* feat(api): add password reset and change to user service
* integration tests
* invalidate password check after password change
* handle notification type
* fix proto
* fix: nil pointer on create instance add machine
* fix: instance setup with machine user pat
* fix: correct logic to write pat and key from setup without configurable scope
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix: token for post authentication action and change phone and email
* fix checks and add tests
* improve change checks and add tests
* add more tests
* remove unintended test
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
* command/crypto: DRY the code
- reuse the the algorithm switch to create a secret generator
- add a verifyCryptoCode function
* command: crypto code tests
* migrate webauthn package
* finish integration tests with webauthn mock client
* feat: add v2alpha policies service
* feat: add v2alpha policies service
* fix: rename of attributes and messages in v2alpha api
* fix: rename of attributes and messages in v2alpha api
* fix: linter corrections
* fix: review corrections
* fix: review corrections
* fix: review corrections
* fix: review corrections
* fix grpc
* refactor: rename to settings and more
* Apply suggestions from code review
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
* add service to docs and rename legal settings
* unit tests for converters
* go mod tidy
* ensure idp name and return list details
* fix: use correct resource owner for active idps
* change query to join
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* fix: 404 for robots.txt and meta robots tags
* fix: add unit tests for robots txt and tag
* fix: add meta tag robots none for login pages
* fix: weird format issue in header.go
* fix: add x-robots-tag=none to grpcwebserver
* fix linting
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* begin user creation
* change protos
* implement metadata and move context
* merge commands
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
* update email requests
* rename proto requests
* cleanup and docs
* simplify
* simplify
* fix setup
* remove unused proto messages / fields
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* device auth: implement the write events
* add grant type device code
* fix(init): check if default value implements stringer
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
* chore(console): remove first and lastName fallback from user
* use display name and ensure it's set without required name fields
* add user type to user grant and memberships responses
* contributor, members
* fix avatar display checks
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Correct conditions on when the user gets updated through actions in post-authentication, with an added boolean for checking if anything changed in the actions.
add authURL parameters to urls for external IDPs, depended on the contents of the authRequest
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
* deprecated `ctx.v1.userinfo`-field in "pre userinfo creation" trigger in favour of `ctx.v1.claims`. The trigger now behaves the same as "pre access token creation"
* added `ctx.v1.claims` to "complement tokens" flow
* added `ctx.v1.grants` to "complement tokens" flow
* document `ctx.v1.getUser()` in "complement tokens" flow
* feat(actions): add getUser() and grant
* map user grants
* map claims
* feat(actions): claims in complement token ctx
* docs(actions): add new fields of complement token
* docs(actions): additions to complement token
* docs(actions): correct field names
Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
* fix(actions): provide browser info and handle nil pointer
* fix(actions): use correct user id in post registration
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
* feat: request users ordered by creation date
* fix: missing case for creationDate in user-table
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future.
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
* Add Polish translations
* Add references to Polish translations in files
* Make a consistent translation of languages in Chinese translation
* Add missing language references to fr, it and zh
* Translation corrections
* Add missing language references to zh
* Translation corrections
* add latest translation keys
* Translation corrections and addition of some new ones
* translate auth requests exhausted
* add new untranslated keys
* Translation corrections, fix indentation
---------
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Add functionality to configure the access token type on the service accounts to provide the oidc library with the necessary information to create the right type of access token.
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
