Commit Graph

3122 Commits

Author SHA1 Message Date
Aurel004
6858ed7b21
fix: Update fr translations (#7910)
update fr translations

Co-authored-by: Max Peintner <max@caos.ch>
2024-05-17 13:16:55 +02:00
Livio Spring
b924fd59a5
fix: allow sorting of MyProjectOrgs (by name) (#7970) 2024-05-17 09:52:15 +02:00
Dakshitha Ratnayake
9e91b53bd4
docs:Update quickstart.mdx (#7958)
[docs]Update quickstart.mdx
2024-05-16 20:23:27 +05:30
Livio Spring
df608bcda1
chore(stable): update to v2.47.10 (#7960) 2024-05-16 13:27:45 +00:00
Tim Möhlmann
8e0c8393e9
perf(oidc): optimize token creation (#7822)
* implement code exchange

* port tokenexchange to v2 tokens

* implement refresh token

* implement client credentials

* implement jwt profile

* implement device token

* cleanup unused code

* fix current unit tests

* add user agent unit test

* unit test domain package

* need refresh token as argument

* test commands create oidc session

* test commands device auth

* fix device auth build error

* implicit for oidc session API

* implement authorize callback handler for legacy implicit mode

* upgrade oidc module to working draft

* add missing auth methods and time

* handle all errors in defer

* do not fail auth request on error

the oauth2 Go client automagically retries on any error. If we fail the auth request on the first error, the next attempt will always fail with the Errors.AuthRequest.NoCode, because the auth request state is already set to failed.
The original error is then already lost and the oauth2 library does not return the original error.

Therefore we should not fail the auth request.

Might be worth discussing and perhaps send a bug report to Oauth2?

* fix code flow tests by explicitly setting code exchanged

* fix unit tests in command package

* return allowed scope from client credential client

* add device auth done reducer

* carry nonce thru session into ID token

* fix token exchange integration tests

* allow project role scope prefix in client credentials client

* gci formatting

* do not return refresh token in client credentials and jwt profile

* check org scope

* solve linting issue on authorize callback error

* end session based on v2 session ID

* use preferred language and user agent ID for v2 access tokens

* pin oidc v3.23.2

* add integration test for jwt profile and client credentials with org scopes

* refresh token v1 to v2

* add user token v2 audit event

* add activity trigger

* cleanup and set panics for unused methods

* use the encrypted code for v1 auth request get by code

* add missing event translation

* fix pipeline errors (hopefully)

* fix another test

* revert pointer usage of preferred language

* solve browser info panic in device auth

* remove duplicate entries in AMRToAuthMethodTypes to prevent future `mfa` claim

* revoke v1 refresh token to prevent reuse

* fix terminate oidc session

* always return a new refresh toke in refresh token grant

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-16 07:07:56 +02:00
Max Peintner
6cf9ca9f7e
docs: update typescript repo state (#7953) 2024-05-15 09:24:54 +00:00
JayPe
e029b2cabe
fix: typo in the fr translation file for login ui sms otp mfa (#7946)
fix typo in the fr translation file for login ui sms otp mfa

Co-authored-by: Jean-Philippe Novent <jean-philippe.novent@ludocare.com>
2024-05-14 15:54:37 +02:00
Stefan Benz
0e9ebed8d0
fix: import totp in add human user with secret (#7936)
* fix: import totp in add human user with secret

* fix: import totp in add human user with secret

* fix: import totp in add human user with secret

* fix: review comment changes
2024-05-14 09:20:31 +02:00
Miguel Cabrerizo
15d5338b91
feat(cnsl): docs link can be customized and custom button is available (#7840)
* feat: customize doc link and additional custom link

* feat: add e2e tests

* fix: update docs

* fix: add @peintnermax changes about cache

* fix: golangci-lint complains preparation.PrepareCommands

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-05-13 16:01:50 +02:00
mffap
6942324741
docs(concepts): Update resources and features, add account linking (#7934)
* account linking

* updates to concepts and features

* Apply suggestions from code review

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-05-13 08:29:25 +02:00
Elio Bischof
3396657c3f
chore: improve commit messages (#7921)
* chore: improve commit messages

* indent

* cleanup

* additional changes

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-05-09 20:12:42 +03:00
Dakshitha Ratnayake
e4905f1431
docs(sdk-examples): Added description about setting up samples in console (#7838)
* Added description about setting up samples in console

* Changed default text.

* Update introduction.mdx

* Update introduction.mdx
2024-05-08 14:13:37 +05:30
Elio Bischof
24a9d7c730
fix(defaults): configure hashers via env (#7872)
fix(setup): configure hashers via env

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-05-08 06:48:26 +00:00
Elio Bischof
f3abbad133
fix(smtp): enable default instance config (#7925)
* fix(smtp): enable default instance config

* fix(smtp): enable default instance config

* improve method signature
2024-05-07 16:24:53 +00:00
Fabi
1139dfb391
docs: add note about symbol of passwords (#7919)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-07 10:10:45 +00:00
Livio Spring
236cea5b74
chore: set specific go version (#7873)
* chore: set specific go version

* chore: set specific go version

* chore: set specific go version
2024-05-07 08:44:39 +00:00
Stefan Benz
72c5b057f1
fix: allow start and retrieve IdP intents with IdPs from other organizations (#7871)
* fix: correct resourceowner of intent to instance

* fix: correct resourceowner of intent to instance

* fix: correct resourceowner of intent to instance

* fix: correct resourceowner of intent to instance

* fix: correct resourceowner of intent to instance

* docs: expand the login example with org specific parameters

* fix: existence of idp is not checked through resourceowner

* fix: existence of idp is not checked through resourceowner

* fix: existence of idp is not checked through resourceowner

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-07 06:11:20 +00:00
Livio Spring
5bf195d374
fix: allow other users to set up MFAs (#7914)
* fix: allow other users to set up MFAs

* update tests

* update integration tests
2024-05-07 05:38:26 +00:00
Max Peintner
016e5e5da1
fix(console): password reset hidden texts (#7915)
fix(console): password reset hidden
2024-05-06 15:15:35 +02:00
Stefan Benz
1c5ecba42a
feat: add action v2 execution on requests and responses (#7637)
* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: add execution of targets to grpc calls

* feat: split request and response logic to handle the different context information

* feat: split request and response logic to handle the different context information

* fix: integration test

* fix: import alias

* fix: refactor execution package

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* fix: refactor execution interceptor integration and unit tests

* docs: basic documentation for executions and targets

* fix: change order for interceptors

* fix: merge back origin/main

* fix: change target definition command and query side (#7735)

* fix: change target definition command and query side

* fix: correct refactoring name changes

* fix: correct refactoring name changes

* fix: changing execution defintion with target list and type

* fix: changing execution definition with target list and type

* fix: add back search queries for target and include

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* fix: projections change for execution with targets suffix table

* docs: add example to actions v2

* docs: add example to actions v2

* fix: correct integration tests on query for executions

* fix: add separate event for execution v2 as content changed

* fix: add separate event for execution v2 as content changed

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>

* fix: added review comment changes

* fix: added review comment changes

* Update internal/api/grpc/server/middleware/execution_interceptor.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

* fix: added review comment changes

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-05-04 11:55:57 +02:00
Max Peintner
7e345444bf
docs: feature settings in console (#7899)
* docs: feature settings in console

* update default settings
2024-05-03 13:13:06 +00:00
Livio Spring
2648db694d
chore(stable): v2.46.7 (#7901) 2024-05-03 11:29:11 +00:00
Livio Spring
d177b82d2d
fix(login): check for error before automatic idp redirect (#7891)
* fix(login): check for error before automatic idp redirect

* hide next button on login page if username password is not enabled
2024-05-03 07:57:24 +00:00
Livio Spring
900894161f
fix(login): prevent init mail on idp registration (#7895) 2024-05-03 07:23:40 +00:00
Max Peintner
b72ecf69f3
fix(console): user descriptions (#7894)
* fix: user descriptions

* i18n
2024-05-03 08:36:02 +02:00
Livio Spring
482a46b198
fix: user registration through IdP (#7893)
* fix: user registration through idp

* fix more nil pointer issues
2024-05-02 13:21:03 +00:00
Fabi
83c5066ab9
docs: fix example for self hosting load balancing (#7890)
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-05-02 10:15:35 +00:00
Livio Spring
43da9225be
fix: check password complexity policy and respect changeRequired on password change (#7884)
* fix: check password complexity policy on password change and respect require_change

* pass changeRequired where available and add tests

* fix requested changes

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-05-02 11:50:13 +02:00
Stefan Benz
8cc12e869a
fix: correct email headers (mime version and content-type) (#7886)
* fix: correct email mime version case for case-sensitive handlers

* remove trailing `;`

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-02 10:36:21 +02:00
Elio Bischof
6c0e7c402d
fix(setup): decode complex config strings (#7854)
* fix(setup): decode complex config strings

* decode complex types before string lists

* lint

* fix hasher env docs

* hasher defaults

* cleanup

* cleanup

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-05-01 12:17:27 +02:00
Livio Spring
9950cafafc
fix: improve information on unsupported hash algorithms (#7870)
* fix: improve information on unsupported hash algorithms

* Update de.yaml
2024-04-30 17:50:33 +00:00
Stefan Benz
87e4a0be20
chore: build and test on main for codecov (#7875) 2024-04-30 20:08:00 +03:00
Miguel Cabrerizo
1f54f5b8a4
fix: Unrecognized Authentication Type Error when SMTP LOGIN Auth method is required (#7761)
* fix: poc outlook.com now works login auth

* fix: remove port arg from smtpAuth

* fix: add outlook provider and custom email placeholder

* fix: minor typo in contributing docs

* fix: use zerrors package

* fix: typo for idp and smtp providers

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-04-30 07:31:07 +00:00
Fabi
2a421a7b8a
fix: translate missing event types (#7853)
* docs: translate missing event types

* fix: wrong example in api docs

* Update internal/static/i18n/cs.yaml

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-04-29 13:33:15 +00:00
Miguel Cabrerizo
f5b3d9752a
fix: show settings button for users w/o iam perms (#7848)
Co-authored-by: Max Peintner <max@caos.ch>
2024-04-29 12:31:13 +00:00
Miguel Cabrerizo
82e38e31ea
fix(cnsl): Email Verified checkbox value was not updated (#7844)
fix: set standalone true to isVerified

Co-authored-by: Max Peintner <max@caos.ch>
2024-04-29 13:58:07 +02:00
Elio Bischof
8c1a8f792a
fix(console): app details (#7827)
* cleanup app urls

* fix app details

* styles and specific urls

* lint

* explicit urls

* deterministic order

* lint

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-04-29 10:16:59 +00:00
Livio Spring
6ab06aa249
fix: improve secret generation for apple idp (#7843)
* fix: improve secret generation for apple idp

* remove accidental commit

* change exp time

* change exp time

* change exp time

* change exp time
2024-04-26 15:46:15 +00:00
Silvan
5811a7b6a5
refactor(v2): init eventstore package (#7806)
* refactor(v2): init database package

* refactor(v2): init eventstore package

* add mock package

* test query constructors

* option based push analog to query
2024-04-26 15:05:21 +00:00
Miguel Cabrerizo
2254434692
fix: remove email validation for SearchUsers v2beta/users (#7855)
fix: remove email validation + homogeneous requirements
2024-04-26 14:00:47 +00:00
Livio Spring
4f3564e4e9
fix: disable auth cache by default (#7845) 2024-04-26 09:30:35 +02:00
Dakshitha Ratnayake
251d855f5d
docs(integrate): Add google login video (#7836)
* Update google.mdx

* Update google.mdx
2024-04-26 09:37:37 +05:30
Silvan
5131328291
refactor(v2): init database package (#7802) 2024-04-25 06:45:34 +00:00
Miguel Cabrerizo
207b20ff0f
fix(console): orgs list is shown empty when org is removed (#7781)
fix:active orgs not shown when org is removed

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-04-25 05:02:20 +00:00
Livio Spring
d016379e2a
feat: pass and handle auth request context for email links (#7815)
* pass and handle auth request context

* tests and cleanup

* cleanup
2024-04-24 17:50:58 +02:00
Livio Spring
ac985e2dfb
fix(login): correctly reload policies on auth request (#7839) 2024-04-24 08:44:55 +00:00
Silvan
25030c69b9
perf: cache auth request in memory (#7824)
* perf: cache auth request in memory
2024-04-23 11:23:50 +00:00
Miguel Cabrerizo
9fa90e0757
fix: weird issue with service key expirationDate format (#7688)
* fix: weird issue with service key expirationDate format for localizedDate

* fix: replace YYYY with EEEE dd. MMM yyyy in other cases just in case

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-04-23 10:17:28 +00:00
Ari
e46dd121cd
feat: allow using a local RSA key for machine keys (#7671)
* Allow using a local RSA key for machine keys

* Add check for key validity

* Fix naming error

* docs: provide translations of invalid key

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-04-23 09:38:07 +00:00
Elio Bischof
df50c3835b
test(e2e): check for exactly one displayed event (#7831)
test(e2e): check for exactly once displayed event
2024-04-23 09:09:25 +00:00