fix: correctly check app state on authentication (#8630)

# Which Problems Are Solved In Zitadel, even after an organization is deactivated, associated projects, respectively their applications remain active. Users across other organizations can still log in and access through these applications, leading to unauthorized access. Additionally, if a project was deactivated access to applications was also still possible. # How the Problems Are Solved - Correctly check the status of the organization and related project. (Corresponding functions have been renamed to `Active...`)
2025-08-11 20:57:31 +00:00 · 2024-09-17 13:34:14 +02:00
parent 77aa02a521
commit d01bd1c51a
13 changed files with 299 additions and 146 deletions
--- a/internal/query/introspection.go
+++ b/internal/query/introspection.go
@@ -52,7 +52,7 @@ type IntrospectionClient struct {
 //go:embed introspection_client_by_id.sql
 var introspectionClientByIDQuery string

-func (q *Queries) GetIntrospectionClientByID(ctx context.Context, clientID string, getKeys bool) (_ *IntrospectionClient, err error) {
+func (q *Queries) ActiveIntrospectionClientByID(ctx context.Context, clientID string, getKeys bool) (_ *IntrospectionClient, err error) {
 	ctx, span := tracing.NewSpan(ctx)
 	defer func() { span.EndWithError(err) }()