Commit Graph

160 Commits

Author SHA1 Message Date
Silvan
c5b99274d7
feat(cli): setup (#3267)
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* imports

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-28 10:05:09 +02:00
Fabi
9d4f296c62
fix: rename iam to instance (#3345)
* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename orgiampolicy to domain policy

* fix: merge conflicts

* fix: protos

* fix: md files

* implement deprecated org iam policy again

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-24 16:21:34 +00:00
Livio Amstutz
504fe5b761
cherry pick changes from main (#3371)
* feat: remove exif data from uploaded images (#3221)

* feat: remove exif tags from images

* feat: remove exif data

* feat: remove exif

* fix: add preferredLoginName to user grant response (#3271)

* chore: log webauthn parse error (#3272)

* log error

* log error

* feat: Help link in privacy policy

* fix: convert correct detail data on organization (#3279)

* fix: handle empty editor users

* fix: add some missing translations (#3291)

* fix: org policy translations

* fix: metadata event types translation

* fix: translations

* fix: filter resource owner correctly on project grant members (#3281)

* fix: filter resource owner correctly on project grant members

* fix: filter resource owner correctly on project grant members

* fix: add orgIDs to zitadel permissions request

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

* fix: get IAM memberships correctly in MyZitadelPermissions (#3309)

* fix: correct login names on auth and notification users (#3349)

* fix: correct login names on auth and notification users

* fix: migration

* fix: handle resource owner in action flows (#3361)

* fix merge

* fix: exchange exif library (#3366)

* fix: exchange exif library

* ignore tiffs

* requested fixes

* feat: Help link in privacy policy

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-24 14:00:24 +01:00
Fabi
9e13b70a3d
feat: add system api proto (#3294)
* feat: add system api proto

* Update proto/zitadel/instance.proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update proto/zitadel/instance.proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update proto/zitadel/instance.proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* feat: add system api proto

* feat: add system api proto

* feat: add system api proto

* feat: add system api proto

* generate grpc

* feat: remove region from system proto

* fix: remove metrics endpoint

* fix: add md file

* rebuild proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-22 07:47:18 +00:00
Livio Amstutz
5463244376
feat: encryption keys in database (#3265)
* enable overwrite of adminUser fields in defaults.yaml

* create schema and table

* cli: create keys

* cli: create keys

* read encryptionkey from db

* merge v2

* file names

* cleanup defaults.yaml

* remove custom errors

* load encryptionKeys on start

* cleanup

* fix merge

* update system defaults

* fix error message
2022-03-14 07:55:09 +01:00
Fabi
7899a0b851
feat: Notification providers config (#3212)
* feat: add login check lifetimes to login policy

* feat: org features test

* feat: debug notificatiaon events

* feat: debug notification file/log commands

* feat: add requests to proto

* feat: add api for debug notification providers file/log

* feat: add projection for debug notifiication providers

* feat: requests

* feat: merge v2

* feat: add settings proto to generate

* feat: notifiaction providers

* fix: remove unused code

* Update iam_converter.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-07 14:22:37 +01:00
Fabi
7d6c933485
feat: OIDC setting (#3245)
* feat: add oidc config struct

* feat: oidc config command side

* feat: oidc configuration query side

* feat: add translations

* feat: add tests

* feat: add translations

* feat: rename oidc config to oidc settings

* feat: rename oidc config to oidc settings
2022-02-25 16:05:06 +01:00
Fabi
f05d4063bf
feat: Login verification lifetimes (#3190)
* feat: add login check lifetimes to login policy

* feat: org features test

* feat: read lifetimes from loginpolicy
2022-02-21 16:05:02 +01:00
Fabi
7d235e3eed
feat: Default configs sms provider (#3187)
* feat: sms config

* feat: twilio as sms provider

* feat:sms projection

* feat: sms queries

* feat: sms queries test

* feat: sms configs

* feat: sms configs sql file

* fix merge

* fix: rename from to sendername

* fix: proto comments

* fix: token as crypto

* fix: tests

* fix: sms config sender name to sender number

* fix: sms config sender name to sender number

* Update email.go

* Update channel.go

* Update V1.111__settings.sql

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-21 12:22:20 +00:00
Fabi
e3528ff0b2
feat: Config to eventstore (#3158)
* feat: add default language to eventstore

* feat: add secret generator configs events

* feat: tests

* feat: secret generators in eventstore

* feat: secret generators in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* fix: migrations

* fix migration version

* fix test

* feat: change secret generator type to enum

* feat: change smtp attribute names

* feat: change smtp attribute names

* feat: remove engryption algorithms from command side

* feat: remove engryption algorithms from command side

* feat: smtp config

* feat: smtp config

* format smtp from header

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-16 15:49:17 +00:00
Livio Amstutz
699fdaf68e
feat: add personal access tokens for service users (#2974)
* feat: add machine tokens

* fix test

* rename to pat

* fix merge and tests

* fix scopes

* fix migration version

* fix test

* Update internal/repository/user/personal_access_token.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2022-02-08 09:37:28 +01:00
Fabi
31bdd3f431
feat: reset custom texts on IAM (#3160)
* fix: only show factors with state ready

* fix: get iam by id and clean up code

* fix: get iam by id and clean up code

* fix: remove unused code

* feat: add message template remove func to admin api

* fix: proto texts

* fix: proto texts
2022-02-04 10:25:25 +01:00
Max Peintner
46ff51b631
docs: local assets (#3151) 2022-02-02 13:45:01 +01:00
Livio Amstutz
1367a2e139
feat: limit amount of active actions (#3143)
* max actions

* fix: max allowed actions

* fix: max allowed actions

* fix tests
2022-02-02 09:04:05 +01:00
Max Peintner
22c9cf99e7
docs: update deps, fix zitadel logo size (#3122) 2022-01-31 13:36:16 +01:00
Livio Amstutz
e99b7f4972
fix: move activity log to queries and remove old code (#3096)
* move changes to queries and remove old code

* fix changes query

* remove unused code

* fix sorting

* fix sorting

* refactor and remove old code

* remove accidental go.mod replace

* add missing file

* remove listDetail from ChangesResponse
2022-01-26 10:16:33 +01:00
dependabot[bot]
5f3b17c174
chore(deps): bump nanoid from 3.1.30 to 3.2.0 in /docs (#3097)
Bumps [nanoid](https://github.com/ai/nanoid) from 3.1.30 to 3.2.0.
- [Release notes](https://github.com/ai/nanoid/releases)
- [Changelog](https://github.com/ai/nanoid/blob/main/CHANGELOG.md)
- [Commits](https://github.com/ai/nanoid/compare/3.1.30...3.2.0)

---
updated-dependencies:
- dependency-name: nanoid
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-25 13:58:15 +01:00
Fabi
a824312be3
docs: error codes (#3108)
* docs: add error codes to api docs

* docs: add error codes to api docs

* docs: add error codes to api docs
2022-01-24 15:19:47 +01:00
Elio Bischof
bca337319c
docs: add MongoDB Authenticated Charts integration guide (#3080)
* docs: add MongoDB Authenticated Charts integration guide

* blur client id

* finalize mongodb charts integration

* fix audience field description

Co-authored-by: mffap <mpa@caos.ch>

Co-authored-by: mffap <mpa@caos.ch>
2022-01-21 14:30:20 +00:00
Fabi
087ef8d31c
fix: return isDefault on login texts (#3076)
* fix: add is disabled to login texts

* fix: fix aggregate id
2022-01-20 13:18:49 +00:00
Elio Bischof
c3d4db10ac
docs: update angular quickstart (#3025)
* docs: make angular quickstart user friendlier

* docs: improve angular quickstart

 Closes: #3042
2022-01-20 10:13:34 +01:00
Florian Forster
d2e07636c9
chore: proxy plausible (#3032) 2022-01-18 11:40:46 +01:00
Florian Forster
311df70a3f
docs: allow privacy friendly analytics in docs page and set hsts (#3006)
* chore: prepare deployment to netlify instead of cloudflare

* add badge
2022-01-18 09:04:48 +01:00
dependabot[bot]
7ea618121e
chore(deps): bump shelljs from 0.8.4 to 0.8.5 in /docs (#3007)
Bumps [shelljs](https://github.com/shelljs/shelljs) from 0.8.4 to 0.8.5.
- [Release notes](https://github.com/shelljs/shelljs/releases)
- [Changelog](https://github.com/shelljs/shelljs/blob/master/CHANGELOG.md)
- [Commits](https://github.com/shelljs/shelljs/compare/v0.8.4...v0.8.5)

---
updated-dependencies:
- dependency-name: shelljs
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-17 13:32:28 +01:00
dependabot[bot]
88ce186e80
chore(deps): bump follow-redirects from 1.14.6 to 1.14.7 in /docs (#3008)
Bumps [follow-redirects](https://github.com/follow-redirects/follow-redirects) from 1.14.6 to 1.14.7.
- [Release notes](https://github.com/follow-redirects/follow-redirects/releases)
- [Commits](https://github.com/follow-redirects/follow-redirects/compare/v1.14.6...v1.14.7)

---
updated-dependencies:
- dependency-name: follow-redirects
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-01-17 13:31:59 +01:00
Silvan
c542cab4f8
feat(queries): user grants (#2838)
* refactor(domain): add user type

* fix(projections): start with login names

* fix(login_policy): correct handling of user domain claimed event

* fix(projections): add members

* refactor: simplify member projections

* add migration for members

* add metadata to member projections

* refactor: login name projection

* fix: set correct suffixes on login name projections

* test(projections): login name reduces

* fix: correct cols in reduce member

* test(projections): org, iam, project members

* member additional cols and conds as opt,
add project grant members

* fix(migration): members

* fix(migration): correct database name

* migration version

* migs

* better naming for member cond and col

* split project and project grant members

* prepare member columns

* feat(queries): membership query

* test(queries): membership prepare

* fix(queries): multiple projections for latest sequence

* fix(api): use query for membership queries in auth and management

* feat: org member queries

* fix(api): use query for iam member calls

* fix(queries): org members

* fix(queries): project members

* fix(queries): project grant members

* fix(query): member queries and user avatar column

* member cols

* fix(queries): membership stmt

* fix user test

* fix user test

* fix(projections): add user grant projection

* fix(user_grant): handle state changes

* add state to migration

* fix(management): use query for user grant requests

* merge eventstore-naming into user-grant-projection

* feat(queries): user grants

* fix(migrations): version

* fix(api): user query for user grants

* fix(query): event mappers for usergrant aggregate

* fix(projection): correct aggregate for user grants

* fix(queries): user grant roles as list contains

* cleanup reducers

* fix avater_key to avatar_key

* tests

* cleanup

* cleanup

* add resourceowner query

* fix: user grant project name search query

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-01-14 09:45:50 +00:00
Fabi
ac7a26b9df
docs: add primary domain scope section to identity brokering guide (#2972)
* docs: add primary domain scope section to identity brokering guide

* Update docs/docs/guides/authentication/identity-brokering.md

Co-authored-by: mffap <mpa@caos.ch>

Co-authored-by: mffap <mpa@caos.ch>
2022-01-12 09:28:35 +01:00
Max Peintner
68827dfdcd
docs: styling, concepts cleanup (#2643)
* Architecture Scenarios B2B B2C

* b2b b2c

* cleanup concepts

* homepage links, b2c docs

* b2c, new homepage, custom components

* more content

* fix rxjs

* temp remove architecture scenarios

* temp remove architecture scenarios

* Update docs/src/pages/index.js

Co-authored-by: Florian Forster <florian@caos.ch>

* update docusaurus & review scenarios

* refactor user login guide (#2921)

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update docs/docs/guides/architecture-scenarios/b2c.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update docs/docs/guides/architecture-scenarios/b2c.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: mffap <mpa@caos.ch>

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: mffap <mpa@caos.ch>

* Update docs/docs/guides/architecture-scenarios/b2b.mdx

Co-authored-by: mffap <mpa@caos.ch>

* Update docs/docs/guides/architecture-scenarios/b2c.mdx

Co-authored-by: mffap <mpa@caos.ch>

* Update docs/docs/guides/architecture-scenarios/b2c.mdx

Co-authored-by: mffap <mpa@caos.ch>

* Update docs/docs/guides/architecture-scenarios/b2c.mdx

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* user-login splitup

* files

* organize files

* cleanup authmethods

* solution scenarios

* add link to authz

* Update docs/docs/guides/authentication/authmethods/implicit.mdx

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update docs/docs/guides/authentication/authmethods/implicit.mdx

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix broken links

* Update docs/docs/guides/solution-scenarios/b2c.mdx

Co-authored-by: Florian Forster <florian@caos.ch>

* c for consumer

Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-01-11 20:48:13 +01:00
Fabi
2bbbc3551a
docs: error messages (#2889)
* docs: add error messages

* docs: add error messages

* docs: add error messages screen shots

* Update docs/docs/manuals/error-messages.md

Co-authored-by: Florian Forster <florian@caos.ch>

* docs: add error messages screen shots

* docs: rename file

Co-authored-by: Florian Forster <florian@caos.ch>
2022-01-06 08:32:08 +01:00
Florian Forster
5f2b88be51
docs: fix broken docs pipeline (#2936)
* refactor user login guide (#2921)

* docs: fix docusaurus issues

* update yarn dep

Co-authored-by: Max Peintner <max@caos.ch>
2022-01-06 08:02:40 +01:00
mffap
d7cb4cb055
docs(reamde): logo light, text improvements (#2924) 2022-01-05 23:08:49 +01:00
Florian Forster
738a5821da
docs: update docsearch and improve trailing slash handling (#2908)
* Update docusaurus.config.js

* well, good morning

* trial by error with pages
2021-12-30 09:01:47 +01:00
Fabi
cf727b7fff
fix: Custom texts (#2875)
* feat: delete org

* fix: return is default on custom message text

* fix(projeciton): print stack trace on recover panic

* chore: print panic line

* fix: custom message text retunr nil, nil

* fix: custom message text template

* fix: remove isDefault from selection (#2876)

* fix: custom message text query

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2021-12-21 15:18:05 +01:00
Livio Amstutz
43f15953c3
feat: allow global org users to create org and self delete (#2759)
* fix: grant PROJECT_OWNER_VIEWER_GLOBAL org.create permission

* Update authz.yaml

* feat: delete my user

* console things

* lint

* signout after deletion

* stylelint rule

* Update authz.yaml

* Update authz.yaml

* setup step

* role SELF_MANAGEMENT_GLOBAL setup

* fix: change default role on global org

* Apply suggestions from code review

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2021-12-09 08:41:21 +00:00
dependabot[bot]
f7743834b0
chore(deps): bump algoliasearch-helper from 3.5.5 to 3.6.2 in /docs (#2734)
Bumps [algoliasearch-helper](https://github.com/algolia/algoliasearch-helper-js) from 3.5.5 to 3.6.2.
- [Release notes](https://github.com/algolia/algoliasearch-helper-js/releases)
- [Changelog](https://github.com/algolia/algoliasearch-helper-js/blob/develop/CHANGELOG)
- [Commits](https://github.com/algolia/algoliasearch-helper-js/compare/3.5.5...3.6.2)

---
updated-dependencies:
- dependency-name: algoliasearch-helper
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2021-11-25 10:07:57 +01:00
Elio Bischof
b6449a2410
docs: document Ambassador v1.x requirement (#2731)
* docs: document Ambassador v1.x requirement

 Closes: #2575

* ambassador v1 links

Co-authored-by: Elio Bischof <elio@caos.ch>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2021-11-23 15:29:25 +00:00
mffap
aa3eb274b7
docs: expand sidebar (#2706) 2021-11-19 10:31:59 +00:00
Livio Amstutz
004f14d1fe
docs: add openid certification (#2705) 2021-11-18 19:15:09 +01:00
Livio Amstutz
ebe2fbe1d5
fix: rename lifetime to expiration of pwless link in ImportHumanUserResponse (#2687) 2021-11-15 14:24:45 +01:00
Livio Amstutz
bd9f621030
docs: revocation_endpoint (#2654) 2021-11-15 08:37:05 +00:00
Max Peintner
12eed30c08
feat: add it-IT to internationalization (#2439)
* login it

* deepl translations, corrections

* login, en typos

* it internal, typo fixes

* message texts, optim console texts, guide for internationalization

* missing console, fix de, en

* Add missing keys from main

* translate missing keys

* add it to console selection, change it policy descriptors

* add missing i18n from jwt idp, fixes

* add missing translations

* missing translations

* fix

* auth user language change, interceptor

* remove multiline operator

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-11-15 08:23:35 +01:00
Livio Amstutz
5bc0520adb
docs: fix jwt profile iat and exp (#2660) 2021-11-11 17:56:30 +01:00
Livio Amstutz
fef9eb91f9
docs: add swagger editor links (#2657)
* docs: add swagger editor links

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

Co-authored-by: Florian Forster <florian@caos.ch>
2021-11-11 13:56:16 +01:00
Livio Amstutz
ccf4828b50
feat: allow IAM and Org Owners to generate a passwordless registration link (#2619) 2021-11-05 14:57:10 +01:00
Livio Amstutz
fc6154cffc
feat: token revocation and OP certification (#2594)
* fix: try using only user session if no user is set (id_token_hint) on prompt none

* fix caos errors As implementation

* implement request mode

* return explicit error on invalid refresh token use

* begin token revocation

* token revocation

* tests

* tests

* cleanup

* set op config

* add revocation endpoint to config

* add revocation endpoint to config

* migration version

* error handling in token revocation

* migration version

* update oidc lib to 1.0.0
2021-11-03 08:35:24 +01:00
Max Peintner
8df5614e4d
docs(apis): cleanup navigation, better overview (#2608)
* api cards, cleanup overview

* endpoint, definition shortcuts, links

* update quickstart links

* mobile overflow

* Update docs/docs/apis/introduction.mdx

Co-authored-by: Florian Forster <florian@caos.ch>

* Update docs/docs/apis/introduction.mdx

Co-authored-by: Florian Forster <florian@caos.ch>

Co-authored-by: Florian Forster <florian@caos.ch>
2021-11-02 14:05:47 +01:00
Livio Amstutz
6ef0d92200
docs: remove client credentials from supported grant types (#2586) 2021-10-28 16:06:48 +02:00
Fabi
c190d5d1b7
feat: add some manager roles (#2585)
* feat: add some manager roles

* feat: add some manager roles

* fix indent

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-10-28 13:22:25 +02:00
Fabi
cd65fd8c17
feat: all project grant search query (#2581)
* feat: all project grant search query

* feat: all project grant search query
2021-10-27 09:26:01 +00:00
Max Peintner
153c9054ad
docs: overview in help, legal section (#2532)
* help, legal section

* Update docs/docs/legal/introduction.mdx

Co-authored-by: Florian Forster <florian@caos.ch>

Co-authored-by: Florian Forster <florian@caos.ch>
2021-10-21 17:02:25 +02:00