Commit Graph

2792 Commits

Author SHA1 Message Date
Livio Spring
4d85013ffb
chore: update stable (#6690) 2023-10-10 08:28:09 +02:00
Livio Spring
907a1611ac
fix(login): error case for unknown usernames correctly (#6689)
(cherry picked from commit 8549dd7a3d)
2023-10-10 07:41:16 +02:00
Elio Bischof
377a885e79
docs: fix typos (#6688) 2023-10-09 15:31:16 +00:00
Livio Spring
8549dd7a3d
fix(login): error case for unknown usernames correctly (#6689) 2023-10-09 15:05:25 +00:00
Stefan Benz
3689624232
test: correct used client api call in integration test (#6685)
fix: correct used client api call in integration test

Co-authored-by: Livio Spring <livio.a@gmail.com>
(cherry picked from commit 6ce11a416a)
2023-10-09 14:18:57 +02:00
Livio Spring
dee9d8d3a7
Merge branch 'main' into next
# Conflicts:
#	cmd/start/start.go
#	internal/auth/repository/eventsourcing/eventstore/auth_request.go
#	internal/auth/repository/eventsourcing/repository.go
#	internal/command/main_test.go
#	internal/command/quota.go
#	internal/command/quota_model.go
#	internal/command/quota_model_test.go
2023-10-09 14:18:29 +02:00
Stefan Benz
6ce11a416a
test: correct used client api call in integration test (#6685)
fix: correct used client api call in integration test

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-10-09 12:09:51 +00:00
Miguel Cabrerizo
8c68f8ed3a
feat(console): only use one save button in SMTP Settings (#6561)
seperate smtp settings from notification providers
2023-10-09 11:14:17 +00:00
Livio Spring
827ce8809d
fix: use enum for instance feature in system api (#6682)
* fix: use enum for instance feature in system api

* add feature.proto to lint ignore
2023-10-09 12:33:23 +02:00
Livio Spring
8ca053fad3
fix: respect "Ignore unknown usernames" on password reset
Merge pull request from GHSA-v683-rcxx-vpff

(cherry picked from commit 54676eda98)
2023-10-09 12:12:16 +02:00
Livio Spring
9696fde676
fix: reduce origin check to tokens issued through code and implicit flow (#6681)
fix: only check origin for tokens issued to users through apps (code / implicit flow)
2023-10-09 10:08:18 +00:00
Livio Spring
54676eda98
Merge pull request from GHSA-v683-rcxx-vpff 2023-10-09 11:47:43 +02:00
mffap
b30d8b3ff5
docs(integrate): argo cd (#6523)
* docs(integrate): argo cd

* update to latest
2023-10-09 09:35:55 +00:00
Livio Spring
e3ac217424
fix: ensure no events are skipped on token check (#6663)
fix: ensure no events are skipped on token check
2023-10-09 09:26:27 +02:00
Stefan Benz
15fd3045e0
feat: add SAML as identity provider (#6454)
* feat: first implementation for saml sp

* fix: add command side instance and org for saml provider

* fix: add query side instance and org for saml provider

* fix: request handling in event and retrieval of finished intent

* fix: add review changes and integration tests

* fix: add integration tests for saml idp

* fix: correct unit tests with review changes

* fix: add saml session unit test

* fix: add saml session unit test

* fix: add saml session unit test

* fix: changes from review

* fix: changes from review

* fix: proto build error

* fix: proto build error

* fix: proto build error

* fix: proto require metadata oneof

* fix: login with saml provider

* fix: integration test for saml assertion

* lint client.go

* fix json tag

* fix: linting

* fix import

* fix: linting

* fix saml idp query

* fix: linting

* lint: try all issues

* revert linting config

* fix: add regenerate endpoints

* fix: translations

* fix mk.yaml

* ignore acs path for user agent cookie

* fix: add AuthFromProvider test for saml

* fix: integration test for saml retrieve information

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 11:26:14 +02:00
Livio Spring
2e99d0fe1b
fix(email): UTF-8 "Q" encode subject header (#6637)
fix(email): UTF-8 "Q" encode subject header
2023-09-29 08:53:45 +00:00
Livio Spring
68bfab2fb3
feat(login): use default org for login without provided org context (#6625)
* start feature flags

* base feature events on domain const

* setup default features

* allow setting feature in system api

* allow setting feature in admin api

* set settings in login based on feature

* fix rebasing

* unit tests

* i18n

* update policy after domain discovery

* some changes from review

* check feature and value type

* check feature and value type
2023-09-29 08:21:32 +00:00
Max Peintner
d01f4d229f
fix(console): move org domains into settings page of the organization (#6612)
* fix: hide domains settings for unauthorized users

* refine sidenav object mapping

* move domains to settings

* change docs

* set anchor to list element

* remove canwrite check in ngif

---------

Co-authored-by: Miguel A. C <doncicuto@gmail.com>
2023-09-29 09:31:35 +02:00
Miguel Cabrerizo
eb31c2a3be
fix(cnsl): hide new auth button if no routerlink (#6640)
* fix(cnsl): hide new auth button if no routerlink

* fix: add @peintnermax suggestions

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-09-29 08:39:30 +02:00
Max Peintner
0a2e6dcfb3
chore(console): npm dependencies (#6626)
* chore(deps-dev): bump eslint from 8.46.0 to 8.50.0 in /console (#6618)

Bumps [eslint](https://github.com/eslint/eslint) from 8.46.0 to 8.50.0.
- [Release notes](https://github.com/eslint/eslint/releases)
- [Changelog](https://github.com/eslint/eslint/blob/main/CHANGELOG.md)
- [Commits](https://github.com/eslint/eslint/compare/v8.46.0...v8.50.0)

---
updated-dependencies:
- dependency-name: eslint
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @types/node from 18.16.10 to 20.6.5 in /console (#6617)

Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 18.16.10 to 20.6.5.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node)

---
updated-dependencies:
- dependency-name: "@types/node"
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump protobufjs from 7.2.3 to 7.2.5 in /console (#6584)

Bumps [protobufjs](https://github.com/protobufjs/protobuf.js) from 7.2.3 to 7.2.5.
- [Release notes](https://github.com/protobufjs/protobuf.js/releases)
- [Changelog](https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md)
- [Commits](https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.2.3...protobufjs-v7.2.5)

---
updated-dependencies:
- dependency-name: protobufjs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>

* chore(deps-dev): bump @types/jasmine from 4.3.5 to 4.3.6 in /console (#6581)

Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 4.3.5 to 4.3.6.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)

---
updated-dependencies:
- dependency-name: "@types/jasmine"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump @grpc/grpc-js from 1.8.14 to 1.9.3 in /console (#6578)

Bumps [@grpc/grpc-js](https://github.com/grpc/grpc-node) from 1.8.14 to 1.9.3.
- [Release notes](https://github.com/grpc/grpc-node/releases)
- [Commits](https://github.com/grpc/grpc-node/compare/@grpc/grpc-js@1.8.14...@grpc/grpc-js@1.9.3)

---
updated-dependencies:
- dependency-name: "@grpc/grpc-js"
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @types/qrcode from 1.5.0 to 1.5.2 in /console (#6477)

Bumps [@types/qrcode](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/qrcode) from 1.5.0 to 1.5.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/qrcode)

---
updated-dependencies:
- dependency-name: "@types/qrcode"
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump prettier from 2.8.8 to 3.0.3 in /console (#6476)

Bumps [prettier](https://github.com/prettier/prettier) from 2.8.8 to 3.0.3.
- [Release notes](https://github.com/prettier/prettier/releases)
- [Changelog](https://github.com/prettier/prettier/blob/main/CHANGELOG.md)
- [Commits](https://github.com/prettier/prettier/compare/2.8.8...3.0.3)

---
updated-dependencies:
- dependency-name: prettier
  dependency-type: direct:development
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump socket.io-parser from 4.2.2 to 4.2.4 in /console (#6376)

Bumps [socket.io-parser](https://github.com/socketio/socket.io-parser) from 4.2.2 to 4.2.4.
- [Release notes](https://github.com/socketio/socket.io-parser/releases)
- [Changelog](https://github.com/socketio/socket.io-parser/blob/main/CHANGELOG.md)
- [Commits](https://github.com/socketio/socket.io-parser/compare/4.2.2...4.2.4)

---
updated-dependencies:
- dependency-name: socket.io-parser
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump semver from 5.7.1 to 5.7.2 in /console (#6375)

Bumps [semver](https://github.com/npm/node-semver) from 5.7.1 to 5.7.2.
- [Release notes](https://github.com/npm/node-semver/releases)
- [Changelog](https://github.com/npm/node-semver/blob/v5.7.2/CHANGELOG.md)
- [Commits](https://github.com/npm/node-semver/compare/v5.7.1...v5.7.2)

---
updated-dependencies:
- dependency-name: semver
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* lint

* node types

* use node 20

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-09-28 14:59:58 +02:00
Max Peintner
e9148e96c7
fix(login): firefox MFA radio mouse target (#6632)
fix: mfa radio for firefox
2023-09-28 08:15:01 +02:00
mffap
e4af360d39
docs(legal): move feature development policy (#6354)
* docs(legal): move feature development policy

* initial policy

* fix links

* Apply suggestions from code review
2023-09-27 09:27:31 +00:00
Tim Möhlmann
d380627e80
feat(passwap): base64 standard encoding for pbkdf2 (#6629)
Upgrade passwap to include the above feature.
2023-09-27 08:00:46 +02:00
Stefan Benz
2823678eb6
fix: add userID to intent responses (#6566)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-25 05:21:50 +00:00
Miguel Cabrerizo
689655a50d
fix(console): hide domains settings for unauthorized users (#6602)
fix: hide domains settings for unauthorized users

Co-authored-by: Max Peintner <max@caos.ch>
2023-09-22 15:53:23 +02:00
Elio Bischof
520f87d9b1
test: duplicate quota notifications (#6610) 2023-09-22 13:33:23 +02:00
Elio Bischof
1d4ec6cdba
fix: set quotas (#6597)
* feat: set quotas

* fix: start new period on younger anchor

* cleanup e2e config

* fix set notifications

* lint

* test: fix quota projection tests

* fix add quota tests

* make quota fields nullable

* enable amount 0

* fix initial setup

* create a prerelease

* avoid success comments

* fix quota projection primary key

* Revert "fix quota projection primary key"

This reverts commit e72f4d7fa1.

* simplify write model

* fix aggregate id

* avoid push without changes

* test set quota lifecycle

* test set quota mutations

* fix quota unit test

* fix: quotas

* test quota.set event projection

* use SetQuota in integration tests

* fix: release quotas 3

* reset releaserc

* fix comment

* test notification order doesn't matter

* test notification order doesn't matter

* test with unmarshalled events

* test with unmarshalled events

(cherry picked from commit ae1af6bc8c)
2023-09-22 13:06:59 +02:00
Elio Bischof
ae1af6bc8c
fix: set quotas (#6597)
* feat: set quotas

* fix: start new period on younger anchor

* cleanup e2e config

* fix set notifications

* lint

* test: fix quota projection tests

* fix add quota tests

* make quota fields nullable

* enable amount 0

* fix initial setup

* create a prerelease

* avoid success comments

* fix quota projection primary key

* Revert "fix quota projection primary key"

This reverts commit e72f4d7fa1.

* simplify write model

* fix aggregate id

* avoid push without changes

* test set quota lifecycle

* test set quota mutations

* fix quota unit test

* fix: quotas

* test quota.set event projection

* use SetQuota in integration tests

* fix: release quotas 3

* reset releaserc

* fix comment

* test notification order doesn't matter

* test notification order doesn't matter

* test with unmarshalled events

* test with unmarshalled events
2023-09-22 09:37:16 +00:00
Tim Möhlmann
e6d273b328
chore(deps): bump oidc (#6607)
* chore(deps): bump oidc

Include the Issuer from Frowarded header feature

* use the new constructor
2023-09-22 11:05:11 +02:00
Dakshitha Ratnayake
cf24d709f2
docs: Added the device authorization example. (#6598)
* Added the device authorization example.

* Update docs/docs/guides/solution-scenarios/device-authorization.mdx

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update docs/docs/guides/solution-scenarios/device-authorization.mdx

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-09-22 08:21:38 +05:30
Livio Spring
41e31aad41
fix: only reuse active session and use correct policies (from user org) (#6603)
(cherry picked from commit 593d1605ab)
2023-09-21 16:57:03 +02:00
Livio Spring
593d1605ab
fix: only reuse active session and use correct policies (from user org) (#6603) 2023-09-21 16:45:41 +02:00
Miguel Cabrerizo
7faab0378f
feat(console): more emphasize to preferred login name in user's table and detail (#6588)
* feat: poc

* feat: more emphasize to preferred login name in user's table and detail

* fix: add @peintnermax suggestions

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-09-21 09:42:11 +02:00
Fabi
7edc73bd5e
fix: Domains problematic (#6564)
* docs: disable validate org domains per default, and have a better label

* docs: rename to $CUSTOM-DOMAIN

* docs: translation

* docs: tranlsations

* docs: tranlsations

* docs: allow domain discovery

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-09-20 12:45:11 +02:00
Miguel Cabrerizo
57d8ff1ef6
fix(console): if Validate Org domains is disabled don't show domain verification dialog (#6572)
* fix: don't show verify domain if policy disabled

* fix: refactor code
2023-09-19 16:12:49 +02:00
Miguel Cabrerizo
12f53767d6
fix(console): don't show empty profile when signed out (#6573)
Co-authored-by: Max Peintner <max@caos.ch>
2023-09-19 13:10:50 +00:00
Anthony Lawn
ebb8f92e85
fix: Increase suffix wrapper to 200px wide (#6590)
Increase suffix wrapper to 200px wide

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Max Peintner <max@caos.ch>
2023-09-19 12:37:11 +00:00
Miguel Cabrerizo
f9bb250698
feat: improve Password.NotChanged message (#6589)
* feat: improve Password.NotChanged message

* Update internal/api/ui/login/static/i18n/de.yaml

* Update internal/static/i18n/de.yaml

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-09-19 12:05:49 +00:00
Dakshitha Ratnayake
599a1ddd78
docs:change titles (#6582)
* Modified quick start guide to reflect the new onboarding changes.

* Modified titles to optimize indexing. Left thet titles in title case for now.

* Added side bar labels and also made minor changes to titles.

* Update docs/docs/apis/openidoauth/endpoints.mdx

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-09-19 13:50:00 +02:00
Anthony Lawn
a5decda201
fix: inconsistencies and other minor issues in English strings (#6591)
Fixed inconsistencies and other minor issues in English strings

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-09-19 08:33:01 +02:00
mffap
bf9afdf2d7
docs(integrate): apache 2.0 (#6571)
* docs(integrate): apache 2.0

* finalize

* Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-19 07:02:55 +02:00
wackbyte
4bebcd6c0f
fix: typo in "file too big" error message (#6577)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-09-18 13:08:32 +00:00
Fabi
3465264eef
docs: Rename secret appereance to secret generator (#6519)
* docs: secret generator

* docs: secret generator naming

* docs: rename secret appeareance to secret generator

* docs: rename secret appeareance to secret generator

* Update console/src/assets/i18n/it.json

Co-authored-by: Max Peintner <max@caos.ch>

* Update console/src/assets/i18n/es.json

Co-authored-by: Max Peintner <max@caos.ch>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Max Peintner <max@caos.ch>

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-09-18 10:57:52 +02:00
Stefan Benz
3183ba22d4
fix: update saml to v0.1.2 (#6570)
* fix: update saml to v0.1.2

* docs: add optional to RelayState for SAML API

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-18 05:59:57 +00:00
Dishan Sivakumaran
e5083b62a6
fix: apple idp configuration (#6575)
* docs(apple-idp): remove client id and secret from documentation, as it is not needed

* fix(apple-idp): fix reading of key file by using content type of file
2023-09-18 05:39:55 +00:00
Tim Möhlmann
9266f8f00b
fix(command): allow email as username (#6565)
Fixes #6460

Made the username checks consistent with create human user.
2023-09-15 15:29:29 +00:00
Elio Bischof
5823fdbef9
perf: project quotas and usages (#6441)
* project quota added

* project quota removed

* add periods table

* make log record generic

* accumulate usage

* query usage

* count action run seconds

* fix filter in ReportQuotaUsage

* fix existing tests

* fix logstore tests

* fix typo

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* move notifications into debouncer and improve limit querying

* cleanup

* comment

* fix: add quota unit tests command side

* fix remaining quota usage query

* implement InmemLogStorage

* cleanup and linting

* improve test

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* action notifications and fixes for notifications query

* revert console prefix

* fix: add quota unit tests command side

* fix: add quota integration tests

* improve accountable requests

* improve accountable requests

* fix: add quota integration tests

* fix: add quota integration tests

* fix: add quota integration tests

* comment

* remove ability to store logs in db and other changes requested from review

* changes requested from review

* changes requested from review

* Update internal/api/http/middleware/access_interceptor.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* tests: fix quotas integration tests

* improve incrementUsageStatement

* linting

* fix: delete e2e tests as intergation tests cover functionality

* Update internal/api/http/middleware/access_interceptor.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* backup

* fix conflict

* create rc

* create prerelease

* remove issue release labeling

* fix tracing

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
(cherry picked from commit 1a49b7d298)
2023-09-15 17:00:12 +02:00
Elio Bischof
1a49b7d298
perf: project quotas and usages (#6441)
* project quota added

* project quota removed

* add periods table

* make log record generic

* accumulate usage

* query usage

* count action run seconds

* fix filter in ReportQuotaUsage

* fix existing tests

* fix logstore tests

* fix typo

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* move notifications into debouncer and improve limit querying

* cleanup

* comment

* fix: add quota unit tests command side

* fix remaining quota usage query

* implement InmemLogStorage

* cleanup and linting

* improve test

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* fix: add quota unit tests command side

* action notifications and fixes for notifications query

* revert console prefix

* fix: add quota unit tests command side

* fix: add quota integration tests

* improve accountable requests

* improve accountable requests

* fix: add quota integration tests

* fix: add quota integration tests

* fix: add quota integration tests

* comment

* remove ability to store logs in db and other changes requested from review

* changes requested from review

* changes requested from review

* Update internal/api/http/middleware/access_interceptor.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* tests: fix quotas integration tests

* improve incrementUsageStatement

* linting

* fix: delete e2e tests as intergation tests cover functionality

* Update internal/api/http/middleware/access_interceptor.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* backup

* fix conflict

* create rc

* create prerelease

* remove issue release labeling

* fix tracing

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-09-15 16:58:45 +02:00
Livio Spring
b688d6f842
Merge branch 'main' into next 2023-09-15 15:46:06 +02:00
Livio Spring
b4d0d2c9a7
chore(webauthn): add logs (#6569) 2023-09-15 13:43:38 +00:00