProfileEventTypePrefix = userEventTypePrefix + "profile."
UserV1ProfileChangedType = userV1ProfileEventTypePrefix + "changed"
userV1AddressEventTypePrefix = userEventTypePrefix + "address."
UserV1AddressChangedType = userV1AddressEventTypePrefix + "changed"
userV1MFAEventTypePrefix = userEventTypePrefix + "mfa."
UserV1MFAInitSkippedType = userV1MFAOTPEventTypePrefix + "init.skipped"
userV1MFAOTPEventTypePrefix = userV1MFAEventTypePrefix + "otp."
UserV1MFAOTPAddedType = userV1MFAOTPEventTypePrefix + "added"
UserV1MFAOTPRemovedType = userV1MFAOTPEventTypePrefix + "removed"
UserV1MFAOTPVerifiedType = userV1MFAOTPEventTypePrefix + "verified"
UserV1MFAOTPCheckSucceededType = userV1MFAOTPEventTypePrefix + "check.succeeded"
UserV1MFAOTPCheckFailedType = userV1MFAOTPEventTypePrefix + "check.failed"
)