18 Commits

Author SHA1 Message Date
Livio Spring
e2e1100124
feat(idp): provide auto only options (#8420)
# Which Problems Are Solved

As of now, **automatic creation** and **automatic linking options** were
only considered if the corresponding **allowed option** (account
creation / linking allowed) was enabled.

With this PR, this is no longer needed and allows administrators to
address cases, where only an **automatic creation** is allowed, but
users themselves should not be allowed to **manually** create new
accounts using an identity provider or edit the information during the
process.
Also, allowing users to only link to the proposed existing account is
now possible with an enabled **automatic linking option**, while
disabling **account linking allowed**.

# How the Problems Are Solved

- Check for **automatic** options without the corresponding **allowed**
option.
- added technical advisory to notify about the possible behavior change

# Additional Changes

- display the error message on the IdP linking step in the login UI (in
case there is one)
- display an error in case no option is possible
- exchanged deprecated `eventstoreExpect` with `expectEventstore` in
touched test files

# Additional Context

closes https://github.com/zitadel/zitadel/issues/7393

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-08-14 13:04:26 +00:00
Stefan Benz
7d2d85f57c
feat: api v2beta to api v2 (#8283)
# Which Problems Are Solved

The v2beta services are stable but not GA.

# How the Problems Are Solved

The v2beta services are copied to v2. The corresponding v1 and v2beta
services are deprecated.

# Additional Context

Closes #7236

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2024-07-26 22:39:55 +02:00
Tim Möhlmann
f9742a58f4
fix(import): add tracing spans to all import related functions (#8160)
# Which Problems Are Solved

This fix adds tracing spans to all V1 API import related functions. This
is to troubleshoot import related performance issues reported to us.

# How the Problems Are Solved

Add a tracing span to `api/grpc/admin/import.go` and all related
functions that are called in the `command` package.

# Additional Changes

- none

# Additional Context

- Reported by internal communication
2024-06-19 12:56:33 +02:00
Stefan Benz
84644214d7
fix: remove resourceowner read from context in user v2 api (#7641)
* fix: remove resourceowner read from context in user v2 api

* fix: lint

* fix: remove orgID in addIDPLink

* fix: remove comment as unnecessary

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-03-27 18:22:17 +00:00
Livio Spring
aa3c352ae7
fix: update external username on idp if auto update is enabled (#7048)
* fix: update external username on idp if auto update is enabled

* update errors package
2023-12-08 18:22:07 +01:00
Tim Möhlmann
f680dd934d
refactor: rename package errors to zerrors (#7039)
* chore: rename package errors to zerrors

* rename package errors to gerrors

* fix error related linting issues

* fix zitadel error assertion

* fix gosimple linting issues

* fix deprecated linting issues

* resolve gci linting issues

* fix import structure

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-12-08 15:30:55 +01:00
Silvan
b5564572bc
feat(eventstore): increase parallel write capabilities (#5940)
This implementation increases parallel write capabilities of the eventstore.
Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and  [06](https://zitadel.com/docs/support/advisory/a10006).
The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`.
If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 12:19:10 +02:00
Livio Spring
a628f2222e
fix: restrict AllowRegistration check to local registration (#5939)
* fix: restrict AllowRegistration check to local registration

* add comment

* add additional tests

* hide registration fields if no registration allowed

* fix: always allow linking and creation of external idps on users in userV2 and admin import

* chore: exclude console dist and node_module folders from cache

* chore: include node_module folders into cache again

* linting

(cherry picked from commit 66772ad0dd4746fbe9ddabb4cdd254ac5fb03028)
2023-08-25 16:02:05 +02:00
Livio Spring
e000213817
fix: migrate external id of federated users (#6312)
* feat: migrate external id

* implement tests and some renaming

* fix projection

* cleanup

* i18n

* fix event type

* handle migration for new services as well

* typo

(cherry picked from commit 45262e682972723412be631adaaa1dc50ce481e9)
2023-08-04 11:49:01 +02:00
Stefan Benz
fa8f191812
feat: v2alpha user service idp endpoints (#5879)
* feat: v2alpha user service idp endpoints

* feat: v2alpha user service intent endpoints

* begin idp intents (callback)

* some cleanup

* runnable idp authentication

* cleanup

* proto cleanup

* retrieve idp info

* improve success and failure handling

* some unit tests

* grpc unit tests

* add permission check AddUserIDPLink

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* provider from write model

* fix idp type model and add integration tests

* proto cleanup

* fix integration test

* add missing import

* add more integration tests

* auth url test

* feat: v2alpha intent writemodel refactoring

* remove unused functions

* check token on RetrieveIdentityProviderInformation

* feat: v2alpha intent writemodel refactoring

* fix TestServer_RetrieveIdentityProviderInformation

* fix test

* i18n and linting

* feat: v2alpha intent review changes

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-24 18:29:58 +00:00
Livio Spring
48f9815b7c
feat(login): use new IDP templates (#5315)
The login uses the new template based IDPs with backwards compatibility for old IDPs
2023-02-28 21:20:58 +01:00
Stefan Benz
69230def56
fix(user): move check if user is existing from user idp link (#4363)
* fix(user): move check if user is existing from user idp link

* fix(user): correct unit tests for user link bulk

* fix(user): correct placement of existing user check for user link

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-09-14 12:21:23 +00:00
Silvan
60b2092d2c
fix(import): check exists (#4268)
* fix(import): check if org exists and user

* refactor: imports

* fix(user): ignore malformed events

* refactor: method naming

* fix: test

* refactor: correct errors.Is call
2022-08-29 17:09:07 +02:00
Stefan Benz
bc9a85daf3
feat: V2 alpha import and export of organizations (#3798)
* feat(import): add functionality to import data into an instance

* feat(import): move import to admin api and additional checks for nil pointer

* fix(export): export implementation with filtered members and grants

* fix: export and import implementation

* fix: add possibility to export hashed passwords with the user

* fix(import): import with structure of v1 and v2

* docs: add v1 proto

* fix(import): check im imported user is already existing

* fix(import): add otp import function

* fix(import): add external idps, domains, custom text and messages

* fix(import): correct usage of default values from login policy

* fix(export): fix renaming of add project function

* fix(import): move checks for unit tests

* expect filter

* fix(import): move checks for unit tests

* fix(import): move checks for unit tests

* fix(import): produce prerelease from branch

* fix(import): correctly use provided user id for machine user imports

* fix(import): corrected otp import and added guide for export and import

* fix: import verified and primary domains

* fix(import): add reading from gcs, s3 and localfile with tracing

* fix(import): gcs and s3, file size correction and error logging

* Delete docker-compose.yml

* fix(import): progress logging and count of resources

* fix(import): progress logging and count of resources

* log subscription

* fix(import): incorporate review

* fix(import): incorporate review

* docs: add suggestion for import

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix(import): add verification otp event and handling of deleted but existing users

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-28 13:42:35 +00:00
Florian Forster
fa9f581d56
chore(v2): move to new org (#3499)
* chore: move to new org

* logging

* fix: org rename caos -> zitadel

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Fabi
9d4f296c62
fix: rename iam to instance (#3345)
* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename orgiampolicy to domain policy

* fix: merge conflicts

* fix: protos

* fix: md files

* implement deprecated org iam policy again

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-24 16:21:34 +00:00
Silvan
09be70949f
refactor(eventstore): rename EventPusher to Command, EventReader to Event, PushEvents to Push and FilterEvents to Filter (#2907) 2022-01-03 09:19:07 +01:00
Silvan
92f9eedbe0
fix(projections): user idp link projection (#2583)
* fix(projections): add app

* fix(migration): add index for project_id

* test: app projection

* fix(projections): add idp_user_link

* test: idp user link

* fix: migration versions

* refactor: rename externalIDP to UserIDPLink

* fix: interface methods
2021-11-02 10:08:47 +01:00