fix(api): deprecate v2beta endpoints of existing v2 services (#10841)

# Which Problems Are Solved As part of our efforts to simplify the structure and versions of our APIs, were moving all existing v2beta endpoints to v2 and deprecate them. They will be removed in Zitadel V5. # How the Problems Are Solved - This PR deprecates all v2beta service and their endpoints, which have already a corresponding v2 version and should not be used anymore. - The comments and have been improved and, where not already done, moved from swagger annotations to proto. - All required fields have been marked with `(google.api.field_behavior) = REQUIRED` and validation rules have been added where missing. - Removed the "required flag" comments on the Action and WebKey service endpoints, since they were removed in Zitadel v4. - The `SetSession` endpoint already documented that the token does not have to be provided anymore and will be ignored if still sent, but it was actually still checked if provided. The corresponding check has been removed and the field is now properly deprecated in the proto as well. # Additional Changes None # Additional Context - part of #10772 - requires backport to v4.x
2025-12-24 04:46:44 +00:00 · 2025-10-07 11:17:46 +02:00
parent a7e1bfb4a3
commit e25b21a6a4
22 changed files with 782 additions and 499 deletions
--- a/internal/command/session_test.go
+++ b/internal/command/session_test.go
@@ -306,16 +306,14 @@ func TestCommands_CreateSession(t *testing.T) {
 func TestCommands_UpdateSession(t *testing.T) {
 	type fields struct {
 		eventstore      func(*testing.T) *eventstore.Eventstore
-		tokenVerifier   func(ctx context.Context, sessionToken, sessionID, tokenID string) (err error)
 		checkPermission domain.PermissionCheck
 	}
 	type args struct {
-		ctx          context.Context
-		sessionID    string
-		sessionToken string
-		checks       []SessionCommand
-		metadata     map[string][]byte
-		lifetime     time.Duration
+		ctx       context.Context
+		sessionID string
+		checks    []SessionCommand
+		metadata  map[string][]byte
+		lifetime  time.Duration
 	}
 	type res struct {
 		want *SessionChanged
@@ -341,37 +339,6 @@ func TestCommands_UpdateSession(t *testing.T) {
 				err: zerrors.ThrowInternal(nil, "id", "filter failed"),
 			},
 		},
-		{
-			"invalid session token",
-			fields{
-				eventstore: expectEventstore(
-					expectFilter(
-						eventFromEventPusher(
-							session.NewAddedEvent(context.Background(),
-								&session.NewAggregate("sessionID", "instance1").Aggregate,
-								&domain.UserAgent{
-									FingerprintID: gu.Ptr("fp1"),
-									IP:            net.ParseIP("1.2.3.4"),
-									Description:   gu.Ptr("firefox"),
-									Header:        http.Header{"foo": []string{"bar"}},
-								},
-							)),
-						eventFromEventPusher(
-							session.NewTokenSetEvent(context.Background(), &session.NewAggregate("sessionID", "instance1").Aggregate,
-								"tokenID")),
-					),
-				),
-				tokenVerifier: newMockTokenVerifierInvalid(),
-			},
-			args{
-				ctx:          context.Background(),
-				sessionID:    "sessionID",
-				sessionToken: "invalid",
-			},
-			res{
-				err: zerrors.ThrowPermissionDenied(nil, "COMMAND-sGr42", "Errors.Session.Token.Invalid"),
-			},
-		},
 		{
 			"no token, no permission",
 			fields{
@@ -422,14 +389,11 @@ func TestCommands_UpdateSession(t *testing.T) {
 								"tokenID")),
 					),
 				),
-				tokenVerifier: func(ctx context.Context, sessionToken, sessionID, tokenID string) (err error) {
-					return nil
-				},
+				checkPermission: newMockPermissionCheckAllowed(),
 			},
 			args{
-				ctx:          context.Background(),
-				sessionID:    "sessionID",
-				sessionToken: "token",
+				ctx:       context.Background(),
+				sessionID: "sessionID",
 			},
 			res{
 				want: &SessionChanged{
@@ -446,11 +410,10 @@ func TestCommands_UpdateSession(t *testing.T) {
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			c := &Commands{
-				eventstore:           tt.fields.eventstore(t),
-				sessionTokenVerifier: tt.fields.tokenVerifier,
-				checkPermission:      tt.fields.checkPermission,
+				eventstore:      tt.fields.eventstore(t),
+				checkPermission: tt.fields.checkPermission,
 			}
-			got, err := c.UpdateSession(tt.args.ctx, tt.args.sessionID, tt.args.sessionToken, tt.args.checks, tt.args.metadata, tt.args.lifetime)
+			got, err := c.UpdateSession(tt.args.ctx, tt.args.sessionID, tt.args.checks, tt.args.metadata, tt.args.lifetime)
 			require.ErrorIs(t, err, tt.res.err)
 			assert.Equal(t, tt.res.want, got)
 		})