fix: check existing idp (#809)

* fix: logs

* Update Dockerfile

* Fallback to old Docker file

* fix: for loop

* fix: for loop

* fix: for loop

* fix: remove logs

* fix: remove logs

Co-authored-by: Florian Forster <florian@caos.ch>
This commit is contained in:
Fabi 2020-10-05 17:14:08 +02:00 committed by GitHub
parent 103d786ad2
commit f939eab133
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
10 changed files with 19351 additions and 9460 deletions

View File

@ -1,14 +1,14 @@
# This Stage prepares the user in the container and copies the files
FROM alpine:latest as prepare
RUN adduser -D zitadel
COPY .artifacts/zitadel-linux-amd64 /app/zitadel
COPY cmd/zitadel/*.yaml /app/
RUN chmod a+x /app/zitadel
COPY .artifacts/zitadel-linux-amd64 /zitadel
COPY cmd/zitadel/*.yaml /
RUN chmod a+x /zitadel
# This Stage is intended as production image
FROM scratch as final
COPY --from=prepare /etc/passwd /etc/passwd
COPY --from=prepare /app /
COPY --from=prepare / /
USER zitadel
HEALTHCHECK NONE
ENTRYPOINT ["/zitadel"]

View File

@ -2,7 +2,6 @@ package eventsourcing
import (
"context"
"github.com/caos/zitadel/internal/errors"
es_models "github.com/caos/zitadel/internal/eventstore/models"
"github.com/caos/zitadel/internal/iam/repository/eventsourcing/model"
@ -316,30 +315,44 @@ func checkExistingLoginPolicyIDPProviderValidation(idpConfigID string) func(...*
switch event.Type {
case model.IDPConfigAdded:
config := new(model.IDPConfig)
config.SetData(event)
err := config.SetData(event)
if err != nil {
return err
}
idpConfigs = append(idpConfigs, config)
case model.IDPConfigRemoved:
config := new(model.IDPConfig)
config.SetData(event)
for i, p := range idpConfigs {
if p.IDPConfigID == config.IDPConfigID {
err := config.SetData(event)
if err != nil {
return err
}
for i := len(idpConfigs) - 1; i >= 0; i-- {
if idpConfigs[i].IDPConfigID == config.IDPConfigID {
idpConfigs[i] = idpConfigs[len(idpConfigs)-1]
idpConfigs[len(idpConfigs)-1] = nil
idpConfigs = idpConfigs[:len(idpConfigs)-1]
break
}
}
case model.LoginPolicyIDPProviderAdded:
idp := new(model.IDPProvider)
idp.SetData(event)
err := idp.SetData(event)
if err != nil {
return err
}
idps = append(idps, idp)
case model.LoginPolicyIDPProviderRemoved:
idp := new(model.IDPProvider)
idp.SetData(event)
for i, p := range idps {
if p.IDPConfigID == idp.IDPConfigID {
err := idp.SetData(event)
if err != nil {
return err
}
for i := len(idps) - 1; i >= 0; i-- {
if idps[i].IDPConfigID == idp.IDPConfigID {
idps[i] = idps[len(idps)-1]
idps[len(idps)-1] = nil
idps = idps[:len(idps)-1]
break
}
}
}

View File

@ -118,7 +118,10 @@ func checkExistingLoginPolicyIDPProviderValidation(idpProvider *iam_es_model.IDP
switch event.Type {
case model.IDPConfigAdded, iam_es_model.IDPConfigAdded:
config := new(iam_es_model.IDPConfig)
config.SetData(event)
err := config.SetData(event)
if err != nil {
return err
}
idpConfigs = append(idpConfigs, config)
if event.AggregateType == model.OrgAggregate {
config.Type = int32(iam_model.IDPProviderTypeOrg)
@ -127,25 +130,37 @@ func checkExistingLoginPolicyIDPProviderValidation(idpProvider *iam_es_model.IDP
}
case model.IDPConfigRemoved, iam_es_model.IDPConfigRemoved:
config := new(iam_es_model.IDPConfig)
config.SetData(event)
for i, p := range idpConfigs {
if p.IDPConfigID == config.IDPConfigID {
err := config.SetData(event)
if err != nil {
return err
}
for i := len(idpConfigs) - 1; i >= 0; i-- {
if idpConfigs[i].IDPConfigID == config.IDPConfigID {
idpConfigs[i] = idpConfigs[len(idpConfigs)-1]
idpConfigs[len(idpConfigs)-1] = nil
idpConfigs = idpConfigs[:len(idpConfigs)-1]
break
}
}
case model.LoginPolicyIDPProviderAdded:
idp := new(iam_es_model.IDPProvider)
idp.SetData(event)
case model.LoginPolicyIDPProviderRemoved:
err := idp.SetData(event)
if err != nil {
return err
}
idps = append(idps, idp)
case model.LoginPolicyIDPProviderRemoved, model.LoginPolicyIDPProviderCascadeRemoved:
idp := new(iam_es_model.IDPProvider)
idp.SetData(event)
for i, p := range idps {
if p.IDPConfigID == idp.IDPConfigID {
err := idp.SetData(event)
if err != nil {
return err
}
for i := len(idps) - 1; i >= 0; i-- {
if idps[i].IDPConfigID == idp.IDPConfigID {
idps[i] = idps[len(idps)-1]
idps[len(idps)-1] = nil
idps = idps[:len(idps)-1]
break
}
}
}

View File

@ -1,6 +1,6 @@
// Code generated by protoc-gen-go. DO NOT EDIT.
// versions:
// protoc-gen-go v1.20.1
// protoc-gen-go v1.25.0
// protoc v3.11.3
// source: admin.proto
@ -5258,7 +5258,7 @@ var file_admin_proto_rawDesc = []byte{
0x0a, 0x13, 0x49, 0x44, 0x50, 0x54, 0x59, 0x50, 0x45, 0x5f, 0x55, 0x4e, 0x53, 0x50, 0x45, 0x43,
0x49, 0x46, 0x49, 0x45, 0x44, 0x10, 0x00, 0x12, 0x10, 0x0a, 0x0c, 0x49, 0x44, 0x50, 0x54, 0x59,
0x50, 0x45, 0x5f, 0x4f, 0x49, 0x44, 0x43, 0x10, 0x01, 0x12, 0x10, 0x0a, 0x0c, 0x49, 0x44, 0x50,
0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x41, 0x4d, 0x4c, 0x10, 0x02, 0x32, 0x86, 0x25, 0x0a, 0x0c,
0x54, 0x59, 0x50, 0x45, 0x5f, 0x53, 0x41, 0x4d, 0x4c, 0x10, 0x02, 0x32, 0x83, 0x25, 0x0a, 0x0c,
0x41, 0x64, 0x6d, 0x69, 0x6e, 0x53, 0x65, 0x72, 0x76, 0x69, 0x63, 0x65, 0x12, 0x4b, 0x0a, 0x07,
0x48, 0x65, 0x61, 0x6c, 0x74, 0x68, 0x7a, 0x12, 0x16, 0x2e, 0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65,
0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e, 0x45, 0x6d, 0x70, 0x74, 0x79, 0x1a,
@ -5543,31 +5543,31 @@ var file_admin_proto_rawDesc = []byte{
0x22, 0x1c, 0x2f, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x2f, 0x6c, 0x6f, 0x67, 0x69,
0x6e, 0x2f, 0x69, 0x64, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x73, 0x3a, 0x01,
0x2a, 0x82, 0xb5, 0x18, 0x12, 0x0a, 0x10, 0x69, 0x61, 0x6d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63,
0x79, 0x2e, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0xba, 0x01, 0x0a, 0x27, 0x52, 0x65, 0x6d, 0x6f,
0x79, 0x2e, 0x77, 0x72, 0x69, 0x74, 0x65, 0x12, 0xb7, 0x01, 0x0a, 0x27, 0x52, 0x65, 0x6d, 0x6f,
0x76, 0x65, 0x49, 0x64, 0x70, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x46, 0x72, 0x6f,
0x6d, 0x44, 0x65, 0x66, 0x61, 0x75, 0x6c, 0x74, 0x4c, 0x6f, 0x67, 0x69, 0x6e, 0x50, 0x6f, 0x6c,
0x69, 0x63, 0x79, 0x12, 0x28, 0x2e, 0x63, 0x61, 0x6f, 0x73, 0x2e, 0x7a, 0x69, 0x74, 0x61, 0x64,
0x65, 0x6c, 0x2e, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x2e, 0x61, 0x70, 0x69, 0x2e, 0x76, 0x31, 0x2e,
0x49, 0x64, 0x70, 0x50, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x49, 0x44, 0x1a, 0x16, 0x2e,
0x67, 0x6f, 0x6f, 0x67, 0x6c, 0x65, 0x2e, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x62, 0x75, 0x66, 0x2e,
0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x4d, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x31, 0x22, 0x2c, 0x2f,
0x45, 0x6d, 0x70, 0x74, 0x79, 0x22, 0x4a, 0x82, 0xd3, 0xe4, 0x93, 0x02, 0x2e, 0x2a, 0x2c, 0x2f,
0x70, 0x6f, 0x6c, 0x69, 0x63, 0x69, 0x65, 0x73, 0x2f, 0x6c, 0x6f, 0x67, 0x69, 0x6e, 0x2f, 0x69,
0x64, 0x70, 0x70, 0x72, 0x6f, 0x76, 0x69, 0x64, 0x65, 0x72, 0x73, 0x2f, 0x7b, 0x69, 0x64, 0x70,
0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x69, 0x64, 0x7d, 0x3a, 0x01, 0x2a, 0x82, 0xb5,
0x18, 0x12, 0x0a, 0x10, 0x69, 0x61, 0x6d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x77,
0x72, 0x69, 0x74, 0x65, 0x42, 0xba, 0x01, 0x5a, 0x26, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e,
0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x61, 0x6f, 0x73, 0x2f, 0x7a, 0x69, 0x74, 0x61, 0x64, 0x65, 0x6c,
0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x92,
0x41, 0x8e, 0x01, 0x12, 0x41, 0x0a, 0x0d, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x20, 0x73, 0x65, 0x72,
0x76, 0x69, 0x63, 0x65, 0x22, 0x2b, 0x12, 0x29, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f,
0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x61, 0x6f, 0x73, 0x2f,
0x7a, 0x69, 0x74, 0x61, 0x64, 0x65, 0x6c, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x61, 0x64, 0x6d, 0x69,
0x6e, 0x32, 0x03, 0x30, 0x2e, 0x31, 0x2a, 0x01, 0x02, 0x32, 0x10, 0x61, 0x70, 0x70, 0x6c, 0x69,
0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x73, 0x6f, 0x6e, 0x32, 0x10, 0x61, 0x70, 0x70,
0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x3a, 0x10, 0x61,
0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x73, 0x6f, 0x6e, 0x3a,
0x10, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x67, 0x72, 0x70,
0x63, 0x62, 0x06, 0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
0x5f, 0x63, 0x6f, 0x6e, 0x66, 0x69, 0x67, 0x5f, 0x69, 0x64, 0x7d, 0x82, 0xb5, 0x18, 0x12, 0x0a,
0x10, 0x69, 0x61, 0x6d, 0x2e, 0x70, 0x6f, 0x6c, 0x69, 0x63, 0x79, 0x2e, 0x77, 0x72, 0x69, 0x74,
0x65, 0x42, 0xba, 0x01, 0x5a, 0x26, 0x67, 0x69, 0x74, 0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d,
0x2f, 0x63, 0x61, 0x6f, 0x73, 0x2f, 0x7a, 0x69, 0x74, 0x61, 0x64, 0x65, 0x6c, 0x2f, 0x70, 0x6b,
0x67, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x92, 0x41, 0x8e, 0x01,
0x12, 0x41, 0x0a, 0x0d, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x20, 0x73, 0x65, 0x72, 0x76, 0x69, 0x63,
0x65, 0x22, 0x2b, 0x12, 0x29, 0x68, 0x74, 0x74, 0x70, 0x73, 0x3a, 0x2f, 0x2f, 0x67, 0x69, 0x74,
0x68, 0x75, 0x62, 0x2e, 0x63, 0x6f, 0x6d, 0x2f, 0x63, 0x61, 0x6f, 0x73, 0x2f, 0x7a, 0x69, 0x74,
0x61, 0x64, 0x65, 0x6c, 0x2f, 0x70, 0x6b, 0x67, 0x2f, 0x61, 0x64, 0x6d, 0x69, 0x6e, 0x32, 0x03,
0x30, 0x2e, 0x31, 0x2a, 0x01, 0x02, 0x32, 0x10, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63, 0x61, 0x74,
0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x73, 0x6f, 0x6e, 0x32, 0x10, 0x61, 0x70, 0x70, 0x6c, 0x69, 0x63,
0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x3a, 0x10, 0x61, 0x70, 0x70, 0x6c,
0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x6a, 0x73, 0x6f, 0x6e, 0x3a, 0x10, 0x61, 0x70,
0x70, 0x6c, 0x69, 0x63, 0x61, 0x74, 0x69, 0x6f, 0x6e, 0x2f, 0x67, 0x72, 0x70, 0x63, 0x62, 0x06,
0x70, 0x72, 0x6f, 0x74, 0x6f, 0x33,
}
var (

File diff suppressed because it is too large Load Diff

View File

@ -21,13 +21,19 @@
"paths": {
"/failedevents": {
"get": {
"operationId": "GetFailedEvents",
"operationId": "AdminService_GetFailedEvents",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1FailedEvents"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"tags": [
@ -37,13 +43,19 @@
},
"/failedevents/{database}/{view_name}/{failed_sequence}": {
"delete": {
"operationId": "RemoveFailedEvent",
"operationId": "AdminService_RemoveFailedEvent",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -75,13 +87,19 @@
"/healthz": {
"get": {
"summary": "Healthz returns status OK as soon as the service started",
"operationId": "Healthz",
"operationId": "AdminService_Healthz",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"tags": [
@ -91,13 +109,19 @@
},
"/idps/_search": {
"post": {
"operationId": "SearchIdps",
"operationId": "AdminService_SearchIdps",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IdpSearchResponse"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -117,13 +141,19 @@
},
"/idps/oidc": {
"post": {
"operationId": "CreateOidcIdp",
"operationId": "AdminService_CreateOidcIdp",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1Idp"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -143,13 +173,19 @@
},
"/idps/{idp_id}/oidcconfig": {
"put": {
"operationId": "UpdateOidcIdpConfig",
"operationId": "AdminService_UpdateOidcIdpConfig",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1OidcIdpConfig"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -175,13 +211,19 @@
},
"/idps/{id}": {
"get": {
"operationId": "IdpByID",
"operationId": "AdminService_IdpByID",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IdpView"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -197,13 +239,19 @@
]
},
"delete": {
"operationId": "RemoveIdpConfig",
"operationId": "AdminService_RemoveIdpConfig",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -219,13 +267,19 @@
]
},
"put": {
"operationId": "UpdateIdpConfig",
"operationId": "AdminService_UpdateIdpConfig",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1Idp"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -251,13 +305,19 @@
},
"/idps/{id}/_deactivate": {
"put": {
"operationId": "DeactivateIdpConfig",
"operationId": "AdminService_DeactivateIdpConfig",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1Idp"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -283,13 +343,19 @@
},
"/idps/{id}/_reactivate": {
"put": {
"operationId": "ReactivateIdpConfig",
"operationId": "AdminService_ReactivateIdpConfig",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1Idp"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -315,13 +381,19 @@
},
"/members": {
"post": {
"operationId": "AddIamMember",
"operationId": "AdminService_AddIamMember",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IamMember"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -341,13 +413,19 @@
},
"/members/_search": {
"post": {
"operationId": "SearchIamMembers",
"operationId": "AdminService_SearchIamMembers",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IamMemberSearchResponse"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -367,13 +445,19 @@
},
"/members/roles": {
"get": {
"operationId": "GetIamMemberRoles",
"operationId": "AdminService_GetIamMemberRoles",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IamMemberRoles"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"tags": [
@ -383,13 +467,19 @@
},
"/members/{user_id}": {
"delete": {
"operationId": "RemoveIamMember",
"operationId": "AdminService_RemoveIamMember",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -405,13 +495,19 @@
]
},
"put": {
"operationId": "ChangeIamMember",
"operationId": "AdminService_ChangeIamMember",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IamMember"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -438,13 +534,19 @@
"/orgs/_isunique": {
"get": {
"summary": "ORG",
"operationId": "IsOrgUnique",
"operationId": "AdminService_IsOrgUnique",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1UniqueOrgResponse"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -468,13 +570,19 @@
},
"/orgs/_search": {
"post": {
"operationId": "SearchOrgs",
"operationId": "AdminService_SearchOrgs",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1OrgSearchResponse"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -494,13 +602,19 @@
},
"/orgs/_setup": {
"post": {
"operationId": "SetUpOrg",
"operationId": "AdminService_SetUpOrg",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1OrgSetUpResponse"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -520,13 +634,19 @@
},
"/orgs/{id}": {
"get": {
"operationId": "GetOrgByID",
"operationId": "AdminService_GetOrgByID",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1Org"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -545,13 +665,19 @@
"/orgs/{org_id}/iampolicy": {
"get": {
"summary": "ORG_IAM_POLICY",
"operationId": "GetOrgIamPolicy",
"operationId": "AdminService_GetOrgIamPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1OrgIamPolicy"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -567,13 +693,19 @@
]
},
"delete": {
"operationId": "DeleteOrgIamPolicy",
"operationId": "AdminService_DeleteOrgIamPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -589,13 +721,19 @@
]
},
"post": {
"operationId": "CreateOrgIamPolicy",
"operationId": "AdminService_CreateOrgIamPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1OrgIamPolicy"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -619,13 +757,19 @@
]
},
"put": {
"operationId": "UpdateOrgIamPolicy",
"operationId": "AdminService_UpdateOrgIamPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1OrgIamPolicy"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -651,13 +795,19 @@
},
"/policies/login": {
"get": {
"operationId": "GetDefaultLoginPolicy",
"operationId": "AdminService_GetDefaultLoginPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1DefaultLoginPolicyView"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"tags": [
@ -665,13 +815,19 @@
]
},
"put": {
"operationId": "UpdateDefaultLoginPolicy",
"operationId": "AdminService_UpdateDefaultLoginPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1DefaultLoginPolicy"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -691,13 +847,19 @@
},
"/policies/login/idpproviders": {
"post": {
"operationId": "AddIdpProviderToDefaultLoginPolicy",
"operationId": "AdminService_AddIdpProviderToDefaultLoginPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IdpProviderID"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -717,13 +879,19 @@
},
"/policies/login/idpproviders/_search": {
"post": {
"operationId": "GetDefaultLoginPolicyIdpProviders",
"operationId": "AdminService_GetDefaultLoginPolicyIdpProviders",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1IdpProviderSearchResponse"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -742,14 +910,20 @@
}
},
"/policies/login/idpproviders/{idp_config_id}": {
"post": {
"operationId": "RemoveIdpProviderFromDefaultLoginPolicy",
"delete": {
"operationId": "AdminService_RemoveIdpProviderFromDefaultLoginPolicy",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -758,14 +932,6 @@
"in": "path",
"required": true,
"type": "string"
},
{
"name": "body",
"in": "body",
"required": true,
"schema": {
"$ref": "#/definitions/v1IdpProviderID"
}
}
],
"tags": [
@ -776,13 +942,19 @@
"/ready": {
"get": {
"summary": "Ready returns status OK as soon as all dependent services are available",
"operationId": "Ready",
"operationId": "AdminService_Ready",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"tags": [
@ -792,12 +964,18 @@
},
"/validate": {
"get": {
"operationId": "Validate",
"operationId": "AdminService_Validate",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/protobufStruct"
"type": "object"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
@ -808,13 +986,19 @@
},
"/views": {
"get": {
"operationId": "GetViews",
"operationId": "AdminService_GetViews",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"$ref": "#/definitions/v1Views"
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"tags": [
@ -824,13 +1008,19 @@
},
"/views/{database}/{view_name}": {
"post": {
"operationId": "ClearView",
"operationId": "AdminService_ClearView",
"responses": {
"200": {
"description": "A successful response.",
"schema": {
"properties": {}
}
},
"default": {
"description": "An unexpected error response",
"schema": {
"$ref": "#/definitions/runtimeError"
}
}
},
"parameters": [
@ -854,18 +1044,20 @@
}
},
"definitions": {
"protobufListValue": {
"protobufAny": {
"type": "object",
"properties": {
"values": {
"type": "array",
"items": {
"$ref": "#/definitions/protobufValue"
},
"description": "Repeated field of dynamically typed values."
"type_url": {
"type": "string",
"description": "A URL/resource name that uniquely identifies the type of the serialized\nprotocol buffer message. This string must contain at least\none \"/\" character. The last segment of the URL's path must represent\nthe fully qualified name of the type (as in\n`path/google.protobuf.Duration`). The name should be in a canonical form\n(e.g., leading \".\" is not accepted).\n\nIn practice, teams usually precompile into the binary all types that they\nexpect it to use in the context of Any. However, for URLs which use the\nscheme `http`, `https`, or no scheme, one can optionally set up a type\nserver that maps type URLs to message definitions as follows:\n\n* If no scheme is provided, `https` is assumed.\n* An HTTP GET on the URL must yield a [google.protobuf.Type][]\n value in binary format, or produce an error.\n* Applications are allowed to cache lookup results based on the\n URL, or have them precompiled into a binary to avoid any\n lookup. Therefore, binary compatibility needs to be preserved\n on changes to types. (Use versioned type names to manage\n breaking changes.)\n\nNote: this functionality is not currently available in the official\nprotobuf release, and it is not used for type URLs beginning with\ntype.googleapis.com.\n\nSchemes other than `http`, `https` (or the empty scheme) might be\nused with implementation specific semantics."
},
"value": {
"type": "string",
"format": "byte",
"description": "Must be a valid serialized protocol buffer of the above specified type."
}
},
"description": "`ListValue` is a wrapper around a repeated field of values.\n\nThe JSON representation for `ListValue` is JSON array."
"description": "`Any` contains an arbitrary serialized protocol buffer message along with a\nURL that describes the type of the serialized message.\n\nProtobuf library provides support to pack/unpack Any values in the form\nof utility functions or additional generated methods of the Any type.\n\nExample 1: Pack and unpack a message in C++.\n\n Foo foo = ...;\n Any any;\n any.PackFrom(foo);\n ...\n if (any.UnpackTo(\u0026foo)) {\n ...\n }\n\nExample 2: Pack and unpack a message in Java.\n\n Foo foo = ...;\n Any any = Any.pack(foo);\n ...\n if (any.is(Foo.class)) {\n foo = any.unpack(Foo.class);\n }\n\n Example 3: Pack and unpack a message in Python.\n\n foo = Foo(...)\n any = Any()\n any.Pack(foo)\n ...\n if any.Is(Foo.DESCRIPTOR):\n any.Unpack(foo)\n ...\n\n Example 4: Pack and unpack a message in Go\n\n foo := \u0026pb.Foo{...}\n any, err := ptypes.MarshalAny(foo)\n ...\n foo := \u0026pb.Foo{}\n if err := ptypes.UnmarshalAny(any, foo); err != nil {\n ...\n }\n\nThe pack methods provided by protobuf library will by default use\n'type.googleapis.com/full.type.name' as the type URL and the unpack\nmethods only use the fully qualified type name after the last '/'\nin the type URL, for example \"foo.bar.com/x/y.z\" will yield type\nname \"y.z\".\n\n\nJSON\n====\nThe JSON representation of an `Any` value uses the regular\nrepresentation of the deserialized, embedded message, with an\nadditional field `@type` which contains the type URL. Example:\n\n package google.profile;\n message Person {\n string first_name = 1;\n string last_name = 2;\n }\n\n {\n \"@type\": \"type.googleapis.com/google.profile.Person\",\n \"firstName\": \u003cstring\u003e,\n \"lastName\": \u003cstring\u003e\n }\n\nIf the embedded message type is well-known and has a custom JSON\nrepresentation, that representation will be embedded adding a field\n`value` which holds the custom JSON in addition to the `@type`\nfield. Example (for message [google.protobuf.Duration][]):\n\n {\n \"@type\": \"type.googleapis.com/google.protobuf.Duration\",\n \"value\": \"1.212s\"\n }"
},
"protobufNullValue": {
"type": "string",
@ -875,50 +1067,26 @@
"default": "NULL_VALUE",
"description": "`NullValue` is a singleton enumeration to represent the null value for the\n`Value` type union.\n\n The JSON representation for `NullValue` is JSON `null`.\n\n - NULL_VALUE: Null value."
},
"protobufStruct": {
"runtimeError": {
"type": "object",
"properties": {
"fields": {
"type": "object",
"additionalProperties": {
"$ref": "#/definitions/protobufValue"
},
"description": "Unordered map of dynamically typed values."
"error": {
"type": "string"
},
"code": {
"type": "integer",
"format": "int32"
},
"message": {
"type": "string"
},
"details": {
"type": "array",
"items": {
"$ref": "#/definitions/protobufAny"
}
}
},
"description": "`Struct` represents a structured data value, consisting of fields\nwhich map to dynamically typed values. In some languages, `Struct`\nmight be supported by a native representation. For example, in\nscripting languages like JS a struct is represented as an\nobject. The details of that representation are described together\nwith the proto support for the language.\n\nThe JSON representation for `Struct` is JSON object."
},
"protobufValue": {
"type": "object",
"properties": {
"null_value": {
"$ref": "#/definitions/protobufNullValue",
"description": "Represents a null value."
},
"number_value": {
"type": "number",
"format": "double",
"description": "Represents a double value."
},
"string_value": {
"type": "string",
"description": "Represents a string value."
},
"bool_value": {
"type": "boolean",
"format": "boolean",
"description": "Represents a boolean value."
},
"struct_value": {
"$ref": "#/definitions/protobufStruct",
"description": "Represents a structured value."
},
"list_value": {
"$ref": "#/definitions/protobufListValue",
"description": "Represents a repeated `Value`."
}
},
"description": "`Value` represents a dynamically typed value which can be either\nnull, a number, a string, a boolean, a recursive struct value, or a\nlist of values. A producer of value is expected to set one of that\nvariants, absence of any variant indicates an error.\n\nThe JSON representation for `Value` is JSON value."
}
},
"v1AddIamMemberRequest": {
"type": "object",

View File

@ -366,8 +366,7 @@ service AdminService {
rpc RemoveIdpProviderFromDefaultLoginPolicy(IdpProviderID) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/policies/login/idpproviders/{idp_config_id}"
body: "*"
delete: "/policies/login/idpproviders/{idp_config_id}"
};
option (caos.zitadel.utils.v1.auth_option) = {

File diff suppressed because it is too large Load Diff

View File

@ -146,7 +146,10 @@ func local_request_ManagementService_IsUserUnique_0(ctx context.Context, marshal
var protoReq UniqueUserRequest
var metadata runtime.ServerMetadata
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_IsUserUnique_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_IsUserUnique_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -233,7 +236,10 @@ func local_request_ManagementService_GetUserByLoginNameGlobal_0(ctx context.Cont
var protoReq LoginName
var metadata runtime.ServerMetadata
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_GetUserByLoginNameGlobal_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_GetUserByLoginNameGlobal_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -704,7 +710,10 @@ func local_request_ManagementService_UserChanges_0(ctx context.Context, marshale
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "id", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_UserChanges_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_UserChanges_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -1243,7 +1252,10 @@ func local_request_ManagementService_ChangeUserUserName_0(ctx context.Context, m
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "id", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_ChangeUserUserName_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_ChangeUserUserName_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -2394,7 +2406,10 @@ func local_request_ManagementService_DeletePasswordComplexityPolicy_0(ctx contex
var protoReq PasswordComplexityPolicyID
var metadata runtime.ServerMetadata
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_DeletePasswordComplexityPolicy_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_DeletePasswordComplexityPolicy_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -2513,7 +2528,10 @@ func local_request_ManagementService_DeletePasswordAgePolicy_0(ctx context.Conte
var protoReq PasswordAgePolicyID
var metadata runtime.ServerMetadata
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_DeletePasswordAgePolicy_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_DeletePasswordAgePolicy_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -2632,7 +2650,10 @@ func local_request_ManagementService_DeletePasswordLockoutPolicy_0(ctx context.C
var protoReq PasswordLockoutPolicyID
var metadata runtime.ServerMetadata
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_DeletePasswordLockoutPolicy_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_DeletePasswordLockoutPolicy_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -2735,7 +2756,10 @@ func local_request_ManagementService_OrgChanges_0(ctx context.Context, marshaler
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "id", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_OrgChanges_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_OrgChanges_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -2786,7 +2810,10 @@ func local_request_ManagementService_GetOrgByDomainGlobal_0(ctx context.Context,
var protoReq Domain
var metadata runtime.ServerMetadata
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_GetOrgByDomainGlobal_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_GetOrgByDomainGlobal_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -3467,7 +3494,10 @@ func local_request_ManagementService_ProjectChanges_0(ctx context.Context, marsh
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "id", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_ProjectChanges_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_ProjectChanges_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -4904,7 +4934,10 @@ func local_request_ManagementService_ApplicationChanges_0(ctx context.Context, m
return nil, metadata, status.Errorf(codes.InvalidArgument, "type mismatch, parameter: %s, error: %v", "sec_id", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.URL.Query(), filter_ManagementService_ApplicationChanges_0); err != nil {
if err := req.ParseForm(); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
if err := runtime.PopulateQueryParameters(&protoReq, req.Form, filter_ManagementService_ApplicationChanges_0); err != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
@ -7699,14 +7732,6 @@ func request_ManagementService_RemoveIdpProviderFromLoginPolicy_0(ctx context.Co
var protoReq IdpProviderID
var metadata runtime.ServerMetadata
newReader, berr := utilities.IOReaderFactory(req.Body)
if berr != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", berr)
}
if err := marshaler.NewDecoder(newReader()).Decode(&protoReq); err != nil && err != io.EOF {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
var (
val string
ok bool
@ -7734,14 +7759,6 @@ func local_request_ManagementService_RemoveIdpProviderFromLoginPolicy_0(ctx cont
var protoReq IdpProviderID
var metadata runtime.ServerMetadata
newReader, berr := utilities.IOReaderFactory(req.Body)
if berr != nil {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", berr)
}
if err := marshaler.NewDecoder(newReader()).Decode(&protoReq); err != nil && err != io.EOF {
return nil, metadata, status.Errorf(codes.InvalidArgument, "%v", err)
}
var (
val string
ok bool
@ -10450,7 +10467,7 @@ func RegisterManagementServiceHandlerServer(ctx context.Context, mux *runtime.Se
})
mux.Handle("POST", pattern_ManagementService_RemoveIdpProviderFromLoginPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
mux.Handle("DELETE", pattern_ManagementService_RemoveIdpProviderFromLoginPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
ctx, cancel := context.WithCancel(req.Context())
defer cancel()
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)
@ -13191,7 +13208,7 @@ func RegisterManagementServiceHandlerClient(ctx context.Context, mux *runtime.Se
})
mux.Handle("POST", pattern_ManagementService_RemoveIdpProviderFromLoginPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
mux.Handle("DELETE", pattern_ManagementService_RemoveIdpProviderFromLoginPolicy_0, func(w http.ResponseWriter, req *http.Request, pathParams map[string]string) {
ctx, cancel := context.WithCancel(req.Context())
defer cancel()
inboundMarshaler, outboundMarshaler := runtime.MarshalerForRequest(mux, req)

View File

@ -1485,8 +1485,7 @@ rpc GetUserByID(UserID) returns (UserView) {
rpc RemoveIdpProviderFromLoginPolicy(IdpProviderID) returns (google.protobuf.Empty) {
option (google.api.http) = {
post: "/orgs/me/policies/login/idpproviders/{idp_config_id}"
body: "*"
delete: "/orgs/me/policies/login/idpproviders/{idp_config_id}"
};
option (caos.zitadel.utils.v1.auth_option) = {