2945 Commits

Author SHA1 Message Date
Livio Spring
80961125a7
feat(API): support V2 token and session token usage (#6180)
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Tim Möhlmann
4589ddad4a
feat: integrate passwap for human user password hashing (#6196)
* feat: use passwap for human user passwords

* fix tests

* passwap config

* add the event mapper

* cleanup query side and api

* solve linting errors

* regression test

* try to fix linter errors again

* pass systemdefaults into externalConfigChange migration

* fix: user password set in auth view

* pin passwap v0.2.0

* v2: validate hashed password hash based on prefix

* resolve remaining comments

* add error tag and translation for unsupported hash encoding

* fix unit test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-14 09:49:57 +03:00
mffap
6fcfa63f54
docs: plausible script with pageprops (#6199)
update plausible
2023-07-13 22:42:36 +02:00
Miguel Cabrerizo
0f3c33cb86
feat: show basic info start-from-init (#6183) 2023-07-12 20:46:50 +03:00
Stefan Benz
036bb33cb8
docs: add migrate idp docs (#6181)
* docs: add migrate idp docs

* docs: apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

* docs: apply suggestions from code review

* Update docs/docs/guides/integrate/identity-providers/migrate.mdx

* Update docs/docs/guides/integrate/identity-providers/migrate.mdx

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-12 15:57:38 +02:00
Miguel Cabrerizo
78eae6f62b
fix: domain discovery should be case insensitive (#6134)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-12 13:02:16 +00:00
Livio Spring
ee26f99ebf
fix: store auth methods instead of AMR in auth request linking and OIDC Session (#6192)
This PR changes the information stored on the SessionLinkedEvent and (OIDC Session) AddedEvent from OIDC AMR strings to domain.UserAuthMethodTypes, so no information is lost in the process (e.g. authentication with an IDP)
2023-07-12 12:24:01 +00:00
Vlatko Stojkovski
a3a1e245ad
feat: i18n support for Macedonian language (#6178)
* add macedonian language to currently supported languages

* mk yaml login static with en values

* mk json assets with en values

* mk yaml notification static with en values

* add macedonian notification yaml

* mk yaml static with en values

* mk translations for login

* mk translations for internal

* macedonian translations

* - fix lint issues
2023-07-12 08:41:50 +00:00
mffap
73edcfac92
docs(legal): update address of EU representative (#6193) 2023-07-12 08:16:39 +00:00
Elio Bischof
08f242e98d
perf: skip already pushed check (#6164)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-11 12:10:37 +02:00
Livio Spring
14b8cf4894
feat(api): add OIDC session service (#6157)
This PR starts the OIDC implementation for the API V2 including the Implicit and Code Flow.


Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-10 13:27:00 +00:00
mffap
be1fe36776
fix: management proto delete machine key (#6179) 2023-07-10 12:50:17 +00:00
Tim Möhlmann
112f672266
chore: cleanup command/crypto (#5883)
* chore: cleanup command/crypto

* cleanup unused function mockEmailCode
2023-07-10 08:07:10 +00:00
Max Peintner
40a073fd33
fix(console): show warn on idp removal (#6004)
* fix: show warn on idp removal

* de, bg

* observable for refresh

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-07-10 06:51:17 +00:00
Livio Spring
5cba5cd635
fix: set samesite to none for user agent cookie for iframe usage (#6162)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-10 07:51:56 +02:00
Fabi
48bda9aa07
fix: Role (#6160)
* fix: add user self manager role (can delete himself)

* fix: add user self manager role (can delete himself)

* fix: add user self manager role (can delete himself)
2023-07-07 20:14:07 +00:00
Livio Spring
26d63cd233
fix: handle missing parameters in external provider callback (#6158) 2023-07-07 21:04:55 +02:00
Livio Spring
6319fdda9e
fix: add scope profile to PAT (#6154)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-07 17:31:42 +02:00
Livio Spring
59d67bde5f
fix: return secret generators (#6159) 2023-07-07 14:46:02 +00:00
Livio Spring
a5b4319f1f
fix: ignore unchanged console redirect_uris when adding an instance domain (#6156)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-07 14:15:19 +00:00
Livio Spring
94fdb9a022
fix: org metadata query (#6161)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-07 15:48:41 +02:00
Fabi
5182cb3ce3
fix: rename to given and family name (#6152)
* fix: rename to given and family name

* fix: rename to given and family name

* fix: rename to given and family name
2023-07-07 13:13:45 +00:00
Fabi
5f5f1558d0
fix: Fix OIDC example (#6138)
* fix: oidc app additional origins example

* fix: oidc app additional origins example
2023-07-07 12:21:02 +00:00
Stefan Benz
d8b823660b
fix: add .txt ending to domain validation as given in console (#6079)
* fix: add .txt ending to domain validation as given in console

* fix console

---------

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-07 11:50:45 +00:00
Max Peintner
699fc86d1b
fix(login): improve and streamline identity provider styles (#5456)
* fix: login idp styles

* rem dead code
2023-07-07 11:17:08 +00:00
Livio Spring
9fed1a7a5b
fix: add font color on new label policy (#6155) 2023-07-07 09:21:10 +00:00
Tim Möhlmann
c0e45b63d8
fix: reset the call timestamp after a bulk trigger (#6080)
* reproduce #5808

Add an integration test that imports and gets N amount of human users.
- With N set to 1-10 the operation seems to succeed always
- With N set to 100 the operation seems to fail between 1 and 7 times.

* fix merge issue

* fix: reset the call timestamp after a bulk trigger

With the use of `AS OF SYSTEM TIME` in queries,
there was a change for the query package not
finding the latest projection verson after
a bulk trigger.
If events where processed in the bulk trigger,
the resulting row timestamp would be after the call
start timestamp.
This sometimes resulted in consistency issues when
Set and Get API methods are called in short succession.
For example a Import and Get user could sometimes result in a Not Found
error.

Although the issue was reported for the Management API user import,
it is likely this bug contributed to the flaky integration and e2e tests.

Fixes #5808

* trigger bulk action in GetSession

* don't use the new context in handler schedule

* disable reproduction test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-07 08:15:05 +00:00
Miguel Cabrerizo
ae31aa52e4
fix: 404 if asset object not found (#6149)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-07 09:34:50 +02:00
Max Peintner
2068384a0e
docs(nextjs): yarn, remove redundant description (#5764)
* docs: yarn, remove redundant description

* remove pkce

* rm pkce from b2b demo
2023-07-07 07:05:36 +00:00
Elio Bischof
9b768003b7
feat: improve milestone format (#6150)
* feat: milestone format

* feat: push external domain

* cleanup

* Revert "remove prerelease"

This reverts commit 7417fdbeb3ba4ebd65584059a80bfdf34172841b.

* fix branch

* remove prerelease
2023-07-06 19:31:08 +02:00
Fabian Meyer
a36818c222
feat: Apply OCI source label to Docker image (#6070)
chore: Apply OCI source label to Docker image

This patch adds the `org.opencontainers.image.source` label to
the Zitadel Docker image. This label is used by dependency update
tools like Dependabot and Renovate to look up release notes for
Docker image updates.

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-07-06 11:32:41 +00:00
Elio Bischof
bb756482c7
feat: push telemetry (#6027)
* document analytics config

* rework configuration and docs

* describe HandleActiveInstances better

* describe active instances on quotas better

* only projected events are considered

* cleanup

* describe changes at runtime

* push milestones

* stop tracking events

* calculate and push 4 in 6 milestones

* reduce milestone pushed

* remove docs

* fix scheduled pseudo event projection

* push 5 in 6 milestones

* push 6 in 6 milestones

* ignore client ids

* fix text array contains

* push human readable milestone type

* statement unit tests

* improve dev and db performance

* organize imports

* cleanup

* organize imports

* test projection

* check rows.Err()

* test search query

* pass linting

* review

* test 4 milestones

* simplify milestone by instance ids query

* use type NamespacedCondition

* cleanup

* lint

* lint

* dont overwrite original error

* no opt-in in examples

* cleanup

* prerelease

* enable request headers

* make limit configurable

* review fixes

* only requeue special handlers secondly

* include integration tests

* Revert "include integration tests"

This reverts commit 96db9504ecdb4e73451f09554fd749cd7c27341f.

* pass reducers

* test handlers

* fix unit test

* feat: increment version

* lint

* remove prerelease

* fix integration tests
2023-07-06 08:38:13 +02:00
Fabi
fa93bb7e85
docs: add instance not found troubleshoot to self-hosting (#6136)
* docs: add instance not found troubleshoot to self-hosting

* docs: add instance not found troubleshoot to self-hosting

* docs: fix links

* docs: remove instance not found from support troubleshoot

* docs: add instance not found note on all deploy guides
2023-07-04 15:45:27 +02:00
Fabi
3fe9932cad
docs: Register Mfa guide (#6133)
* docs: register otp guide

* docs: register totp guide

* docs: list mfa

* docs: u2f mfa guide

* docs: u2f mfa guide

* docs: u2f mfa guide
2023-07-04 13:48:55 +02:00
Fabi
47c2846df2
docs: passkey graphic links (#6132) 2023-07-03 13:25:03 +00:00
Dakshitha Ratnayake
3f85aa014e
docs:add token introspection documentation based on blog post (#6118)
* Modifying docs to comply with Google style guide for docs.

* Removed typo.

* Added FE and BE integration with ZITADEL

* Added FE and BE integration with ZITADEL

* Added FE and BE integration with ZITADEL

* Update docs/docs/guides/solution-scenarios/frontend-calling-backend-API.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/solution-scenarios/frontend-calling-backend-API.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Addressed @mffap's question on the PR.

* Added docs for detailed explanations for token introspection.

* Update docs/docs/guides/integrate/token-introspection/basic-auth.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/sidebars.js

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/token-introspection/private-key-jwt.mdx

* Addressed @hifabienne's review comments.

* Addressed @hifabienne's review comments.

---------

Co-authored-by: Dakshitha Ratnayake <dakshitharatnayake@Dakshithas-MacBook-Pro-2.local>
Co-authored-by: mffap <mpa@zitadel.com>
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-06-30 11:50:13 +05:30
Fabi
1fddc6e002
docs: Passkey (#6110)
* docs: add docs for passkey registration and login

* docs: add docs for passkey registration and login

* docs: passkey registration

* docs: add passkey guide to sidenav

* docs: passkey guide

* docs: passkey flow

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

* docs: passkey flow

* docs: passkey flow

* docs: passkeys

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
2023-06-29 15:04:14 +02:00
Dakshitha Ratnayake
a0950751ae
docs: add frontend and backend API integration guide to the solution scenarios (#6107)
* Modifying docs to comply with Google style guide for docs.

* Removed typo.

* Added FE and BE integration with ZITADEL

* Added FE and BE integration with ZITADEL

* Added FE and BE integration with ZITADEL

* Update docs/docs/guides/solution-scenarios/frontend-calling-backend-API.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/solution-scenarios/frontend-calling-backend-API.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Addressed @mffap's question on the PR.

---------

Co-authored-by: Dakshitha Ratnayake <dakshitharatnayake@Dakshithas-MacBook-Pro-2.local>
Co-authored-by: mffap <mpa@zitadel.com>
2023-06-29 14:15:40 +05:30
Fabi
376d8e78b8
docs: Password reset (#6108)
* docs: add password reset to login ui guide

* docs: add password reset to login ui guide

* Update proto/zitadel/user/v2alpha/user_service.proto

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/password-reset.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/password-reset.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/password-reset.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* docs: replace image

* docs: replace vars in urls

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-28 13:52:53 +02:00
Livio Spring
5060c7463a
Merge branch 'main' into next
# Conflicts:
#	cmd/setup/11.go
#	console/src/app/utils/language.ts
v2.30.0
2023-06-27 21:31:28 +02:00
Livio Spring
bd5defa96a
fix: provide domain in session, passkey and u2f (#6097)
This fix provides a possibility to pass a domain on the session, which
will be used (as rpID) to create a passkey / u2f assertion and
attestation. This is useful in cases where the login UI is served under
a different domain / origin than the ZITADEL API.
2023-06-27 14:36:07 +02:00
Silvan
d0cda1b479
fix(migration): speed up step 11 (#6086) 2023-06-27 11:56:17 +02:00
Silvan
9020c9d94f
fix(migration): speed up step 11 (#6085) v2.29.3 2023-06-27 08:48:49 +00:00
Max Peintner
07fb6f8284
fix(console): fallback to default language if browser language not supported (#5999)
fix: fallback to default language if browser language not supported
v2.29.2
2023-06-27 07:43:23 +02:00
mffap
cef17b4a7a
docs(guides): Update metadata guide (#6072)
* wip new structure

* finalize

* broken link
2023-06-26 14:48:12 +02:00
adlerhurst
c8b4ef28bd fix(migration): speed up update and add logs v2.29.1 2023-06-24 09:06:21 +02:00
Livio Spring
2c6a2a376c
fix: rename OTP to TOTP in v2 alpha user api (#6069)
This change renames the v2 user OTP registration endpoints and objects
to TOTP.
Also the v2 related code paths have been renamed to TOTP.

This change was discussed during the sprint review.

### Definition of Ready

- [ ] I am happy with the code
- [ ] Short description of the feature/issue is added in the pr
description
- [ ] PR is linked to the corresponding user story
- [ ] Acceptance criteria are met
- [ ] All open todos and follow ups are defined in a new ticket and
justified
- [ ] Deviations from the acceptance criteria and design are agreed with
the PO and documented.
- [ ] No debug or dead code
- [ ] My code has no repetitions
- [ ] Critical parts are tested automatically
- [ ] Where possible E2E tests are implemented
- [ ] Documentation/examples are up-to-date
- [ ] All non-functional requirements are met
- [ ] Functionality of the acceptance criteria is checked manually on
the dev system.
2023-06-23 18:58:29 +02:00
Tim Möhlmann
1461977d93
Merge branch 'main' into rename-topt 2023-06-23 19:09:39 +03:00
Miguel Cabrerizo
37cf9f5fb2
feat: show font name & preview font in branding (#6026)
* feat: add fontname package and draft

* feat: change back delete visibility

* feat: replace fontname lib with opentype.js

* feat: dynamic font preview also for font name

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-06-23 15:36:11 +00:00
Max Peintner
244f16ac48
chore(console): dependencies (#6078)
* cli, core

* material, cdk

* deps

* lock

* chore(deps): bump socket.io-parser from 4.2.2 to 4.2.4 in /console (#5988)

Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-06-23 17:01:08 +02:00