1
0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-24 00:28:18 +00:00

144 Commits

Author SHA1 Message Date
Elio Bischof
a4626f9bdb
fix: return unauthenticated code ()
* fix: return unauthenticated code

* remove cfg.yaml

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-10-27 06:09:07 +00:00
Elio Bischof
385a55bd21
feat: limit audit trail ()
* feat: enable limiting audit trail

* support AddExclusiveQuery

* fix invalid condition

* register event mappers

* fix NullDuration validity

* test query side for limits

* lint

* acceptance test audit trail limit

* fix acceptance test

* translate limits not found

* update tests

* fix linting

* add audit log retention to default instance

* fix tests

* update docs

* remove todo

* improve test name
2023-10-25 11:42:00 +00:00
Miguel Cabrerizo
2d4cd331da
fix: allow unicode characters in org domains ()
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-10-11 09:55:01 +02:00
Miguel Cabrerizo
e66d476c47
fix: meaningful error messages for domain validation ()
* feat: meaningful error messages for domain validation

* fix: duplicated error code and fix some org codes

* fix: add @peintnermax i18n suggestions

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-10 12:02:16 +00:00
Stefan Benz
15fd3045e0
feat: add SAML as identity provider ()
* feat: first implementation for saml sp

* fix: add command side instance and org for saml provider

* fix: add query side instance and org for saml provider

* fix: request handling in event and retrieval of finished intent

* fix: add review changes and integration tests

* fix: add integration tests for saml idp

* fix: correct unit tests with review changes

* fix: add saml session unit test

* fix: add saml session unit test

* fix: add saml session unit test

* fix: changes from review

* fix: changes from review

* fix: proto build error

* fix: proto build error

* fix: proto build error

* fix: proto require metadata oneof

* fix: login with saml provider

* fix: integration test for saml assertion

* lint client.go

* fix json tag

* fix: linting

* fix import

* fix: linting

* fix saml idp query

* fix: linting

* lint: try all issues

* revert linting config

* fix: add regenerate endpoints

* fix: translations

* fix mk.yaml

* ignore acs path for user agent cookie

* fix: add AuthFromProvider test for saml

* fix: integration test for saml retrieve information

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 11:26:14 +02:00
Livio Spring
68bfab2fb3
feat(login): use default org for login without provided org context ()
* start feature flags

* base feature events on domain const

* setup default features

* allow setting feature in system api

* allow setting feature in admin api

* set settings in login based on feature

* fix rebasing

* unit tests

* i18n

* update policy after domain discovery

* some changes from review

* check feature and value type

* check feature and value type
2023-09-29 08:21:32 +00:00
Miguel Cabrerizo
f9bb250698
feat: improve Password.NotChanged message ()
* feat: improve Password.NotChanged message

* Update internal/api/ui/login/static/i18n/de.yaml

* Update internal/static/i18n/de.yaml

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-09-19 12:05:49 +00:00
Livio Spring
e17b49e4ca
feat: add apple as idp ()
* feat: manage apple idp

* handle apple idp callback

* add tests for provider

* basic console implementation

* implement flow for login UI and add logos / styling

* tests

* cleanup

* add upload button

* begin i18n

* apple logo positioning, file upload component

* fix add apple instance idp

* add missing apple logos for login

* update to go 1.21

* fix slice compare

* revert permission changes

* concrete error messages

* translate login apple logo -y-2px

* change form parsing

* sign in button

* fix tests

* lint console

---------

Co-authored-by: peintnermax <max@caos.ch>
2023-08-31 08:39:16 +02:00
Stefan Benz
52f68f8db8
feat: add ldap external idp to login api ()
* fix: handling of ldap login through separate endpoint

* fix: handling of ldap login through separate endpoint

* fix: handling of ldap login through separate endpoint

* fix: successful intent for ldap

* fix: successful intent for ldap

* fix: successful intent for ldap

* fix: add changes from code review

* fix: remove set intent credentials and handle ldap errors

* fix: remove set intent credentials and handle ldap errors

* refactor into separate methods and fix merge

* remove mocks

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-16 11:29:57 +00:00
Stefan Benz
26b28ed2af
feat: add saml custom attribute action and translations ()
* feat: add saml custom attribute action and translations

* chore: update saml dependency

* fix: apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix: custom attribute action with variadic parameter

* docs: add customize saml response docs

* docs: update docs/docs/apis/actions/customize-samlresponse.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

* docs: update docs/docs/apis/actions/customize-samlresponse.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-15 15:04:45 +00:00
Livio Spring
7c494fd219
feat(login): add OTP (email and sms) ()
* feat: login with otp

* fix(i18n): japanese translation

* add missing files

* fix provider change

* add event types translations to en

* add tests

* resourceOwner

* remove unused handler

* fix: secret generators and add comments

* add setup step

* rename

* linting

* fix setup

* improve otp handling

* fix autocomplete

* translations for login and notifications

* translations for event types

* changes from review

* check selected mfa type
2023-08-15 12:47:05 +00:00
Tim Möhlmann
86af67d1be
feat(api/v2): implement U2F session check () 2023-08-11 15:36:18 +00:00
Elio Bischof
343a9428b3
feat: SMS and email OTP texts ()
* manage 2 custom texts proto

* implement methods

* default texts

* console

* improve translations

* lint

* test: fix e2e timeout

* fix translations

* add missing console translations

* remove unused text parts

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-09 05:49:12 +00:00
Livio Spring
45262e6829
fix: migrate external id of federated users ()
* feat: migrate external id

* implement tests and some renaming

* fix projection

* cleanup

* i18n

* fix event type

* handle migration for new services as well

* typo
2023-08-04 11:35:36 +02:00
Livio Spring
789dcd8615
fix: password hash update and add missing i18n () 2023-07-28 09:09:15 +02:00
daniel_michalichyn
fcc1acbf81
feat: Brazilian Portuguese internationalization ()
* feat: Brazilian Portuguese internationalization

Co-authored-by: Daniel Michalichyn <daniel.henrique@st-one.io>
2023-07-20 04:40:45 +00:00
Livio Spring
e1b3cda98a
feat(OIDC): support token revocation of V2 tokens ()
This PR adds support for OAuth2 token revocation of V2 tokens.

Unlike with V1 tokens, it's now possible to revoke a token not only from the authorized client / client which the token was issued to, but rather from all trusted clients (audience)
2023-07-17 14:33:37 +02:00
Livio Spring
80961125a7
feat(API): support V2 token and session token usage ()
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Tim Möhlmann
4589ddad4a
feat: integrate passwap for human user password hashing ()
* feat: use passwap for human user passwords

* fix tests

* passwap config

* add the event mapper

* cleanup query side and api

* solve linting errors

* regression test

* try to fix linter errors again

* pass systemdefaults into externalConfigChange migration

* fix: user password set in auth view

* pin passwap v0.2.0

* v2: validate hashed password hash based on prefix

* resolve remaining comments

* add error tag and translation for unsupported hash encoding

* fix unit test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-14 09:49:57 +03:00
Vlatko Stojkovski
a3a1e245ad
feat: i18n support for Macedonian language ()
* add macedonian language to currently supported languages

* mk yaml login static with en values

* mk json assets with en values

* mk yaml notification static with en values

* add macedonian notification yaml

* mk yaml static with en values

* mk translations for login

* mk translations for internal

* macedonian translations

* - fix lint issues
2023-07-12 08:41:50 +00:00
Livio Spring
14b8cf4894
feat(api): add OIDC session service ()
This PR starts the OIDC implementation for the API V2 including the Implicit and Code Flow.


Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-10 13:27:00 +00:00
Fabi
5182cb3ce3
fix: rename to given and family name ()
* fix: rename to given and family name

* fix: rename to given and family name

* fix: rename to given and family name
2023-07-07 13:13:45 +00:00
Stefan Benz
1b5d6ce89e
feat: session checks with intent ()
* feat: session checks with intent

* feat: session checks with intent

* fix: integration tests for intent session

* fix: integration tests for intent session

* fix merge

* fix: integration tests for intent session

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-21 14:06:18 +00:00
dian mushkov
4378eb7cb5
feat: internationalization Bulgarian ()
* Feature BG init

* lint fix

* Fix merge conflict

* merge main branch add bg lang

* reference centrally defined langs

* refactor supportedLanguages

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-06-16 17:35:03 +02:00
Tim Möhlmann
f456168a74
feat: session v2 passkey authentication () 2023-06-07 17:28:42 +02:00
Stefan Benz
fa8f191812
feat: v2alpha user service idp endpoints ()
* feat: v2alpha user service idp endpoints

* feat: v2alpha user service intent endpoints

* begin idp intents (callback)

* some cleanup

* runnable idp authentication

* cleanup

* proto cleanup

* retrieve idp info

* improve success and failure handling

* some unit tests

* grpc unit tests

* add permission check AddUserIDPLink

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* provider from write model

* fix idp type model and add integration tests

* proto cleanup

* fix integration test

* add missing import

* add more integration tests

* auth url test

* feat: v2alpha intent writemodel refactoring

* remove unused functions

* check token on RetrieveIdentityProviderInformation

* feat: v2alpha intent writemodel refactoring

* fix TestServer_RetrieveIdentityProviderInformation

* fix test

* i18n and linting

* feat: v2alpha intent review changes

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-24 18:29:58 +00:00
Tim Möhlmann
a301c40f9f
feat: implement register Passkey user API v2 ()
* command/crypto: DRY the code

- reuse the the algorithm switch to create a secret generator
- add a verifyCryptoCode function

* command: crypto code tests

* migrate webauthn package

* finish integration tests with webauthn mock client
2023-05-24 10:22:00 +00:00
Livio Spring
c2cb84cd24
feat(api): new session service ()
* backup new protoc plugin

* backup

* session

* backup

* initial implementation

* change to specific events

* implement tests

* cleanup

* refactor: use new protoc plugin for api v2

* change package

* simplify code

* cleanup

* cleanup

* fix merge

* start queries

* fix tests

* improve returned values

* add token to projection

* tests

* test db map

* update query

* permission checks

* fix tests and linting

* rework token creation

* i18n

* refactor token check and fix tests

* session to PB test

* request to query tests

* cleanup proto

* test user check

* add comment

* simplify database map type

* Update docs/docs/guides/integrate/access-zitadel-system-api.md

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix test

* cleanup

* docs

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-05 15:34:53 +00:00
Silvan
095ec21678
feat: user v2alpha email API ()
* chore(proto): update versions

* change protoc plugin

* some cleanups

* define api for setting emails in new api

* implement user.SetEmail

* move SetEmail buisiness logic into command

* resuse newCryptoCode

* command: add ChangeEmail unit tests

Not complete, was not able to mock the generator.

* Revert "resuse newCryptoCode"

This reverts commit c89e90ae35ae924a3f706a0a7394f933910c2e65.

* undo change to crypto code generators

* command: use a generator so we can test properly

* command: reorganise ChangeEmail

improve test coverage

* implement VerifyEmail

including unit tests

* add URL template tests

* proto: change context to object

* remove old auth option

* remove old auth option

* fix linting errors

run gci on modified files

* add permission checks and fix some errors

* comments

* comments

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 09:02:29 +02:00
Miguel Cabrerizo
d140f9373a
feat: Zitadel translated into Spanish ()
* feat: spanish translation in progress

* feat: 85% of translated strings

* feat: spanish translation 95% done

* fix: fix some typos

* fix: add missing translations for recent commits

* Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-14 15:53:19 +02:00
Fabi
cf1ac30970
fix: remove unnecessary cancel button as cancel is not possible ()
* fix: remove unnecessary cancel button as cancel is not possible

* fix: add missing tranlation

* fix: add missing tranlation

* docs: missing translations

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-24 08:00:56 +00:00
tharuta
a8fe15829e
feat: internationalization Japanese (recreated) ()
japanese translation

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-03-22 07:30:46 +01:00
Elio Bischof
e00cc187fa
fix: make user creation errors helpful ()
* fix: make user creation errors helpful

* fix linting and unit testing errors

* fix linting

* make zitadel config reusable

* fix human validations

* translate ssr errors

* make zitadel config reusable

* cover more translations for ssr

* handle email validation message centrally

* fix unit tests

* fix linting

* align signatures

* use more precise wording

* handle phone validation message centrally

* fix: return specific profile errors

* docs: edit comments

* fix unit tests

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-14 19:20:38 +00:00
Elio Bischof
681541f41b
feat: add quotas ()
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
uiopak
84fa20f1ce
feat: internationalization Polish ()
* Add Polish translations

* Add references to Polish translations in files

* Make a consistent translation of languages in Chinese translation

* Add missing language references to fr, it and zh

* Translation corrections

* Add missing language references to zh

* Translation corrections

* add latest translation keys

* Translation corrections and addition of some new ones

* translate auth requests exhausted

* add new untranslated keys

* Translation corrections, fix indentation

---------

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-02-13 12:03:34 +01:00
Stefan Benz
e2fdd3f077
feat: support client_credentials for service users ()
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
2023-01-31 19:52:47 +00:00
Silvan
c54ddc71a2
feat(actions): local users ()
Actions are extended to to local users. It's possible to run custom code during registration and authentication of local users.
2023-01-25 13:08:01 +00:00
Stefan Benz
19621acfd3
feat: add notification policy and password change message ()
Implementation of new notification policy with functionality to send email when a password is changed
2023-01-25 09:49:41 +01:00
Silvan
7b5135e637
fix(adminAPI): localize event type ()
* fix(adminAPI): localisation of event types, aggregate types
* fix(adminAPI): validations of ListEvent request
* implement caching of editor user information
2023-01-19 15:50:05 +00:00
Livio Spring
d3e4281bb6
fix: protect default and zitadel project org from remove () 2022-12-14 10:44:43 +00:00
Hanrea
79d1c06515
fix: Update missing key of Chinese translation ()
Update missing key of Chinese translation

Update missing key of Chinese translation,
2022-11-28 16:20:11 +01:00
Stefan Benz
556f381a5a
fix(import): add import for app and machine keys ()
* fix(import): add import for app and machine keys

* fix(export): add review changes

* fix(import): Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): add review changes

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-18 15:07:30 +00:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules ()
* fix: potential memory leak

* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls

* add query call

* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects

* fix(translations): add action translations

* use `domain.FlowType`

* localizers

* localization

* trigger types

* options on `query.Action`

* add functions for actions

* feat: management api: add list flow and trigger  ()

* console changes

* cleanup

* fix: wrong localization

Co-authored-by: Max Peintner <max@caos.ch>

* id token works

* check if claims not nil

* feat(actions): metadata api

* refactor(actions): modules

* fix: allow prerelease

* fix: test

* feat(actions): deny list for http hosts

* feat(actions): deny list for http hosts

* refactor: actions

* fix: different error ids

* fix: rename statusCode to status

* Actions objects as options ()

* fix: rename statusCode to status

* fix(actions): objects as options

* fix(actions): objects as options

* fix(actions): set fields

* add http client to old actions

* fix(actions): add log module

* fix(actions): add user to context where possible

* fix(actions): add user to ctx in external authorization/pre creation

* fix(actions): query correct flow in claims

* test: actions

* fix(id-generator): panic if no machine id

* tests

* maybe this?

* fix linting

* refactor: improve code

* fix: metadata and usergrant usage in actions

* fix: appendUserGrant

* fix: allowedToFail and timeout in action execution

* fix: allowed to fail in token complement flow

* docs: add action log claim

* Update defaults.yaml

* fix log claim

* remove prerelease build

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00
Stefan Benz
b32c02a39b
feat(instance): add functionality to update instance ()
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 06:58:50 +00:00
Stefan Benz
2c1f9ac4a8
feat(org): add org metadata functionality ()
* feat(org): add org metadata functionality

* fix(metadata): add unit tests and review for org metadata

* fix(org-metadata): move endpoints to /

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-20 14:32:09 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 () 2022-09-12 18:18:08 +02:00
George
8ab85afd15
feat: internationalization Chinese ()
* feat: internationalization chinese

* typo: optimize the semantic expression of copywriting

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/zh.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* minor: add Chinese to other language file

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-09-08 15:15:31 +02:00
Livio Spring
d656b3f3c9
fix: instance interceptors return NotFound (404) error for unknown hosts ()
* fix: instance interceptors return "NotFound" (404) error for unknown hosts

* fix tests
2022-08-17 06:07:41 +00:00
Livio Spring
6b30be77e6
fix: restrict domain names to alphanumeric characters ()
* fix: restrict domain names to alphanumeric characters

* improve error message
2022-08-03 07:25:25 +00:00
Silvan
9271623ec9
fix: load auth users ()
* fix: load auth users

* fix: add triggerbulk

* fix: build pre-release

* fix even more french translations

* fix: build version

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-07 14:58:00 +02:00