feat: v2alpha user service idp endpoints (#5879)

* feat: v2alpha user service idp endpoints

* feat: v2alpha user service intent endpoints

* begin idp intents (callback)

* some cleanup

* runnable idp authentication

* cleanup

* proto cleanup

* retrieve idp info

* improve success and failure handling

* some unit tests

* grpc unit tests

* add permission check AddUserIDPLink

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* provider from write model

* fix idp type model and add integration tests

* proto cleanup

* fix integration test

* add missing import

* add more integration tests

* auth url test

* feat: v2alpha intent writemodel refactoring

* remove unused functions

* check token on RetrieveIdentityProviderInformation

* feat: v2alpha intent writemodel refactoring

* fix TestServer_RetrieveIdentityProviderInformation

* fix test

* i18n and linting

* feat: v2alpha intent review changes

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

internal/repository/idpintent/aggregate.go

@@ -0,0 +1,29 @@
+package idpintent
+
+import (
+	"github.com/zitadel/zitadel/internal/eventstore"
+)
+
+const (
+	instanceEventTypePrefix = eventstore.EventType("idpintent.")
+)
+
+const (
+	AggregateType    = "idpintent"
+	AggregateVersion = "v1"
+)
+
+type Aggregate struct {
+	eventstore.Aggregate
+}
+
+func NewAggregate(id, resourceOwner string) *Aggregate {
+	return &Aggregate{
+		Aggregate: eventstore.Aggregate{
+			Type:          AggregateType,
+			Version:       AggregateVersion,
+			ID:            id,
+			ResourceOwner: resourceOwner,
+		},
+	}
+}

internal/repository/idpintent/eventstore.go

@@ -0,0 +1,11 @@
+package idpintent
+
+import (
+	"github.com/zitadel/zitadel/internal/eventstore"
+)
+
+func RegisterEventMappers(es *eventstore.Eventstore) {
+	es.RegisterFilterEventMapper(AggregateType, StartedEventType, StartedEventMapper).
+		RegisterFilterEventMapper(AggregateType, SucceededEventType, SucceededEventMapper).
+		RegisterFilterEventMapper(AggregateType, FailedEventType, FailedEventMapper)
+}

internal/repository/idpintent/intent.go

@@ -0,0 +1,159 @@
+package idpintent
+
+import (
+	"context"
+	"encoding/json"
+	"net/url"
+
+	"github.com/zitadel/zitadel/internal/crypto"
+	"github.com/zitadel/zitadel/internal/errors"
+	"github.com/zitadel/zitadel/internal/eventstore"
+	"github.com/zitadel/zitadel/internal/eventstore/repository"
+)
+
+const (
+	StartedEventType   = instanceEventTypePrefix + "started"
+	SucceededEventType = instanceEventTypePrefix + "succeeded"
+	FailedEventType    = instanceEventTypePrefix + "failed"
+)
+
+type StartedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	SuccessURL *url.URL `json:"successURL"`
+	FailureURL *url.URL `json:"failureURL"`
+	IDPID      string   `json:"idpId"`
+}
+
+func NewStartedEvent(
+	ctx context.Context,
+	aggregate *eventstore.Aggregate,
+	successURL,
+	failureURL *url.URL,
+	idpID string,
+) *StartedEvent {
+	return &StartedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			StartedEventType,
+		),
+		SuccessURL: successURL,
+		FailureURL: failureURL,
+		IDPID:      idpID,
+	}
+}
+
+func (e *StartedEvent) Data() interface{} {
+	return e
+}
+
+func (e *StartedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
+	return nil
+}
+
+func StartedEventMapper(event *repository.Event) (eventstore.Event, error) {
+	e := &StartedEvent{
+		BaseEvent: *eventstore.BaseEventFromRepo(event),
+	}
+
+	err := json.Unmarshal(event.Data, e)
+	if err != nil {
+		return nil, errors.ThrowInternal(err, "IDP-Sf3f1", "unable to unmarshal event")
+	}
+
+	return e, nil
+}
+
+type SucceededEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	IDPUser        []byte              `json:"idpUser"`
+	UserID         string              `json:"userId,omitempty"`
+	IDPAccessToken *crypto.CryptoValue `json:"idpAccessToken,omitempty"`
+	IDPIDToken     string              `json:"idpIdToken,omitempty"`
+}
+
+func NewSucceededEvent(
+	ctx context.Context,
+	aggregate *eventstore.Aggregate,
+	idpUser []byte,
+	userID string,
+	idpAccessToken *crypto.CryptoValue,
+	idpIDToken string,
+) (*SucceededEvent, error) {
+	return &SucceededEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			SucceededEventType,
+		),
+		IDPUser:        idpUser,
+		UserID:         userID,
+		IDPAccessToken: idpAccessToken,
+		IDPIDToken:     idpIDToken,
+	}, nil
+}
+
+func (e *SucceededEvent) Data() interface{} {
+	return e
+}
+
+func (e *SucceededEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
+	return nil
+}
+
+func SucceededEventMapper(event *repository.Event) (eventstore.Event, error) {
+	e := &SucceededEvent{
+		BaseEvent: *eventstore.BaseEventFromRepo(event),
+	}
+
+	err := json.Unmarshal(event.Data, e)
+	if err != nil {
+		return nil, errors.ThrowInternal(err, "IDP-HBreq", "unable to unmarshal event")
+	}
+
+	return e, nil
+}
+
+type FailedEvent struct {
+	eventstore.BaseEvent `json:"-"`
+
+	Reason string `json:"reason,omitempty"`
+}
+
+func NewFailedEvent(
+	ctx context.Context,
+	aggregate *eventstore.Aggregate,
+	reason string,
+) *FailedEvent {
+	return &FailedEvent{
+		BaseEvent: *eventstore.NewBaseEventForPush(
+			ctx,
+			aggregate,
+			FailedEventType,
+		),
+		Reason: reason,
+	}
+}
+
+func (e *FailedEvent) Data() interface{} {
+	return e
+}
+
+func (e *FailedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
+	return nil
+}
+
+func FailedEventMapper(event *repository.Event) (eventstore.Event, error) {
+	e := &FailedEvent{
+		BaseEvent: *eventstore.BaseEventFromRepo(event),
+	}
+
+	err := json.Unmarshal(event.Data, e)
+	if err != nil {
+		return nil, errors.ThrowInternal(err, "IDP-Sfer3", "unable to unmarshal event")
+	}
+
+	return e, nil
+}