feat(console): machine user accesstoken type (#5196)

Set machine user Access Token type
2025-03-01 00:07:22 +00:00 · 2023-02-14 17:05:55 +01:00 · 2023-02-14 17:05:55 +01:00 · df4a173264
commit df4a173264
parent 3696c1b2d9
14 changed files with 83 additions and 13 deletions
--- a/console/src/app/pages/users/user-create-machine/user-create-machine.component.html
+++ b/console/src/app/pages/users/user-create-machine/user-create-machine.component.html
@ -30,6 +30,15 @@
          <cnsl-label>{{ 'USER.MACHINE.DESCRIPTION' | translate }}</cnsl-label>
          <input cnslInput formControlName="description" />
        </cnsl-form-field>
+
+        <cnsl-form-field class="formfield">
+          <cnsl-label>{{ 'USER.MACHINE.ACCESSTOKENTYPE' | translate }}</cnsl-label>
+          <mat-select formControlName="accessTokenType" required>
+            <mat-option *ngFor="let aTT of accessTokenTypes" [value]="aTT">
+              {{ 'USER.MACHINE.ACCESSTOKENTYPES.' + aTT | translate }}
+            </mat-option>
+          </mat-select>
+        </cnsl-form-field>
      </div>
      <div class="machine-btn-container">
        <button color="primary" data-e2e="create-button" [disabled]="userForm.invalid" type="submit" mat-raised-button>
--- a/console/src/app/pages/users/user-create-machine/user-create-machine.component.ts
+++ b/console/src/app/pages/users/user-create-machine/user-create-machine.component.ts
@ -4,6 +4,7 @@ import { AbstractControl, UntypedFormBuilder, UntypedFormGroup, Validators } fro
 import { Router } from '@angular/router';
 import { Subscription } from 'rxjs';
 import { AddMachineUserRequest } from 'src/app/proto/generated/zitadel/management_pb';
+import { AccessTokenType } from 'src/app/proto/generated/zitadel/user_pb';
 import { Breadcrumb, BreadcrumbService, BreadcrumbType } from 'src/app/services/breadcrumb.service';
 import { ManagementService } from 'src/app/services/mgmt.service';
 import { ToastService } from 'src/app/services/toast.service';
@ -20,6 +21,11 @@ export class UserCreateMachineComponent implements OnDestroy {
  private sub: Subscription = new Subscription();
  public loading: boolean = false;

+  public accessTokenTypes: AccessTokenType[] = [
+    AccessTokenType.ACCESS_TOKEN_TYPE_BEARER,
+    AccessTokenType.ACCESS_TOKEN_TYPE_JWT,
+  ];
+
  constructor(
    private router: Router,
    private toast: ToastService,
@ -42,6 +48,7 @@ export class UserCreateMachineComponent implements OnDestroy {
      userName: ['', [Validators.required, Validators.minLength(2)]],
      name: ['', [Validators.required]],
      description: ['', []],
+      accessTokenType: [AccessTokenType.ACCESS_TOKEN_TYPE_BEARER, []],
    });
  }

@ -54,6 +61,7 @@ export class UserCreateMachineComponent implements OnDestroy {
    machineReq.setDescription(this.description?.value);
    machineReq.setName(this.name?.value);
    machineReq.setUserName(this.userName?.value);
+    machineReq.setAccessTokenType(this.accessTokenType?.value);

    this.userService
      .addMachineUser(machineReq)
@ -88,4 +96,7 @@ export class UserCreateMachineComponent implements OnDestroy {
  public get userName(): AbstractControl | null {
    return this.userForm.get('userName');
  }
+  public get accessTokenType(): AbstractControl | null {
+    return this.userForm.get('accessTokenType');
+  }
 }
--- a/console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.html
+++ b/console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.html
@ -21,6 +21,14 @@
      <cnsl-label>{{ 'USER.MACHINE.DESCRIPTION' | translate }}</cnsl-label>
      <input cnslInput formControlName="description" />
    </cnsl-form-field>
+    <cnsl-form-field class="formfield">
+      <cnsl-label>{{ 'USER.MACHINE.ACCESSTOKENTYPE' | translate }}</cnsl-label>
+      <mat-select formControlName="accessTokenType" required>
+        <mat-option *ngFor="let aTT of accessTokenTypes" [value]="aTT">
+          {{ 'USER.MACHINE.ACCESSTOKENTYPES.' + aTT | translate }}
+        </mat-option>
+      </mat-select>
+    </cnsl-form-field>
  </div>
  <div class="btn-container">
    <button type="submit" color="primary" mat-raised-button>{{ 'ACTIONS.SAVE' | translate }}</button>
--- a/console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.ts
+++ b/console/src/app/pages/users/user-detail/detail-form-machine/detail-form-machine.component.ts
@ -1,7 +1,7 @@
 import { Component, EventEmitter, Input, OnDestroy, OnInit, Output } from '@angular/core';
 import { AbstractControl, UntypedFormBuilder, UntypedFormGroup, Validators } from '@angular/forms';
 import { Subscription } from 'rxjs';
-import { Human, Machine } from 'src/app/proto/generated/zitadel/user_pb';
+import { AccessTokenType, Human, Machine } from 'src/app/proto/generated/zitadel/user_pb';

@Component({
  selector: 'cnsl-detail-form-machine',
@ -16,6 +16,11 @@ export class DetailFormMachineComponent implements OnInit, OnDestroy {

  public machineForm!: UntypedFormGroup;

+  public accessTokenTypes: AccessTokenType[] = [
+    AccessTokenType.ACCESS_TOKEN_TYPE_BEARER,
+    AccessTokenType.ACCESS_TOKEN_TYPE_JWT,
+  ];
+
  private sub: Subscription = new Subscription();

  constructor(private fb: UntypedFormBuilder) {
@ -23,6 +28,7 @@ export class DetailFormMachineComponent implements OnInit, OnDestroy {
      userName: [{ value: '', disabled: true }, [Validators.required]],
      name: [{ value: '', disabled: this.disabled }, Validators.required],
      description: [{ value: '', disabled: this.disabled }],
+      accessTokenType: [AccessTokenType.ACCESS_TOKEN_TYPE_BEARER, [Validators.required]],
    });
  }

@ -42,10 +48,6 @@ export class DetailFormMachineComponent implements OnInit, OnDestroy {
    return this.machineForm.get('name');
  }

-  public get description(): AbstractControl | null {
-    return this.machineForm.get('description');
-  }
-
  public get userName(): AbstractControl | null {
    return this.machineForm.get('userName');
  }
--- a/console/src/app/pages/users/user-detail/user-detail/user-detail.component.ts
+++ b/console/src/app/pages/users/user-detail/user-detail/user-detail.component.ts
@ -274,9 +274,15 @@ export class UserDetailComponent implements OnInit {
    if (this.user.machine) {
      this.user.machine.name = machineData.name;
      this.user.machine.description = machineData.description;
+      this.user.machine.accessTokenType = machineData.accessTokenType;

      this.mgmtUserService
-        .updateMachine(this.user.id, this.user.machine.name, this.user.machine.description)
+        .updateMachine(
+          this.user.id,
+          this.user.machine.name,
+          this.user.machine.description,
+          this.user.machine.accessTokenType,
+        )
        .then(() => {
          this.toast.showInfo('USER.TOAST.SAVED', true);
          this.refreshChanges$.emit();
--- a/console/src/app/services/mgmt.service.ts
+++ b/console/src/app/services/mgmt.service.ts
@ -473,6 +473,7 @@ import { DomainSearchQuery, DomainValidationType } from '../proto/generated/zita
 import { PasswordComplexityPolicy } from '../proto/generated/zitadel/policy_pb';
 import { GrantedProject, Project, ProjectQuery, RoleQuery } from '../proto/generated/zitadel/project_pb';
 import {
+  AccessTokenType,
  Gender,
  MembershipQuery,
  SearchQuery as UserSearchQuery,
@ -901,7 +902,12 @@ export class ManagementService {
    return this.grpcService.mgmt.addMachineUser(req, null).then((resp) => resp.toObject());
  }

-  public updateMachine(userId: string, name?: string, description?: string): Promise<UpdateMachineResponse.AsObject> {
+  public updateMachine(
+    userId: string,
+    name?: string,
+    description?: string,
+    accessTokenType?: AccessTokenType,
+  ): Promise<UpdateMachineResponse.AsObject> {
    const req = new UpdateMachineRequest();
    req.setUserId(userId);
    if (name) {
@ -910,6 +916,9 @@ export class ManagementService {
    if (description) {
      req.setDescription(description);
    }
+    if (accessTokenType !== undefined) {
+      req.setAccessTokenType(accessTokenType);
+    }
    return this.grpcService.mgmt.updateMachine(req, null).then((resp) => resp.toObject());
  }

--- a/console/src/assets/i18n/de.json
+++ b/console/src/assets/i18n/de.json
@ -452,6 +452,11 @@
      "CHOOSEEXPIRY": "Definiere ein Ablaufdatum",
      "CREATIONDATE": "Erstelldatum",
      "KEYDETAILS": "Schlüssel Details",
+      "ACCESSTOKENTYPE": "Access Token Typ",
+      "ACCESSTOKENTYPES": {
+        "0": "Bearer",
+        "1": "JWT"
+      },
      "ADD": {
        "TITLE": "Schlüssel hinzufügen",
        "DESCRIPTION": "Wähle den Typ und selektiere ein optionales Ablaufdatum."
--- a/console/src/assets/i18n/en.json
+++ b/console/src/assets/i18n/en.json
@ -452,6 +452,11 @@
      "CHOOSEEXPIRY": "Select an expiration date",
      "CREATIONDATE": "Creation Date",
      "KEYDETAILS": "Key Details",
+      "ACCESSTOKENTYPE": "Access Token Type",
+      "ACCESSTOKENTYPES": {
+        "0": "Bearer",
+        "1": "JWT"
+      },
      "ADD": {
        "TITLE": "Add Key",
        "DESCRIPTION": "Select your key type and choose an optional expiration date."
--- a/console/src/assets/i18n/fr.json
+++ b/console/src/assets/i18n/fr.json
@ -452,6 +452,11 @@
      "CHOOSEEXPIRY": "Sélectionnez une date d'expiration",
      "CREATIONDATE": "Date de création",
      "KEYDETAILS": "Détails de la clé",
+      "ACCESSTOKENTYPE": "Access Token Type",
+      "ACCESSTOKENTYPES": {
+        "0": "Bearer",
+        "1": "JWT"
+      },
      "ADD": {
        "TITLE": "Ajouter une clé",
        "DESCRIPTION": "Sélectionnez votre type de clé et choisissez une date d'expiration facultative."
--- a/console/src/assets/i18n/it.json
+++ b/console/src/assets/i18n/it.json
@ -452,6 +452,11 @@
      "CHOOSEEXPIRY": "Seleziona una data di scadenza",
      "CREATIONDATE": "Data di creazione",
      "KEYDETAILS": "Dettagli chiave",
+      "ACCESSTOKENTYPE": "Tipo Access Token",
+      "ACCESSTOKENTYPES": {
+        "0": "Bearer",
+        "1": "JWT"
+      },
      "ADD": {
        "TITLE": "Aggiungi chiave",
        "DESCRIPTION": "Seleziona il tuo tipo di chiave e scegli una data di scadenza opzionale."
--- a/console/src/assets/i18n/zh.json
+++ b/console/src/assets/i18n/zh.json
@ -452,6 +452,11 @@
      "CHOOSEEXPIRY": "选择过期时间",
      "CREATIONDATE": "创建于",
      "KEYDETAILS": "秘钥详情",
+      "ACCESSTOKENTYPE": "访问令牌类型 ",
+      "ACCESSTOKENTYPES": {
+        "0": "Bearer",
+        "1": "JWT"
+      },
      "ADD": {
        "TITLE": "添加秘钥",
        "DESCRIPTION": "选择您的密钥类型并选择一个可选的到期日期。"
--- a/docs/docs/apis/proto/user.md
+++ b/docs/docs/apis/proto/user.md
@ -134,7 +134,7 @@ title: zitadel/user.proto
 | name |  string | - |  |
 | description |  string | - |  |
 | has_secret |  bool | - |  |
-| access_token_typ |  AccessTokenType | - |  |
+| access_token_type |  AccessTokenType | - |  |



--- a/internal/api/grpc/user/converter.go
+++ b/internal/api/grpc/user/converter.go
@ -70,10 +70,10 @@ func HumanToPb(view *query.Human, assetPrefix, owner string) *user_pb.Human {

 func MachineToPb(view *query.Machine) *user_pb.Machine {
 	return &user_pb.Machine{
-		Name:           view.Name,
-		Description:    view.Description,
-		HasSecret:      view.HasSecret,
-		AccessTokenTyp: AccessTokenTypeToPb(view.AccessTokenType),
+		Name:            view.Name,
+		Description:     view.Description,
+		HasSecret:       view.HasSecret,
+		AccessTokenType: AccessTokenTypeToPb(view.AccessTokenType),
 	}
 }

--- a/proto/zitadel/user.proto
+++ b/proto/zitadel/user.proto
@ -83,7 +83,7 @@ message Machine {
            example: "\"true\"";
        }
    ];
-    AccessTokenType access_token_typ = 4 [
+    AccessTokenType access_token_type = 4 [
        (grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
            description: "Type of access token to receive";
        }