Commit Graph

1037 Commits

Author SHA1 Message Date
Livio Spring
bffb10a4b4
feat: allow domain discovery for unknown usernames (#4484)
* fix: wait for projection initialization to be done

* feat: allow domain discovery for unknown usernames

* fix linting

* Update console/src/assets/i18n/de.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix zh i18n text

* fix projection table name

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-06 13:30:14 +02:00
Max Peintner
531c30a031
fix(login): organization suffix overflow (#4374)
fix: org name overflow
2022-10-03 18:01:35 +02:00
Livio Spring
fcb36cd406
fix: wait for projection initialization to be done (#4473)
* fix: wait for projection initialization to be done

* close channel

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-10-03 14:09:59 +00:00
Max Peintner
f517077be3
fix(login): improve multifactor prompt (#4474)
* login mfa improvements

* mfa toggles

* styles

* mfa styles

* go rel

* better translations for mfa u2f

* revert goreleaser format
2022-10-03 13:48:24 +02:00
Fabi
f40931e81e
fix: change descriptions and password rule placement (#4425)
* fix: change descriptions and password rule placement

* fix: passwordless descriptions, remove language and gender from register

* fix: less technical texts on login

* fix: texts

* fix: texts

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

* update e2e test

* fix radio

* fix: chinese text corrections

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-09-28 15:08:45 +02:00
Stefan Benz
2957407b5b
fix: correct oidcsettings management (#4413)
* fix(oidcsettings): corrected projection, unittests and added the add endpoint

* fix(oidcsettings): corrected default handling and instance setup

* fix: set oidc settings correctly in console

* cleanup

* e2e test

* improve e2e test

* lint e2e

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 12:53:49 +02:00
Stefan Benz
b32c02a39b
feat(instance): add functionality to update instance (#4440)
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 06:58:50 +00:00
Silvan
a7646d5a78
fix(translations): language options and init user (#4449)
fix(translations): add chinese to language options
fix(translations): correct key for password confirm label
2022-09-23 17:24:06 +02:00
Livio Spring
7dfa1925cc
feat: restrict login to specific org by id (scope) (#4294)
* feat: add new org scope

* change default of UserLoginMustBeDomain to false

* return resource owner claims

* fix: use email style for first user

* fix: ensure email style for default users (backwards compatibility)

* change to external domain (as it was before UserLoginMustBeDomain change)

* update e2e tests to use email style usernames

* document new scope

* lint e2e

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-23 12:08:10 +00:00
Silvan
2bc19f55b5
fix(projections): unique index names (#4439) 2022-09-22 15:18:52 +02:00
Livio Spring
7aef0ccfee
fix(email): set correct logo url (#4426) 2022-09-21 14:18:55 +00:00
Stefan Benz
2c1f9ac4a8
feat(org): add org metadata functionality (#4234)
* feat(org): add org metadata functionality

* fix(metadata): add unit tests and review for org metadata

* fix(org-metadata): move endpoints to /

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-20 14:32:09 +00:00
Livio Spring
05cb672cff
fix(login): custom texts for pages called directly form mail link (#4415)
* fix(login): translate init password correctly

* refactor: no error return params

* fix(login): custom texts for pages called directly form mail link

* fix custom text on registration pages

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-09-20 07:22:47 +00:00
Silvan
84b20bc4e1
fix(auth): always get token by id and user id (#4371)
Co-authored-by: Florian Forster <florian@zitadel.com>
2022-09-15 12:59:40 +00:00
Stefan Benz
69230def56
fix(user): move check if user is existing from user idp link (#4363)
* fix(user): move check if user is existing from user idp link

* fix(user): correct unit tests for user link bulk

* fix(user): correct placement of existing user check for user link

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-09-14 12:21:23 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
George
8ab85afd15
feat: internationalization Chinese (#4222)
* feat: internationalization chinese

* typo: optimize the semantic expression of copywriting

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/zh.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* minor: add Chinese to other language file

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-09-08 15:15:31 +02:00
Stefan Benz
5052aa1c12
fix(assets): correct type column in assets (#4295)
* fix(asssets): correct remove asset objects with text column

* fix(assets): type asset_type, correct and add unit tests

* fix(assets): set unspecified objecttype to empty string

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-09-08 09:39:38 +02:00
Livio Spring
04ce8b2479
fix: remove idps from org login policy after reset (#4327) 2022-09-07 14:17:52 +02:00
Livio Spring
4723e911f4
fix: provider type column in idp_login_policy_links projection (#4325) 2022-09-06 06:39:03 +00:00
Livio Spring
279b487961
fix: use correct db schema (#4308) 2022-09-05 08:29:32 +00:00
Livio Spring
5aa91ad105
fix: improve performance (#4300)
## Note

This release requires a setup step to fully improve performance.
Be sure to start ZITADEL with an appropriate command (zitadel start-from-init / start-from-setup)

## Changes

- fix: only run projection scheduler on active instances
- fix: set default for concurrent instances of projections to 1 (for scheduling)
- fix: create more indexes on eventstore.events table
- fix: get current sequence for token check (improve reread performance)
2022-09-02 14:05:13 +00:00
Livio Spring
adb5394ae3
fix: login text changes (#4269)
* fix: omit empty (zero) dates

* overwrite current date on save

* update date on reset

* smtp

* disable reset

Co-authored-by: Max Peintner <max@caos.ch>
2022-09-02 10:29:06 +02:00
Silvan
2f647ce9a2
fix: initial failures (#4291)
* fix(cmd): read configuration correctly

* fix(database): read weakly typed config

* fix(database): correct handling of update columns

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-09-01 07:24:26 +00:00
Livio Spring
32b751a3a0
fix: WebAuthN (registration / login) and list on users (#4290)
* fix: WebAuthN when running under non default port

* fix: remove notification schema from list of views / failed events

* fix: auth method column type in user auth methods
2022-09-01 09:10:07 +02:00
Silvan
b9795b5c57
fix(amr): add pwd because password is wrong (#4284)
* fix(amr): add pwd because password is wrong

* docs: deprecation notice

* docs: nicer wording

* Update docs/docs/apis/openidoauth/claims.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-08-31 08:16:31 +00:00
Silvan
77b4fc5487
feat(database): support for postgres (#3998)
* beginning with postgres statements

* try pgx

* use pgx

* database

* init works for postgres

* arrays working

* init for cockroach

* init

* start tests

* tests

* TESTS

* ch

* ch

* chore: use go 1.18

* read stmts

* fix typo

* tests

* connection string

* add missing error handler

* cleanup

* start all apis

* go mod tidy

* old update

* switch back to minute

* on conflict

* replace string slice with `database.StringArray` in db models

* fix tests and start

* update go version in dockerfile

* setup go

* clean up

* remove notification migration

* update

* docs: add deploy guide for postgres

* fix: revert sonyflake

* use `database.StringArray` for daos

* use `database.StringArray` every where

* new tables

* index naming,
metadata primary key,
project grant role key type

* docs(postgres): change to beta

* chore: correct compose

* fix(defaults): add empty postgres config

* refactor: remove unused code

* docs: add postgres to self hosted

* fix broken link

* so?

* change title

* add mdx to link

* fix stmt

* update goreleaser in test-code

* docs: improve postgres example

* update more projections

* fix: add beta log for postgres

* revert index name change

* prerelease

* fix: add sequence to v1 "reduce paniced"

* log if nil

* add logging

* fix: log output

* fix(import): check if org exists and user

* refactor: imports

* fix(user): ignore malformed events

* refactor: method naming

* fix: test

* refactor: correct errors.Is call

* ci: don't build dev binaries on main

* fix(go releaser): update version to 1.11.0

* fix(user): projection should not break

* fix(user): handle error properly

* docs: correct config example

* Update .releaserc.js

* Update .releaserc.js

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2022-08-31 07:52:43 +00:00
Silvan
60b2092d2c
fix(import): check exists (#4268)
* fix(import): check if org exists and user

* refactor: imports

* fix(user): ignore malformed events

* refactor: method naming

* fix: test

* refactor: correct errors.Is call
2022-08-29 17:09:07 +02:00
Livio Spring
64f589c435
fix: read custom texts for pages called directly form mail link (#4255)
* fix: read custom texts for pages called directly form mail link

* log errors
2022-08-26 08:53:11 +00:00
Livio Spring
e1a981928c
fix: action query (#4257) 2022-08-26 08:38:41 +00:00
Livio Spring
47930c6a85
fix: handle instanceID correctly in auth projections (#4252) 2022-08-25 13:38:35 +00:00
Livio Spring
4c26665b93
fix: improve user grants precondition checks (#4237)
* fix: improve user grants precondition checks

* build rc

* fix prerelease

* fix: build image

* remove branch from releaserc
2022-08-24 11:38:59 +02:00
Livio Spring
69534a2f7a
feat: allow JWT for ZITADEL APIs (#4206)
* feat: allow JWT for ZITADEL APIs

* improve getTokenIDAndSubject

* comment

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-08-23 08:02:36 +02:00
Livio Spring
cc612fed07
fix: trim spaces for usernames and organization names (#4217) 2022-08-19 15:00:14 +02:00
Livio Spring
d656b3f3c9
fix: instance interceptors return NotFound (404) error for unknown hosts (#4184)
* fix: instance interceptors return "NotFound" (404) error for unknown hosts

* fix tests
2022-08-17 06:07:41 +00:00
Livio Spring
dcac08b1d5
fix: caching of assets (correct headers and versioned avatar and variables.css url) (#4118)
* fix: caching of assets (correct headers and versioned avatar url)

* serve variables.css versioned and extend shared max age of assets

* fix TestCommandSide_AddHumanAvatar

* refactor: const types

* refactor: return values

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-08-16 05:04:36 +00:00
Stefan Benz
2388764f1c
fix(IDP): correct org idp response resourceowner (#4165) 2022-08-11 11:56:59 +02:00
Livio Spring
02d2032790
feat: add ZITADEL project id scope (#4146)
* feat: add ZITADEL project id scope

* update documentation

* documentation

* fix scopes

* change to lowercase
2022-08-09 09:45:59 +02:00
cyb3rd0g1
2746b4f3a7
fix(login): update automatic registration to pull form data (#4103)
* update automatic registration to pull form data

* prioritize form-derived usernames when registering via external oidc

* allow for customization of displayname on registration via external IdP

* Update internal/api/ui/login/external_login_handler.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update internal/api/ui/login/external_login_handler.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-08-08 13:05:38 +00:00
Livio Spring
dba0fdcf7b
fix: handle user metadata projection correctly (#4098) 2022-08-03 09:50:23 +02:00
Livio Spring
6b30be77e6
fix: restrict domain names to alphanumeric characters (#4104)
* fix: restrict domain names to alphanumeric characters

* improve error message
2022-08-03 07:25:25 +00:00
Livio Spring
fbd04d399d
fix: hide / show username suffix correctly on registration pages (#4097) 2022-08-02 16:31:35 +02:00
Fabi
8448f88f94
fix: remove user login must be domain check on machine users (#4065)
* fix: remove user login must be domain check on machine users

* fix: test

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-28 14:33:59 +00:00
Livio Spring
f610d48569
feat: prepare for multiple database types (#4068)
BREAKING CHANGE: the database and admin user config has changed.
2022-07-28 16:25:42 +02:00
Stefan Benz
bc9a85daf3
feat: V2 alpha import and export of organizations (#3798)
* feat(import): add functionality to import data into an instance

* feat(import): move import to admin api and additional checks for nil pointer

* fix(export): export implementation with filtered members and grants

* fix: export and import implementation

* fix: add possibility to export hashed passwords with the user

* fix(import): import with structure of v1 and v2

* docs: add v1 proto

* fix(import): check im imported user is already existing

* fix(import): add otp import function

* fix(import): add external idps, domains, custom text and messages

* fix(import): correct usage of default values from login policy

* fix(export): fix renaming of add project function

* fix(import): move checks for unit tests

* expect filter

* fix(import): move checks for unit tests

* fix(import): move checks for unit tests

* fix(import): produce prerelease from branch

* fix(import): correctly use provided user id for machine user imports

* fix(import): corrected otp import and added guide for export and import

* fix: import verified and primary domains

* fix(import): add reading from gcs, s3 and localfile with tracing

* fix(import): gcs and s3, file size correction and error logging

* Delete docker-compose.yml

* fix(import): progress logging and count of resources

* fix(import): progress logging and count of resources

* log subscription

* fix(import): incorporate review

* fix(import): incorporate review

* docs: add suggestion for import

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix(import): add verification otp event and handling of deleted but existing users

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-28 13:42:35 +00:00
Livio Spring
d620126aab
fix: handle nil pointer when login hint is invalid (#4066)
* fix: handle nil pointer when login hint is invalid

* mention encoding for login_hint
2022-07-28 14:11:10 +02:00
Livio Spring
096e12d3d0
fix: set domain verified if domain policy does not require validation (#4061)
* fix: set domain verified if domain policy does not require validation

* handle domain claimed
2022-07-28 13:18:31 +02:00
Livio Spring
5bd9badbcf
fix: project grants (#4031)
* fix: filter granted memberships correctly

* fix: only show changes of granted project

* Apply suggestions from code review

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update internal/query/user_membership.go

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00
Livio Spring
c15577c1f9
fix: use default redirect uri when not passed on end_session endpoint (#4054)
* fix: use default redirect uri when not passed on end_session endpoint

* instance state
2022-07-27 09:49:16 +02:00
Fabi
8e94d2377b
fix: remove adding automatically global role on register (#4050) 2022-07-27 07:04:17 +02:00
Livio Spring
ccde49b323
feat: extend claims of introspection response (#4018)
* feat: extend claims of introspection response

* update oidc lib
2022-07-25 09:38:15 +02:00
Livio Spring
9fc8a43642
fix: handle events of PATs correctly (#4024) 2022-07-22 13:47:55 +02:00
Livio Spring
aed7010508
fix: scheduling (#3978)
* fix: improve scheduling

* build pre-release

* fix: locker

* fix: user handler and print stack in case of panic in reducer

* chore: remove sentry

* fix: improve handler projection and implement tests

* more tests

* fix: race condition in tests

* Update internal/eventstore/repository/sql/query.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: implemented suggested changes

* fix: lock statement

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-07-22 10:08:39 +00:00
Livio Spring
91206967b4
fix: reset custom org domain policy (#4014) 2022-07-21 13:46:59 +02:00
Livio Spring
95481c2e0b
feat: allow system config changes (#3876)
* feat: run repeatable setup steps

* feat: react to system config changes

* renaming
2022-07-20 11:20:49 +02:00
Silvan
2707461ea6
fix(login): trigger bulk on reset password (#3970)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-19 09:07:37 +02:00
Livio Spring
9b6dad18cb
feat: provide metrics endpoint (#3902)
* feat: provide metrics endpoint

* config

* enable otel metrics by default

Co-authored-by: Florian Forster <florian@caos.ch>
2022-07-18 10:42:32 +02:00
Livio Spring
fa4bc47b3e
feat: specify org member roles in org setup (#3950) 2022-07-12 13:38:47 +00:00
Silvan
d7988563e5
fix: update login names on user trigger bulk (#3934) 2022-07-08 11:04:29 +00:00
Max Peintner
190a454140
feat(console): deactivate, reactivate org, fix signedout route (#3834)
* org detail

* feat: org deactivate, reactivate

* statehandler includes instead of startsWith

* fix signout route

* Update console/src/assets/i18n/de.json

Co-authored-by: Livio Spring <livio.a@gmail.com>

* french

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-08 06:58:23 +00:00
Livio Spring
6463b716ce
fix: handle org de-/reactivate correctly (#3924) 2022-07-07 13:13:17 +00:00
Silvan
9271623ec9
fix: load auth users (#3907)
* fix: load auth users

* fix: add triggerbulk

* fix: build pre-release

* fix even more french translations

* fix: build version

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-07 14:58:00 +02:00
Livio Spring
427d21ad45
fix: (french) translations (#3922) 2022-07-07 10:58:24 +00:00
mffap
3267daedda
feat: internationalization french (#3890)
* initial

* console_fr updates

* console_en fix issues

* notifications_fr

* internal_static_i18n_fr fixes

* internal_static_i18n_en fix

* docs

* search parameter

* missing italian translations

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-06 13:40:11 +00:00
Livio Spring
a1d404291d
fix(notify): notify user in projection (#3889)
* start implement notify user in projection

* fix(stmt): add copy to multi stmt

* use projections for notify users

* feat: notifications from projections

* feat: notifications from projections

* cleanup

* pre-release

* fix tests

* fix types

* fix command

* fix queryNotifyUser

* fix: build version

* fix: HumanPasswordlessInitCodeSent

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-07-06 14:09:49 +02:00
Livio Spring
8434eaa9c0
fix: require user verification for passwordless authentication (#3896) 2022-07-06 08:32:05 +02:00
Livio Spring
12d4d3ea0b
fix: enable env vars in setup steps (and deprecate admin subcommand) (#3871)
* fix: enable env vars in setup steps (and deprecate admin subcommand)

* fix tests and error text
2022-06-27 10:32:34 +00:00
Livio Spring
30f553dea1
feat: provide instance info on admin api and return version on instances responses (admin and system api) (#3802)
* feat: provide instance info on admin api and return version on instances responses (admin and system api)

* fix GetMyInstance
2022-06-27 09:12:06 +00:00
Livio Spring
1b4740c78f
fix: primary domain scope (handle context correctly) (#3872) 2022-06-27 09:24:23 +02:00
Livio Spring
ed5721d39e
feat: TLS support (#3862)
* feat: TLS support

* add comment

* fix comment
2022-06-24 12:38:22 +00:00
Max Peintner
70a108deeb
chore(console): add customer portal link (#3837)
* feat: add customer portal link

* add customer portal to environment.json from backend

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-06-24 11:18:54 +00:00
Silvan
c244dcaffd
fix(notify): correct get user (#3836) 2022-06-16 13:49:45 +00:00
Silvan
e1cfc242ab
fix(auth): read user if not found after create (#3835) 2022-06-16 13:06:17 +00:00
Max Peintner
38be00971b
fix(login): text color for idp, footer (#3830)
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-06-15 16:33:36 +00:00
Silvan
d1bc4a9bc5
fix(notify): fail if required fields are empty (#3831) 2022-06-15 16:22:48 +00:00
Fabi
7e35775681
docs(legal): Updated agreements and policies v2 (#3823)
* tos

* adds cloud service

* cloud service description WIP

* action minute

* service level description

* SAML and last revised

* tos credit and payment

* dpa basic, profile, and payment data

* service description: authenticated requests

* cloud service description: ui

* add notification box

* sla description

* support services

* removes dedicated instance annex

* remove dedicated instance annex sidebar, links

* update dedicated terms

* merge additional terms in sidebar

* privacy formatting

* pp update piid table

* remove cloudflare cookies

* privacy customer portal cookies

* revert editing guides

* dates

* docs: test

* modification of services

* Apply suggestions from code review

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* add disclaimer to regions list

Co-authored-by: Maximilian Panne <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: mffap <mpa@zitadel.com>
2022-06-15 08:30:58 +02:00
Silvan
72b696ccb2
fix(system): search for existing domain globally (#3822) 2022-06-14 15:45:19 +02:00
Silvan
dd2f31683c
fix(query): realtime data on defined requests (#3726)
* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses

* fix proto

* update login policy

* feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses

* fix: tests

* fix(projection): trigger bulk

* refactor: clean projection pkg

* instance should bulk

* fix(query): should trigger bulk on id calls

* tests

* build prerelease

* fix: add shouldTriggerBulk

* fix: test

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-06-14 07:51:00 +02:00
Max Peintner
1da305f2de
fix(login): idp, link font color (#3814)
fix: idp, a font color
2022-06-13 09:36:42 +02:00
Livio Spring
f57e3df39d
fix: sms providers (#3801) 2022-06-13 08:34:11 +02:00
Livio Spring
6bd5799770
fix: idp styling (#3797)
* fix: idp styling

* escape idp a color

* elevation on hover

* css gen

Co-authored-by: Max Peintner <max@caos.ch>
2022-06-10 13:17:33 +00:00
Livio Spring
7b0f0b81a3
fix: set instanceID correctly in org project mapping (#3789) 2022-06-10 13:12:07 +00:00
Max Peintner
d6cb36db31
fix(console, login): label policy and privacy policy from authservice, login - remove double footer element, mobile (#3795)
fix: cnsl auth policy, lgn footer mobile
2022-06-10 14:46:59 +02:00
Max Peintner
3500961fbb
fix: add smtp config, remove smtp and sms provider, console adaptations (#3792)
* fix: add AddSMTPConfig to admin api

* addsmtpconfig

* fix: add RemoveSMTPConfig and RemoveSMSProvider to admin api

* update twilio, token fcn

* fix account switcher, twilio token set, cleanup dialog

* cleanup

* buttons

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-06-10 12:39:38 +02:00
Livio Spring
03a77b381e
fix: password check policy correctly (#3787)
* fix: password check policy correctly

* fix: password check policy correctly
2022-06-09 13:48:57 +00:00
Livio Spring
7f34ce1891
fix: allow project grants without roles in database (#3786) 2022-06-09 11:48:54 +02:00
Livio Spring
a377f2816c
feat: return instance domains on list instances, fix: login policy and avatar url in oidc responses (#3785)
* feat: return instance domains on list instances

* fix: filter login policy idps correctly

* remove debug

* fix: absolute avatar url in oidc responses
2022-06-08 13:46:24 +02:00
Livio Spring
ace94917da
test: ensure consistency of TestSpooler_awaitError (#3750) 2022-06-07 11:40:46 +00:00
Max Peintner
233d80502d
fix(console, login): console - ensure permission is available, login - i18n fixes, input borders, lgn-touched script to add class on blur (#3760)
* permission restriction, member, login i18n input borders, secondary text

* add touched js
2022-06-07 09:25:56 +00:00
Livio Spring
5e4b38d69b
fix: improve oidc issuer / endpoints (#3753)
* fix: improve oidc issuer / endpoints

* docs: update endpoints
2022-06-07 10:04:51 +02:00
Livio Amstutz
3a1569bd94
fix: grpc gateway interceptors (#3767) 2022-06-03 12:44:04 +00:00
Livio Amstutz
da1f74fde0
fix: update user sessions after avatar or primary domain change (#3768) 2022-06-03 12:37:24 +00:00
Livio Amstutz
0baaaf8a05
fix: handle default org id (#3769) 2022-06-03 14:30:39 +02:00
Max Peintner
ebb73186b6
fix(console, login): Idp detail and create layout optimization, login - sub formfield link spacing (#3755)
* idp detail, create layout

* fat finger fix

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-06-03 07:20:56 +00:00
Livio Amstutz
6506ce537d
fix: sql error check (#3762) 2022-06-01 16:00:25 +00:00
Livio Amstutz
d65761f388
fix: render only base language in html (#3759) 2022-06-01 15:32:18 +02:00
Livio Amstutz
21a0e4a972
feat: get current label and privacy policies (#3748) 2022-06-01 09:50:28 +02:00
Livio Amstutz
b0436c995b
fix: return correct empty flow if not found (#3749) 2022-06-01 08:11:48 +02:00
Silvan
fb93085430
fix(projection): add missing col to idp login policy links (#3745)
* fix(projection): add missing col to projection

* refactor: method naming
2022-05-31 20:39:37 +02:00
Silvan
ed36680ea1
fix(query): show views and failed events (#3743)
* fix(system): show views and failed events

* fix: set correct database on failed events and views
2022-05-31 16:33:50 +02:00
Max Peintner
e3e0207318
fix: login checkbox contrast, login policy factors, asset urls (#3742)
* checkbox contrast

* idp create before remove, add, asset service

* login policy events

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-05-31 13:51:21 +00:00
Silvan
16c86149be
fix(current_sequence): no error if not found (#3740) 2022-05-31 11:50:51 +00:00
Livio Amstutz
81c0ca3337
fix: use issuer for jwt profile check on system api (#3741) 2022-05-31 13:11:49 +02:00
Max Peintner
ac65d9d331
fix(login): checkbox, label, container styles (#3732)
fix: checkbox, label styles
2022-05-31 07:20:39 +00:00
Silvan
3513148cf6
fix: SMTP config in defaults (#3736)
* fix(command): create smtp provider cmds after domains

* chore(defaults): add smtp configuration
2022-05-30 17:39:18 +02:00
Livio Amstutz
992892a8bb
fix: read key data for system api users from config (#3731) 2022-05-30 12:53:21 +00:00
Livio Amstutz
b3f50702f8
feat: directly specify factors/idps on addCustomLoginPolicy and return on LoginPolicy responses (#3711)
* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses

* fix proto

* update login policy

* feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses

* fix: tests

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-05-30 11:51:07 +00:00
Livio Amstutz
2fc39c0da0
feat: system api requires authenticated requests (#3570)
* begin auth

* feat: system api requires authenticated requests

* fix tests
2022-05-30 13:38:30 +02:00
Livio Amstutz
41d78ef523
fix: return absolute url for avatar in user sessions (#3724)
* fix: return absolute url for avatar in user sessions

* fix: refresh token unique constraint
2022-05-30 11:27:52 +00:00
Max Peintner
e79aab3671
fix: login ui for v2 (#3712)
* fix: login ui for v2

* a color

* footer

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-30 09:03:40 +00:00
Livio Amstutz
737e01bfd2
fix: fix and improve primary keys on projections (#3708)
* fix: org_domain projection

* fix: projection reset

* fix test

* improve foreign keys on suffixed tables
2022-05-25 14:15:13 +02:00
Livio Amstutz
79452da7d6
fix: check membership from projection (#3710)
* fix: check membership from projection

* remove authz setup
2022-05-25 14:07:16 +02:00
Alexei-Barnes
09b021b257
feat: Configurable Unique Machine Identification (#3626)
* feat: Configurable Unique Machine Identification

This change fixes Segfault on AWS App Runner with v2 #3625

The change introduces two new dependencies:

* github.com/drone/envsubst for supporting AWS ECS, which has its metadata endpoint described by an environment variable
* github.com/jarcoal/jpath so that only relevant data from a metadata response is used to identify the machine.

The change ads new configuration (see `defaults.yaml`):

* `Machine.Identification` enables configuration of how machines are uniquely identified - I'm not sure about the top level category `Machine`, as I don't have anything else to add to it. Happy to hear suggestions for better naming or structure here.
* `Machine.Identifiation.PrivateId` turns on or off the existing private IP based identification. Default is on.
* `Machine.Identification.Hostname` turns on or off using the OS hostname to identify the machine. Great for most cloud environments, where this tends to be set to something that identifies the machine uniquely. Enabled by default.
* `Machine.Identification.Webhook` configures identification based on the response to an HTTP GET request.  Request headers can be configured, a JSONPath can be set for processing the response (no JSON parsing is done if this is not set), and the URL is allowed to contain environment variables in the format `"${var}"`.

The new flow for getting a unique machine id is:

1. PrivateIP (if enabled)
2. Hostname (if enabled)
3. Webhook (if enabled, to configured URL)
4. Give up and error out.

It's important that init configures machine identity first. Otherwise we could try to get an ID before configuring it. To prevent this from causing difficult to debug issues, where for example the default configuration was used, I've ensured that
the application will generate an error if the module hasn't been configured and you try to get an ID.

Misc changes:

* Spelling and gramatical corrections to `init.go::New()` long description.
* Spelling corrections to `verify_zitadel.go::newZitadel()`.
* Updated `production.md` and `development.md` based on the new build process. I think the run instructions are also out of date, but I'll leave that for someone else.
* `id.SonyFlakeGenerator` is now a function, which sets `id.sonyFlakeGenerator`, this allows us to defer initialization until configuration has been read.

* Update internal/id/config.go

Co-authored-by: Alexei-Barnes <82444470+Alexei-Barnes@users.noreply.github.com>

* Fix authored by @livio-a for tests

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-24 16:57:57 +02:00
Livio Amstutz
e1ee89982a
fix: unify commands (and remove todos for checking existence) (#3696) 2022-05-24 09:28:17 +00:00
Livio Amstutz
cf6f4d6894
fix(tracing): parsing of fraction (#3705)
* fix(tracing): parsing of fraction

* log id
2022-05-24 09:18:25 +00:00
mffap
32ccada7a9
chore: more typos (#3688) 2022-05-21 22:41:21 +02:00
swazynski
5a2ffd80dc
chore: "EMail" typo (#3679)
Co-authored-by: Florian Forster <florian@caos.ch>
2022-05-21 11:29:25 +00:00
mffap
4d30d3a7e1
chore: various typos (#3686)
* fix(cli): typo in clis

* chore: fix typos in guides and readme

* markdown lint

* readme typos

* markdown lint

* typos in security.md

* login de

* login en

* console de

* console en

* Apply suggestions from code review

E-Mail instead of Email

Co-authored-by: Florian Forster <florian@caos.ch>

Co-authored-by: Florian Forster <florian@caos.ch>
2022-05-21 10:44:09 +00:00
Florian Forster
0ba165363e
chore: rename docs links (#3668) 2022-05-20 14:32:06 +00:00
Livio Amstutz
62c4a4d08d
fix: return absolute asset urls (#3676) 2022-05-20 10:30:12 +02:00
Livio Amstutz
0906c2d513
fix: CORS on assets api (#3659) 2022-05-19 14:09:02 +00:00
Silvan
a95b1ab3d0
fix(storage): resolve deadlock occuring durring projection (#3671) 2022-05-19 11:44:16 +00:00
Livio Amstutz
c71ccc8a80
fix: improve context handling in projections (#3638)
* fix: improve context handling in projections

* fix tests

* use as of system time for current sequence

* use as of system time for current sequence

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-05-19 08:25:19 +00:00
Livio Amstutz
5901991dd3
fix: asset service (CORS and path in console) and user init (#3655)
* fix: asset service (CORS and path in console) and user init

* fix tests

* improve comment
2022-05-18 14:10:49 +02:00
Livio Amstutz
616b31c959
fix: token check and error unwrapping (#3648)
* fix: token check and error unwrapping

* remove unused code
2022-05-18 10:49:16 +02:00
Livio Amstutz
3a63fb765a
fix: cleanup some todos (#3642)
* cleanup todo

* fix: some todos
2022-05-16 16:35:49 +02:00
Fabi
5c0f527a49
feat: restrict smtp sender address (#3637)
* fix: check if sender address is custom domain

* fix: check if sender address is custom domain

* fix: check if sender address is custom domain

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-16 14:08:47 +00:00
Livio Amstutz
411d7c6c5c
feat: add default redirect uri and handling of unknown usernames (#3616)
* feat: add possibility to ignore username errors on first login screen

* console changes

* fix: handling of unknown usernames (#3445)

* fix: handling of unknown usernames

* fix: handle HideLoginNameSuffix on unknown users

* feat: add default redirect uri on login policy (#3607)

* feat: add default redirect uri on login policy

* fix tests

* feat: Console login policy default redirect (#3613)

* console default redirect

* placeholder

* validate default redirect uri

* allow empty default redirect uri

Co-authored-by: Max Peintner <max@caos.ch>

* remove wonrgly cherry picked migration

Co-authored-by: Max Peintner <max@caos.ch>
2022-05-16 13:39:09 +00:00
Livio Amstutz
f1fa74a2c0
fix: loginnames in login and mails (eventstore v1 queries) (#3636)
* fix: loginnames in login and mails (eventstore v1 queries)

* fix: loginnames in login and mails (eventstore v1 queries)
2022-05-16 13:10:10 +00:00
Fabi
c53d5251a7
fix: V2 docs / error messages (#3611)
* docs: rewrite concept section

* docs: add instance to guides

* chore: error messages

* fix: scenarios

* docs: urls

* docs: change images

* docs: change images

* docs: change images

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-16 12:00:33 +00:00
Livio Amstutz
d401439427
fix: unique constraints on instance domain events (#3635) 2022-05-16 11:52:54 +02:00
Fabi
48fbf1a28e
feat: add random string to generated domain (#3634) 2022-05-16 11:26:24 +02:00
Livio Amstutz
4fcf03c9c8
fix: email sender and template (#3633) 2022-05-16 09:52:10 +02:00
Livio Amstutz
024eedc1b5
feat: enable default smtp config on setup (#3622)
* feat: enable default smtp config on setup

* fix tests

* fix channel order

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2022-05-13 12:13:07 +00:00
Livio Amstutz
5571db3e1b
feat: improve console caching and provide build info (#3621)
* feat: improve console caching and provide build info

* Update info.go
2022-05-13 14:06:44 +02:00
Livio Amstutz
734cfdddae
fix: return userID on org setup (#3623) 2022-05-13 13:54:48 +02:00
Livio Amstutz
f70990709b
fix: allow single parameter in org unique request (#3620) 2022-05-13 11:25:45 +02:00
Fabi
a9f82529ab
fix: add org member (#3599)
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-12 07:34:46 +00:00
Max Peintner
00e042ea44
fix(login): fix avatar.js (#3614) 2022-05-11 08:52:17 +02:00
Max Peintner
d431ccb965
feat(console, login): v2 notification settings, login avatar (#3606)
* instance routing

* instance naming

* org list

* rm isonsystem

* breadcrumb  type

* routing

* instance members

* fragment refresh org

* settings pages

* settings list, sidenav grouping, i18n

* org-settings, policy changes

* lint

* grid

* rename grid

* fallback to general

* cleanup

* general settings, remove cards

* sidenav for settings, label policy

* i18n

* header, nav backbuild

* general, project nav rehaul

* login text background adapt

* org nav anim

* org, instance settings, fix policy layout, roles

* i18n, active route for project

* lint

* notification-settings

* idp create redirect, sms provider create, i18n

* oidc configuration

* settings list

* new avatar colors for login

* cleaner js

* avatar theme login

* remove avatar elevation
2022-05-11 08:01:40 +02:00
Livio Amstutz
94e420bb24
fix: env.json caching, readiness and unique lockerIDs (#3596)
* fix: readiness check

* disable cache for env.json

* always generate unique lockerID

* fix tests
2022-05-04 17:09:49 +02:00
Livio Amstutz
79db247801
feat: set default language on instance (#3594) 2022-05-03 15:58:38 +02:00
Livio Amstutz
06a1b52adf
fix: improve interceptor handling (#3578)
* fix: improve interceptor handling

* fix: improve interceptor handling

Co-authored-by: Florian Forster <florian@caos.ch>
2022-05-02 15:26:54 +00:00
Livio Amstutz
ef6fd5a843
fix: remove 3rd party assets from mail (#3569) 2022-05-02 14:41:57 +00:00
Livio Amstutz
861cf07700
feat: permit all features to every instance and organisation (#3566) 2022-05-02 11:18:17 +02:00
Silvan
a9f71ba08e
fix(command): reset phone on phone write model to empty if removed (#3543) 2022-05-02 11:06:30 +02:00
Livio Amstutz
dc7fdb240b
fix: token verification (don't cache zitadel id system wide) (#3542) 2022-04-29 14:16:23 +02:00
Livio Amstutz
2af3e228e4
feat: set service name in tracing (#3533) 2022-04-28 17:35:56 +02:00
Livio Amstutz
44a2b81bef
feat: enable tracing (#3528) 2022-04-28 14:44:13 +02:00
Livio Amstutz
00f7dbe875
fix: setup instance domain handling (#3529) 2022-04-28 10:30:41 +02:00