Commit Graph

2948 Commits

Author SHA1 Message Date
Livio Spring
6c01882cbd
fix(login): (re)allow HTML in custom login texts (#7575)
fix: allow HTML in custom login texts
(cherry picked from commit 6c3f48f496)
2024-03-15 16:41:35 +01:00
Livio Spring
69ea134b33
fix: enable resend code in user initialization without auth request (#7568)
(cherry picked from commit 20d1d56669)
2024-03-15 06:51:06 +01:00
Livio Spring
5908b97e7c
fix: rendering of TOTP QR code (#7549)
(cherry picked from commit a28b3a1c2d)
2024-03-12 17:27:50 +01:00
Livio Spring
50b2ea6e1f
refactor: copy only required frameworks icons from docs in console (#7538)
(cherry picked from commit 860b80c9ee)
2024-03-11 09:36:54 +01:00
Silvan
e0e5665e17
fix(eventstore): consider IsGlobal-flag of constraints (#7518)
* fix(eventstore): consider `IsGlobal`-flag of constraints

* fix(setup): set `instance_domain`-constraint global

(cherry picked from commit 60ee2610f2)
2024-03-11 08:44:39 +01:00
Livio Spring
3c0cd30afe
fix: use correct template package (#7522)
(cherry picked from commit 07ec2efa9d)
2024-03-11 08:30:15 +01:00
Tim Möhlmann
8e2c3b671f
fix(query): optimize instance by domain query (#7513)
fix(query): optimize instance by domain query

On zitadel cloud we noticed an increase in database CPU usage and slightly higher response times.
By analyzes we found that the instance by domain query was wrongly joining all instance_feature rows against all instances.
This PR adds an additional CTE to limit the join set to only the features that apply to the found instance.

The query was introduced with https://github.com/zitadel/zitadel/pull/7356 and part of the v2.47 release.

(cherry picked from commit 3af28d29d2)
2024-03-07 11:44:31 +01:00
Livio Spring
7b8be37fd6
Merge branch 'main' into next 2024-03-05 16:46:02 +01:00
Silvan
ec3076c3c8
fix(ListEvents): add aggregate types to filter if not set (#7490) 2024-03-05 15:44:51 +00:00
Tim Möhlmann
dfcc26de1e
fix: assign instance ID to aggregate ID when converting from v1 to v2 feature (#7505)
* fix: assign instance ID to aggregate ID when converting from v1 to v2 feature

This change fixes a mismatch between v1 and v2 aggregate IDs for instance feature events.
The old v1 used a random aggregate ID, while v2 uses the instance ID as aggregate ID.
The adapter was not correctly mapping, which resulted in the projections.instance_features table being filled with wrong instance IDs.

Closes #7501

* fix unit test
2024-03-05 16:12:49 +01:00
Silvan
8f898775c9
docs: remove localhost from links (#7503) 2024-03-05 09:46:42 +00:00
Elio Bischof
3ae4e9e6cf
docs: describe DefaultInstance vs FirstInstance (#7487)
* docs: describe DefaultInstance vs FirstInstance

* link to docs

* add better searchable tip to the docs

* add better searchable tip to the docs

* add link
2024-03-05 08:37:12 +01:00
Elio Bischof
38777b478e
perf: filter events by instance ids (#7489)
fix: filter events by instance ids
2024-03-04 07:56:48 +01:00
Fabi
437c834a40
chore: update github action with correct dependabot actor (#7485) 2024-03-01 07:10:14 +00:00
Livio Spring
704197c282
Merge branch 'main' into next 2024-03-01 07:36:22 +01:00
Livio Spring
ef8d0c86f7
chore: update stable (#7370)
* chore: update stable

* Update release-channels.yaml

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2024-02-29 16:13:20 +00:00
Miguel Cabrerizo
dfd7cba3f4
fix: remove hard requirement of grant type auth code for device code apps + warnings for missing urls (#7429)
* fix: if device Code is selected Auth Code no longer a hard requirement

* fix: create device code app without auth code as grant type

* fix: don't show redirect uris in overview for devicecode app wizard

* feat: reload component when oidc app is updated

* fix: oidcapp is valid grantTypes cannot be empty

* fix: auth code not mandatory if refresh token and device code combined
2024-02-29 15:28:06 +00:00
Silvan
b0e3d3d912
docs(actions): add possibilities to examples text (#7418) 2024-02-29 13:41:35 +01:00
Livio Spring
60a73df459
chore: add github-actions to dependabot (#7468) 2024-02-29 09:17:38 +00:00
Max Peintner
0fcdfe460c
feat(console): integrate app (#7417)
* docs, frameworks view

* project select, integrate app page

* fix search project autocomplete

* framework autocomplete

* framwork select component, integrate, mapping to oidc config

* param

* fix route handler

* setname projectid context

* app-create page without context

* show description of app type, info section

* redirects section

* updatevalue observable

* fix redirect uris section

* i18n

* setup config

* backbutton behavior, cleanup

* cleanup

* lint

* allow other framework jump off

* dev mode warning

* navigate to project

* rm import

* i18n, guide link

* edit name dialog

* show warning for duplicate name
2024-02-28 16:52:21 +00:00
Elio Bischof
f4c72cbe14
feat: improve instance not found error (#7413)
* feat: improve instance not found error

* unit tests

* check if is templatable

* lint

* assert

* compile tests

* remove error templates

* link to instance not found page

* fmt

* cleanup

* lint
2024-02-28 10:49:57 +00:00
Tim Möhlmann
062d153cfe
feat: impersonation roles (#7442)
* partial work done

* test IAM membership roles

* org membership tests

* console :(, translations and docs

* fix integration test

* fix tests

* add EnableImpersonation to security policy API

* fix integration test timestamp checking

* add security policy tests and fix projections

* add impersonation setting in console

* add security settings to the settings v2 API

* fix typo

* move impersonation to instance

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-28 10:21:11 +00:00
Livio Spring
68af4f59c9
fix(api): handle user disabling events correctly in session API (#7380)
This PR makes sure that user disabling events (deactivate, locked, ...) are correctly checked for sessions.
2024-02-28 09:30:05 +00:00
Tim Möhlmann
26d1563643
feat(api): feature flags (#7356)
* feat(api): feature API proto definitions

* update proto based on discussion with @livio-a

* cleanup old feature flag stuff

* authz instance queries

* align defaults

* projection definitions

* define commands and event reducers

* implement system and instance setter APIs

* api getter implementation

* unit test repository package

* command unit tests

* unit test Get queries

* grpc converter unit tests

* migrate the V1 features

* migrate oidc to dynamic features

* projection unit test

* fix instance by host

* fix instance by id data type in sql

* fix linting errors

* add system projection test

* fix behavior inversion

* resolve proto file comments

* rename SystemDefaultLoginInstanceEventType to SystemLoginDefaultOrgEventType so it's consistent with the instance level event

* use write models and conditional set events

* system features integration tests

* instance features integration tests

* error on empty request

* documentation entry

* typo in feature.proto

* fix start unit tests

* solve linting error on key case switch

* remove system defaults after discussion with @eliobischof

* fix system feature projection

* resolve comments in defaults.yaml

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-28 10:55:54 +02:00
Tim Möhlmann
2801167668
chore(make): add docker_image make target (#7440) 2024-02-27 16:29:09 +00:00
Fabi
53099a282a
docs: log module for actions (#7448)
* docs: log module for actions

* Update modules.md

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-27 08:39:21 +00:00
Livio Spring
b877abd7a2
fix(login): ignore domain suffix for email / phone check (#7446)
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-26 14:05:18 +00:00
Fabi
0542b29517
docs: Contribution guidelines (#7443)
* docs: gender neutrality

* docs: gender neutrality

* docs: gender neutrality

* Update docs/docs/concepts/features/identity-brokering.md

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/mfa.mdx

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update internal/static/i18n/en.yaml

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update internal/static/i18n/en.yaml

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-26 13:11:09 +00:00
Stefan Benz
2731099db3
feat: add executions for actions v2 (#7433)
* feat: add events for execution

* feat: add events for execution and command side

* feat: add events for execution and command side

* feat: add api endpoints for set and delete executions with integration tests

* feat: add integration and unit tests and more existence checks

* feat: add integration and unit tests and more existence checks

* feat: unit tests for includes in executions

* feat: integration tests for includes in executions

* fix: linting

* fix: update internal/api/api.go

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: update internal/command/command.go

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: apply suggestions from code review

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: change api return

* fix: change aggregateID with prefix of execution type and add to documentation

* fix: change body in proto for documentation and correct linting

* fix: changed existing check to single query in separate writemodel

* fix: linter changes and list endpoints for conditions in executions

* fix: remove writemodel query on exeuction set as state before is irrelevant

* fix: testing for exists write models and correction

* fix: translations for errors and event types

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-26 12:49:43 +02:00
mffap
ce7ebffa84
docs: update headings for custom login ui (#7453)
update headings for custom login ui
2024-02-26 10:02:07 +00:00
mffap
da8a79f280
docs(integrate): Update login users docs (#7414)
* wip

* update intro of device auth

* add custom domain concept

* wip sidebar

* wip introduction

* add passkeys

* replace azure ad with entra id

* wip

* wip

* login methods

* expand sections automatically

* update selfservice docs

* wip - hosted done

* move onboarding

* clean up

* wip

* unbreak my hrefs

* finish login users

* update managers

* add console as feature

* update b2b with multi-tenancy

* update saml

* update console concept

* add opaque tokens as knowledge

* redirects

* intro b2b

* remove login/saml

* unbreak link

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

* passkeys: add custom domain first

* update passkeys

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login/login-users.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
2024-02-26 13:04:09 +05:30
Tim Möhlmann
1890e28f79
fix(eventstore): retry push on primary key sequence collision (#7420)
* fix(eventstore): retry push on primary key sequence collision

* MaxRetries config option and unit test
2024-02-23 08:29:10 +00:00
Omar Mokhtar
71373caab3
docs(integrate): fix typo in logout page (#7438)
fix typo in logout.md
2024-02-23 07:49:41 +00:00
Elio Bischof
4f54cfb0a9
fix(projections): stop updating creation dates (#6930)
* feat: return 404 or 409 if org reg disallowed

* fix: system limit permissions

* feat: add iam limits api

* feat: disallow public org registrations on default instance

* add integration test

* test: integration

* fix test

* docs: describe public org registrations

* avoid updating docs deps

* fix system limits integration test

* silence integration tests

* fix linting

* ignore strange linter complaints

* review

* improve reset properties naming

* redefine the api

* use restrictions aggregate

* test query

* simplify and test projection

* test commands

* fix unit tests

* move integration test

* support restrictions on default instance

* also test GetRestrictions

* self review

* lint

* fix(projections): stop updating creation dates

* abstract away resource owner

* fix tests

* update main

* fix tests
2024-02-22 17:25:47 +00:00
Elio Bischof
a88662bb3a
fix(smtp): support UTF-8 subjects (#7432)
fix(smtp): support utf8 subjects
2024-02-22 15:11:55 +01:00
David Schneider
ffdde825ec
fix(backend): respect start flags in all commands (#6621)
* fix(backend): respect start flags in all commands

Currently flags like --externalDomain do only work in the last
registered command which currently is start-from-setup.
This creates the flags globally in the init function in uses them for
all start commands.

* fix(backend): remove viper defaults in start flags

At this point viper is not yet initialized so this defaults would have
not effect either.

* Remove flag name variables and run go mod tidy

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-21 12:26:51 +00:00
Tim Möhlmann
1d6dfadad8
fix(oidc): return bad request for an invalid refresh token (#7419) 2024-02-20 16:54:52 +01:00
Silvan
1791f46424
docs: change examples to psql (#7358)
Replaces CockroachDB as default in self hosting examples. 

* Update docs/docs/concepts/architecture/software.md

Co-authored-by: Elio Bischof <elio@zitadel.com>

* Update docs/docs/concepts/architecture/software.md

Co-authored-by: Elio Bischof <elio@zitadel.com>

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-02-20 08:33:50 +00:00
Livio Spring
462f5462dc
docs: improve apis description (#7400)
* docs: improve apis description

* focus on version

* link to state
2024-02-19 15:39:36 +01:00
Tim Möhlmann
0b77fd4c17
chore(docs): redirect globs in development mode (#7114)
* chore(docs): redirect globs in development mode

* Update applications.mdx
2024-02-19 09:27:51 +00:00
Elio Bischof
585988bd83
chore(ci): merge test runs (#7388)
* chore(ci): merge test runs

* docs: improve CONTRIBUTING.md

* expect failure

* expect failure unit

* cleanup

* fix: correct binding in integration tests

* fix: correct binding in integration tests

---------

Co-authored-by: Stefan Benz <stefan@caos.ch>
2024-02-19 07:50:37 +01:00
Elio Bischof
19af2f7372
feat: support whole config as env (#6336)
* fix existing env vars

* feat: support all config by env

* cleanup

* remove system users hook

* decode system users in setup
2024-02-16 16:04:42 +00:00
Fabi
32c7efea73
docs: Prevent console access (#7398)
* docs: prevent users from accessing ZITADEL console

* docs: prevent users from accessing ZITADEL console

* docs: prevent users from accessing ZITADEL console

* Update docs/docs/guides/solution-scenarios/disable-console.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/solution-scenarios/disable-console.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/solution-scenarios/disable-console.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* Update docs/docs/guides/solution-scenarios/disable-console.mdx

Co-authored-by: mffap <mpa@zitadel.com>

* docs: deafult redirect url

* docs: prevent console access

* docs: prevent console access

---------

Co-authored-by: mffap <mpa@zitadel.com>
2024-02-16 15:40:45 +00:00
mffap
882d410283
docs: fix broken links (#7401) 2024-02-16 15:10:12 +00:00
Livio Spring
d87341ec91
Merge branch 'main' into next 2024-02-16 15:00:12 +01:00
Livio Spring
00d245eaf3
chore(codeql): use go version from go.mod (#6807)
* chore(codeql): use go version from go.mod

* try 2.15.0 explicitly

* tag version

* Update codeql.yml

* Update codeql.yml

* try make

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* Update codeql.yml

* use make compile and remove matrix check

* Update codeql.yml

* Update codeql.yml

* retry autobuild

* Update codeql.yml

* try autobuild with generated stub

* chore: change init step for codeQL

* chore: codeql

* chore: try new codeql version

* chore: new codeql-action version

* chore: new codeql-action version

* chore: new codeql-action version

* chore: new codeql-action version

---------

Co-authored-by: Stefan Benz <stefan@caos.ch>
2024-02-16 10:54:41 +00:00
Stefan Benz
35c313c691
docs: add mocksaml for saml sp example (#7355)
Co-authored-by: Fabi <fabienne@zitadel.com>
2024-02-15 14:34:02 +01:00
Livio Spring
104034c628
chore(api): initial definition of API for user schemas (user v3 and user schema v3 service) (#7372)
Adds the initial proto definition for a new user service (v3) based on user schema and it's corresponding user schema service (v3)
2024-02-15 11:22:48 +01:00
Livio Spring
d5266ea51c
fix: set user agent cookie on host only (without subdomains) (#7297)
This PR changes the domain / prefix of the user agent cookie from including the subdomain to the domain only and therefore changing the prefix from __Secure to __Host.

Note:
As the cookie is used to determine existing session on the login UI, applying the change will require end-users to start a new session on the next login, since the existing ones cannot be retrieved anymore.
2024-02-15 07:53:59 +01:00
Stefan Benz
198bc017b8
feat: actions v2 execution targets command side (#7384)
Adds the API to create, update, delete targets for execution in a new ExecutionService (v3alpha)
2024-02-15 05:39:10 +00:00