Commit Graph

3352 Commits

Author SHA1 Message Date
Silvan
99c645cc60
refactor(database): exchange connection pool (#8325)
# Which Problems Are Solved

The connection pool of go uses a high amount of database connections.

# How the Problems Are Solved

The standard lib connection pool was replaced by `pgxpool.Pool`

# Additional Changes

The `db.BeginTx`-spans are removed because they cause to much noise in
the traces.

# Additional Context

- part of https://github.com/zitadel/zitadel/issues/7639
2024-07-17 15:16:02 +00:00
Elio Bischof
d95c9508a3
chore(lint): print error locations (#8246)
# Which Problems Are Solved

If golangci-lint fails, it is hard to find out how to fix it.

# How the Problems Are Solved

The official GitHub action for golangci-lint is upgraded from v4 to
[v6](https://github.com/golangci/golangci-lint-action/releases/tag/v6.0.1).

## Before Upgrade

![image](https://github.com/zitadel/zitadel/assets/12727842/d25bcb0d-5e86-4f8d-92e9-f24e53319062)

## After Upgrade

![image](https://github.com/zitadel/zitadel/assets/12727842/91c6c9ff-832b-49f5-ba92-ff835d8179c0)

# Additional Changes

Removes the config properties `skip-pkg-cache` and `skip-build-cache` as
support was removed with
[v5](https://github.com/golangci/golangci-lint-action/releases/tag/v5.0.0).

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2024-07-17 07:20:45 +00:00
Silvan
6c1df83071
chore: set defaults for fields projections (#8311)
# Which Problems Are Solved

Bigger systems need to process many events during the initialisation
phase of the `eventstore.fields`-table. During setup these calls can
time out.

# How the Problems Are Solved

Changed the default behaviour of these projections to not time out and
increased the bulk limit.
2024-07-17 05:23:29 +00:00
Livio Spring
07b2bac463
fix: allow login with user created through v2 api without password (#8291)
# Which Problems Are Solved

User created through the User V2 API without any authentication method
and possibly unverified email address was not able to login through the
current hosted login UI.

An unverified email address would result in a mail verification and not
an initialization mail like it would with the management API. Also the
login UI would then require the user to enter the init code, which the
user never received.

# How the Problems Are Solved

- When verifying the email through the login UI, it will check for
existing auth methods (password, IdP, passkeys). In case there are none,
the user will be prompted to set a password.
- When a user was created through the V2 API with a verified email and
no auth method, the user will be prompted to set a password in the login
UI.
- Since setting a password requires a corresponding code, the code will
be generated and sent when login in.

# Additional Changes

- Changed `RequestSetPassword` to get the codeGenerator from the
eventstore instead of getting it from query.

# Additional Context

- closes https://github.com/zitadel/zitadel/issues/6600
- closes https://github.com/zitadel/zitadel/issues/8235

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-07-17 06:43:07 +02:00
Livio Spring
e126ccc9aa
feat(IDP): use single callback endpoint (#8295)
# Which Problems Are Solved

Both the login UI and the IdP intent flow have their own IdP callback
endpoints.

This makes configuration hard to impossible (e.g. Github only allows one
endpoint) for customers.

# How the Problems Are Solved

- The login UI prefixes the `state` parameter when creating an auth /
SAML request.
- All requests now use the `/idp/callback` or the corresponding
variation (e.g. SAML)
- On callback, the state, resp. its prefix is checked. In case of the
login UI prefix, the request will be forwarded to the existing login UI
handler without the prefix state.
Existing setups will therefore not be affected and also requests started
before this release can be handled without any impact.
- Console only lists the "new" endpoint(s). Any
`/login/externalidp/callback` is removed.

# Additional Changes

- Cleaned up some images  from the IdP documentation.
- fix the error handling in `handleExternalNotFoundOptionCheck`

# Additional Context

- closes #8236
2024-07-16 13:58:22 +00:00
Stefan Benz
19561a092c
fix: add OrgIDQuery to the queries for organizations (#8312)
# Which Problems Are Solved

ListOrgs has no option to select for organizations specific to Ids.

# How the Problems Are Solved

Add OrgIDQuery to ListOrgs.

# Additional Changes

Clean up double mapping for the OrgQueries.

# Additional Context

- noted internally while checking performance issues (in Console)
2024-07-16 13:12:19 +00:00
Fabi
3d45c5dee5
fix: fix wrong translation (#8309)
# Which Problems Are Solved

In the console a wrong translation is shown for the password re auth
time, it is shown that it is the time after which users have to renew
their password, but it is the time, after which they have to
authenticate again with their password

# How the Problems Are Solved

Translations are changed in all languages

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-16 11:15:10 +00:00
Norman-Lee
1e3b350042
feat(cmd): Added machine ID mode to zitadel start up logs (#8251)
# Which Problems Are Solved

Logs the type of sonyflake strategy used for generating unique machine
IDs

# How the Problems Are Solved

- Created function to log machine id strategy on the start up logs

# Additional Changes
- Added public function for retrieving current strategy set by
configuration

# Additional Context
- Closes #7750
2024-07-16 09:53:57 +00:00
borisroman
7d0c7e5b54
feat: allow machine user id to be set during creation (#8265)
# Which Problems Are Solved
Solves the problem described in #8264.

# How the Problems Are Solved

Added a UserID field which can be set during Machine User creation.

# Additional Changes

Added addition unit and integration tests to cover the cases where a
UserID field is present.

# Additional Context

- Closes #8264

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-07-16 09:27:37 +02:00
Miguel Cabrerizo
832a55a78e
feat(console): note about function names must match in action dialog (#8294)
# Which Problems Are Solved

- A note should be added to the ZITADEL management console showing that
the name and function in the javascript have to be the same

# How the Problems Are Solved

- A new cnsl-info-section is added to the create/update action dialog

# Additional Context

Here's a screenshot showing the note:

![Captura desde 2024-07-12
13-08-35](https://github.com/user-attachments/assets/62de5491-1895-4101-8bcf-1c8433661fd2)

- Closes #7874

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-07-15 15:16:36 +00:00
Max Peintner
9d29098aa6
fix(console): identity provider title layout (#8302)
# Which Problems Are Solved

Fixes the alignment of the identity provider layouts

<img width="432" alt="Screenshot 2024-07-15 at 08 42 21"
src="https://github.com/user-attachments/assets/c45e4226-fc7e-4b5e-a25b-164bd31864c5">

# Context

- noted internally while implementing
https://github.com/zitadel/zitadel/pull/8295

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-15 11:25:59 +00:00
Silvan
8dd21a7292
chore(stable): update to v2.51.4 (#8304)
# Which Problems Are Solved

Update stable to next minor version.
2024-07-15 13:03:51 +02:00
Miguel Cabrerizo
ffe73645e8
fix(console): missing styles for ProfilePictureComponent dialog (#8293)
# Which Problems Are Solved

- The UI layout is broken in Upload your Profile Picture

# How the Problems Are Solved

- MatDialog module was missing

# Additional Context

Here's a screenshot showing the fix

![Captura desde 2024-07-12
12-18-43](https://github.com/user-attachments/assets/7a01fa0e-3e89-4679-9606-085610f5adfe)

- Closes #8284

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-07-15 09:31:46 +00:00
Zhang Zhe
8afdcd99c6
fix: Correct misspelling in zh.yaml file (#8299)
# Which Problems Are Solved

- Corrected a typo in the file
`internal/api/ui/login/static/i18n/zh.yaml` where "Migrosoft" was
changed to "Microsoft".

# How the Problems Are Solved

- Updated the misspelled word "Migrosoft" to "Microsoft" for consistency
and accuracy.

# Additional Changes

- None

# Additional Context

- None
2024-07-15 10:13:55 +02:00
Livio Spring
d7c0ec282a
fix: correctly differ between grpc and grpc-web (#8292)
# Which Problems Are Solved

While #8285 also checked for `+proto` and `+json` grpc content types, it
accidentally matched all grpc-web requests to grpc.

# How the Problems Are Solved

- fixed the regex by checking for an exact match (added start `^` and
end `$` anchors)

# Additional Changes

None

# Additional Context

- relates to #8285
2024-07-12 11:54:02 +02:00
Silvan
aa273ad000
fix(api): grpc content type matcher all grpc types (#8285)
# Which Problems Are Solved

ZITADEL returned a 404 Unimplemented error if the client sent
'application/grpc+proto' or 'application/grpc+json' which are both valid
content types.

# How the Problems Are Solved

changed the header matcher to regexp

# Additional Context

Problem occured in
https://github.com/zitadel/typescript/tree/grpc-transport
2024-07-11 13:22:01 +00:00
Fabi
86c124955d
fix: multiple docs issues (#8244)
# Which Problems Are Solved

- `<details>` tag is rendered in some cases in the docs, instead of
rendering a detail section which can be expanded
- New API V2 and V3 services where not rendered correctly
- The plugin which made it possible to integrate external code files and
show them on the docs didn't work anymore

# How the Problems Are Solved

- remove / from details tag, so it is properly rendered
- changing link source from tag to auto
- Someone already forked the repository and made it available for
docusaurus v3, we integrated the forked version

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-07-11 07:54:04 +02:00
Stefan Benz
fb2d4545b9
fix: add details to ListUsers for user results (#8255)
# Which Problems Are Solved

In User v2 API, the ListUsers endpoint doesn't provide the information
to which organization the user belongs to.

# How the Problems Are Solved

Add the details to the user results from the ListUsers endpoint, so that
the OrgID is also included as ResourceOwner.

# Additional Changes
 
None

# Additional Context

Closes #8172
2024-07-10 17:49:35 +02:00
Stefan Benz
19a8ab02ad
fix: add missing totp remove endpoint in user v2 API (#8256)
# Which Problems Are Solved

TOTP remove endpoint available in management API, not in user v2 API.

# How the Problems Are Solved

Add endpoint RemoveTOTP to user v2 API.

# Additional Changes

None

# Additional Context

close #6605

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-10 12:31:28 +00:00
Silvan
82d950019f
test: add load test for session creation (#8088)
# Which Problems Are Solved

Extends load tests by testing session creation.

# How the Problems Are Solved

The test creates a session including a check for user id.

# Additional Context

- part of https://github.com/zitadel/zitadel/issues/7639
2024-07-09 15:16:50 +00:00
Silvan
23bebc7e30
fix(fields): add index to improve search by aggregate (#8267)
# Which Problems Are Solved

During performance testing of the `eventstore.fields` table we found
some long running queries which searched for the aggregate id.

# How the Problems Are Solved

A new index was added to the `eventstore.fields`-table called
`f_aggregate_object_type_idx`.

# Additional Changes

None

# Additional Context

- Table was added in https://github.com/zitadel/zitadel/pull/8191
- Part of https://github.com/zitadel/zitadel/issues/7639
2024-07-08 15:54:19 +00:00
Dakshitha Ratnayake
ab7c484157
docs: Add the SAML intro docs (#8112)
Please refer to this issue for more information:
https://github.com/zitadel/zitadel/issues/7436
2024-07-08 11:11:09 +00:00
Mario Andrija Balug
6cd467d773
docs: note audience scope for service user (#8252)
# Which Problems Are Solved
- It is not possible to introspect service user token if
`urn:zitadel:iam:org:project🆔{projectid}:aud` scope is not added in
token request.
- Adding this note to the document could reduce confusion and debugging
time
-
https://discord.com/channels/927474939156643850/1168857403945660436/1168930850029707386

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-08 06:03:30 +00:00
Silvan
5ca8ad2075
fix(eventstore): early return if no events in field handler (#8254)
# Which Problems Are Solved

Fixes a panic which can occur if there are no events to reduce in the fields handler

# How the Problems Are Solved

Check if there are any events to reduce

# Additional Context

- Panic was added in https://github.com/zitadel/zitadel/pull/8191
2024-07-05 10:16:12 +02:00
Tim Möhlmann
7967e6f98b
perf(import): optimize search for domains claimed by other organizations (#8200)
# Which Problems Are Solved

Improve the performance of human imports by optimizing the query that
finds domains claimed by other organizations.

# How the Problems Are Solved

Use the fields search table introduced in
https://github.com/zitadel/zitadel/pull/8191 by storing each
organization domain as Object ID and the verified status as field value.

# Additional Changes

- Feature flag for this optimization

# Additional Context

- Performance improvements for import are evaluated and acted upon
internally at the moment

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2024-07-05 09:36:00 +02:00
Tim Möhlmann
ecfb9d0d6d
perf(command): user grant pre-condition check using the search table (#8230)
# Which Problems Are Solved

Imporve the performance of user grant addition, especially for import.

# How the Problems Are Solved

Use the search table to query for the project grant state. 
This could easily be done by making the search used in
`checkProjectGrantPreCondition` reusable.

# Additional Changes

Chanded event declerations to `const` in the
`internal/repository/project` package.

# Additional Context

- Performance improvements for import are evaluated and acted upon
internally at the moment

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-04 16:18:43 +00:00
Livio Spring
d705cb11b7
fix: error handling to prevent panics (#8248)
# Which Problems Are Solved

We found multiple cases where either the error was not properly handled,
which led to panics.

# How the Problems Are Solved

Handle the errors.

# Additional Changes

None.

# Additional Context

- noticed internally
2024-07-04 14:11:06 +00:00
Livio Spring
53d47dc87f
docs: add password expiry (#8241)
# Which Problems Are Solved

Adds the missing documentation to the password expiry policy added in
#8132.

# Additional Context

- relates to #8132
2024-07-04 13:01:22 +00:00
Florian Forster
224dc382d0
docs(cmd): document that human and service user can be used in the default instance (#8229)
# Which Problems Are Solved

This solves a documentation issue raised here
https://github.com/zitadel/zitadel/discussions/8217#discussioncomment-9936216

The behavior was changed with
https://github.com/zitadel/zitadel/issues/6430

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-07-04 11:39:28 +00:00
Andy Vo
c17ab9f82a
feat(console): add tooltip for indicator on inherit button in feature settings (#8238)
# Which Problems Are Solved

- Bubble indicator on inherit button in feature settings is not clear on
what system default behavior is inherited

# How the Problems Are Solved

- Creates tooltip to show what system default behavior is inherited when
cursor hovers over indicator. When indicator is red "Disabled" is
inherited and when the indicator is green "Enabled" is inherited.


![Zitadel_Inherit_Indicator_Disabled](https://github.com/zitadel/zitadel/assets/121371226/2b90cd79-09bf-499f-bf85-f499dccf5b96)


![Zitadel_Inherit_Indicator_Enabled](https://github.com/zitadel/zitadel/assets/121371226/98a838ec-d228-4974-b251-96e548163222)

# Additional Changes

- Adds translations for indicator tooltip message

# Additional Context

- Closes #8129 
- https://discord.com/channels/927474939156643850/1250477939431178363

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-07-04 13:06:52 +02:00
Elio Bischof
7573e0ea8f
feat: add http_server_return_code_counter metric to gateway (#8173)
# Which Problems Are Solved

The metric `http_server_return_code_counter` doesn't record calls to the
gRPC gateway.

# How the Problems Are Solved

The DefaultMetricsHandler that is used for the gPRC gateway doesn't
record `http_server_return_code_counter`.
Instead of the DefaultMetricsHandler, a custom metrics handler which
includes `http_server_return_code_counter` is created for the gRPC
gateway

# Additional Changes

The DefaultMetricsHandler function is removed, as it is no longer used.

# Additional Context

Reported by a customer

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2024-07-04 09:37:23 +00:00
Daniel Moisa
d9a9c013a6
feat: add expiry and domain chip to sms and email otp (#8163)
# Which Problems Are Solved

There are some undocumented parameters that can be used. A good example
is on the "Verify SMS OTP" page.

# How the Problems Are Solved

Expiry and Domain chips are added to the Verify SMS OTP and Verify Email
OTP message text configs in the console.

# Additional Context

- Closes #7134

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-07-04 09:04:22 +00:00
Brian Tajuddin
32b707cf46
feat(6222): remove @ and project from OIDC client ID (#8178)
# Which Problems Are Solved

The client ID for OIDC applications has an `@` in it, which is not
allowed in some 3rd-party systems (such as AWS).

# How the Problems Are Solved

Per @fforootd and @hifabienne in #6222, remove the project suffix and
the `@` from the client ID and just use the generated ID.

# Additional Changes

N/A

# Additional Context

- Closes #6222

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-04 08:31:40 +00:00
RedstonePfalz
02c98f570b
fix: Fixed spelling and grammar misstakes (#8240)
# Which Problems Are Solved

I fixed spelling, grammar and translation misstakes in the german
translation file.

I noticed something else. Some strings use the formal form ("sie") of
address and some strings use the informal (du) form of address.

# Additional Context

- Discussion #8211
2024-07-04 08:02:04 +00:00
Miguel Cabrerizo
50c1d638d7
fix: add a height element to mat-calendar-table-header that works for FF (#8159)
# Which Problems Are Solved

- In Firefox there's an issue with mat-calendar. The header for days of
the week has a height that fills the entire space making dates to
overlap. This happens for both Personal Access Tokens and Keys dialogs.


![image](https://github.com/zitadel/zitadel/assets/30386061/78cc183d-f73d-4667-9281-64981092cc3e)

# How the Problems Are Solved

- In FF there seems to be a problem with the following style in
tables.scss. If I remove that style in FF everything works fine:

```
th,
  td {
    padding: 0 0.5rem !important;
  }
```
Although I tried to override it or remove !important I didn't like the
idea of having side effects all around the tables. As the issue was the
height for the header I tried to add a fixed height for the th elements
using a new specific selector in the tables.scss file. That way FF seems
to calculate the right height for the header and dates are shown
correctly.

If @peintnermax agrees maybe an issue can be opened for a future work to
remove as many !important properties as possible

Here's a screenshot for FF 


![image](https://github.com/zitadel/zitadel/assets/30386061/6d9e47d3-8cc1-4d45-a01d-8d7a00eb010b)

And another one for Chrome


![image](https://github.com/zitadel/zitadel/assets/30386061/ca83a004-9d12-4182-a768-61dc943a1aa2)

Maybe it's not too elegant but as it seems a bug on Firefox I think it's
a contained solution.

# Additional Context

- Closes #7877

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-07-04 07:29:18 +00:00
Livio Spring
88fe25911b
chore: update dependencies (#8242)
# Which Problems Are Solved

Updates the dependencies.

# Additional Context

- relates to https://github.com/zitadel/zitadel/security/dependabot/210
2024-07-04 08:28:56 +02:00
Silvan
1d84635836
feat(eventstore): add search table (#8191)
# Which Problems Are Solved

To improve performance a new table and method is implemented on
eventstore. The goal of this table is to index searchable fields on
command side to use it on command and query side.

The table allows to store one primitive value (numeric, text) per row.

The eventstore framework is extended by the `Search`-method which allows
to search for objects.
The `Command`-interface is extended by the `SearchOperations()`-method
which does manipulate the the `search`-table.

# How the Problems Are Solved

This PR adds the capability of improving performance for command and
query side by using the `Search`-method of the eventstore instead of
using one of the `Filter`-methods.

# Open Tasks

- [x] Add feature flag
- [x] Unit tests
- [ ] ~~Benchmarks if needed~~
- [x] Ensure no behavior change
- [x] Add setup step to fill table with current data
- [x] Add projection which ensures data added between setup and start of
the new version are also added to the table

# Additional Changes

The `Search`-method is currently used by `ProjectGrant`-command side.

# Additional Context

- Closes https://github.com/zitadel/zitadel/issues/8094
2024-07-03 15:00:56 +00:00
Fabi
637f441a7d
fix: change saml sp to saml idp (#8233)
# Which Problems Are Solved

In the configuration of external idps we show SAML SP as provider which
is confusing, as it is a SAML IdP which is configured

# How the Problems Are Solved

Rename SAML SP to SAML IdP
2024-07-03 13:43:20 +02:00
Livio Spring
08a75635d2
fix: correctly set user agent / fingerprint id on user sessions (#8231)
# Which Problems Are Solved

When we switched to V2 tokens (#7822), the user agent was incorrectly
set for sessions created though the login UI.
Additionally, when calling the ListMyUserSessions from the AuthService,
any session without the fingerprint ID (e.g. created through the session
API) would be listed.

# How the Problems Are Solved

- Use the intended ID of the user agent (fingerprint)
- Ignore empty user agent IDs when listing the user sessions

# Additional Changes

None.

# Additional Context

- relates #7822 
- closes #8213
2024-07-03 09:43:34 +02:00
Miguel Cabrerizo
c8e168ac69
fix: remove non-existent colums in getMembershipFromQuery queries (#7869)
In issue #7841 @mahmoodfathy commented an issue when the API call for
Listing My ZITADEL Manager Roles is called with any kind of query
(orgQuery, projectQuery, projectGrantQuery...). A column XXXXXX does not
exist (SQLSTATE 42703) error is thrown.

The issue was focused in getMembershipFromQuery where filtering queries
functions are called: prepareOrgMember, prepareIAMMember,
prepareProjectMember and prepareProjectGrantMember

Those functions allow queries for columns that are not members of the
table to be queried so I've added a conditional clause to avoid using
the queries that cannot be called.

For example, for prepareOrgMember, member.id, member.project_id and
member.grant_id columns are not added to the filter queries

```
for _, q := range query.Queries {
		if q.Col().table.name == membershipAlias.name &&
			!slices.Contains([]string{membershipIAMID.name, membershipProjectID.name, membershipGrantID.name}, q.Col().name) {
			builder = q.toQuery(builder)
		}
	}
	return builder.MustSql()
```

Here I show one screenshot where the error "column XXXXXX does not exist
(SQLSTATE 42703)" is no longer thrown using an orgQuery.


![image](https://github.com/zitadel/zitadel/assets/30386061/77621e69-71df-42de-b3c5-fa9b4dbf1b89)

Should close #7841 

### Definition of Ready

- [X] I am happy with the code
- [X] Short description of the feature/issue is added in the pr
description
- [X] PR is linked to the corresponding user story
- [X] Acceptance criteria are met
- [ ] All open todos and follow ups are defined in a new ticket and
justified
- [ ] Deviations from the acceptance criteria and design are agreed with
the PO and documented.
- [X] No debug or dead code
- [X] My code has no repetitions
- [X] Critical parts are tested automatically
- [ ] Where possible E2E tests are implemented
- [ ] Documentation/examples are up-to-date
- [ ] All non-functional requirements are met
- [X] Functionality of the acceptance criteria is checked manually on
the dev system.

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-07-02 12:08:28 +00:00
Livio Spring
c7b8d6d97f
chore(stable): update to v2.50.6 (#8221) 2024-07-02 11:18:56 +02:00
Miguel Cabrerizo
cd6b452fc9
fix: add missing SAML type for GetActiveIdentityProviders (#8186)
# Which Problems Are Solved

- When the endpoint http://{CUSTOM-DOMAIN}/v2beta/settings/login/idps is
called the type for an activated SAML provider is not sent.
- The IDENTITY_PROVIDER_TYPE_SAML is missing

# How the Problems Are Solved

- Adds the missing IDENTITY_PROVIDER_TYPE_SAML to the
IdentityProviderType proto definition
- Adds the missing case for idpTypeToPb 
- Adds the missing test case for idpTypeToPb

Here's a screenshot showing the endpoint response:


![image](https://github.com/zitadel/zitadel/assets/30386061/6e3e9c41-543c-472e-96ab-3d40736a2699)

# Additional Context

- Closes #7885

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-06-28 15:00:56 +00:00
Stefan Benz
d92717a1c6
fix: encode ldap values to make valid UTF8 (#8210)
# Which Problems Are Solved

UUIDs stored in LDAP are Octet Strings and have to be parsed, so that
they can be stored as IDs as they are not valid UTF8.

# How the Problems Are Solved

Try to parse the RawValue from LDAP as UUID, otherwise try to base64
decode and then parse as UUID, else use the data as string as before.

# Additional Changes

None

# Additional Context

Closes #7601
2024-06-28 13:46:54 +00:00
Miguel Cabrerizo
728158298d
fix(console): filters on user's list ignored if you go back from user details (#8180)
# Which Problems Are Solved

- As @stebenz reported, if we apply some user filters and show user's
details clicking on the table's entry, if we go back again (maybe the
action has to be repeated many times to see the error in action) the
filter seems to be ignored and the table shows all users.

# How the Problems Are Solved

- There's an issue with getting data for the user's table. On ngOnInit
the data is retrieved but also the data is retrieved again when the
filter is applied after going back from the user details view. Due to
asynchronous calls there are some times when the getData, called from
ngOnInit, finishes after the call from applySearchQuery, which applies
the filter, and that's why the data in the tables shows unfiltered data.
In the screenshot we see that we get two results from ngOnInit call
after getting the filtered data (1 result) overwriting the filtered
results.

![Captura desde 2024-06-23
14-02-30](https://github.com/zitadel/zitadel/assets/30386061/fdfa8353-04c6-4892-bd39-aa75dd4d2049)

- I've added a check on ngOnInit that verifies if we have already a
filter (query params) which means that we don't need to getData there as
the filter and getData is going to be applied when applySearchQuery is
called. Here's a video checking that the issue no longer happens:


https://github.com/zitadel/zitadel/assets/30386061/9907d94f-1326-4975-8664-2a0ff51f4568

# Additional Changes

- I think it's better to change the button text to apply the filter from
Finish to Apply

# Additional Context

- Closes #8049
2024-06-28 13:04:05 +00:00
Miguel Cabrerizo
14aeb42cc2
fix: RFC1342 encode sender name that goes in from header (#8193)
# Which Problems Are Solved

- Some smtp server/client combination may have problems with non-ASCII
sender names for example using an umlaut

# How the Problems Are Solved

- The same RFC1342 mechanism that was added in
#https://github.com/zitadel/zitadel/pull/6637 and later improved by
@eliobischof with BEncoding has been added to the sender name that goes
in the From header

# Additional Context

- Closes #7976
2024-06-28 08:33:42 +00:00
Miguel Cabrerizo
da592ccf57
fix(console): minor UI issues (#8192)
# Which Problems Are Solved

- The console has some dialog UI issues reported in #7404 
- There's some horizontal scrolling in dialogs due to field errors width
overflow. In dialogs like Twilio or add flow the x-scroll show always.

![action_trigger_scroll](https://github.com/zitadel/zitadel/assets/30386061/6b574dd7-e309-4a21-a34a-6a1a98ef57ab)

![twilio_scroll](https://github.com/zitadel/zitadel/assets/30386061/48bf5af8-a8cd-4594-acf6-ef61b678443a)

- New Factor MFA title has no styles applied
![Captura desde 2024-06-25
08-37-40](https://github.com/zitadel/zitadel/assets/30386061/931419b4-7f37-4cd1-9b37-9b7fa9ff8453)

# How the Problems Are Solved

- A new style for field wrappers inside mat-dialog-component to
form-field scss that sets width to auto.
- This PR fix a missing MFA mat-dialog-title to apply styles to New
Factor title
- Issues with secret generators had been already fixed in #8141
- Issues with padding for Twilio and Actions were fixed by @peintnermax

# Additional Changes


# Additional Context

- Closes #7404

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-06-27 09:40:00 +00:00
Livio Spring
1b0e773ceb
fix(ldap): add more logs (#8197)
# Which Problems Are Solved

In case the user bind (user password check for LDAP IdP) fails, there's
no information about what went wrong.
This makes it hard to even impossible to find the cause.

# How the Problems Are Solved

Added logging of the error.

# Additional Changes

Additionally added a log in case no single user (none / multiple) are
found.

# Additional Context

- reported internally
2024-06-25 19:04:10 +00:00
Florian Forster
3af825a6f7
chore(devcontainer): improve devcontainer to work on windows and linux (#8194)
# Which Problems Are Solved

Working on windows with a devcontainer has line ending issues which are
solved with the .gitattributes file
2024-06-25 14:40:34 +00:00
Miguel Cabrerizo
88182f98ba
fix: replace Instance Settings with Default Settings in i18n and docs (#8143)
# Which Problems Are Solved

- The console shows the Instance Settings title and a description.
Instance settings should be replaced with Default settings

# How the Problems Are Solved

- The DESCRIPTIONS.SETTINGS.INSTANCE.TITLE and
DESCRIPTIONS.SETTINGS.INSTANCE.DESCRIPTION have been replaced with
Default Settings and in the corresponding translation files.

Here's a screenshot:


![image](https://github.com/zitadel/zitadel/assets/30386061/b404f209-2043-414c-b06d-3291771d54fb)

# Additional Changes

- The docs have been updated to replace remaining texts mentioning
Instance Settings with Default Settings
- Two unused texts have been deleted from the translation files
- VSCode with Prettier have applied some markdown changes

# Additional Context

- Closes #7632

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2024-06-25 09:18:06 +00:00
Tim Möhlmann
dc170dc46e
feat(crypto): support md5 plain for imported password hashes (#8189)
# Which Problems Are Solved

Allow verification of imported passwords hashed with plain md5, without
salt. These are password digests typically created by one of:

- `printf "password" | md5sum` on most linux systems.
- PHP's `md5("password")`
- Python3's `hashlib.md5(b"password").hexdigest()`

# How the Problems Are Solved

- Upgrade passwap to
[v0.6.0](https://github.com/zitadel/passwap/releases/tag/v0.6.0)
- Add md5plain as a new verfier option in `defaults.yaml`

# Additional Changes

- Updated documentation to explain difference between `md5` (crypt) and
`md5plain` verifiers.

# Additional Context

- Requested by customer for import case
2024-06-25 11:10:49 +03:00