19 Commits

Author SHA1 Message Date
Tim Möhlmann
ec03340b67
perf(oidc): optimize client verification (#6999)
* fix some spelling errors

* client credential auth

* implementation of client auth

* improve error handling

* unit test command package

* unit test database package

* unit test query package

* cleanup unused tracing func

* fix integration tests

* errz to zerrors

* fix linting and import issues

* fix another linting error

* integration test with client secret

* Revert "integration test with client secret"

This reverts commit 0814ba522f0e2254bd8beaaf97d83ad1dc01228d.

* add integration tests

* client credentials integration test

* resolve comments

* pin oidc v3.5.0
2023-12-05 17:01:03 +00:00
Livio Spring
a1942ecdaa
feat(api): add and remove OTP (SMS and email) (#6295)
* refactor: rename otp to totp

* feat: add otp sms and email

* implement tests
2023-08-02 18:57:53 +02:00
Max Peintner
1c1d66cbe8
chore(console): remove first and lastName fallback from user (#5629)
* chore(console): remove first and lastName fallback from user

* use display name and ensure it's set without required name fields

* add user type to user grant and memberships responses

* contributor, members

* fix avatar display checks

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-11 15:56:51 +00:00
Elio Bischof
e00cc187fa
fix: make user creation errors helpful (#5382)
* fix: make user creation errors helpful

* fix linting and unit testing errors

* fix linting

* make zitadel config reusable

* fix human validations

* translate ssr errors

* make zitadel config reusable

* cover more translations for ssr

* handle email validation message centrally

* fix unit tests

* fix linting

* align signatures

* use more precise wording

* handle phone validation message centrally

* fix: return specific profile errors

* docs: edit comments

* fix unit tests

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-14 19:20:38 +00:00
Max Peintner
df4a173264
feat(console): machine user accesstoken type (#5196)
Set machine user Access Token type
2023-02-14 17:05:55 +01:00
Stefan Benz
3616b6b028
feat(api): allow specifying access_token type (opaque/JWT) for service users (#5150)
Add functionality to configure the access token type on the service accounts to provide the oidc library with the necessary information to create the right type of access token.
2023-02-08 08:06:34 +00:00
Stefan Benz
e2fdd3f077
feat: support client_credentials for service users (#5134)
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
2023-01-31 19:52:47 +00:00
Florian Forster
fa9f581d56
chore(v2): move to new org (#3499)
* chore: move to new org

* logging

* fix: org rename caos -> zitadel

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Livio Amstutz
87560157c1
fix: change to repository event types and removed unused code (#3386)
* fix: change to repository event types and removed unused code

* some fixes

* remove unused code
2022-03-31 11:36:26 +02:00
Livio Amstutz
44d78df4d4
feat: user query (#3075)
* user queries

* user query

* user query

* user tests

* remove old code

* user metadata

* cleanup

* fix merge

* cleanup

* cleanup

* fixes
2022-01-20 14:40:25 +00:00
Fabi
5c6df06a7c
feat: auth method query side (#3068)
* feat: queries for searching mfas and passwordless

* feat: tests for user auth method queries

* Update internal/api/grpc/auth/multi_factor.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/auth/passwordless.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/management/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/grpc/management/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-20 13:21:59 +01:00
Silvan
b8bec25129
fix: use query side for requests (#2818)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* refactor: remove unsued methods in repo-interfaces

* start

* fix(query): membership

* fix(auth): list my project orgs

* fix(query): member queries and user avatar column

* refactor(auth): MyProjectOrgs

* fix(queries): member and membership stmts

* fix user test

* fix(management): use query for project (-grant) members

* fix(admin): use query for member calls

* fix(api): add domain to org mapping

* remove old idp

* membership

* refactor: remove old files

* idp

* refactor: use query for idps and idp user links

* refactor(eventstore): rename EventPusher to Command, EventReader to Event, PushEvents to Push and FilterEvents to Filter

* gloabl org check for org roles

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-13 08:58:14 +01:00
Silvan
92f9eedbe0
fix(projections): user idp link projection (#2583)
* fix(projections): add app

* fix(migration): add index for project_id

* test: app projection

* fix(projections): add idp_user_link

* test: idp user link

* fix: migration versions

* refactor: rename externalIDP to UserIDPLink

* fix: interface methods
2021-11-02 10:08:47 +01:00
Livio Amstutz
770994e143
fix: add avatar url in members, user grants, session and oidc responses (#1852)
* fix: add avatar url in members, user grants, session and oidc responses

* fix auth request tests
2021-06-11 13:20:39 +02:00
Silvan
e4fe097ec4
fix: add api docs and http handler for openapi files (#1526)
* tests

* chore: set vars for platform in dockerfile

* simplyfy generate

* correct dockerfile

* add openapi to gitignore

* object files

* protos

* update protoc version

* admin only secuity missing

* texts

* start secutiry

* add handler

* add description

* add descriptions and remove adddress

* default limit

* add mapping for openapi

* generate statik for openapi

* remove address converter

* executable

* operator test

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-04-07 08:23:47 +02:00
Fabi
d1284082a1
fix: todos (#1502)
* fix: remove console log

* fix: remove todos

* fix: setup uniqueness

* fix: setup uniqueness
2021-03-31 11:10:06 +02:00
Livio Amstutz
bd1a3bb6d7
fix: backend bugs (#1449)
* i18n of compliance problems

* fix: return iam member roles

* remove u2f/passwordless

* u2f/passwordless

* fix rest path GetMachineKeyByIDs

* fix rest path GetMachineKeyByIDs

* fix email mime-type

* fix: member preferred login name

* machine users in notify

* fix api key query

* fix: todos grpc api

* fix: handle user init state

* fix: tests

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-03-22 14:40:25 +01:00
Livio Amstutz
e9eb5b7848
fix: converters (#1413)
* fix: converters

* fix: converters

* comments
2021-03-12 14:06:05 +01:00
Silvan
dabd5920dc
feat: protos refactoring
* start with user

* user first try done in all services

* user, org, idp for discussion

* remove unused stuff

* bla

* dockerbuild

* rename search, get multiple to list...

* add annotation

* update proto dependencies

* update proto dependencies

* change proto imports

* replace all old imports

* fix go out

* remove unused lines

* correct protoc flags

* grpc and openapi flags

* go out source path relative

* -p

* remove dead code

* sourcepath relative

* ls

* is onenapi the problem?

* hobla

* authoption output

* wrong field name

* gopf

* correct option, add correct flags

* small improvments

* SIMPLYFY

* relative path

* gopf bin ich en tubel

* correct path

* default policies in admin

* grpc generation in one file

* remove non ascii

* metadata on manipulations

* correct auth_option import

* fixes

* larry

* idp provider to idp

* fix generate

* admin and auth nearly done

* admin and auth nearly done

* gen

* healthz

* imports

* deleted too much imports

* fix org

* add import

* imports

* import

* naming

* auth_opt

* gopf

* management

* imports

* _TYPE_UNSPECIFIED

* improts

* auth opts

* management policies

* imports

* passwordlessType to MFAType

* auth_opt

* add user grant calls

* add missing messages

* result

* fix option

* improvements

* ids

* fix http

* imports

* fixes

* fields

* body

* add fields

* remove wrong member query

* fix request response

* fixes

* add copy files

* variable versions

* generate all files

* improvements

* add dependencies

* factors

* user session

* oidc information, iam

* remove unused file

* changes

* enums

* dockerfile

* fix build

* remove unused folder

* update readme for build

* move old server impl

* add event type to change

* some changes

* start admin

* remove wrong field

* admin only list calls missing

* fix proto numbers

* surprisingly it compiles

* service ts changes

* admin mgmt

* mgmt

* auth manipulation and gets done, lists missing

* validations and some field changes

* validations

* enum validations

* remove todo

* move proto files to proto/zitadel

* change proto path in dockerfile

* it compiles!

* add validate import

* remove duplicate import

* fix protos

* fix import

* tests

* cleanup

* remove unimplemented methods

* iam member multiple queries

* all auth and admin calls

* add initial password on crate human

* message names

* management user server

* machine done

* fix: todos (#1346)

* fix: pub sub in new eventstore

* fix: todos

* fix: todos

* fix: todos

* fix: todos

* fix: todos

* fix tests

* fix: search method domain

* admin service, user import type typescript

* admin changes

* admin changes

* fix: search method domain

* more user grpc and begin org, fix configs

* fix: return object details

* org grpc

* remove creation date add details

* app

* fix: return object details

* fix: return object details

* mgmt service, project members

* app

* fix: convert policies

* project, members, granted projects, searches

* fix: convert usergrants

* fix: convert usergrants

* auth user detail, user detail, mfa, second factor, auth

* fix: convert usergrants

* mfa, memberships, password, owned proj detail

* fix: convert usergrants

* project grant

* missing details

* changes, userview

* idp table, keys

* org list and user table filter

* unify rest paths (#1381)

* unify rest paths

* post for all searches,
mfa to multi_factor,
secondfactor to second_factor

* remove v1

* fix tests

* rename api client key to app key

* machine keys, age policy

* user list, machine keys, changes

* fix: org states

* add default flag to policy

* second factor to type

* idp id

* app type

* unify ListQuery, ListDetails, ObjectDetails field names

* user grants, apps, memberships

* fix type params

* metadata to detail, linke idps

* api create, membership, app detail, create

* idp, app, policy

* queries, multi -> auth factors and missing fields

* update converters

* provider to user, remove old mgmt refs

* temp remove authfactor dialog, build finish

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2021-03-09 10:30:11 +01:00