feat: idp and login policy configurations (#619)

* feat: oidc config

* fix: oidc configurations

* feat: oidc idp config

* feat: add oidc config test

* fix: tests

* fix: tests

* feat: translate new events

* feat: idp eventstore

* feat: idp eventstore

* fix: tests

* feat: command side idp

* feat: query side idp

* feat: idp config on org

* fix: tests

* feat: authz idp on org

* feat: org idps

* feat: login policy

* feat: login policy

* feat: login policy

* feat: add idp func on login policy

* feat: add validation to loginpolicy and idp provider

* feat: add default login policy

* feat: login policy on org

* feat: login policy on org

* fix: id config handlers

* fix: id config handlers

* fix: create idp on org

* fix: create idp on org

* fix: not existing idp config

* fix: default login policy

* fix: add login policy on org

* fix: idp provider search on org

* fix: test

* fix: remove idp on org

* fix: test

* fix: test

* fix: remove admin idp

* fix: logo src as byte

* fix: migration

* fix: tests

* Update internal/iam/repository/eventsourcing/iam.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/org/repository/eventsourcing/org_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: pr comments

* fix: tests

* Update types.go

* fix: merge request changes

* fix: reduce optimization

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>

internal/iam/model/idp_config.go

@@ -0,0 +1,74 @@
+package model
+
+import (
+	"github.com/caos/zitadel/internal/crypto"
+	es_models "github.com/caos/zitadel/internal/eventstore/models"
+)
+
+type IDPConfig struct {
+	es_models.ObjectRoot
+	IDPConfigID string
+	Type        IdpConfigType
+	Name        string
+	LogoSrc     []byte
+	State       IDPConfigState
+	OIDCConfig  *OIDCIDPConfig
+}
+
+type OIDCIDPConfig struct {
+	es_models.ObjectRoot
+	IDPConfigID        string
+	ClientID           string
+	ClientSecret       *crypto.CryptoValue
+	ClientSecretString string
+	Issuer             string
+	Scopes             []string
+}
+
+type IdpConfigType int32
+
+const (
+	IDPConfigTypeOIDC IdpConfigType = iota
+	IDPConfigTypeSAML
+)
+
+type IDPConfigState int32
+
+const (
+	IDPConfigStateActive IDPConfigState = iota
+	IDPConfigStateInactive
+	IDPConfigStateRemoved
+)
+
+func NewIDPConfig(iamID, idpID string) *IDPConfig {
+	return &IDPConfig{ObjectRoot: es_models.ObjectRoot{AggregateID: iamID}, IDPConfigID: idpID}
+}
+
+func (idp *IDPConfig) IsValid(includeConfig bool) bool {
+	if idp.Name == "" || idp.AggregateID == "" {
+		return false
+	}
+	if !includeConfig {
+		return true
+	}
+	if idp.Type == IDPConfigTypeOIDC && !idp.OIDCConfig.IsValid(true) {
+		return false
+	}
+	return true
+}
+
+func (oi *OIDCIDPConfig) IsValid(withSecret bool) bool {
+	if withSecret {
+		return oi.ClientID != "" && oi.Issuer != "" && oi.ClientSecretString != ""
+	}
+	return oi.ClientID != "" && oi.Issuer != ""
+}
+
+func (oi *OIDCIDPConfig) CryptSecret(crypt crypto.Crypto) error {
+	cryptedSecret, err := crypto.Crypt([]byte(oi.ClientSecretString), crypt)
+	if err != nil {
+		return err
+	}
+	oi.ClientSecret = cryptedSecret
+	return nil
+}