TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,850 Commits 166 Branches 1,927 Tags 670 MiB
35c313c691
Commit Graph

2850 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Elio Bischof
76fe032b5f
feat: option to disallow public org registration (#6917) 
* feat: return 404 or 409 if org reg disallowed

* fix: system limit permissions

* feat: add iam limits api

* feat: disallow public org registrations on default instance

* add integration test

* test: integration

* fix test

* docs: describe public org registrations

* avoid updating docs deps

* fix system limits integration test

* silence integration tests

* fix linting

* ignore strange linter complaints

* review

* improve reset properties naming

* redefine the api

* use restrictions aggregate

* test query

* simplify and test projection

* test commands

* fix unit tests

* move integration test

* support restrictions on default instance

* also test GetRestrictions

* self review

* lint

* abstract away resource owner

* fix tests

* lint
 2023-11-22 09:29:38 +00:00
Max Peintner
5fa596a871
fix(console): onboarding actions with external links (#6822) 
* fix: attr for external links

* template outlet
 2023-11-22 09:14:37 +00:00
Max Peintner
d4b18a3eda
fix(console): dependencies (#6943) 
* chore(deps-dev): bump @types/file-saver from 2.0.5 to 2.0.7 in /console (#6878)

Bumps [@types/file-saver](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/file-saver) from 2.0.5 to 2.0.7.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/file-saver)

---
updated-dependencies:
- dependency-name: "@types/file-saver"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump axios from 1.4.0 to 1.6.1 in /console (#6902)

Bumps [axios](https://github.com/axios/axios) from 1.4.0 to 1.6.1.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.4.0...v1.6.1)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @types/jsonwebtoken from 9.0.2 to 9.0.5 in /console (#6877)

chore(deps-dev): bump @types/jsonwebtoken in /console

Bumps [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jsonwebtoken) from 9.0.2 to 9.0.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jsonwebtoken)

---
updated-dependencies:
- dependency-name: "@types/jsonwebtoken"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump libphonenumber-js from 1.10.30 to 1.10.49 in /console (#6845)

Bumps [libphonenumber-js](https://gitlab.com/catamphetamine/libphonenumber-js) from 1.10.30 to 1.10.49.
- [Changelog](https://gitlab.com/catamphetamine/libphonenumber-js/blob/master/CHANGELOG.md)
- [Commits](https://gitlab.com/catamphetamine/libphonenumber-js/compare/v1.10.30...v1.10.49)

---
updated-dependencies:
- dependency-name: libphonenumber-js
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump typescript from 4.9.5 to 5.1.6 in /console (#6650)

Bumps [typescript](https://github.com/Microsoft/TypeScript) from 4.9.5 to 5.1.6.
- [Release notes](https://github.com/Microsoft/TypeScript/releases)
- [Commits](https://github.com/Microsoft/TypeScript/compare/v4.9.5...v5.1.6)

---
updated-dependencies:
- dependency-name: typescript
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump google-proto-files from 3.0.3 to 4.0.0 in /console (#6653)

Bumps [google-proto-files](https://github.com/googleapis/nodejs-proto-files) from 3.0.3 to 4.0.0.
- [Release notes](https://github.com/googleapis/nodejs-proto-files/releases)
- [Changelog](https://github.com/googleapis/nodejs-proto-files/blob/main/CHANGELOG.md)
- [Commits](https://github.com/googleapis/nodejs-proto-files/compare/v3.0.3...v4.0.0)

---
updated-dependencies:
- dependency-name: google-proto-files
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump tslib from 2.5.0 to 2.6.2 in /console (#6649)

Bumps [tslib](https://github.com/Microsoft/tslib) from 2.5.0 to 2.6.2.
- [Release notes](https://github.com/Microsoft/tslib/releases)
- [Commits](https://github.com/Microsoft/tslib/compare/2.5.0...v2.6.2)

---
updated-dependencies:
- dependency-name: tslib
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump @ngx-translate/core from 14.0.0 to 15.0.0 in /console (#6646)

Bumps [@ngx-translate/core](https://github.com/ngx-translate/core) from 14.0.0 to 15.0.0.
- [Release notes](https://github.com/ngx-translate/core/releases)
- [Commits](https://github.com/ngx-translate/core/compare/v14.0.0...v15.0.0)

---
updated-dependencies:
- dependency-name: "@ngx-translate/core"
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump @babel/traverse from 7.21.5 to 7.23.2 in /console (#6742)

Bumps [@babel/traverse](https://github.com/babel/babel/tree/HEAD/packages/babel-traverse) from 7.21.5 to 7.23.2.
- [Release notes](https://github.com/babel/babel/releases)
- [Changelog](https://github.com/babel/babel/blob/main/CHANGELOG.md)
- [Commits](https://github.com/babel/babel/commits/v7.23.2/packages/babel-traverse)

---
updated-dependencies:
- dependency-name: "@babel/traverse"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* lock

* ts

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
 2023-11-21 23:41:53 +00:00
Tim Möhlmann
ba9b807854
perf(oidc): optimize the introspection endpoint (#6909) 
* get key by id and cache them

* userinfo from events for v2 tokens

* improve keyset caching

* concurrent token and client checks

* client and project in single query

* logging and otel

* drop owner_removed column on apps and authN tables

* userinfo and project roles in go routines

* get  oidc user info from projections and add actions

* add avatar URL

* some cleanup

* pull oidc work branch

* remove storage from server

* add config flag for experimental introspection

* legacy introspection flag

* drop owner_removed column on user projections

* drop owner_removed column on useer_metadata

* query userinfo unit test

* query introspection client test

* add user_grants to the userinfo query

* handle PAT scopes

* bring triggers back

* test instance keys query

* add userinfo unit tests

* unit test keys

* go mod tidy

* solve some bugs

* fix missing preferred login name

* do not run triggers in go routines, they seem to deadlock

* initialize the trigger handlers late with a sync.OnceValue

* Revert "do not run triggers in go routines, they seem to deadlock"

This reverts commit 2a03da2127.

* add missing translations

* chore: update go version for linting

* pin oidc version

* parse a global time location for query test

* fix linter complains

* upgrade go lint

* fix more linting issues

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
 2023-11-21 13:11:38 +01:00
Livio Spring
ad3563d58b
fix: handle project deactivate and remove correctly on tokens (#6947) 2023-11-21 10:05:22 +01:00
Livio Spring
492b7d8676
docs(security.md): update link to disclosure policy (#6948) 2023-11-21 09:15:51 +01:00
Stefan Benz
0ec7a74877
perf: remove owner removed columns from projections for oidc (#6925) 
* fix: remove owner removed columns from login names projection

* fix: remove owner removed columns from flow projection

* fix: remove owner removed columns from project, projectgrant and member projections

* fix: correct unit tests for session projection

* fix: correct unit tests for session projection
 2023-11-20 17:21:08 +02:00
Arslan Gait
3bed5f50a8
docs: correct spelling in claims.md (#6935) 
Update claims.md

Fixed typo in word 'and'
 2023-11-20 12:38:06 +00:00
mffap
bd5506494a
docs(legal): update legal framework and policies (November 2023) (#6611) 
* move policies

* service description editorial

* service description move

* add subprocessors

* resort policies and service descriptions

* subprocessor

* subprocessors wip

* wip

* subprocessors

* subprocessors introduction

* billing wip

* service level headings

* billing wip

* gdpr region clarification

* fix some styling

* support service wip

* wip

* service-description

* fair use, broken links

* services offered

* rework enterprise benefits

* support plans

* remove language, add support issue

* combine onboarding support

* wip

* use of brand and trademarks

* sidebar

* DASU

* Combine ToS for support services

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

* changes from review

* update updatedAt

* dpa and pp updates WIP

* broken links

* tom

* remote entity

* title annex enterprise agreement

* typo

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@zitadel.com>

* update last update dates

* replace quota with amount

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
 2023-11-16 09:26:25 +00:00
Livio Spring
2e8c3b5a53
feat: allow session deletion without session token (#6889) 
* fix: add resource owner of user and change the one of session to instance

* use user resource owner from session projection

* fix session permission check

* integration tests and fixes

* update api docs
 2023-11-16 07:35:50 +01:00
Silvan
0948a0b9ae
ci: set runner group on parallel jobs (#6916) 2023-11-14 10:48:41 +00:00
Livio Spring
3bc9a60986
fix: allow webauthn checks for users of other orgs (#6915) 2023-11-14 09:42:39 +00:00
Livio Spring
1344760369
fix: set samesite mode for CSRF cookie based on security policy (#6914) 2023-11-14 10:01:59 +01:00
Miguel Cabrerizo
bd63fcd15d
feat(console): add SAML certificate link and endpoints (#6841) 
* feat(console): add SAML certificate link and endpoints

* fix: add missing translations for cs and ru

* fix: add @eliobischof review suggestions

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
 2023-11-13 17:49:55 +00:00
Tim Möhlmann
081a0b4cb7
chore(deps): upgrade all go modules (#6895) 
* chore(deps): upgrade all go modules

This change upgrades all go.mod dependecies. As well as Makefile tools.

There where some imports that still used the old and deprecated
`github.com/golang/protobuf/ptypes` package.
These have been moved to the equivelant
`google.golang.org/protobuf/types/known` package.

The `internal/proto` package is removed as was only used once.
With a simple refactor in the Validator it became completely obsolete.

* fix validate unit test

* cleanup merge

* update otel

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-11-13 10:41:29 +00:00
Livio Spring
0386fe7f96
fix: improve login_hint usage on IDPs (#6899) 
* only set prompt if no login_hint is set

* update to current state and cleanup
 2023-11-13 09:25:26 +01:00
Tim Möhlmann
42a2c0093d
fix: use x-zitadel-forwarded header (#6900) 
fix: use x-zitadel-forward header
 2023-11-10 15:02:53 +00:00
Ahmed Fwela
3f22fb3a5c
feat(user/v1): support composite queries (#6361) 
* feat(user/v1): support composite queries

* fix: added proper error handling for NotQuery

* Added error when there are too many levels of nesting

* Add localization keys for english

* Update internal/api/grpc/user/query.go
 2023-11-09 11:38:34 +01:00
Elio Bischof
e0a5f8661d
feat: improve UX for external configuration (#6861) 
* docs: simplify traefik external tls

* remove pass host header

* docs: simplify and fix nginx external tls

* fix: readiness with enabled tls

* improve proxy docs

* improve proxy docs

* fix(ready): don't verify server cert

* complete nginx docs

* cleanup

* complete traefik docs

* add caddy docs

* simplify traefik

* standardize

* fix caddy

* add httpd docs

* improve external config docs

* guiding error message

* docs(defaults.yaml): remove misleading comments

* guiding error message cs and ru

* improve proxy testability

* fix compose up command

* improve commands

* fix nginx tls disabled

* fix nginx tls enabled

* fix: serve gateway when tls is enabled

* fmt caddy files

* fix caddy enabled tls

* remove not-working commands

* review

* fix checks

* fix link

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-11-09 11:30:15 +01:00
Livio Spring
22e2d55999
Merge pull request from GHSA-7h8m-vrxx-vr4m 
* fix: handle locking policy correctly for multiple simultaneous password checks

* recheck events
 2023-11-08 14:19:13 +01:00
sp132
9a708b1b78
feat: extend session search service (#6746) 
* feat: extend session search service (#6029)

add two more searching criteria - human user id and session creation date

optional sorting by the session creation date

* fix: use correct column identifier

* fix: implement Col()

* chore: fix unit tests

* chore: fix linter warnings

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
 2023-11-08 11:32:13 +01:00
Mark A. Hershberger
0d3788b757
docs: Update managers.mdx (#6873) 
Update managers.mdx

typo

Co-authored-by: Fabi <fabienne@zitadel.com>
 2023-11-08 09:07:11 +00:00
Alexei
9ccdfdc196
feat: Add translations for Russian (#6864) 
* wip

* add Russian (autotranslate)
TODO: review translations

* fix console linting

* add russian language to login translations

* docs

* missing console translations

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-11-08 07:38:55 +00:00
petrmifek
e839f03f57
feat(i18n): Czech language support (#6870) 
feat(i18n): Add Czech language support
 2023-11-08 07:55:41 +01:00
Miguel Cabrerizo
49d3ae6238
feat(console): replace twitter bird with X (#6843) 
feat(console): replace blue bird with X

Co-authored-by: Elio Bischof <elio@zitadel.com>
 2023-11-07 10:43:29 +00:00
Livio Spring
e342e3d99b
fix: prevent panic in loginNameInformation (#6876) 2023-11-07 11:16:49 +01:00
Michal
a50d1408be
feat(console): add-saml-to-idp (#6687) (#6750) 
Co-authored-by: Max Peintner <max@caos.ch>
 2023-11-07 10:58:31 +01:00
Tim Möhlmann
b3ff359fc1
fix(system-api): use distinct in intances filter query (#6867) 2023-11-07 06:12:16 +00:00
Livio Spring
f3b8a3aece
feat: add possibility to set an expiration to a session (#6851) 
* add lifetime to session api

* extend session with lifetime

* check session token expiration

* fix typo

* integration test to check session token expiration

* integration test to check session token expiration

* i18n

* cleanup

* improve tests

* prevent negative lifetime

* fix error message

* fix lifetime check
 2023-11-06 10:48:28 +01:00
Livio Spring
ce322323aa
perf(oidc): remove db call for discovery configuration (#6857) 2023-11-03 15:18:57 +00:00
Elio Bischof
1b6e3dcf27
fix: creation date argument in search events filters (#6855) 
* fix: creation date filter in event queries

* fix: creation date with ordering filter

* simplify code

* simplify review

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-11-03 14:52:48 +00:00
Livio Spring
9378e19090
fix: payload (de)serialization of some events (#6858) 2023-11-03 11:02:17 +00:00
Livio Spring
585c8af5f2
docs(technical advisory): add version to console branding (#6852) 2023-11-02 16:18:14 +01:00
Stefan Benz
d874628f77
fix: use username with external idp linking (#6846) 
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-11-02 11:28:59 +00:00
Stefan Benz
f84eb19637
fix: change error message from metadata query User.NotFound to Metada… (#6830) 
fix: change error message from metadata query User.NotFound to Metadata.NotFound

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-11-02 08:35:15 +00:00
Max Peintner
c8dc14ca9d
fix(console): dont apply colors from branding settings (#6853) 
fix: dont apply colors in console, clean up theme service
 2023-11-02 06:41:36 +00:00
Max Peintner
814e09f1d5
fix(console): placeholder accessor (#6849) 
* fix(console): placeholder accessor

* cleanup
 2023-10-31 13:24:39 +01:00
Max Peintner
a2a02598d0
fix(console): minor layout issues (#6835) 
Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-10-31 06:33:32 +00:00
Tim Möhlmann
0a1da1f02c
fix: reset custom texts to default (#6833) 
* Revert "fix: add texts after template reset (#6237)"

This reverts commit d937ee3dda.

* fix: reset of custom text template

* add custom bulk limits from issue

https://github.com/zitadel/zitadel/issues/6766#issuecomment-1778721782
 2023-10-27 17:43:13 +00:00
Max Peintner
8a991a3a5c
fix(console): Load local font asset, remove style override, clockskew reactive forms (#6834) 
fix: local asset, rm title override, clockskew app-detail

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-10-27 12:41:19 +00:00
Silvan
f8bf8ea256
fix(eventstore): differentiate unique constraint error (#6832) 
* fix(eventstore): differentiate unique constraint error format

* docs: add comment to eventstore vars

* fix(eventstore): return correct error type if unique constraint already exists
 2023-10-27 14:10:01 +02:00
Elio Bischof
a4626f9bdb
fix: return unauthenticated code (#6819) 
* fix: return unauthenticated code

* remove cfg.yaml

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
 2023-10-27 06:09:07 +00:00
Silvan
0187487f26
chore: correct tracing of trigger function (#6825) 
* chore: correct tracing of trigger function

* refactor: remove import
 2023-10-26 17:07:56 +02:00
Livio Spring
34e9748cba
chore: update dependencies (#6826) 2023-10-26 15:03:57 +00:00
mffap
61d86343a0
docs(ta): add type expected downtime during update (#6818) 
Co-authored-by: Silvan <silvan.reusser@gmail.com>
 2023-10-26 15:10:34 +02:00
Stefan Benz
0dec125e6b
fix: list mapping of saml provider configuration type (#6815) 
Co-authored-by: Max Peintner <max@caos.ch>
 2023-10-26 10:06:37 +00:00
Max Peintner
b099a26a16
feat(console): MDC components (#6482) 
mdc components

---------

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
 2023-10-26 08:29:06 +00:00
Stefan Benz
cb7b50b513
feat: add attribute to only enable specific themes (#6798) 
* feat: enable only specific themes in label policy

* feat: enable only specific themes in label policy

* feat: enable only specific themes in label policy

* feat: enable only specific themes in label policy

* add management in console

* pass enabledTheme

* render login ui based on enabled theme

* add in branding / settings service and name consistently

* update console to latest proto state

* fix console linting

* fix linting

* cleanup

* add translations

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
 2023-10-26 05:54:09 +00:00
Walnuts
7b0506c19c
fix(i18n): Corrected Japanese translation (#6783) 
fix: change ja 18n

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
 2023-10-25 20:18:36 +00:00
Tim Möhlmann
ad26ca88d7
feat(system api): list instances by domains (#6806) 
Allow to list instances by their domains on the system API.

closes #6785
 2023-10-25 19:20:12 +00:00