Livio Spring
3d071fc505
feat: trusted (instance) domains ( #8369 )
...
# Which Problems Are Solved
ZITADEL currently selects the instance context based on a HTTP header
(see https://github.com/zitadel/zitadel/issues/8279#issue-2399959845 and
checks it against the list of instance domains. Let's call it instance
or API domain.
For any context based URL (e.g. OAuth, OIDC, SAML endpoints, links in
emails, ...) the requested domain (instance domain) will be used. Let's
call it the public domain.
In cases of proxied setups, all exposed domains (public domains) require
the domain to be managed as instance domain.
This can either be done using the "ExternalDomain" in the runtime config
or via system API, which requires a validation through CustomerPortal on
zitadel.cloud.
# How the Problems Are Solved
- Two new headers / header list are added:
- `InstanceHostHeaders`: an ordered list (first sent wins), which will
be used to match the instance.
(For backward compatibility: the `HTTP1HostHeader`, `HTTP2HostHeader`
and `forwarded`, `x-forwarded-for`, `x-forwarded-host` are checked
afterwards as well)
- `PublicHostHeaders`: an ordered list (first sent wins), which will be
used as public host / domain. This will be checked against a list of
trusted domains on the instance.
- The middleware intercepts all requests to the API and passes a
`DomainCtx` object with the hosts and protocol into the context
(previously only a computed `origin` was passed)
- HTTP / GRPC server do not longer try to match the headers to instances
themself, but use the passed `http.DomainContext` in their interceptors.
- The `RequestedHost` and `RequestedDomain` from authz.Instance are
removed in favor of the `http.DomainContext`
- When authenticating to or signing out from Console UI, the current
`http.DomainContext(ctx).Origin` (already checked by instance
interceptor for validity) is used to compute and dynamically add a
`redirect_uri` and `post_logout_redirect_uri`.
- Gateway passes all configured host headers (previously only did
`x-zitadel-*`)
- Admin API allows to manage trusted domain
# Additional Changes
None
# Additional Context
- part of #8279
- open topics:
- "single-instance" mode
- Console UI
2024-07-31 18:00:38 +03:00
Stefan Benz
1c5ecba42a
feat: add action v2 execution on requests and responses ( #7637 )
...
* feat: add execution of targets to grpc calls
* feat: add execution of targets to grpc calls
* feat: add execution of targets to grpc calls
* feat: add execution of targets to grpc calls
* feat: add execution of targets to grpc calls
* feat: add execution of targets to grpc calls
* feat: add execution of targets to grpc calls
* feat: split request and response logic to handle the different context information
* feat: split request and response logic to handle the different context information
* fix: integration test
* fix: import alias
* fix: refactor execution package
* fix: refactor execution interceptor integration and unit tests
* fix: refactor execution interceptor integration and unit tests
* fix: refactor execution interceptor integration and unit tests
* fix: refactor execution interceptor integration and unit tests
* fix: refactor execution interceptor integration and unit tests
* docs: basic documentation for executions and targets
* fix: change order for interceptors
* fix: merge back origin/main
* fix: change target definition command and query side (#7735 )
* fix: change target definition command and query side
* fix: correct refactoring name changes
* fix: correct refactoring name changes
* fix: changing execution defintion with target list and type
* fix: changing execution definition with target list and type
* fix: add back search queries for target and include
* fix: projections change for execution with targets suffix table
* fix: projections change for execution with targets suffix table
* fix: projections change for execution with targets suffix table
* fix: projections change for execution with targets suffix table
* fix: projections change for execution with targets suffix table
* fix: projections change for execution with targets suffix table
* fix: projections change for execution with targets suffix table
* docs: add example to actions v2
* docs: add example to actions v2
* fix: correct integration tests on query for executions
* fix: add separate event for execution v2 as content changed
* fix: add separate event for execution v2 as content changed
* fix: added review comment changes
* fix: added review comment changes
* fix: added review comment changes
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
* fix: added review comment changes
* fix: added review comment changes
* Update internal/api/grpc/server/middleware/execution_interceptor.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: added review comment changes
* fix: added review comment changes
* fix: added review comment changes
* fix: added review comment changes
* fix: added review comment changes
* fix: added review comment changes
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-05-04 11:55:57 +02:00
Elio Bischof
f4c72cbe14
feat: improve instance not found error ( #7413 )
...
* feat: improve instance not found error
* unit tests
* check if is templatable
* lint
* assert
* compile tests
* remove error templates
* link to instance not found page
* fmt
* cleanup
* lint
2024-02-28 10:49:57 +00:00
Elio Bischof
ed0bc39ea4
feat: block instances ( #7129 )
...
* docs: fix init description typos
* feat: block instances using limits
* translate
* unit tests
* fix translations
* redirect /ui/login
* fix http interceptor
* cleanup
* fix http interceptor
* fix: delete cookies on gateway 200
* add integration tests
* add command test
* docs
* fix integration tests
* add bulk api and integration test
* optimize bulk set limits
* unit test bulk limits
* fix broken link
* fix assets middleware
* fix broken link
* validate instance id format
* Update internal/eventstore/search_query.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* remove support for owner bulk limit commands
* project limits to instances
* migrate instances projection
* Revert "migrate instances projection"
This reverts commit 214218732a
.
* join limits, remove owner
* remove todo
* use optional bool
* normally validate instance ids
* use 302
* cleanup
* cleanup
* Update internal/api/grpc/system/limits_converter.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* remove owner
* remove owner from reset
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-01-17 10:16:48 +00:00
Elio Bischof
4980cd6a0c
feat: add SYSTEM_OWNER role ( #6765 )
...
* define roles and permissions
* support system user memberships
* don't limit system users
* cleanup permissions
* restrict memberships to aggregates
* default to SYSTEM_OWNER
* update unit tests
* test: system user token test (#6778 )
* update unit tests
* refactor: make authz testable
* move session constants
* cleanup
* comment
* comment
* decode member type string to enum (#6780 )
* decode member type string to enum
* handle all membership types
* decode enums where necessary
* decode member type in steps config
* update system api docs
* add technical advisory
* tweak docs a bit
* comment in comment
* lint
* extract token from Bearer header prefix
* review changes
* fix tests
* fix: add fix for activityhandler
* add isSystemUser
* remove IsSystemUser from activity info
* fix: add fix for activityhandler
---------
Co-authored-by: Stefan Benz <stefan@caos.ch>
2023-10-25 15:10:45 +00:00
Stefan Benz
48ae5d58ac
feat: add activity logs on user actions with authentication, resource… ( #6748 )
...
* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI
* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI
* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI
* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI
* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI
* fix: add unit tests to info package for context changes
* fix: add activity_interceptor.go suggestion
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* fix: refactoring and fixes through PR review
* fix: add auth service to lists of resourceAPIs
---------
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-10-25 12:09:15 +00:00
Elio Bischof
1a49b7d298
perf: project quotas and usages ( #6441 )
...
* project quota added
* project quota removed
* add periods table
* make log record generic
* accumulate usage
* query usage
* count action run seconds
* fix filter in ReportQuotaUsage
* fix existing tests
* fix logstore tests
* fix typo
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* move notifications into debouncer and improve limit querying
* cleanup
* comment
* fix: add quota unit tests command side
* fix remaining quota usage query
* implement InmemLogStorage
* cleanup and linting
* improve test
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* fix: add quota unit tests command side
* action notifications and fixes for notifications query
* revert console prefix
* fix: add quota unit tests command side
* fix: add quota integration tests
* improve accountable requests
* improve accountable requests
* fix: add quota integration tests
* fix: add quota integration tests
* fix: add quota integration tests
* comment
* remove ability to store logs in db and other changes requested from review
* changes requested from review
* changes requested from review
* Update internal/api/http/middleware/access_interceptor.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* tests: fix quotas integration tests
* improve incrementUsageStatement
* linting
* fix: delete e2e tests as intergation tests cover functionality
* Update internal/api/http/middleware/access_interceptor.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* backup
* fix conflict
* create rc
* create prerelease
* remove issue release labeling
* fix tracing
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-09-15 16:58:45 +02:00
Silvan
095ec21678
feat: user v2alpha email API ( #5708 )
...
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35
.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 09:02:29 +02:00
Livio Spring
b3d8787921
feat: add new api services ( #5619 )
...
* feat: add new services
* improve demos and comments
* remove unused field
* add comment to demo proto calls
* Apply suggestions from code review
Co-authored-by: Silvan <silvan.reusser@gmail.com>
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-04-11 15:37:42 +02:00
Silvan
e38abdcdf3
perf: query data AS OF SYSTEM TIME
( #5231 )
...
Queries the data in the storage layser at the timestamp when the call hit the API layer
2023-02-27 22:36:43 +01:00
Elio Bischof
681541f41b
feat: add quotas ( #4779 )
...
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
Livio Spring
aed7010508
fix: scheduling ( #3978 )
...
* fix: improve scheduling
* build pre-release
* fix: locker
* fix: user handler and print stack in case of panic in reducer
* chore: remove sentry
* fix: improve handler projection and implement tests
* more tests
* fix: race condition in tests
* Update internal/eventstore/repository/sql/query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: implemented suggested changes
* fix: lock statement
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-07-22 10:08:39 +00:00
Livio Spring
ed5721d39e
feat: TLS support ( #3862 )
...
* feat: TLS support
* add comment
* fix comment
2022-06-24 12:38:22 +00:00
Livio Amstutz
2fc39c0da0
feat: system api requires authenticated requests ( #3570 )
...
* begin auth
* feat: system api requires authenticated requests
* fix tests
2022-05-30 13:38:30 +02:00
Florian Forster
fa9f581d56
chore(v2): move to new org ( #3499 )
...
* chore: move to new org
* logging
* fix: org rename caos -> zitadel
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Livio Amstutz
2c4799c223
feat: complete dynamic domain handling ( #3482 )
...
* feat: dynamic issuer
* feat: default language from context
* remove zitadel docs from defaults
* remove ConsoleOverwriteDir
* remove notification endpoints from defaults
* custom domains in emails
* remove (external) domain
* external domain completely removed, console handling fixed
* fix test
* fix defaults.yaml
2022-04-25 11:16:36 +02:00
Fabi
3d5891eb11
feat: System api ( #3461 )
...
* feat: start system api
* feat: remove auth
* feat: change gitignore
* feat: run system api
* feat: remove clear view form admin api
* feat: search instances
* feat: add instance
* fix: set primary domain
* Update .gitignore
* fix: add instance
* fix: add instance
* fix: handle errors
* fix: handle instance name
* fix: test
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-21 12:37:39 +02:00
Livio Amstutz
958362e6c9
feat: handle instance from context ( #3382 )
...
* commander
* commander
* selber!
* move to packages
* fix(errors): implement Is interface
* test: command
* test: commands
* add init steps
* setup tenant
* add default step yaml
* possibility to set password
* merge v2 into v2-commander
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: search query builder can filter events in memory
* fix: filters for add member
* fix(setup): add `ExternalSecure` to config
* chore: name iam to instance
* fix: matching
* remove unsued func
* base url
* base url
* test(command): filter funcs
* test: commands
* fix: rename orgiampolicy to domain policy
* start from init
* commands
* config
* fix indexes and add constraints
* fixes
* fix: merge conflicts
* fix: protos
* fix: md files
* setup
* add deprecated org iam policy again
* typo
* fix search query
* fix filter
* Apply suggestions from code review
* remove custom org from org setup
* add todos for verification
* change apps creation
* simplify package structure
* fix error
* move preparation helper for tests
* fix unique constraints
* fix config mapping in setup
* fix error handling in encryption_keys.go
* fix projection config
* fix query from old views to projection
* fix setup of mgmt api
* set iam project and fix instance projection
* fix tokens view
* fix steps.yaml and defaults.yaml
* fix projections
* change instance context to interface
* instance interceptors and additional events in setup
* cleanup
* tests for interceptors
* fix label policy
* add todo
* single api endpoint in environment.json
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-29 11:53:19 +02:00
Fabi
e3528ff0b2
feat: Config to eventstore ( #3158 )
...
* feat: add default language to eventstore
* feat: add secret generator configs events
* feat: tests
* feat: secret generators in eventstore
* feat: secret generators in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* fix: migrations
* fix migration version
* fix test
* feat: change secret generator type to enum
* feat: change smtp attribute names
* feat: change smtp attribute names
* feat: remove engryption algorithms from command side
* feat: remove engryption algorithms from command side
* feat: smtp config
* feat: smtp config
* format smtp from header
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-16 15:49:17 +00:00
Livio Amstutz
389eb4a27a
feat: run on a single port ( #3163 )
...
* start v2
* start
* run
* some cleanup
* remove v2 pkg again
* simplify
* webauthn
* remove unused config
* fix login path in Dockerfile
* fix asset_generator.go
* health handler
* fix grpc web
* refactor
* merge
* build new main.go
* run new main.go
* update logging pkg
* fix error msg
* update logging
* cleanup
* cleanup
* go mod tidy
* change localDevMode
* fix customEndpoints
* update logging
* comments
* change local flag to external configs
* fix location generated go code
* fix
Co-authored-by: fforootd <florian@caos.ch>
2022-02-14 17:22:30 +01:00
Livio Amstutz
bd8133aedd
fix: do not cache api (incl. grpc) and http errors ( #2088 )
...
* fix: add cache-control headers (no-store, no-cache) on grpc (for grpc-web)
* fix: do not cache api response (incl. grpc) and http errors
2021-07-28 13:19:44 +02:00
Livio Amstutz
87ef8f454a
fix: grpc status in sentry and validation interceptors ( #2012 )
2021-07-13 15:42:41 +02:00
Christian Jakob
b024cda4e5
feat: sentry integration ( #1944 )
...
* initial sentry variables and secrets
* feat: sentry monitoring
* fix typo
* feat(sentry version): sentry capability
* fix(sentry include): included sentry import 4 zitadel
* usage flag for sentry
* improve sentry flag
* merge main
* fix sentry config
* add sentry dsn to secret env vars
* fix test
* log sentry start
* add sentry grpc interceptor and recover
* add sentry http interceptor to asset api
* fix interceptor order
* try improve sentry recover
* fix i18n interception
* panic
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-07-05 10:58:58 +02:00
Fabiennne
2a25c0b617
Merge branch 'master' into new-eventstore
...
# Conflicts:
# go.sum
2020-12-03 10:11:18 +01:00
Fabi
6b3f5b984c
feat: metrics ( #1024 )
...
* refactor: switch from opencensus to opentelemetry
* tempo works as designed nooooot
* fix: log traceids
* with grafana agent
* fix: http tracing
* fix: cleanup files
* chore: remove todo
* fix: bad test
* fix: ignore methods in grpc interceptors
* fix: remove test log
* clean up
* typo
* fix(config): configure tracing endpoint
* fix(span): add error id to span
* feat: metrics package
* feat: metrics package
* fix: counter
* fix: metric
* try metrics
* fix: coutner metrics
* fix: active sessin counter
* fix: active sessin counter
* fix: change current Sequence table
* fix: change current Sequence table
* fix: current sequences
* fix: spooler div metrics
* fix: console view
* fix: merge master
* fix: Last spool run on search result instead of eventtimestamp
* fix: go mod
* Update console/src/assets/i18n/de.json
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: pr review
* fix: map
* update oidc pkg
* fix: handlers
* fix: value observer
* fix: remove fmt
* fix: handlers
* fix: tests
* fix: handler minimum cycle duration 1s
* fix(spooler): handler channel buffer
* fix interceptors
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-12-02 08:50:59 +01:00
adlerhurst
6431fd2ec5
Merge remote-tracking branch 'origin/master' into new-eventstore
2020-11-23 11:40:50 +01:00
Silvan
168242e725
fix(tracing): from opencensus to opentelemetry ( #937 )
...
* refactor: switch from opencensus to opentelemetry
* tempo works as designed nooooot
* fix: log traceids
* with grafana agent
* fix: http tracing
* fix: cleanup files
* chore: remove todo
* fix: bad test
* fix: ignore methods in grpc interceptors
* fix: remove test log
* clean up
* typo
* fix(config): configure tracing endpoint
* fix(span): add error id to span
2020-11-20 07:57:39 +01:00
adlerhurst
edff816ec1
start idp config
2020-11-17 13:44:37 +01:00
Livio Amstutz
b3f68c8f48
feat: add tracing interceptors to login and oidc ( #764 )
...
* add tracing interceptors to login and oidc
* add some tracing spans
* trace login calls
* add some spans
* add some spans (change password)
* add some more tracing in oauth/oidc
* revert org exists
* Merge branch 'master' into http-tracing
# Conflicts:
# internal/api/oidc/auth_request.go
# internal/api/oidc/client.go
# internal/auth/repository/eventsourcing/eventstore/auth_request.go
# internal/auth/repository/eventsourcing/eventstore/user.go
# internal/authz/repository/eventsourcing/eventstore/token_verifier.go
# internal/authz/repository/eventsourcing/view/token.go
# internal/user/repository/eventsourcing/eventstore.go
2020-10-21 10:18:34 +02:00
Silvan
5abd5b0505
feat: split users into human and machine ( #470 )
...
* feat(management): service accounts
* chore: current go version
* init
* refactor: apis
* feat(internal): start impl of service account
* chore: start impl of machine/human users
* code compiles
* fix: tests
* fix: tests
* fix: add new event types to switches
* chore: add cases to event types
* fix(management): definitive proto messages
* fix: machine/human
* fix: add missing tables as todos
* fix: remove unused permissions
* fix: refactoring
* fix: refactor
* fix: human registered
* fix: user id
* fix: logid
* fix: proto remove //equal
* chore(management): remove no comment
* fix: human mfas
* fix: user subobjects
* chore: rename existing to better name
* fix: username in user (#634 )
* fix: username in user
* fix: username
* fix remove unused code
* fix add validations
* fix: use new user in all apis
* fix: regexp for username in api
* fix: fill user data for human and machine (#638 )
* fix: fill Display name grant/member handlers
fix: add description to grant/member objects in api
fix: check if user is human in login
* fix: remove description from member and grant
* chore: remove todos
* feat: machine keys
* fix: implement missing parts
* feat: machine key management view
* fix: remove keys from machine view
* fix: set default expiration date
* fix: get key by ids
* feat: add machine keys in proto
* feat: machine keys
* fix: add migration
* fix: mig
* fix: correct method name
* feat: user search
* feat: user search
* fix: log ids
* fix partial authconfig prompt, domain c perm
* membership read check
* contributor refresh trigger, observe org write
* fix: migrations
* fix(console): machine build (#660 )
* frontend 1
* fix html bindings
* trailing comma
* user permissions, project deactivate
* fix(console): human view (#661 )
* fix search user view, user detail form
* rm log
* feat(console): user services list and create (#663 )
* fix search user view, user detail form
* rm log
* machine list
* generic table component
* create user service
* proove table for undefined values
* tmp disable user link if machine
* lint
* lint styles
* user table lint
* Update console/src/assets/i18n/de.json
Co-authored-by: Florian Forster <florian@caos.ch>
* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664 )
* service users for sidenav, routing
* i18n
* back routes
* machine detail form
* update machine detail, fix svc user grants
* keys table
* add key dialog, timestamp creation
* check permission on create, delete, fix selection
* lint ts, scss
* Update console/src/assets/i18n/de.json
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
* allow user grants for project.write
* management service
* fix mgmt service
* feat: Machine keys (#655 )
* fix: memberships (#633 )
* feat: add iam members to memberships
* fix: search project grants
* fix: rename
* feat: idp and login policy configurations (#619 )
* feat: oidc config
* fix: oidc configurations
* feat: oidc idp config
* feat: add oidc config test
* fix: tests
* fix: tests
* feat: translate new events
* feat: idp eventstore
* feat: idp eventstore
* fix: tests
* feat: command side idp
* feat: query side idp
* feat: idp config on org
* fix: tests
* feat: authz idp on org
* feat: org idps
* feat: login policy
* feat: login policy
* feat: login policy
* feat: add idp func on login policy
* feat: add validation to loginpolicy and idp provider
* feat: add default login policy
* feat: login policy on org
* feat: login policy on org
* fix: id config handlers
* fix: id config handlers
* fix: create idp on org
* fix: create idp on org
* fix: not existing idp config
* fix: default login policy
* fix: add login policy on org
* fix: idp provider search on org
* fix: test
* fix: remove idp on org
* fix: test
* fix: test
* fix: remove admin idp
* fix: logo src as byte
* fix: migration
* fix: tests
* Update internal/iam/repository/eventsourcing/iam.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/iam_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/iam_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/org/repository/eventsourcing/org_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/iam/repository/eventsourcing/model/login_policy_test.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: pr comments
* fix: tests
* Update types.go
* fix: merge request changes
* fix: reduce optimization
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: reread user mfas, preferred loginname as otp account name (#636 )
* fix: reread user mfas
* fix: use preferred login name as otp account name
* fix: tests
* fix: reduce (#635 )
* fix: management reduce optimization
* fix: reduce optimization
* fix: reduce optimization
* fix: merge master
* chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#627 )
Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema ) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases )
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#624 )
Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux ) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases )
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0 (#591 )
Bumps [github.com/DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock ) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/DATA-DOG/go-sqlmock/releases )
- [Commits](https://github.com/DATA-DOG/go-sqlmock/compare/v1.4.1...v1.5.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: auto assign issues and PR to ZTIADEL project board (#643 )
* Create main.yml
* Update main.yml
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix(console): project grant members, update deps (#645 )
* fix: searchprojectgrantmembers
* chore(deps-dev): bump @angular/cli from 10.0.6 to 10.0.7 in /console (#622 )
Bumps [@angular/cli](https://github.com/angular/angular-cli ) from 10.0.6 to 10.0.7.
- [Release notes](https://github.com/angular/angular-cli/releases )
- [Commits](https://github.com/angular/angular-cli/compare/v10.0.6...v10.0.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @angular-devkit/build-angular in /console (#626 )
Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli ) from 0.1000.6 to 0.1000.7.
- [Release notes](https://github.com/angular/angular-cli/releases )
- [Commits](https://github.com/angular/angular-cli/commits )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
* chore(deps-dev): bump @types/jasmine from 3.5.12 to 3.5.13 in /console (#623 )
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine ) from 3.5.12 to 3.5.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump ts-node from 8.10.2 to 9.0.0 in /console (#629 )
Bumps [ts-node](https://github.com/TypeStrong/ts-node ) from 8.10.2 to 9.0.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases )
- [Commits](https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* update packlock
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore: delete main.yml (#648 )
* fix: usergrant (#650 )
* fix(console): mfa refresh after verification, member eventemitter (#651 )
* refresh mfa
* fix: detail link from contributors
* lint
* feat: add domain verification notification (#649 )
* fix: dont (re)generate client secret with auth type none
* fix(cors): allow Origin from request
* feat: add origin allow list and fix some core issues
* rename migration
* fix UserIDsByDomain
* feat: send email to users after domain claim
* username
* check origin on userinfo
* update oidc pkg
* fix: add migration 1.6
* change username
* change username
* remove unique email aggregate
* change username in mgmt
* search global user by login name
* fix test
* change user search in angular
* fix tests
* merge
* userview in angular
* fix merge
* Update pkg/grpc/management/proto/management.proto
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* Update internal/notification/static/i18n/de.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: translation (#647 )
* fix: translation
* fix: translation
* fix: translation
* fix: remove unused code
* fix: log err
* fix: migration numbers (#652 )
* chore: issue / feature templates (#642 )
* feat: machine keys
* fix: implement missing parts
* feat: machine key management view
* fix: remove keys from machine view
* feat: global org read (#657 )
* fix: set default expiration date
* fix: get key by ids
* feat: add machine keys in proto
* feat: machine keys
* fix: add migration
* fix: mig
* fix: correct method name
* feat: user search
* feat: user search
* fix: log ids
* fix: migrations
* fix(console): machine build (#660 )
* frontend 1
* fix html bindings
* trailing comma
* fix(console): human view (#661 )
* fix search user view, user detail form
* rm log
* feat(console): user services list and create (#663 )
* fix search user view, user detail form
* rm log
* machine list
* generic table component
* create user service
* proove table for undefined values
* tmp disable user link if machine
* lint
* lint styles
* user table lint
* Update console/src/assets/i18n/de.json
Co-authored-by: Florian Forster <florian@caos.ch>
* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664 )
* service users for sidenav, routing
* i18n
* back routes
* machine detail form
* update machine detail, fix svc user grants
* keys table
* add key dialog, timestamp creation
* check permission on create, delete, fix selection
* lint ts, scss
* Update console/src/assets/i18n/de.json
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
* refactor: protos
* fix(management): key expiration date
* fix: check if user is human
* fix: marshal key details
* fix: correct generate login names
* fix: logid
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix: naming
* refactor: findings
* fix: username
* fix: mfa upper case
* fix: tests
* fix: add translations
* reactivatemyorg req typeö
* fix: projectType for console
* fix: user changes
* fix: translate events
* fix: event type translation
* fix: remove unused types
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2020-08-31 17:48:01 +02:00
Fabi
7295383621
fix: translation ( #647 )
...
* fix: translation
* fix: translation
* fix: translation
* fix: remove unused code
* fix: log err
2020-08-28 09:44:43 +02:00
Livio Amstutz
3549a8b64e
feat: port reduction ( #323 )
...
* move mgmt pkg
* begin package restructure
* rename auth package to authz
* begin start api
* move auth
* move admin
* fix merge
* configs and interceptors
* interceptor
* revert generate-grpc.sh
* some cleanups
* console
* move console
* fix tests and merging
* js linting
* merge
* merging and configs
* change k8s base to current ports
* fixes
* cleanup
* regenerate proto
* remove unnecessary whitespace
* missing param
* go mod tidy
* fix merging
* move login pkg
* cleanup
* move api pkgs again
* fix pkg naming
* fix generate-static.sh for login
* update workflow
* fixes
* logging
* remove duplicate
* comment for optional gateway interfaces
* regenerate protos
* fix proto imports for grpc web
* protos
* grpc web generate
* grpc web generate
* fix changes
* add translation interceptor
* fix merging
* regenerate mgmt proto
2020-07-08 13:56:37 +02:00
Fabi
6556d053b2
feat: translate error messages ( #254 )
...
* feat: translate error messages in error interceptor
* fix: add statik import
* feat: user error msgs
* feat: add translations
* feat: add translations
* feat: add translations
* feat: add translations
* feat: add translations
* feat: add translations
* some fixes and improved error messages
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-22 13:51:44 +02:00
Livio Amstutz
96b88f5d8c
add tracing and refactor some api pkgs
2020-03-24 14:15:01 +01:00