Elio Bischof
885e3385aa
fix: send exhausted property in env json ( #5877 )
2023-05-17 11:41:54 +02:00
Livio Spring
383e68b819
Merge branch 'main' into grcp-server-reflect
2023-05-16 10:51:32 +02:00
Elio Bischof
0e251a29c8
fix: set exhausted cookie with env json ( #5868 )
...
* fix: set exhausted cookie with env json
* lint
2023-05-15 08:51:02 +02:00
Silvan
098c27d3da
fix: render authrequest id only if possible ( #5823 )
2023-05-11 16:02:34 +00:00
Stefan Benz
8d13f170e8
feat(api): new settings service ( #5775 )
...
* feat: add v2alpha policies service
* feat: add v2alpha policies service
* fix: rename of attributes and messages in v2alpha api
* fix: rename of attributes and messages in v2alpha api
* fix: linter corrections
* fix: review corrections
* fix: review corrections
* fix: review corrections
* fix: review corrections
* fix grpc
* refactor: rename to settings and more
* Apply suggestions from code review
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
* add service to docs and rename legal settings
* unit tests for converters
* go mod tidy
* ensure idp name and return list details
* fix: use correct resource owner for active idps
* change query to join
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-11 09:23:40 +00:00
Elio Bischof
35a0977663
fix: improve exhausted SetCookie header ( #5789 )
...
* fix: remove access interceptor for console
* feat: template quota cookie value
* fix: send exhausted cookie from grpc-gateway
* refactor: remove ineffectual err assignments
* Update internal/api/grpc/server/gateway.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* use dynamic host header to find instance
* add instance mgmt url to environment.json
* support hosts with default ports
* fix linting
* docs: update lb example
* print access logs to stdout
* fix grpc gateway exhausted cookies
* cleanup
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-11 09:24:44 +02:00
Tim Möhlmann
1461d9ec6d
Merge branch 'main' into grcp-server-reflect
2023-05-07 16:47:52 +02:00
Tim Möhlmann
62b4c31834
add server reflection to Probes list
2023-05-07 16:47:43 +02:00
Livio Spring
c2cb84cd24
feat(api): new session service ( #5801 )
...
* backup new protoc plugin
* backup
* session
* backup
* initial implementation
* change to specific events
* implement tests
* cleanup
* refactor: use new protoc plugin for api v2
* change package
* simplify code
* cleanup
* cleanup
* fix merge
* start queries
* fix tests
* improve returned values
* add token to projection
* tests
* test db map
* update query
* permission checks
* fix tests and linting
* rework token creation
* i18n
* refactor token check and fix tests
* session to PB test
* request to query tests
* cleanup proto
* test user check
* add comment
* simplify database map type
* Update docs/docs/guides/integrate/access-zitadel-system-api.md
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
* fix test
* cleanup
* docs
---------
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-05 15:34:53 +00:00
Miguel Cabrerizo
3ca7147808
fix: introduce measures to avoid bots crawling and indexing activities ( #5728 )
...
* fix: 404 for robots.txt and meta robots tags
* fix: add unit tests for robots txt and tag
* fix: add meta tag robots none for login pages
* fix: weird format issue in header.go
* fix: add x-robots-tag=none to grpcwebserver
* fix linting
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-05 10:25:02 +02:00
Livio Spring
f1534c0c4c
refactor: use new protoc plugin for api v2 ( #5798 )
...
* refactor: use new protoc plugin for api v2
* simplify code
2023-05-04 08:50:19 +00:00
Tim Möhlmann
4934d6f4fa
Merge branch 'main' into integration-tests
2023-05-02 19:24:37 +03:00
Tim Möhlmann
c839cb3ce0
tie loose ends, documentation
2023-05-02 19:24:24 +03:00
Livio Spring
e0505b2def
fix: use correct org id for external authentication actions ( #5793 )
2023-05-02 16:03:33 +00:00
Silvan
40bf7e49cc
fix: correct tracing in access interceptor ( #5766 )
2023-05-02 08:46:44 +00:00
Tim Möhlmann
f011882b2d
Merge branch 'main' into grcp-server-reflect
2023-04-30 14:40:13 +03:00
Tim Möhlmann
498c4436ae
inegration tests for user email
2023-04-28 17:44:59 +03:00
Tim Möhlmann
4b7f5ae186
AddHumanUser tests
2023-04-28 14:39:53 +03:00
Tim Möhlmann
11ab645bb7
Merge branch 'main' into integration-tests
2023-04-27 12:47:35 +03:00
Tim Möhlmann
1dc46b16b0
remove negated integration tags
2023-04-26 19:55:13 +03:00
Tim Möhlmann
90ba3a8d92
poll on test start
2023-04-26 19:54:47 +03:00
Livio Spring
6774e7f444
fix: handle userID and context correctly ( #5755 )
...
* fix: handle userID and context correctly
* fix linting
2023-04-26 16:19:32 +02:00
Livio Spring
e4a4b7cfbe
feat(api): add user creation to user service ( #5745 )
...
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35
.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* begin user creation
* change protos
* implement metadata and move context
* merge commands
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
* update email requests
* rename proto requests
* cleanup and docs
* simplify
* simplify
* fix setup
* remove unused proto messages / fields
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-26 07:47:57 +02:00
Elio Bischof
c12c2f09a4
fix: switch log level of failed locks to debug ( #5746 )
2023-04-25 19:20:59 +02:00
Tim Möhlmann
79084089ea
add github action for integration tests
2023-04-25 18:11:04 +03:00
Tim Möhlmann
a22b58f1c0
simple test of a health endpoint
2023-04-25 15:04:35 +03:00
Silvan
095ec21678
feat: user v2alpha email API ( #5708 )
...
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35
.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 09:02:29 +02:00
Tim Möhlmann
5819924275
feat: device authorization RFC 8628 ( #5646 )
...
* device auth: implement the write events
* add grant type device code
* fix(init): check if default value implements stringer
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-19 08:46:02 +00:00
Miguel Cabrerizo
d140f9373a
feat: Zitadel translated into Spanish ( #5634 )
...
* feat: spanish translation in progress
* feat: 85% of translated strings
* feat: spanish translation 95% done
* fix: fix some typos
* fix: add missing translations for recent commits
* Apply suggestions from code review
Co-authored-by: Livio Spring <livio.a@gmail.com>
---------
Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-14 15:53:19 +02:00
Tim Möhlmann
27e9852367
feat: enable grpc server reflection
2023-04-14 16:34:12 +03:00
Max Peintner
2ec36bd63b
fix(console): add state filter to org table, filter context ( #5650 )
...
* fix: add state filter to org table, filter context
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-12 15:02:54 +02:00
Silvan
ed2588f13d
fix(idp): handle scopes in azureAD ( #5665 )
2023-04-12 07:27:07 +02:00
Silvan
c216d6effd
fix(mfa): correct change url ( #5663 )
2023-04-11 19:27:18 +02:00
Max Peintner
1c1d66cbe8
chore(console): remove first and lastName fallback from user ( #5629 )
...
* chore(console): remove first and lastName fallback from user
* use display name and ensure it's set without required name fields
* add user type to user grant and memberships responses
* contributor, members
* fix avatar display checks
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-11 15:56:51 +00:00
Livio Spring
8bf36301ed
feat: allow skip of success page for native apps ( #5627 )
...
add possibility to return to callback directly after login without rendering the successful login page
2023-04-11 15:07:32 +00:00
Livio Spring
b3d8787921
feat: add new api services ( #5619 )
...
* feat: add new services
* improve demos and comments
* remove unused field
* add comment to demo proto calls
* Apply suggestions from code review
Co-authored-by: Silvan <silvan.reusser@gmail.com>
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-04-11 15:37:42 +02:00
Stefan Benz
440ba9f5ef
fix: update saml to v0.0.11 ( #5628 )
...
* fix: update saml to v0.0.11
* chore: remove unused sum
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-11 07:39:12 +00:00
Livio Spring
991a56341b
fix: role claims mapping ( #5601 )
...
* fix: role claims mapping
* update oidc pkg
* update oidc pkg
2023-04-04 12:36:39 +00:00
Silvan
e688954308
feat: role claims for service user tokens ( #5577 )
...
tokens of service users can now contain role claims by requesting them through scopes
2023-04-03 14:26:51 +02:00
Miguel Cabrerizo
1b9cea0e0c
feat: add Help/Support e-mail for instance/org ( #5445 )
...
feat: help and support email in privacy policy
2023-03-28 21:36:52 +02:00
Stefan Benz
12a7c4b994
fix: correct conditions for user update after actions in post authent… ( #5535 )
...
Correct conditions on when the user gets updated through actions in post-authentication, with an added boolean for checking if anything changed in the actions.
2023-03-28 12:53:21 +00:00
Tim Möhlmann
25c3c17986
chore: upgrade to oidc v2 release ( #5437 )
...
* chore: upgrade to oidc v2 release
* fix tests
* fix build errors after rebase
* pin oidc v2.1.0
* pin oidc v2.1.1 (include bugfix)
* pin oidc v2.1.2 (include bugfix)
* pin oidc v2.2.1 (bugfix)
include fix zitadel/oidc#349
* fix: refresh token handling
* simplify cognitive complexity
* fix: handle error
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-28 11:28:56 +00:00
Stefan Benz
41ff0bbc63
feat: ldap provider login ( #5448 )
...
Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Fabi
cf1ac30970
fix: remove unnecessary cancel button as cancel is not possible ( #5511 )
...
* fix: remove unnecessary cancel button as cancel is not possible
* fix: add missing tranlation
* fix: add missing tranlation
* docs: missing translations
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-24 08:00:56 +00:00
Livio Spring
1cf84b5a56
fix: map metadata correctly in actions ( #5526 )
2023-03-23 14:28:53 +01:00
tharuta
a8fe15829e
feat: internationalization Japanese (recreated) ( #5513 )
...
japanese translation
---------
Co-authored-by: Max Peintner <max@caos.ch>
2023-03-22 07:30:46 +01:00
Livio Spring
4ca50e0802
fix: check for empty applicationID on assertRoles ( #5509 )
...
* fix: check for empty applicationID on assertRoles
* remove unintended added file
2023-03-21 08:59:44 +01:00
Silvan
a3b36a0138
refactor(changes): use queries.SearchEvents
( #5388 )
...
* refactor(changes): use `queries.SearchEvents`
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-17 09:14:06 +00:00
Elio Bischof
09abf06d4d
refactor: rename config structs ( #5459 )
2023-03-16 17:24:30 +00:00
Livio Spring
1896f13952
fix: use idToken for mapping when using old configs ( #5458 )
...
* fix: use idToken for mapping when using old configs
* fix events and add tests
2023-03-16 16:47:22 +01:00
Elio Bischof
fecd197bf2
fix: open dialogs ( #5451 )
2023-03-15 14:40:35 +00:00
Livio Spring
5a307afe62
feat: add azure provider templates ( #5441 )
...
Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 07:48:37 +01:00
Elio Bischof
e00cc187fa
fix: make user creation errors helpful ( #5382 )
...
* fix: make user creation errors helpful
* fix linting and unit testing errors
* fix linting
* make zitadel config reusable
* fix human validations
* translate ssr errors
* make zitadel config reusable
* cover more translations for ssr
* handle email validation message centrally
* fix unit tests
* fix linting
* align signatures
* use more precise wording
* handle phone validation message centrally
* fix: return specific profile errors
* docs: edit comments
* fix unit tests
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-14 19:20:38 +00:00
Stefan Benz
f99cf50f69
fix: add authURLParams to urls for external idps ( #5404 )
...
add authURL parameters to urls for external IDPs, depended on the contents of the authRequest
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-14 15:42:29 +00:00
Livio Spring
c0843e6b4c
feat: add gitlab provider templates ( #5405 )
...
* feat(api): add google provider template
* refactor reduce functions
* handle removed event
* linting
* fix projection
* feat(api): add generic oauth provider template
* feat(api): add github provider templates
* feat(api): add github provider templates
* fixes
* proto comment
* fix filtering
* requested changes
* feat(api): add generic oauth provider template
* remove wrongly committed message
* increase budget for angular build
* fix linting
* fixes
* fix merge
* fix merge
* fix projection
* fix merge
* updates from previous PRs
* enable github providers in login
* fix merge
* fix test and add github styling in login
* cleanup
* feat(api): add gitlab provider templates
* fix: merge
* fix display of providers in login
* implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it
* fix merge
* fix merge and add tests for command side
* requested changes
* requested changes
* Update internal/query/idp_template.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix merge
* requested changes
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 17:34:29 +01:00
Silvan
eb4f7c5d7c
fix(auth): update user grants before check ( #5406 )
2023-03-13 08:03:49 +01:00
Livio Spring
26fdc3e84e
fix(api): return id_attribute of oauth provider ( #5397 )
2023-03-09 06:13:43 +00:00
Livio Spring
8cbde57047
fix(api): allow HTTP/1.1 for grpc-web ( #5376 )
...
Handles grpc-web on HTTP/1.1 with H2C for HTTP/2, but does not enforce it.
2023-03-08 18:33:43 +00:00
Silvan
20e4f1ce57
feat(actions): add fields to complement token flow ( #5336 )
...
* deprecated `ctx.v1.userinfo`-field in "pre userinfo creation" trigger in favour of `ctx.v1.claims`. The trigger now behaves the same as "pre access token creation"
* added `ctx.v1.claims` to "complement tokens" flow
* added `ctx.v1.grants` to "complement tokens" flow
* document `ctx.v1.getUser()` in "complement tokens" flow
* feat(actions): add getUser() and grant
* map user grants
* map claims
* feat(actions): claims in complement token ctx
* docs(actions): add new fields of complement token
* docs(actions): additions to complement token
* docs(actions): correct field names
2023-03-08 15:26:28 +01:00
Livio Spring
3042d7ef5c
feat: add github provider template ( #5334 )
...
Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
Livio Spring
2efa305e10
fix: use of generic oauth provider ( #5345 )
...
Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
Livio Spring
966df56026
fix(providers): set prompt select_account again ( #5329 )
2023-03-01 07:17:51 +00:00
Livio Spring
48f9815b7c
feat(login): use new IDP templates ( #5315 )
...
The login uses the new template based IDPs with backwards compatibility for old IDPs
2023-02-28 21:20:58 +01:00
Silvan
e38abdcdf3
perf: query data AS OF SYSTEM TIME
( #5231 )
...
Queries the data in the storage layser at the timestamp when the call hit the API layer
2023-02-27 22:36:43 +01:00
Livio Spring
80003939ad
feat(api): add oidc and jwt provider template ( #5290 )
...
Adds possibility to manage OIDC and JWT template based providers
2023-02-27 16:32:18 +01:00
Max Peintner
9396e8b2f5
fix(console): use authService for auth user page ( #5233 )
...
* auth grant
* fix: add missing attributes to ListMyUserGrantsResponse
* user grants typing
* typing
* auth grant link
* disable without role
* edit with auth grant
* chore(console): auto organize imports (#5293 )
fix(console): auto organize imports
* Update console/src/app/modules/user-grants/user-grants-datasource.ts
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/app/modules/user-grants/user-grants-datasource.ts
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/app/modules/user-grants/user-grants-datasource.ts
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* linter, rm unused import
* add examples again
* lint
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-02-27 12:03:44 +01:00
Livio Spring
82ffd6dffb
fix(actions): provide browser info and handle nil pointer ( #5277 )
...
* fix(actions): provide browser info and handle nil pointer
* fix(actions): use correct user id in post registration
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-02-24 16:13:11 +01:00
Livio Spring
737d14e81b
feat(api): add generic oauth provider template ( #5260 )
...
adds functionality to manage templates based OIDC IDPs
2023-02-24 15:16:06 +01:00
Livio Spring
40e7356f3e
feat(api): add google provider template ( #5247 )
...
add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
Miguel Cabrerizo
7fc3ecf665
feat: request users ordered by creation date ( #5160 )
...
* feat: request users ordered by creation date
* fix: missing case for creationDate in user-table
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-17 13:15:21 +00:00
Stefan Benz
586495a0be
feat: add management for ldap idp template ( #5220 )
...
Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future.
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
Elio Bischof
681541f41b
feat: add quotas ( #4779 )
...
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
Max Peintner
df4a173264
feat(console): machine user accesstoken type ( #5196 )
...
Set machine user Access Token type
2023-02-14 17:05:55 +01:00
uiopak
84fa20f1ce
feat: internationalization Polish ( #5117 )
...
* Add Polish translations
* Add references to Polish translations in files
* Make a consistent translation of languages in Chinese translation
* Add missing language references to fr, it and zh
* Translation corrections
* Add missing language references to zh
* Translation corrections
* add latest translation keys
* Translation corrections and addition of some new ones
* translate auth requests exhausted
* add new untranslated keys
* Translation corrections, fix indentation
---------
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-02-13 12:03:34 +01:00
Livio Spring
8ef13d77e7
fix(actions): check for nil pointer on set claims in access_token ( #5172 )
2023-02-09 06:27:39 +00:00
Stefan Benz
3616b6b028
feat(api): allow specifying access_token type (opaque/JWT) for service users ( #5150 )
...
Add functionality to configure the access token type on the service accounts to provide the oidc library with the necessary information to create the right type of access token.
2023-02-08 08:06:34 +00:00
Livio Spring
44a995c660
fix: only remove idp links from users of own organisation ( #5156 )
...
ensure linked users of the (instance) idp are only affected if they are part of the organisation where the idp is removed from the login policy
2023-02-03 14:56:19 +07:00
Stefan Benz
e2fdd3f077
feat: support client_credentials for service users ( #5134 )
...
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
2023-01-31 19:52:47 +00:00
Stefan Benz
eb17d0c378
feat: add http request to interal and external authentication actions ( #5103 )
...
Add functionality to provide http.Request and authError to actions for logging or other logic.
2023-01-26 10:40:49 +00:00
Silvan
c54ddc71a2
feat(actions): local users ( #5089 )
...
Actions are extended to to local users. It's possible to run custom code during registration and authentication of local users.
2023-01-25 13:08:01 +00:00
Stefan Benz
19621acfd3
feat: add notification policy and password change message ( #5065 )
...
Implementation of new notification policy with functionality to send email when a password is changed
2023-01-25 09:49:41 +01:00
Fabi
8b5894c0bb
fix: add description to password screen ( #5096 )
2023-01-24 09:46:31 +00:00
Silvan
7b5135e637
fix(adminAPI): localize event type ( #5059 )
...
* fix(adminAPI): localisation of event types, aggregate types
* fix(adminAPI): validations of ListEvent request
* implement caching of editor user information
2023-01-19 15:50:05 +00:00
Stefan Benz
a36fdf8fe6
feat: add listIamMembers to system api ( #5013 )
...
Added ListIAMMembers endpoint to system-API to provide the functionality to the customer portal
2023-01-17 20:35:41 +00:00
Silvan
1bf1f335dc
feat(admin-api): list events ( #4989 )
...
* docs: update cockroachdb version to 22.2
* feat(adminAPI): ListEventTypes returns the list of event types ZITADEL implements
* feat(adminAPI): ListAggregateTypes returns the list of aggregate types ZITADEL implements
* feat(adminAPI): ListEvents allows `IAM_OWNERS` to search for events
2023-01-16 11:30:03 +00:00
Max Peintner
e7a97b1f3b
fix(login): add text-decoration: underline
on the sub-formfield links ( #5012 )
...
* fix: login underline
* a styles
2023-01-12 14:04:04 +00:00
Livio Spring
0a30e39b46
fix(CORS): add X-Requested-With to Access-Control-Request-Headers ( #5009 )
...
allows clients with `X-Requested-With` header to succeed with their CORS request
2023-01-09 13:37:10 +01:00
Livio Spring
5651f98600
feat(auth api): expose login policy of authenticated user ( #4979 )
...
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-01-05 13:04:38 +00:00
Stefan Benz
b1d7433eba
fix: correct display name when adding an instance ( #4930 )
...
* fix: handling of default values inside add instance
* fix: remove release from 2.16.x branch
* chore(lint): show all issues
* refactor: instance converter
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-01-03 10:16:36 +01:00
Livio Spring
0530f19d94
feat: allow usernames without @ when UserMustBeDomain false ( #4852 )
...
* feat: allow usernames without @ when UserMustBeDomain false
* e2e
* test(e2e): table driven tests for humans and machines
* cleanup
* fix(e2e): ensure there are no username conflicts
* e2e: make awaitDesired async
* rm settings mapping
* e2e: make awaitDesired async
* e2e: parse sequence as int
* e2e: ensure test fails if awaitDesired fails
Co-authored-by: Max Peintner <max@caos.ch>
2022-12-22 11:16:17 +00:00
Stefan Benz
7d9fc2c6e7
feat: org remove on admin api and org query with state ( #4917 )
...
* feat: org remove on admin api and org query with state
* docs: change description for admin api remove org
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-22 10:46:06 +00:00
Livio Spring
a99da4f8e4
fix: user queries ( #4920 )
2022-12-22 09:22:08 +00:00
Livio Spring
6093440747
fix(import): activate label policy after creation ( #4879 )
2022-12-21 08:46:05 +00:00
Stefan Benz
f5eddcc490
fix: separate tos and privacy checkbox into two ( #4848 )
2022-12-21 09:27:31 +01:00
Stefan Benz
339fbd4f0c
fix: change back to login button and add to register option screen ( #4847 )
...
* fix: change back to login button and add to register option screen
* fix: change back to login button and add logic for remove and set events
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-12-20 09:26:48 +01:00
Max Peintner
806b9e8238
fix(login): allow setting language on registered users ( #4862 )
...
* fix: user language for notifications
* fix(login): allow setting language on registered users
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-14 11:23:09 +00:00
Livio Spring
632639ae7f
feat: enable iframe use ( #4766 )
...
* feat: enable iframe use
* cleanup
* fix mocks
* fix linting
* docs: add iframe usage to solution scenarios configurations
* improve api
* feat(console): security policy
* description
* remove unnecessary line
* disable input button and urls when not enabled
* add image to docs
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-12-14 07:17:36 +01:00
Stefan Benz
47ffa52f0f
feat: Instance create ( #4502 )
...
* feat(instance): implement create instance with direct machine user and credentials
* fix: deprecated add endpoint and variable declaration
* fix(instance): update logic for pats and machinekeys
* fix(instance): unit test corrections and additional unit test for pats and machinekeys
* fix(instance-create): include review changes
* fix(instance-create): linter fixes
* move iframe usage to solution scenarios configurations
* Revert "move iframe usage to solution scenarios configurations"
This reverts commit 9db31f3808
.
* fix merge
* fix: add review suggestions
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix: add review changes
* fix: add review changes for default definitions
* fix: add review changes for machinekey details
* fix: add machinekey output when setup with machineuser
* fix: add changes from review
* fix instance converter for machine and allow overwriting of further machine fields
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-09 14:04:33 +01:00
Livio Spring
3539418a4a
fix: handle UserLoginMustBeDomain changes correctly ( #4765 )
...
* fix: handle UserLoginMustBeDomain changes correctly
* fix: remove verified domains (and not only primary) as suffix
* fix: ensure testability by changing map to slice
* cleanup
* reduce complexity of DomainPolicyUsernamesWriteModel.Reduce()
* add test for removed org policy
2022-12-06 09:01:31 +01:00
Stefan Benz
9626897834
fix(logintexts): fix several custom text attributes for get and set ( #4733 )
...
* fix(logintexts): fix several custom text attributes for get and set
* fix(logintexts): fix externalUserNotFound attribute for json unmarshalling and reduce for customTexts
* fix: correct imports for linting
2022-12-01 13:31:46 +01:00
Silvan
f3e6f3b23b
feat: remove org ( #4148 )
...
* feat(command): remove org
* refactor: imports, unused code, error handling
* reduce org removed in action
* add org deletion to projections
* add org removal to projections
* add org removal to projections
* org removed projection
* lint import
* projections
* fix: table names in tests
* fix: table names in tests
* logging
* add org state
* fix(domain): add Owner removed to object details
* feat(ListQuery): add with owner removed
* fix(org-delete): add bool to functions to select with owner removed
* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner
* fix(org-delete): add unit tests for owner removed and org removed events
* fix(org-delete): add handling of org remove for grants and members
* fix(org-delete): correction of unit tests for owner removed
* fix(org-delete): update projections, unit tests and get functions
* fix(org-delete): add change date to authnkeys and owner removed to org metadata
* fix(org-delete): include owner removed for login names
* fix(org-delete): some column fixes in projections and build for queries with owner removed
* indexes
* fix(org-delete): include review changes
* fix(org-delete): change user projection name after merge
* fix(org-delete): include review changes for project grant where no project owner is necessary
* fix(org-delete): include auth and adminapi tables with owner removed information
* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed
* fix(org-delete): add permissions for org.remove
* remove unnecessary unique constraints
* fix column order in primary keys
* fix(org-delete): include review changes
* fix(org-delete): add owner removed indexes and chang setup step to create tables
* fix(org-delete): move PK order of instance_id and change added user_grant from review
* fix(org-delete): no params for prepareUserQuery
* change to step 6
* merge main
* fix(org-delete): OldUserName rename to private
* fix linting
* cleanup
* fix: remove org test
* create prerelease
* chore: delete org-delete as prerelease
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00
Livio Spring
29441ce4b6
feat: save last occurrence of failed events and fix instance filtering ( #4710 )
...
* fix: filter failed events and current sequence correctly
* fix failed events sorting column
* feat: save last occurrence of failed event
* fix failedEvents query and update sql statements
* change sql statement to only create index
* fix linting
* fix linting
* Update internal/query/failed_events.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* update job name on test-docs to match the one from test-code
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-11-18 13:49:38 +01:00
Livio Spring
6d787bfd62
fix: ensure actions execution on idp flows ( #4711 )
2022-11-18 12:49:17 +01:00
Max Peintner
2a8dfab192
fix(login): mfa prompt UI improvements, fix register field validation, email validation ( #4672 )
...
* fix: mfa prompt styling
* register password field validation
* loginname overflow, mfa hover effect
* cleanup
* Update internal/api/ui/login/static/resources/scripts/password_policy_check.js
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* prettier if check
* cleanup
* Update internal/api/ui/login/static/resources/scripts/password_policy_check.js
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix confirmation validation, cleanup
* rm log
* email type validation
* add email validation
* change pattern
* pattern
* comment RFC 2822
* dont wrapp org name
* rm email validation
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-17 13:25:09 +01:00
Max Peintner
7db87f4646
fix(console): improve project counters, dark primary color change, smaller UI improvements ( #4620 )
...
* dark primary color change, project counter, link color improvements
* update fallback colors
* fallback colors
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-17 07:43:53 +00:00
Livio Spring
eba602e064
feat: allow import of federated users in ImportHumanUser ( #4675 )
...
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-11-09 08:33:50 +00:00
Livio Spring
4eb8ad8777
fix: redirect / to login UI ( #4669 )
2022-11-09 07:19:05 +00:00
Max Peintner
b432cf4963
fix(login): use label policy settings for favicon, translate titles ( #4641 )
...
* fix: render favicon from label policy
* translate main title
* translation
* i18n
* i18n
* i18nkey
* rm attr
* select user title
* Add description meta
* Update internal/api/ui/login/mfa_init_verify_handler.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* Update internal/api/ui/login/renderer.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* merge ifs
* use errors.internal
* check for i18ndescriptionkey
* missing i18n
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-07 08:55:12 +00:00
Stefan Benz
5d17da542d
fix(user): add search query for login name ( #4173 )
...
* fix(user): add search query for login name
* fix(user): change login name query to IN from EXISTS
* fix(loginname): include InQuery into ListQuery with SubSelect as possible datasource
* fix(user): apply suggestions from code review
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix: correct unit test for search query
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-31 13:03:23 +00:00
Livio Spring
b45e5b0adc
fix: nil pointer on jwt idps in actions ( #4619 )
2022-10-27 14:53:40 +02:00
Livio Spring
d721f725fd
fix: instance remove ( #4602 )
2022-10-26 13:06:48 +00:00
Stefan Benz
71fb5c526f
fix(machine): delete domain policy dependency and restructure functions ( #4605 )
...
* fix(machine): delete domain policy dependency and restructure functions
* fix(machine): delete domain policy dependency and restructure functions
* fix(machine): move check for username and name
* fix: correct unit test for machine
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-26 08:39:56 +00:00
Max Peintner
05d875c992
fix(login, console): correctly fill username on initialization, password and change password view ( #4546 )
...
* fix(login): add loginname as query param, send with inituserlink
* set loginname as username autofill on password site
* add loginname input on change password
* fix console password change autocomplete
* fix(console): apply labelpolicy if icon is provided, signout page (#4499 )
* label policy as observable
* signedout policy via state
* add caching
* disable loading spinner on signedout
* cleanup
* catch error
* update deps
* move policy to localstorage
* handle labelpolicy for users without org
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix(email): set sender address as return-path header (#4569 )
* feat(login): additionally use email/phone for authentication (#4563 )
* feat: add ability to disable login by email and phone
* feat: check login by email and phone
* fix: set verified email / phone correctly on notify users
* update projection version
* fix merge
* fix email/phone verified reduce tests
* fix user tests
* loginname check
* cleanup
* fix: update user projection version to handle fixed statement
* ci(e2e): give console init time (#4567 )
* fix: idp usage (#4571 )
* fix: send email verification instead of init code for idp users
* fix: select single idp of external only users
* fix: use single idp on login
* fix(import): add import for app and machine keys (#4536 )
* fix(import): add import for app and machine keys
* fix(export): add review changes
* fix(import): Apply suggestions from code review
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix(import): add review changes
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix(console): hide metadata on auth side if no `user.read` role present (#4512 )
* check for role
* require user.read for showing metadata section in auth-user
* remove aggregate id from role check
Co-authored-by: Livio Spring <livio.a@gmail.com>
* update stable release to 2.8.2 (#4574 )
* fix: import of trigger actions and export of idp links (#4576 )
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix(console): split password from contact information, initialization mail on top (#4380 )
* chore(console): split password from contact information
* change user detail, initialization mail
* fix translation
* Update console/src/assets/i18n/de.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/de.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* i18n
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* fix(import): import json marshal to jsonpb (#4580 )
* fix(import): import json marshal to jsonpb
* fix: add unmarshaloptions discard unknown
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix(import): import json marshal to jsonpb
Co-authored-by: Livio Spring <livio.a@gmail.com>
* feat(console): rename org (#4542 )
* rename org
* add data-e2e
* e2e test
* restore state after
* use ngIf instead of hasrole directive and initialized regex
* rm h2 check
* Update e2e/cypress/e2e/organization/organizations.cy.ts
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/de.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/de.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* change e2e test
* org param
* reintroduct org param
* use org query param
* org rename test
* no initial focus on button
* contain name
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* feat: instance remove (#4345 )
* feat(instance): add remove instance event with projections cleanup
* fix(instance): corrected used id to clean up projections
* fix merge
* fix: correct unit test projection names
* fix: current sequence of lists and query for ensuring keypair based projections
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* docs: change nextjs quickstart (#4566 )
* docs: change nextjs repo update readme
* Update docs/docs/examples/login/nextjs.md
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/examples/login/nextjs.md
Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
* fix(console): preserve logo and icon aspect ratios, remove border radius in header (#4585 )
* chore(e2e): Skip asking for new password on Admin in dev environment (#4599 )
* feat(e2e): Skip asking for new password on Admin
* remove password changing
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* docs(contributing): remove guides folder (#4603 )
* preferredLoginName as queryParam
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: p_0g_8mm3_ <37022952+pr0gr8mm3r@users.noreply.github.com>
2022-10-24 16:33:06 +02:00
Stefan Benz
c2a5b785fb
feat: instance remove ( #4345 )
...
* feat(instance): add remove instance event with projections cleanup
* fix(instance): corrected used id to clean up projections
* fix merge
* fix: correct unit test projection names
* fix: current sequence of lists and query for ensuring keypair based projections
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-20 14:36:52 +02:00
Stefan Benz
2bfa51da1c
fix(import): import json marshal to jsonpb ( #4580 )
...
* fix(import): import json marshal to jsonpb
* fix: add unmarshaloptions discard unknown
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix(import): import json marshal to jsonpb
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-19 13:36:51 +00:00
Stefan Benz
c8e1733b39
fix: import of trigger actions and export of idp links ( #4576 )
...
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-19 13:58:03 +02:00
Stefan Benz
556f381a5a
fix(import): add import for app and machine keys ( #4536 )
...
* fix(import): add import for app and machine keys
* fix(export): add review changes
* fix(import): Apply suggestions from code review
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix(import): add review changes
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-18 15:07:30 +00:00
Livio Spring
3270a94291
fix: idp usage ( #4571 )
...
* fix: send email verification instead of init code for idp users
* fix: select single idp of external only users
* fix: use single idp on login
2022-10-18 14:48:26 +00:00
Livio Spring
b0b1e94090
feat(login): additionally use email/phone for authentication ( #4563 )
...
* feat: add ability to disable login by email and phone
* feat: check login by email and phone
* fix: set verified email / phone correctly on notify users
* update projection version
* fix merge
* fix email/phone verified reduce tests
* fix user tests
* loginname check
* cleanup
* fix: update user projection version to handle fixed statement
2022-10-17 19:19:15 +00:00
Livio Spring
3b03ad82bf
fix: registration allowed check and pass loginname to registration ( #4507 )
2022-10-07 12:17:17 +00:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules ( #4337 )
...
* fix: potential memory leak
* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls
* add query call
* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects
* fix(translations): add action translations
* use `domain.FlowType`
* localizers
* localization
* trigger types
* options on `query.Action`
* add functions for actions
* feat: management api: add list flow and trigger (#4352 )
* console changes
* cleanup
* fix: wrong localization
Co-authored-by: Max Peintner <max@caos.ch>
* id token works
* check if claims not nil
* feat(actions): metadata api
* refactor(actions): modules
* fix: allow prerelease
* fix: test
* feat(actions): deny list for http hosts
* feat(actions): deny list for http hosts
* refactor: actions
* fix: different error ids
* fix: rename statusCode to status
* Actions objects as options (#4418 )
* fix: rename statusCode to status
* fix(actions): objects as options
* fix(actions): objects as options
* fix(actions): set fields
* add http client to old actions
* fix(actions): add log module
* fix(actions): add user to context where possible
* fix(actions): add user to ctx in external authorization/pre creation
* fix(actions): query correct flow in claims
* test: actions
* fix(id-generator): panic if no machine id
* tests
* maybe this?
* fix linting
* refactor: improve code
* fix: metadata and usergrant usage in actions
* fix: appendUserGrant
* fix: allowedToFail and timeout in action execution
* fix: allowed to fail in token complement flow
* docs: add action log claim
* Update defaults.yaml
* fix log claim
* remove prerelease build
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00
Livio Spring
bffb10a4b4
feat: allow domain discovery for unknown usernames ( #4484 )
...
* fix: wait for projection initialization to be done
* feat: allow domain discovery for unknown usernames
* fix linting
* Update console/src/assets/i18n/de.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix zh i18n text
* fix projection table name
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-06 13:30:14 +02:00
Max Peintner
531c30a031
fix(login): organization suffix overflow ( #4374 )
...
fix: org name overflow
2022-10-03 18:01:35 +02:00
Max Peintner
f517077be3
fix(login): improve multifactor prompt ( #4474 )
...
* login mfa improvements
* mfa toggles
* styles
* mfa styles
* go rel
* better translations for mfa u2f
* revert goreleaser format
2022-10-03 13:48:24 +02:00
Fabi
f40931e81e
fix: change descriptions and password rule placement ( #4425 )
...
* fix: change descriptions and password rule placement
* fix: passwordless descriptions, remove language and gender from register
* fix: less technical texts on login
* fix: texts
* fix: texts
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
* update e2e test
* fix radio
* fix: chinese text corrections
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
* Update internal/api/ui/login/static/i18n/it.yaml
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-09-28 15:08:45 +02:00
Stefan Benz
2957407b5b
fix: correct oidcsettings management ( #4413 )
...
* fix(oidcsettings): corrected projection, unittests and added the add endpoint
* fix(oidcsettings): corrected default handling and instance setup
* fix: set oidc settings correctly in console
* cleanup
* e2e test
* improve e2e test
* lint e2e
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 12:53:49 +02:00
Stefan Benz
b32c02a39b
feat(instance): add functionality to update instance ( #4440 )
...
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 06:58:50 +00:00
Silvan
a7646d5a78
fix(translations): language options and init user ( #4449 )
...
fix(translations): add chinese to language options
fix(translations): correct key for password confirm label
2022-09-23 17:24:06 +02:00
Livio Spring
7dfa1925cc
feat: restrict login to specific org by id (scope) ( #4294 )
...
* feat: add new org scope
* change default of UserLoginMustBeDomain to false
* return resource owner claims
* fix: use email style for first user
* fix: ensure email style for default users (backwards compatibility)
* change to external domain (as it was before UserLoginMustBeDomain change)
* update e2e tests to use email style usernames
* document new scope
* lint e2e
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-23 12:08:10 +00:00
Livio Spring
7aef0ccfee
fix(email): set correct logo url ( #4426 )
2022-09-21 14:18:55 +00:00
Stefan Benz
2c1f9ac4a8
feat(org): add org metadata functionality ( #4234 )
...
* feat(org): add org metadata functionality
* fix(metadata): add unit tests and review for org metadata
* fix(org-metadata): move endpoints to /
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-20 14:32:09 +00:00
Livio Spring
05cb672cff
fix(login): custom texts for pages called directly form mail link ( #4415 )
...
* fix(login): translate init password correctly
* refactor: no error return params
* fix(login): custom texts for pages called directly form mail link
* fix custom text on registration pages
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-09-20 07:22:47 +00:00
Silvan
84b20bc4e1
fix(auth): always get token by id and user id ( #4371 )
...
Co-authored-by: Florian Forster <florian@zitadel.com>
2022-09-15 12:59:40 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 ( #3618 )
2022-09-12 18:18:08 +02:00
George
8ab85afd15
feat: internationalization Chinese ( #4222 )
...
* feat: internationalization chinese
* typo: optimize the semantic expression of copywriting
* Update internal/api/ui/login/static/i18n/zh.yaml
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/zh.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/api/ui/login/static/i18n/zh.yaml
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* minor: add Chinese to other language file
* Update console/src/app/app.module.ts
Co-authored-by: Max Peintner <max@caos.ch>
* Update console/src/app/app.module.ts
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-09-08 15:15:31 +02:00
Livio Spring
adb5394ae3
fix: login text changes ( #4269 )
...
* fix: omit empty (zero) dates
* overwrite current date on save
* update date on reset
* smtp
* disable reset
Co-authored-by: Max Peintner <max@caos.ch>
2022-09-02 10:29:06 +02:00
Silvan
b9795b5c57
fix(amr): add pwd because password is wrong ( #4284 )
...
* fix(amr): add pwd because password is wrong
* docs: deprecation notice
* docs: nicer wording
* Update docs/docs/apis/openidoauth/claims.md
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-08-31 08:16:31 +00:00
Silvan
77b4fc5487
feat(database): support for postgres ( #3998 )
...
* beginning with postgres statements
* try pgx
* use pgx
* database
* init works for postgres
* arrays working
* init for cockroach
* init
* start tests
* tests
* TESTS
* ch
* ch
* chore: use go 1.18
* read stmts
* fix typo
* tests
* connection string
* add missing error handler
* cleanup
* start all apis
* go mod tidy
* old update
* switch back to minute
* on conflict
* replace string slice with `database.StringArray` in db models
* fix tests and start
* update go version in dockerfile
* setup go
* clean up
* remove notification migration
* update
* docs: add deploy guide for postgres
* fix: revert sonyflake
* use `database.StringArray` for daos
* use `database.StringArray` every where
* new tables
* index naming,
metadata primary key,
project grant role key type
* docs(postgres): change to beta
* chore: correct compose
* fix(defaults): add empty postgres config
* refactor: remove unused code
* docs: add postgres to self hosted
* fix broken link
* so?
* change title
* add mdx to link
* fix stmt
* update goreleaser in test-code
* docs: improve postgres example
* update more projections
* fix: add beta log for postgres
* revert index name change
* prerelease
* fix: add sequence to v1 "reduce paniced"
* log if nil
* add logging
* fix: log output
* fix(import): check if org exists and user
* refactor: imports
* fix(user): ignore malformed events
* refactor: method naming
* fix: test
* refactor: correct errors.Is call
* ci: don't build dev binaries on main
* fix(go releaser): update version to 1.11.0
* fix(user): projection should not break
* fix(user): handle error properly
* docs: correct config example
* Update .releaserc.js
* Update .releaserc.js
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2022-08-31 07:52:43 +00:00
Silvan
60b2092d2c
fix(import): check exists ( #4268 )
...
* fix(import): check if org exists and user
* refactor: imports
* fix(user): ignore malformed events
* refactor: method naming
* fix: test
* refactor: correct errors.Is call
2022-08-29 17:09:07 +02:00
Livio Spring
64f589c435
fix: read custom texts for pages called directly form mail link ( #4255 )
...
* fix: read custom texts for pages called directly form mail link
* log errors
2022-08-26 08:53:11 +00:00
Livio Spring
e1a981928c
fix: action query ( #4257 )
2022-08-26 08:38:41 +00:00
Livio Spring
d656b3f3c9
fix: instance interceptors return NotFound (404) error for unknown hosts ( #4184 )
...
* fix: instance interceptors return "NotFound" (404) error for unknown hosts
* fix tests
2022-08-17 06:07:41 +00:00
Livio Spring
dcac08b1d5
fix: caching of assets (correct headers and versioned avatar and variables.css url) ( #4118 )
...
* fix: caching of assets (correct headers and versioned avatar url)
* serve variables.css versioned and extend shared max age of assets
* fix TestCommandSide_AddHumanAvatar
* refactor: const types
* refactor: return values
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-08-16 05:04:36 +00:00
Stefan Benz
2388764f1c
fix(IDP): correct org idp response resourceowner ( #4165 )
2022-08-11 11:56:59 +02:00
cyb3rd0g1
2746b4f3a7
fix(login): update automatic registration to pull form data ( #4103 )
...
* update automatic registration to pull form data
* prioritize form-derived usernames when registering via external oidc
* allow for customization of displayname on registration via external IdP
* Update internal/api/ui/login/external_login_handler.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* Update internal/api/ui/login/external_login_handler.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-08-08 13:05:38 +00:00
Livio Spring
fbd04d399d
fix: hide / show username suffix correctly on registration pages ( #4097 )
2022-08-02 16:31:35 +02:00
Stefan Benz
bc9a85daf3
feat: V2 alpha import and export of organizations ( #3798 )
...
* feat(import): add functionality to import data into an instance
* feat(import): move import to admin api and additional checks for nil pointer
* fix(export): export implementation with filtered members and grants
* fix: export and import implementation
* fix: add possibility to export hashed passwords with the user
* fix(import): import with structure of v1 and v2
* docs: add v1 proto
* fix(import): check im imported user is already existing
* fix(import): add otp import function
* fix(import): add external idps, domains, custom text and messages
* fix(import): correct usage of default values from login policy
* fix(export): fix renaming of add project function
* fix(import): move checks for unit tests
* expect filter
* fix(import): move checks for unit tests
* fix(import): move checks for unit tests
* fix(import): produce prerelease from branch
* fix(import): correctly use provided user id for machine user imports
* fix(import): corrected otp import and added guide for export and import
* fix: import verified and primary domains
* fix(import): add reading from gcs, s3 and localfile with tracing
* fix(import): gcs and s3, file size correction and error logging
* Delete docker-compose.yml
* fix(import): progress logging and count of resources
* fix(import): progress logging and count of resources
* log subscription
* fix(import): incorporate review
* fix(import): incorporate review
* docs: add suggestion for import
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix(import): add verification otp event and handling of deleted but existing users
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-28 13:42:35 +00:00
Livio Spring
096e12d3d0
fix: set domain verified if domain policy does not require validation ( #4061 )
...
* fix: set domain verified if domain policy does not require validation
* handle domain claimed
2022-07-28 13:18:31 +02:00
Livio Spring
5bd9badbcf
fix: project grants ( #4031 )
...
* fix: filter granted memberships correctly
* fix: only show changes of granted project
* Apply suggestions from code review
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update internal/query/user_membership.go
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00
Livio Spring
c15577c1f9
fix: use default redirect uri when not passed on end_session endpoint ( #4054 )
...
* fix: use default redirect uri when not passed on end_session endpoint
* instance state
2022-07-27 09:49:16 +02:00
Fabi
8e94d2377b
fix: remove adding automatically global role on register ( #4050 )
2022-07-27 07:04:17 +02:00
Livio Spring
ccde49b323
feat: extend claims of introspection response ( #4018 )
...
* feat: extend claims of introspection response
* update oidc lib
2022-07-25 09:38:15 +02:00
Livio Spring
aed7010508
fix: scheduling ( #3978 )
...
* fix: improve scheduling
* build pre-release
* fix: locker
* fix: user handler and print stack in case of panic in reducer
* chore: remove sentry
* fix: improve handler projection and implement tests
* more tests
* fix: race condition in tests
* Update internal/eventstore/repository/sql/query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: implemented suggested changes
* fix: lock statement
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-07-22 10:08:39 +00:00
Livio Spring
91206967b4
fix: reset custom org domain policy ( #4014 )
2022-07-21 13:46:59 +02:00
Silvan
2707461ea6
fix(login): trigger bulk on reset password ( #3970 )
...
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-19 09:07:37 +02:00
Livio Spring
9b6dad18cb
feat: provide metrics endpoint ( #3902 )
...
* feat: provide metrics endpoint
* config
* enable otel metrics by default
Co-authored-by: Florian Forster <florian@caos.ch>
2022-07-18 10:42:32 +02:00
Livio Spring
fa4bc47b3e
feat: specify org member roles in org setup ( #3950 )
2022-07-12 13:38:47 +00:00
Max Peintner
190a454140
feat(console): deactivate, reactivate org, fix signedout route ( #3834 )
...
* org detail
* feat: org deactivate, reactivate
* statehandler includes instead of startsWith
* fix signout route
* Update console/src/assets/i18n/de.json
Co-authored-by: Livio Spring <livio.a@gmail.com>
* french
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-08 06:58:23 +00:00
Silvan
9271623ec9
fix: load auth users ( #3907 )
...
* fix: load auth users
* fix: add triggerbulk
* fix: build pre-release
* fix even more french translations
* fix: build version
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-07 14:58:00 +02:00
Livio Spring
427d21ad45
fix: (french) translations ( #3922 )
2022-07-07 10:58:24 +00:00
mffap
3267daedda
feat: internationalization french ( #3890 )
...
* initial
* console_fr updates
* console_en fix issues
* notifications_fr
* internal_static_i18n_fr fixes
* internal_static_i18n_en fix
* docs
* search parameter
* missing italian translations
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-06 13:40:11 +00:00
Livio Spring
a1d404291d
fix(notify): notify user in projection ( #3889 )
...
* start implement notify user in projection
* fix(stmt): add copy to multi stmt
* use projections for notify users
* feat: notifications from projections
* feat: notifications from projections
* cleanup
* pre-release
* fix tests
* fix types
* fix command
* fix queryNotifyUser
* fix: build version
* fix: HumanPasswordlessInitCodeSent
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-07-06 14:09:49 +02:00
Livio Spring
30f553dea1
feat: provide instance info on admin api and return version on instances responses (admin and system api) ( #3802 )
...
* feat: provide instance info on admin api and return version on instances responses (admin and system api)
* fix GetMyInstance
2022-06-27 09:12:06 +00:00
Livio Spring
1b4740c78f
fix: primary domain scope (handle context correctly) ( #3872 )
2022-06-27 09:24:23 +02:00
Livio Spring
ed5721d39e
feat: TLS support ( #3862 )
...
* feat: TLS support
* add comment
* fix comment
2022-06-24 12:38:22 +00:00
Max Peintner
70a108deeb
chore(console): add customer portal link ( #3837 )
...
* feat: add customer portal link
* add customer portal to environment.json from backend
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-06-24 11:18:54 +00:00
Max Peintner
38be00971b
fix(login): text color for idp, footer ( #3830 )
...
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-06-15 16:33:36 +00:00
Silvan
72b696ccb2
fix(system): search for existing domain globally ( #3822 )
2022-06-14 15:45:19 +02:00
Silvan
dd2f31683c
fix(query): realtime data on defined requests ( #3726 )
...
* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses
* fix proto
* update login policy
* feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses
* fix: tests
* fix(projection): trigger bulk
* refactor: clean projection pkg
* instance should bulk
* fix(query): should trigger bulk on id calls
* tests
* build prerelease
* fix: add shouldTriggerBulk
* fix: test
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-06-14 07:51:00 +02:00
Max Peintner
1da305f2de
fix(login): idp, link font color ( #3814 )
...
fix: idp, a font color
2022-06-13 09:36:42 +02:00
Livio Spring
f57e3df39d
fix: sms providers ( #3801 )
2022-06-13 08:34:11 +02:00
Livio Spring
6bd5799770
fix: idp styling ( #3797 )
...
* fix: idp styling
* escape idp a color
* elevation on hover
* css gen
Co-authored-by: Max Peintner <max@caos.ch>
2022-06-10 13:17:33 +00:00
Max Peintner
d6cb36db31
fix(console, login): label policy and privacy policy from authservice, login - remove double footer element, mobile ( #3795 )
...
fix: cnsl auth policy, lgn footer mobile
2022-06-10 14:46:59 +02:00
Max Peintner
3500961fbb
fix: add smtp config, remove smtp and sms provider, console adaptations ( #3792 )
...
* fix: add AddSMTPConfig to admin api
* addsmtpconfig
* fix: add RemoveSMTPConfig and RemoveSMSProvider to admin api
* update twilio, token fcn
* fix account switcher, twilio token set, cleanup dialog
* cleanup
* buttons
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-06-10 12:39:38 +02:00
Livio Spring
03a77b381e
fix: password check policy correctly ( #3787 )
...
* fix: password check policy correctly
* fix: password check policy correctly
2022-06-09 13:48:57 +00:00
Livio Spring
a377f2816c
feat: return instance domains on list instances, fix: login policy and avatar url in oidc responses ( #3785 )
...
* feat: return instance domains on list instances
* fix: filter login policy idps correctly
* remove debug
* fix: absolute avatar url in oidc responses
2022-06-08 13:46:24 +02:00
Max Peintner
233d80502d
fix(console, login): console - ensure permission is available, login - i18n fixes, input borders, lgn-touched script to add class on blur ( #3760 )
...
* permission restriction, member, login i18n input borders, secondary text
* add touched js
2022-06-07 09:25:56 +00:00
Livio Spring
5e4b38d69b
fix: improve oidc issuer / endpoints ( #3753 )
...
* fix: improve oidc issuer / endpoints
* docs: update endpoints
2022-06-07 10:04:51 +02:00
Livio Amstutz
3a1569bd94
fix: grpc gateway interceptors ( #3767 )
2022-06-03 12:44:04 +00:00
Livio Amstutz
0baaaf8a05
fix: handle default org id ( #3769 )
2022-06-03 14:30:39 +02:00
Max Peintner
ebb73186b6
fix(console, login): Idp detail and create layout optimization, login - sub formfield link spacing ( #3755 )
...
* idp detail, create layout
* fat finger fix
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-06-03 07:20:56 +00:00
Livio Amstutz
d65761f388
fix: render only base language in html ( #3759 )
2022-06-01 15:32:18 +02:00
Livio Amstutz
21a0e4a972
feat: get current label and privacy policies ( #3748 )
2022-06-01 09:50:28 +02:00
Silvan
fb93085430
fix(projection): add missing col to idp login policy links ( #3745 )
...
* fix(projection): add missing col to projection
* refactor: method naming
2022-05-31 20:39:37 +02:00
Silvan
ed36680ea1
fix(query): show views and failed events ( #3743 )
...
* fix(system): show views and failed events
* fix: set correct database on failed events and views
2022-05-31 16:33:50 +02:00
Max Peintner
e3e0207318
fix: login checkbox contrast, login policy factors, asset urls ( #3742 )
...
* checkbox contrast
* idp create before remove, add, asset service
* login policy events
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-05-31 13:51:21 +00:00
Silvan
16c86149be
fix(current_sequence): no error if not found ( #3740 )
2022-05-31 11:50:51 +00:00
Livio Amstutz
81c0ca3337
fix: use issuer for jwt profile check on system api ( #3741 )
2022-05-31 13:11:49 +02:00
Max Peintner
ac65d9d331
fix(login): checkbox, label, container styles ( #3732 )
...
fix: checkbox, label styles
2022-05-31 07:20:39 +00:00
Livio Amstutz
992892a8bb
fix: read key data for system api users from config ( #3731 )
2022-05-30 12:53:21 +00:00
Livio Amstutz
b3f50702f8
feat: directly specify factors/idps on addCustomLoginPolicy and return on LoginPolicy responses ( #3711 )
...
* feat: directly specify factors on addCustomLoginPolicy and return on LoginPolicy responses
* fix proto
* update login policy
* feat: directly specify idp on addCustomLoginPolicy and return on LoginPolicy responses
* fix: tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-05-30 11:51:07 +00:00
Livio Amstutz
2fc39c0da0
feat: system api requires authenticated requests ( #3570 )
...
* begin auth
* feat: system api requires authenticated requests
* fix tests
2022-05-30 13:38:30 +02:00
Livio Amstutz
41d78ef523
fix: return absolute url for avatar in user sessions ( #3724 )
...
* fix: return absolute url for avatar in user sessions
* fix: refresh token unique constraint
2022-05-30 11:27:52 +00:00
Max Peintner
e79aab3671
fix: login ui for v2 ( #3712 )
...
* fix: login ui for v2
* a color
* footer
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-30 09:03:40 +00:00
Livio Amstutz
737e01bfd2
fix: fix and improve primary keys on projections ( #3708 )
...
* fix: org_domain projection
* fix: projection reset
* fix test
* improve foreign keys on suffixed tables
2022-05-25 14:15:13 +02:00
Livio Amstutz
e1ee89982a
fix: unify commands (and remove todos for checking existence) ( #3696 )
2022-05-24 09:28:17 +00:00
swazynski
5a2ffd80dc
chore: "EMail" typo ( #3679 )
...
Co-authored-by: Florian Forster <florian@caos.ch>
2022-05-21 11:29:25 +00:00
mffap
4d30d3a7e1
chore: various typos ( #3686 )
...
* fix(cli): typo in clis
* chore: fix typos in guides and readme
* markdown lint
* readme typos
* markdown lint
* typos in security.md
* login de
* login en
* console de
* console en
* Apply suggestions from code review
E-Mail instead of Email
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2022-05-21 10:44:09 +00:00
Livio Amstutz
62c4a4d08d
fix: return absolute asset urls ( #3676 )
2022-05-20 10:30:12 +02:00
Livio Amstutz
0906c2d513
fix: CORS on assets api ( #3659 )
2022-05-19 14:09:02 +00:00