TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
2,345 Commits 166 Branches 1,927 Tags 670 MiB
a1942ecdaa
Commit Graph

283 Commits

Author SHA1 Message Date
adlerhurst
609c4d4f24 Merge branch 'master' into new-eventstore 2020-11-19 17:20:09 +01:00
Silvan
93e941a475
fix: Improve search user grants (#988) 
* fix(management): search user grants with granted

* fix(auth): handle user grant project owner

* fix: migration
 2020-11-19 14:13:07 +01:00
Fabi
a40ec1f25b
fix: audience in create token (#985) 2020-11-18 17:11:37 +01:00
Livio Amstutz
16cd7388ce
fix: handle LoginPolicyRemoved in auth (#982) 2020-11-18 15:18:03 +01:00
Livio Amstutz
b9be5f4e11
fix: handle disabled mfa types correctly during login (#979) 
* fix: handle disabled mfa types during login correctly

* fix: add 2fa to default login policy

* fix: setup

* Update internal/setup/step7.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
 2020-11-18 12:56:24 +01:00
adlerhurst
147782332f Merge remote-tracking branch 'origin/master' into new-eventstore 2020-11-18 10:36:02 +01:00
Fabi
78c0cf2f57
fix: add and verified projectID in audience (#957) 
* feat: new scope for project id in aud

* feat: add doc

* feat: projectid endpoint

* feat: remove handle Proejct id

* fix: remove go.mod replace

* fix: add project id to aud

* fix: update oidc version

* fix: change project id scope

* update projectID scope to current usage

* typo: ZITADEL uppercase

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-11-16 10:54:48 +01:00
adlerhurst
4b1e79604a new iam repo in all services 2020-11-12 23:15:01 +01:00
Silvan
966e3850ed
fix(changes): decide if human or machine modifier (#953) 2020-11-12 17:01:30 +01:00
Fabi
202aae4954
feat: mfa policy (#913) 
* feat: add mfa to login policy

* feat: add mfa to login policy

* feat: add mfa to login policy

* feat: add mfa to login policy

* feat: add mfa to login policy on org

* feat: add mfa to login policy on org

* feat: append events on policy views

* feat: iam login policy mfa definition

* feat: login policies on orgs

* feat: configured mfas in login process

* feat: configured mfas in login process

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: rename software and hardware mfas

* fix: pr requests

* fix user mfa

* fix: test

* fix: oidc version

* fix: oidc version

* fix: proto gen

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
 2020-11-04 11:26:10 +01:00
Silvan
b9fdcb53a2
fix: auth app handler with projectEvents (#917) 2020-10-28 11:19:10 +01:00
Silvan
e686268e81
fix: flags on application view (#910) 
* wg24q

* fix: set ProjectRoleCheck and ProjectRoleAssertion on added application
 2020-10-27 15:53:36 +01:00
Livio Amstutz
b3f68c8f48
feat: add tracing interceptors to login and oidc (#764) 
* add tracing interceptors to login and oidc

* add some tracing spans

* trace login calls

* add some spans

* add some spans (change password)

* add some more tracing in oauth/oidc

* revert org exists

* Merge branch 'master' into http-tracing

# Conflicts:
#	internal/api/oidc/auth_request.go
#	internal/api/oidc/client.go
#	internal/auth/repository/eventsourcing/eventstore/auth_request.go
#	internal/auth/repository/eventsourcing/eventstore/user.go
#	internal/authz/repository/eventsourcing/eventstore/token_verifier.go
#	internal/authz/repository/eventsourcing/view/token.go
#	internal/user/repository/eventsourcing/eventstore.go
 2020-10-21 10:18:34 +02:00
Fabi
7e56ace9d9
fix: idp provider handler (#874) 
* fix: idp provider handler

* fix: idp provider search

* fix: idp provider search

* fix: error handling

* fix: error handling

* fix: fix read config
 2020-10-20 14:26:19 +02:00
Fabi
4eb380a825
fix: IDP login button styles (#869) 
* fix: styling type on idp

* fix: google styling

* fix: google styling

* fix: google styling

* fix: remove logo src from angular

* fix: pr requests

* fix drop column migration

* fix: drop column migration

* fix: grant id
 2020-10-19 17:10:02 +02:00
Livio Amstutz
a321d850ae
feat: project roles (#843) 
* fix logging

* token verification

* feat: assert roles

* feat: add project role assertion on project and token type on app

* id and access token role assertion

* add project role check

* user grant required step in login

* update library

* fix merge

* fix merge

* fix merge

* update oidc library

* fix tests

* add tests for GrantRequiredStep

* add missing field ProjectRoleCheck on project view model

* fix project create

* fix project create
 2020-10-16 07:49:38 +02:00
Fabi
265b491696
feat: tokens on user aggregate (#837) 
* fix: fix remove policies in spoolers

* fix: reread of token by id

* fix: update oidc package

* fix: possible nil pointer on token split

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-10-15 13:52:41 +02:00
Fabi
fbb30840f1
feat: policies on aggregates (#799) 
* feat: move pw policy

* feat: default pw complexity policy

* fix: org password complexity policy

* fix: org password complexity policy

* fix: pw complexity policy with setup

* fix: age and lockout policies on aggregates

* fix: migration

* fix: org iam policy

* fix: org iam policy

* fix: org iam policy

* fix: tests

* fix: policy request

* fix: merge master

* fix(console): policies frontend (#817)

* fix policy build

* fix: age, complexity, lockout policies

* fix: ready return err of setup not done

* fix: fix remove policies in spoolers

* fix: fix remove policies in spoolers

* feat(console): policy settings for iam and org (#824)

* fix policy build

* fix: age, complexity, lockout policies

* fix pwd complexity

* policy remove action

* add imports

* fix accounts card, enable mgmt login policy

* lint

* add iam policy to admin

* toasts, i18n, show default

* routing, i18n

* reset policy, toast i18n, cleanup, routing

* policy delete permission

* lint style

* delete iam policy

* delete non project from grid list, i18n

* lint ts, style

* fix: remove instead delete

* feat(console): delete external idp from user (#835)

* dialog i18n, delete column and function

* dialog i18n

* fix rm button

* Update console/src/assets/i18n/de.json

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update console/src/assets/i18n/de.json

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix: revert env, rename policy, remove comments

* fix: lowercase sich

* fix: pr requests

* Update internal/iam/repository/eventsourcing/eventstore_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: tests

* fix: tests

* fix(console): policies (#839)

* fix: nil pointer on get userdata (#815)

* fix: external login (#818)

* fix: external login

* fix: external login

* feat(console): delete user (#819)

* add action col to user table, i18n

* delete user from detail component

* lint

* fix(console): cleanup user detail and member components, user/me redirect, permission guards, filter, org policy guard, user table, scss cleanup (#808)

* fix: remove user.write guard for filtering

* border color

* fix user routing from member tables

* idp detail layout

* generic contact component

* fix redirect to auth user, user grant disable

* disable policy action without permission, i18n

* user-create flex fix, contact ng-content

* rm unused styles

* sidenav divider

* lint

* chore(deps-dev): bump @angular/cli from 10.1.3 to 10.1.4 in /console (#806)

* fix: user session with external login (#797)

* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name

* fix(container): stop copying / and instead only copy zitadel (#691)

* chore: stop copying / and instead only copy zitadel

* Update Dockerfile

* Update release.yml

* enable anchors debug

* fix(container): don't copy alpine content into scratch execpt pwd

* chore: remove need step

* merge master

* chore(deps-dev): bump @angular/cli from 10.1.3 to 10.1.4 in /console

Bumps [@angular/cli](https://github.com/angular/angular-cli) from 10.1.3 to 10.1.4.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v10.1.3...v10.1.4)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @angular/language-service from 10.1.3 to 10.1.4 in /console (#805)

* fix: user session with external login (#797)

* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name

* fix(container): stop copying / and instead only copy zitadel (#691)

* chore: stop copying / and instead only copy zitadel

* Update Dockerfile

* Update release.yml

* enable anchors debug

* fix(container): don't copy alpine content into scratch execpt pwd

* chore: remove need step

* merge master

* chore(deps-dev): bump @angular/language-service in /console

Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 10.1.3 to 10.1.4.
- [Release notes](https://github.com/angular/angular/releases)
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md)
- [Commits](https://github.com/angular/angular/commits/10.1.4/packages/language-service)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump codelyzer from 6.0.0 to 6.0.1 in /console (#804)

* fix: user session with external login (#797)

* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name

* fix(container): stop copying / and instead only copy zitadel (#691)

* chore: stop copying / and instead only copy zitadel

* Update Dockerfile

* Update release.yml

* enable anchors debug

* fix(container): don't copy alpine content into scratch execpt pwd

* chore: remove need step

* merge master

* chore(deps-dev): bump codelyzer from 6.0.0 to 6.0.1 in /console

Bumps [codelyzer](https://github.com/mgechev/codelyzer) from 6.0.0 to 6.0.1.
- [Release notes](https://github.com/mgechev/codelyzer/releases)
- [Changelog](https://github.com/mgechev/codelyzer/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mgechev/codelyzer/commits/6.0.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @angular-devkit/build-angular from 0.1000.8 to 0.1001.4 in /console (#803)

* fix: user session with external login (#797)

* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name

* fix(container): stop copying / and instead only copy zitadel (#691)

* chore: stop copying / and instead only copy zitadel

* Update Dockerfile

* Update release.yml

* enable anchors debug

* fix(container): don't copy alpine content into scratch execpt pwd

* chore: remove need step

* merge master

* chore(deps-dev): bump @angular-devkit/build-angular in /console

Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli) from 0.1000.8 to 0.1001.4.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>

* chore(deps): bump uuid from 8.3.0 to 8.3.1 in /console (#802)

* fix: user session with external login (#797)

* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name

* fix(container): stop copying / and instead only copy zitadel (#691)

* chore: stop copying / and instead only copy zitadel

* Update Dockerfile

* Update release.yml

* enable anchors debug

* fix(container): don't copy alpine content into scratch execpt pwd

* chore: remove need step

* merge master

* chore(deps): bump uuid from 8.3.0 to 8.3.1 in /console

Bumps [uuid](https://github.com/uuidjs/uuid) from 8.3.0 to 8.3.1.
- [Release notes](https://github.com/uuidjs/uuid/releases)
- [Changelog](https://github.com/uuidjs/uuid/blob/master/CHANGELOG.md)
- [Commits](https://github.com/uuidjs/uuid/compare/v8.3.0...v8.3.1)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* create memberstable as common component

* iam member cleanup

* iam + org m table, user table service user avatar

* toast config

* fix selection emitter

* fix project grant table width

* project grant members refactor

* theme optimizations

* member table col delete

* lint

* fix table row color

* refactor grey color

* lint scss

* org list redirect on click, fix user table undef

* refresh table after grant add

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>

* fix(console): intercept navigator.language, set browser lang as default for user without explicit setting, user table outline, member create dialog import (#820)

* i18n interceptor, set language to browser lang

* nullcheck

* rm external idp log

* fix module imports, rm user displayname from i18n

* Update console/src/assets/i18n/de.json

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix: delete external idps from users (#822)

* fix(console): permission regex, account switcher null check, restrict app and member create access (#821)

* fix member table disable, gerneal regexp

* fix user session card, app disable

* memberships max count

* fix policy permissions

* permission check for member add dialog

* lint

* rm accounts log

* rm id regex

* fix: handle usermemberships on project and project grant delete (#825)

* fix: go handler

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>

* fix: tests

* fix: not needed error handling

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
 2020-10-15 10:27:13 +02:00
Fabi
905ee1c68a
fix: handle usermemberships on project and project grant delete (#825) 2020-10-13 07:46:44 +02:00
Fabi
56d5704749
fix: external login (#818) 
* fix: external login

* fix: external login
 2020-10-07 16:29:56 +02:00
Fabi
9ad547185c
feat: remove user (#812) 
* feat: remove user

* feat: handle delete state on user by id

* feat: handle delete state on project by id
 2020-10-07 08:16:42 +02:00
Fabi
198370325d
fix: user session with external login (#797) 
* fix: user session with external login

* fix: tests

* fix: tests

* fix: change idp config name
 2020-10-02 08:02:09 +02:00
Silvan
bdcf9fcc5c
fix(authz): fix user grant handler (#795) 2020-09-30 10:29:41 +02:00
Fabi
83b0ac1fdb
fix: idps (#777) 
* fix: update client secret, skip passwordsteps only if login not if linking

* fix: global policy for register

* fix: scope handling

* fix: back after error

* fix: change org id scope to primary domain

* fix: check if primarydomain empty

* fix: local sh

* fix: disable buttons on org login policy
 2020-09-28 09:29:41 +02:00
Silvan
3e1204524e
fix: multiple setup steps (#773) 
* fix: multiple setup steps

* fix: test set up started

* fix: possible nil pointers in setup

* fix: validate executed step
 2020-09-24 11:38:28 +02:00
Fabi
0bd27bc8e4
fix: add prompt on oidc rp, fix idp and login policy in console (#769) 
* fix: add prompt on oidc rp

* fix: add prompt on oidc rp

* fix: translation

* fix: translation

* fix: not existing login policy

* fix: login policy

* fix: identity provider detail

* fix: idp update

* fix: idps in login policy

* fix: lint

* fix: scss

* fix: external idps on auth user detail

* fix: idp create mapping fields

* fix: remove idp provider

* fix: angular lint

* fix: login policy view

* fix: translations
 2020-09-23 16:52:19 +02:00
Fabi
320ddfa46d
feat: Identity brokering (#730) 
* feat: add/ remove external idps

* feat: external idp add /remove

* fix: auth proto

* fix: handle login

* feat: loginpolicy on authrequest

* feat: idp providers on login

* feat: link external idp

* fix: check login policy on check username

* feat: add mapping fields for idp config

* feat: use user org id if existing

* feat: use user org id if existing

* feat: register external user

* feat: register external user

* feat: user linking

* feat: user linking

* feat: design external login

* feat: design external login

* fix: tests

* fix: regenerate login design

* feat: next step test linking process

* feat: next step test linking process

* feat: cascade remove external idps on user

* fix: tests

* fix: tests

* feat: external idp requsts on users

* fix: generate protos

* feat: login styles

* feat: login styles

* fix: link user

* fix: register user on specifig org

* fix: user linking

* fix: register external, linking auto

* fix: remove unnecessary request from proto

* fix: tests

* fix: new oidc package

* fix: migration version

* fix: policy permissions

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/renderer.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/renderer.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: pr requests

* Update internal/ui/login/handler/link_users_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: pr requests

* fix: pr requests

* fix: pr requests

* fix: login name size

* fix: profile image light

* fix: colors

* fix: pr requests

* fix: remove redirect uri validator

* fix: remove redirect uri validator

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-09-18 13:26:28 +02:00
Silvan
5a8cafcae5
fix: JWT Profile (#748) 
* fix: correct env var for tracing type

* fix: local env tracing

* fix: key in detail as string

* fix: implement storage

* fix: machine key by id
fix: store public key as bytes instead of crypto value

* update oidc pkg

* dont check origins for service account tokens

* fix: scopes

* fix: dependencies

* fix: dependencies

* fix: remove unused code

* fix: variable naming

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-09-17 08:49:33 +02:00
Silvan
71abc4f077
test: machine (#683) 
* test: machine

* test: better naming
 2020-09-15 15:04:02 +02:00
Livio Amstutz
8fcb03854b
fix: iam permission (#720) 
* fix: get iam permissions

* fix: iam permissions
 2020-09-10 15:40:20 +02:00
Livio Amstutz
619d194044
fix: get iam permissions (#713) 2020-09-08 19:05:12 +02:00
Livio Amstutz
cca92874ab
fix: permissions (#698) 
* get my zitadel permissions from memberships (not grants)

* change SearchMyProjectOrgs to user user_membership
 2020-09-04 15:20:39 +02:00
Livio Amstutz
370cd19a83
fix: improve permission checks (#682) 
* separate roles for global org

* remove old user grant permissions

* allow context permissions

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
 2020-09-01 16:38:34 +02:00
Silvan
5abd5b0505
feat: split users into human and machine (#470) 
* feat(management): service accounts

* chore: current go version

* init

* refactor: apis

* feat(internal): start impl of service account

* chore: start impl of machine/human users

* code compiles

* fix: tests

* fix: tests

* fix: add new event types to switches

* chore: add cases to event types

* fix(management): definitive proto messages

* fix: machine/human

* fix: add missing tables as todos

* fix: remove unused permissions

* fix: refactoring

* fix: refactor

* fix: human registered

* fix: user id

* fix: logid

* fix: proto remove //equal

* chore(management): remove no comment

* fix: human mfas

* fix: user subobjects

* chore: rename existing to better name

* fix: username in user (#634)

* fix: username in user

* fix: username

* fix remove unused code

* fix add validations

* fix: use new user in all apis

* fix: regexp for username in api

* fix: fill user data for human and machine (#638)

* fix: fill Display name grant/member handlers
fix: add description to grant/member objects in api
fix: check if user is human in login

* fix: remove description from member and grant

* chore: remove todos

* feat: machine keys

* fix: implement missing parts

* feat: machine key management view

* fix: remove keys from machine view

* fix: set default expiration date

* fix: get key by ids

* feat: add machine keys in proto

* feat: machine keys

* fix: add migration

* fix: mig

* fix: correct method name

* feat: user search

* feat: user search

* fix: log ids

* fix partial authconfig prompt, domain c perm

* membership read check

* contributor refresh trigger, observe org write

* fix: migrations

* fix(console): machine build (#660)

* frontend 1

* fix html bindings

* trailing comma

* user permissions, project deactivate

* fix(console): human view (#661)

* fix search user view, user detail form

* rm log

* feat(console): user services list and create (#663)

* fix search user view, user detail form

* rm log

* machine list

* generic table component

* create user service

* proove table for undefined values

* tmp disable user link if machine

* lint

* lint styles

* user table lint

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)

* service users for sidenav, routing

* i18n

* back routes

* machine detail form

* update machine detail, fix svc user grants

* keys table

* add key dialog, timestamp creation

* check permission on create, delete, fix selection

* lint ts, scss

* Update console/src/assets/i18n/de.json

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* allow user grants for project.write

* management service

* fix mgmt service

* feat: Machine keys (#655)

* fix: memberships (#633)

* feat: add iam members to memberships

* fix: search project grants

* fix: rename

* feat: idp and login policy configurations (#619)

* feat: oidc config

* fix: oidc configurations

* feat: oidc idp config

* feat: add oidc config test

* fix: tests

* fix: tests

* feat: translate new events

* feat: idp eventstore

* feat: idp eventstore

* fix: tests

* feat: command side idp

* feat: query side idp

* feat: idp config on org

* fix: tests

* feat: authz idp on org

* feat: org idps

* feat: login policy

* feat: login policy

* feat: login policy

* feat: add idp func on login policy

* feat: add validation to loginpolicy and idp provider

* feat: add default login policy

* feat: login policy on org

* feat: login policy on org

* fix: id config handlers

* fix: id config handlers

* fix: create idp on org

* fix: create idp on org

* fix: not existing idp config

* fix: default login policy

* fix: add login policy on org

* fix: idp provider search on org

* fix: test

* fix: remove idp on org

* fix: test

* fix: test

* fix: remove admin idp

* fix: logo src as byte

* fix: migration

* fix: tests

* Update internal/iam/repository/eventsourcing/iam.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/org/repository/eventsourcing/org_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: pr comments

* fix: tests

* Update types.go

* fix: merge request changes

* fix: reduce optimization

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: reread user mfas, preferred loginname as otp account name (#636)

* fix: reread user mfas

* fix: use preferred login name as otp account name

* fix: tests

* fix: reduce (#635)

* fix: management reduce optimization

* fix: reduce optimization

* fix: reduce optimization

* fix: merge master

* chore(deps): bump github.com/gorilla/schema from 1.1.0 to 1.2.0 (#627)

Bumps [github.com/gorilla/schema](https://github.com/gorilla/schema) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/gorilla/schema/releases)
- [Commits](https://github.com/gorilla/schema/compare/v1.1.0...v1.2.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/gorilla/mux from 1.7.4 to 1.8.0 (#624)

Bumps [github.com/gorilla/mux](https://github.com/gorilla/mux) from 1.7.4 to 1.8.0.
- [Release notes](https://github.com/gorilla/mux/releases)
- [Commits](https://github.com/gorilla/mux/compare/v1.7.4...v1.8.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps): bump github.com/DATA-DOG/go-sqlmock from 1.4.1 to 1.5.0 (#591)

Bumps [github.com/DATA-DOG/go-sqlmock](https://github.com/DATA-DOG/go-sqlmock) from 1.4.1 to 1.5.0.
- [Release notes](https://github.com/DATA-DOG/go-sqlmock/releases)
- [Commits](https://github.com/DATA-DOG/go-sqlmock/compare/v1.4.1...v1.5.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: auto assign issues and PR to ZTIADEL project board (#643)

* Create main.yml

* Update main.yml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix(console): project grant members, update deps (#645)

* fix: searchprojectgrantmembers

* chore(deps-dev): bump @angular/cli from 10.0.6 to 10.0.7 in /console (#622)

Bumps [@angular/cli](https://github.com/angular/angular-cli) from 10.0.6 to 10.0.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/compare/v10.0.6...v10.0.7)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump @angular-devkit/build-angular in /console (#626)

Bumps [@angular-devkit/build-angular](https://github.com/angular/angular-cli) from 0.1000.6 to 0.1000.7.
- [Release notes](https://github.com/angular/angular-cli/releases)
- [Commits](https://github.com/angular/angular-cli/commits)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>

* chore(deps-dev): bump @types/jasmine from 3.5.12 to 3.5.13 in /console (#623)

Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.5.12 to 3.5.13.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases)
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore(deps-dev): bump ts-node from 8.10.2 to 9.0.0 in /console (#629)

Bumps [ts-node](https://github.com/TypeStrong/ts-node) from 8.10.2 to 9.0.0.
- [Release notes](https://github.com/TypeStrong/ts-node/releases)
- [Commits](https://github.com/TypeStrong/ts-node/compare/v8.10.2...v9.0.0)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* update packlock

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* chore: delete main.yml (#648)

* fix: usergrant (#650)

* fix(console): mfa refresh after verification, member eventemitter (#651)

* refresh mfa

* fix: detail link from contributors

* lint

* feat: add domain verification notification (#649)

* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* feat: send email to users after domain claim

* username

* check origin on userinfo

* update oidc pkg

* fix: add migration 1.6

* change username

* change username

* remove unique email aggregate

* change username in mgmt

* search global user by login name

* fix test

* change user search in angular

* fix tests

* merge

* userview in angular

* fix merge

* Update pkg/grpc/management/proto/management.proto

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/notification/static/i18n/de.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix: translation (#647)

* fix: translation

* fix: translation

* fix: translation

* fix: remove unused code

* fix: log err

* fix: migration numbers (#652)

* chore: issue / feature templates (#642)

* feat: machine keys

* fix: implement missing parts

* feat: machine key management view

* fix: remove keys from machine view

* feat: global org read (#657)

* fix: set default expiration date

* fix: get key by ids

* feat: add machine keys in proto

* feat: machine keys

* fix: add migration

* fix: mig

* fix: correct method name

* feat: user search

* feat: user search

* fix: log ids

* fix: migrations

* fix(console): machine build (#660)

* frontend 1

* fix html bindings

* trailing comma

* fix(console): human view (#661)

* fix search user view, user detail form

* rm log

* feat(console): user services list and create (#663)

* fix search user view, user detail form

* rm log

* machine list

* generic table component

* create user service

* proove table for undefined values

* tmp disable user link if machine

* lint

* lint styles

* user table lint

* Update console/src/assets/i18n/de.json

Co-authored-by: Florian Forster <florian@caos.ch>

* feat(console): service user detail view, keys cr_d, fix search user autocomplete (#664)

* service users for sidenav, routing

* i18n

* back routes

* machine detail form

* update machine detail, fix svc user grants

* keys table

* add key dialog, timestamp creation

* check permission on create, delete, fix selection

* lint ts, scss

* Update console/src/assets/i18n/de.json

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@caos.ch>

* refactor: protos

* fix(management): key expiration date

* fix: check if user is human

* fix: marshal key details

* fix: correct generate login names

* fix: logid

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>

* fix: naming

* refactor: findings

* fix: username

* fix: mfa upper case

* fix: tests

* fix: add translations

* reactivatemyorg req typeö

* fix: projectType for console

* fix: user changes

* fix: translate events

* fix: event type translation

* fix: remove unused types

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2020-08-31 17:48:01 +02:00
Livio Amstutz
c1c85e632b
fix: cookie handling (#654) 
* feat: set cookie prefix and max age

* cookie prefix on csrf cookie

* fix: check user agent cookie in login

* update oidc pkg

* cleanup
 2020-08-31 08:49:35 +02:00
Fabi
7295383621
fix: translation (#647) 
* fix: translation

* fix: translation

* fix: translation

* fix: remove unused code

* fix: log err
 2020-08-28 09:44:43 +02:00
Livio Amstutz
34ec2508d3
feat: add domain verification notification (#649) 
* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* feat: send email to users after domain claim

* username

* check origin on userinfo

* update oidc pkg

* fix: add migration 1.6

* change username

* change username

* remove unique email aggregate

* change username in mgmt

* search global user by login name

* fix test

* change user search in angular

* fix tests

* merge

* userview in angular

* fix merge

* Update pkg/grpc/management/proto/management.proto

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/notification/static/i18n/de.yaml

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* fix

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
 2020-08-27 17:18:23 +02:00
Fabi
4af38b37a6
fix: reduce (#635) 
* fix: management reduce optimization

* fix: reduce optimization

* fix: reduce optimization

* fix: merge master
 2020-08-26 13:01:37 +02:00
Fabi
87aa97b9c7
fix: reread user mfas, preferred loginname as otp account name (#636) 
* fix: reread user mfas

* fix: use preferred login name as otp account name

* fix: tests
 2020-08-26 10:17:43 +02:00
Fabi
db1d8f4efe
feat: idp and login policy configurations (#619) 
* feat: oidc config

* fix: oidc configurations

* feat: oidc idp config

* feat: add oidc config test

* fix: tests

* fix: tests

* feat: translate new events

* feat: idp eventstore

* feat: idp eventstore

* fix: tests

* feat: command side idp

* feat: query side idp

* feat: idp config on org

* fix: tests

* feat: authz idp on org

* feat: org idps

* feat: login policy

* feat: login policy

* feat: login policy

* feat: add idp func on login policy

* feat: add validation to loginpolicy and idp provider

* feat: add default login policy

* feat: login policy on org

* feat: login policy on org

* fix: id config handlers

* fix: id config handlers

* fix: create idp on org

* fix: create idp on org

* fix: not existing idp config

* fix: default login policy

* fix: add login policy on org

* fix: idp provider search on org

* fix: test

* fix: remove idp on org

* fix: test

* fix: test

* fix: remove admin idp

* fix: logo src as byte

* fix: migration

* fix: tests

* Update internal/iam/repository/eventsourcing/iam.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/iam_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/org/repository/eventsourcing/org_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/iam/repository/eventsourcing/model/login_policy_test.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: pr comments

* fix: tests

* Update types.go

* fix: merge request changes

* fix: reduce optimization

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-08-26 09:56:23 +02:00
Livio Amstutz
1a00faf132
fix: claim verified domain from usernames (#603) 
* fix: return orgDomain validationType

* added missing translations for orgDomain activity

* claim org domain

* show message if domain token was requested

* fix tests

* fix tests

Co-authored-by: Max Peintner <max@caos.ch>
 2020-08-18 08:57:16 +02:00
Livio Amstutz
f61b30420a
fix: session handlers (#586) 
* fix: session handler when no sessions exists

* fix: error handling

* error handling

* fix: error handling

* fix: error handling

* fix: error handling

* some errors

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
 2020-08-13 09:43:47 +02:00
Fabi
5c4fef296f
fix: app by id, views with computed objects (#583) 
* feat: read app by id if my events

* fix: handlers if no sublist

* fix: removed app

* fix: removed project

* fix: removed app

* fix: removed app

* fix: app by id with projectid
 2020-08-13 08:28:18 +02:00
Fabi
f80367b49a
feat: register org process (#558) 
* feat: register new organisation

* feat: create org request in management

* fix: tests

* Update internal/ui/login/static/i18n/en.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/i18n/de.yaml

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/static/templates/register_org.html

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/register_org_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/ui/login/handler/register_org_handler.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: remove autocomplete

* fix: regenerate proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-08-06 14:38:19 +02:00
Fabi
75f1c4c576
feat: user memberships (#537) 
* feat: add search user memberships

* feat: add search user memberships

* feat: read user member ship

* feat: add usergrant search key

* feat: uesrmemberships based on permissions

* feat: merge master

* fix: correct permissions

* fix: update display name on change profile

* fix: merge request converations

* fix: err handling

* Update internal/user/model/user_membership_view.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
 2020-07-30 14:37:55 +02:00
Silvan
41e1a7cc7b
fix(spooler): correct workers (#508) 
* one concurrent task

* disable spooler

* fix: improve concurrency in spooler

* fix: dont block lock

* fix: break if lock failed

* fix: check if handler is working

* fix: worker id

* fix: test

* fix: use limit for spoolers configured in startup.yaml

* fix test

* fix: factory

* fix(key): only reduce if not expired

* fix(searchQueryFactory): check for string-slice in aggregateID

* fix(migrations): combine migrations

* fix: allow saving multiple objects in one request

* fix(eventstore): logging

* fix(eventstore): rethink insert i locks table

* fix: ignore failed tests for the moment

* fix: tuubel

* fix: for tests in io

* fix: ignore tests for io

* fix: rename concurrent tasks to workers

* fix: incomment tests and remove some tests

* fix: refert changes for io

* refactor(eventstore): combine types of sql in one file

* refactor(eventstore): logs, TODO's, tests

* fix(eventstore): sql package

* test(eventstore): add tests for search query factory

* chore: logs

* fix(spooler): optimize lock query
chore(migrations): rename locks.object_type to view_name
chore(migrations): refactor migrations

* test: incomment tests

* fix: rename PrepareSaves to PrepareBulkSave

* chore: go dependencies

* fix(migrations): add id in events table

* refactor(lock): less magic numbers

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-07-28 09:42:21 +02:00
Fabi
351aac22f8
feat: usergrant (#489) 
* fix: search usergrants only for allowed projects

* fix: check permissions

* fix: check permissions

* fix: check permissions

* Update internal/management/repository/eventsourcing/eventstore/project.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix: merge request changes

* fix: variable name

Co-authored-by: Silvan <silvan.reusser@gmail.com>
 2020-07-22 14:00:29 +02:00
Livio Amstutz
933193855a
feat(login): show profile (#485) 
* profile data

* fix scripts

* fix image paths

* feat: show profile (with image) when possible

* fix profile image width
 2020-07-20 10:00:29 +02:00
Fabi
423b86a03b
feat: sequence and timestamp on searchrequests (#468) 
* feat: reread events

* feat: sequence and timestamo on search requests

* feat: sequence and timestamo on search requests

* fix: better naming

* fix: log errors

* fix: read sequence before search request
 2020-07-15 13:24:36 +02:00
Fabi
1b59a52f26
fix: return my org on zitadel permission (#441) 2020-07-09 18:39:10 +02:00
Livio Amstutz
8efa697af2
fix: return authorizations on userinfo (#420) 2020-07-09 14:05:12 +02:00
Livio Amstutz
3549a8b64e
feat: port reduction (#323) 
* move mgmt pkg

* begin package restructure

* rename auth package to authz

* begin start api

* move auth

* move admin

* fix merge

* configs and interceptors

* interceptor

* revert generate-grpc.sh

* some cleanups

* console

* move console

* fix tests and merging

* js linting

* merge

* merging and configs

* change k8s base to current ports

* fixes

* cleanup

* regenerate proto

* remove unnecessary whitespace

* missing param

* go mod tidy

* fix merging

* move login pkg

* cleanup

* move api pkgs again

* fix pkg naming

* fix generate-static.sh for login

* update workflow

* fixes

* logging

* remove duplicate

* comment for optional gateway interfaces

* regenerate protos

* fix proto imports for grpc web

* protos

* grpc web generate

* grpc web generate

* fix changes

* add translation interceptor

* fix merging

* regenerate mgmt proto
 2020-07-08 13:56:37 +02:00
Silvan
c0f85c2733
feat: localized messages (#328) 
* fix: project by id loads project from view and from eventstore

* fix: correct search key for role

* feat(auth): my user changes

* fix: improve error handling in change converters

* fix: log-id

* feat(translations): event type translations

* feat: localized translations

* fix(translations): correct yaml format

* chore: example

* fix: remove unused code

* correct checkSSL in sql

* chore(modules): update

* chore: refactor interceptors

* fix: improvments

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/de.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* Update internal/static/i18n/en.yaml

Co-authored-by: Florian Forster <florian@caos.ch>

* chore(translations): start with upper case on Code

* chore(middleware): move funcs

* add message to grpc web generation

* translation in mgmt and fixes

* fix authoptions

* fix console statik

Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-07-08 09:48:11 +02:00
Livio Amstutz
65b17a83fb
feat(login): default to user selection, take login_hint into account (#350) 
* feat(login): default to user selection instead of login, take login_hint into account

* fix: proper error message when user (and other objects) not found (#337)

* fix: proper error message when user not found by loginname

* add more not found and fix some typos

* feat: usergrant (#348)

* fix: add needed permissions

* feat: search project/projectgrant user grants

* fix: no zitadel permissions

* fix: queries length

* feat: add get my password policy (#346)

* feat: add get my password policy

* fix: failed merges

* chore(deps): bump contrib.go.opencensus.io/exporter/stackdriver (#343)

Bumps [contrib.go.opencensus.io/exporter/stackdriver](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver) from 0.13.1 to 0.13.2.
- [Release notes](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/releases)
- [Commits](https://github.com/census-ecosystem/opencensus-go-exporter-stackdriver/compare/v0.13.1...v0.13.2)

Signed-off-by: dependabot[bot] <support@github.com>

Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* feat: remove phone (#349)

* feat: remove phone number

* feat: remove phone number tests

* feat: remove phone number tests

* fix: regenerate protos

* fix(console): distinct user grant searches and creates, project grant member edit, import cleanup (#342)

* project grant member edit

* project grant member dialog, import cleanup

* readd project roles

* user login-methods cleanup

* fix sw config, user grant context

* delete user grants, context for creation, search

* contributor box shadow

* password to detail view

* user detail notification

* lint

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Max Peintner <max@caos.ch>
 2020-07-07 08:14:44 +02:00
Fabi
c8cdbe136c
feat: remove phone (#349) 
* feat: remove phone number

* feat: remove phone number tests

* feat: remove phone number tests

* fix: regenerate protos
 2020-07-06 15:48:24 +02:00
Fabi
645c4597e8
feat: add get my password policy (#346) 
* feat: add get my password policy

* fix: failed merges
 2020-07-06 15:35:20 +02:00
Fabi
5251fc712c
feat: usergrant (#348) 
* fix: add needed permissions

* feat: search project/projectgrant user grants

* fix: no zitadel permissions

* fix: queries length
 2020-07-06 15:27:29 +02:00
Silvan
cf7a906023
feat(auth): My user changes (#318) 
* fix: project by id loads project from view and from eventstore

* fix: correct search key for role

* feat(auth): my user changes

* fix: improve error handling in change converters

* fix: log-id
 2020-07-01 07:18:05 +02:00
Fabi
5a0876cf98
fix: rename tables failed_event to failed_events (#287) 
* fix: rename tables failed_event to failed_events

* fix: use const
 2020-06-29 09:56:29 +02:00
Fabi
79eff2795f
feat: on logout we terminate all sessions from agent (#288) 
* feat: on logout we terminate all sessions from agent

* Update eventstore.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-06-29 09:49:40 +02:00
Fabi
8bfa1a083c
feat: administrator (#271) 
* feat: get views and failed events

* feat: get views and failed events

* feat: get views and failed events

* Update internal/view/repository/sequence.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/view/repository/general_query.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-06-25 08:01:13 +02:00
Fabi
f7aed1c864
feat: my user mfas (#264) 2020-06-24 10:47:11 +02:00
Fabi
3cd3a238c2
fix: all enums same style (#262) 
* fix: all enums same style

* fix: rename process to reduce

* add some missing enum renaming

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-06-23 14:47:47 +02:00
Livio Amstutz
66cca48b62
fix: login names (and query) (#253) 2020-06-22 10:38:29 +02:00
Fabi
d89087cbe0
feat: get my project permission (#245) 2020-06-19 15:33:54 +02:00
Fabi
710652ef24
feat: delete (#243) 
* feat: project role remove

* feat: search queries

* feat: search queries

* feat: cascade remove/change project role

* fix: comment in project grant

* fix: remove projecr grant

* fix: only search usergrants of my org

* fix: delete usergrants

* fix: delete usergrants

* fix: check if role exists on project grant

* feat: bulk add project role

* fix: tests

* fix: update user grants on project update

* fix: return roles

* feat: add resourceowner name on project grants

* fix: migration number

* fix: tests

* fix: generate protos

* fix: some unnecessary code
 2020-06-19 15:32:03 +02:00
Livio Amstutz
e653eaab86
fix: login (#242) 
* password in init user only if needed

* reactivate user session

* set context AuthorizeClientIDSecret

* fix qr code for light

* fix copy

* check user and org active in auth

* add org view provider

* handle inactive projects

* translate error messages
 2020-06-19 14:52:04 +02:00
Fabi
add4c103cf
fix: internal grant view (#239) 
* fix: internal grant view

* feat: add orgiam policy in management

* fix: roleSuffix
 2020-06-19 07:27:16 +02:00
Livio Amstutz
e7b139ba2c
fix: preferred login name (#231) 
* fix: add preferred login name to my user sessions and get user info from view

* fix: my user in auth
 2020-06-17 16:43:53 +02:00
Livio Amstutz
1c59d18fee
fix: improvements for login and oidc (#227) 
* add csrf

* caching

* caching

* caching

* caching

* security headers

* csp and security headers

* error handler csp

* select user with display name

* csp

* user selection styling

* username to loginname

* regenerate grpc

* regenerate

* change to login name
 2020-06-17 08:06:40 +02:00
Fabi
6fa62ccd0a
feat: fixes (#228) 
* feat: user login names

* fix: user login names

* fix: generate login name
 2020-06-17 07:25:04 +02:00
Fabi
7a6ca24625
feat: multiple domains (#188) 
* check uniqueness on create and register user

* change user email, reserve release unique email

* usergrant unique aggregate

* usergrant uniqueness

* validate UserGrant

* fix tests

* domain is set on username in all orgs

* domain in admin

* org domain sql

* zitadel domain org name

* org domains

* org iam policy

* default org iam policy

* SETUP

* load login names

* login by login name

* login name

* fix: merge master

* fix: merge master

* Update internal/user/repository/eventsourcing/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: fix unique domains

* fix: rename env variable

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-06-16 11:40:18 +02:00
Fabi
8dd6082b17
feat: add project creator role on register user (#222) 
* feat: add project creator role on register user

* fix: better error message

* fix: tests
 2020-06-15 14:57:19 +02:00
Livio Amstutz
e57d4b1ed4
fix: terminate usersession (#212) 2020-06-11 16:34:54 +02:00
Fabi
2c97794538
feat: login errors (#204) 
* feat: nice error messages

* feat: nice error messages

* fix: add project type

* fix: message ids

* handle error messages in login

* add some better error messages

* fix: better error messages on login

* fix: better error messages on login

* fix: add internal errors

* fix: tests
 2020-06-11 13:22:24 +02:00
Fabi
207842be91
fix: fix some requests (#198) 
* fix: alway do permission check

* fix: alway do permission check

* fix: add project query to applications search request

* fix: add email template to statik

* fix: org members
 2020-06-10 10:47:50 +02:00
Fabi
25b97b1bcc
fix: projectorgs (#193) 
* fix: get my project orgs

* fix: get project orgs
 2020-06-09 16:20:14 +02:00
Livio Amstutz
8a5badddf6
feat: Login, OP Support and Auth Queries (#177) 
* fix: change oidc config

* fix: change oidc config secret

* begin models

* begin repo

* fix: implement grpc app funcs

* fix: add application requests

* fix: converter

* fix: converter

* fix: converter and generate clientid

* fix: tests

* feat: project grant aggregate

* feat: project grant

* fix: project grant check if role existing

* fix: project grant requests

* fix: project grant fixes

* fix: project grant member model

* fix: project grant member aggregate

* fix: project grant member eventstore

* fix: project grant member requests

* feat: user model

* begin repo

* repo models and more

* feat: user command side

* lots of functions

* user command side

* profile requests

* commit before rebase on user

* save

* local config with gopass and more

* begin new auth command (user centric)

* Update internal/user/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/user_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/eventstore_mock_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* changes from mr review

* save files into basedir

* changes from mr review

* changes from mr review

* move to auth request

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* changes requested on mr

* fix generate codes

* fix return if no events

* password code

* email verification step

* more steps

* lot of mfa

* begin tests

* more next steps

* auth api

* auth api (user)

* auth api (user)

* auth api (user)

* differ requests

* merge

* tests

* fix compilation error

* mock for id generator

* Update internal/user/repository/eventsourcing/model/password.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* requests of mr

* check email

* begin separation of command and query

* otp

* change packages

* some cleanup and fixes

* tests for auth request / next steps

* add VerificationLifetimes to config and make it run

* tests

* fix code challenge validation

* cleanup

* fix merge

* begin view

* repackaging tests and configs

* fix startup config for auth

* add migration

* add PromptSelectAccount

* fix copy / paste

* remove user_agent files

* fixes

* fix sequences in user_session

* token commands

* token queries and signout

* fix

* fix set password test

* add token handler and table

* handle session init

* add session state

* add user view test cases

* change VerifyMyMfaOTP

* some fixes

* fix user repo in auth api

* cleanup

* add user session view test

* fix merge

* begin oidc

* user agent and more

* config

* keys

* key command and query

* add login statics

* key handler

* start login

* login handlers

* lot of fixes

* merge oidc

* add missing exports

* add missing exports

* fix some bugs

* authrequestid in htmls

* getrequest

* update auth request

* fix userid check

* add username to authrequest

* fix user session and auth request handling

* fix UserSessionsByAgentID

* fix auth request tests

* fix user session on UserPasswordChanged and MfaOtpRemoved

* fix MfaTypesSetupPossible

* handle mfa

* fill username

* auth request query checks new events

* fix userSessionByIDs

* fix tokens

* fix userSessionByIDs test

* add user selection

* init code

* user code creation date

* add init user step

* add verification failed types

* add verification failures

* verify init code

* user init code handle

* user init code handle

* fix userSessionByIDs

* update logging

* user agent cookie

* browserinfo from request

* add DeleteAuthRequest

* add static login files to binary

* add login statik to build

* move generate to separate file and remove statik.go files

* remove static dirs from startup.yaml

* generate into separate namespaces

* merge master

* auth request code

* auth request type mapping

* fix keys

* improve tokens

* improve register and basic styling

* fix ailerons font

* improve password reset

* add audience to token

* all oidc apps as audience

* fix test nextStep

* fix email texts

* remove "not set"

* lot of style changes

* improve copy to clipboard

* fix footer

* add cookie handler

* remove placeholders

* fix compilation after merge

* fix auth config

* remove comments

* typo

* use new secrets store

* change default pws to match default policy

* fixes

* add todo

* enable login

* fix db name

* Auth queries (#179)

* my usersession

* org structure/ auth handlers

* working user grant spooler

* auth internal user grants

* search my project orgs

* remove permissions file

* my zitadel permissions

* my zitadel permissions

* remove unused code

* authz

* app searches in view

* token verification

* fix user grant load

* fix tests

* fix tests

* read configs

* remove unused const

* remove todos

* env variables

* app_name

* working authz

* search projects

* global resourceowner

* Update internal/api/auth/permissions.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/auth/permissions.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* model2 rename

* at least it works

* check token expiry

* search my user grants

* remove token table from authz

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix test

* fix ports and enable console

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
 2020-06-05 07:50:04 +02:00
Fabi
a4c7b39552
feat: Policy check (#149) 
* check password complexity policy

* check password complexity policy

* fix tests

* Update internal/admin/repository/eventsourcing/setup/setup.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* changes for mr

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-05-29 08:44:01 +02:00
Fabi
d447f68d78
fix: User checks (#139) 
* check uniqueness on create and register user

* change user email, reserve release unique email

* usergrant unique aggregate

* usergrant uniqueness

* validate UserGrant

* fix tests
 2020-05-28 06:49:22 +02:00
Fabi
e318139b37
feat: notifications (#109) 
* implement notification providers

* email provider

* notification handler

* notify users

* implement code sent on user eventstore

* send email implementation

* send init code

* handle codes

* fix project member handler

* add some logs for debug

* send emails

* text changes

* send sms

* notification process

* send password code

* format phone number

* test format phone

* remove fmts

* remove unused code

* rename files

* add mocks

* merge master

* Update internal/notification/providers/email/message.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/notification/repository/eventsourcing/handler/notification.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/notification/repository/eventsourcing/handler/notification.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/notification/providers/email/provider.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* requested changes of mr

* move locker to eventstore pkg

* Update internal/notification/providers/chat/message.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* move locker to eventstore pkg

* linebreak

* Update internal/notification/providers/email/provider.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/notification/repository/eventsourcing/handler/notification.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/notification/repository/eventsourcing/handler/notification.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2020-05-20 14:28:08 +02:00
Livio Amstutz
f14d4cc655
fix management user view and user session handler (#124) 2020-05-19 07:07:58 +02:00
Livio Amstutz
effc2c23c2
feat: add auth command side (#107) 
* fix: query tests

* fix: use prepare funcs

* fix: go mod

* fix: generate files

* fix(eventstore): tests

* fix(eventstore): rename modifier to editor

* fix(migrations): add cluster migration,
fix(migrations): fix typo of host in clean clsuter

* fix(eventstore): move health

* fix(eventstore): AggregateTypeFilter aggregateType as param

* code quality

* fix: go tests

* feat: add member funcs

* feat: add member model

* feat: add member events

* feat: add member repo model

* fix: better error func testing

* fix: project member funcs

* fix: add tests

* fix: add tests

* feat: implement member requests

* fix: merge master

* fix: merge master

* fix: read existing in project repo

* fix: fix tests

* feat: add internal cache

* feat: add cache mock

* fix: return values of cache mock

* feat: add project role

* fix: add cache config

* fix: add role to eventstore

* fix: use eventstore sdk

* fix: use eventstore sdk

* fix: add project role grpc requests

* fix: fix getby id

* fix: changes for mr

* fix: change value to interface

* feat: add app event creations

* fix: searchmethods

* Update internal/project/model/project_member.go

Co-Authored-By: Silvan <silvan.reusser@gmail.com>

* fix: use get project func

* fix: append events

* fix: check if value is string on equal ignore case

* fix: add changes test

* fix: add go mod

* fix: add some tests

* fix: return err not nil

* fix: return err not nil

* fix: add aggregate funcs and tests

* fix: add oidc aggregate funcs and tests

* fix: add oidc

* fix: add some tests

* fix: tests

* feat: eventstore repository

* fix: remove gorm

* version

* feat: pkg

* feat: eventstore without eventstore-lib

* rename files

* gnueg

* fix: global model

* feat: add global view functions

* feat(eventstore): sdk

* fix(eventstore): rename app to eventstore

* delete empty test

* fix(models): delete unused struct

* feat(eventstore): overwrite context data

* fix: use global sql config

* fix: oidc validation

* fix: generate client secret

* fix: generate client id

* fix: test change app

* fix: deactivate/reactivate application

* fix: change oidc config

* fix: change oidc config secret

* begin models

* begin repo

* fix: implement grpc app funcs

* fix: add application requests

* fix: converter

* fix: converter

* fix: converter and generate clientid

* fix: tests

* feat: project grant aggregate

* feat: project grant

* fix: project grant check if role existing

* fix: project grant requests

* fix: project grant fixes

* fix: project grant member model

* fix: project grant member aggregate

* fix: project grant member eventstore

* fix: project grant member requests

* feat: user model

* begin repo

* repo models and more

* feat: user command side

* lots of functions

* user command side

* profile requests

* commit before rebase on user

* save

* local config with gopass and more

* begin new auth command (user centric)

* Update internal/user/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/user_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/eventstore_mock_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* changes from mr review

* save files into basedir

* changes from mr review

* changes from mr review

* move to auth request

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* changes requested on mr

* fix generate codes

* fix return if no events

* password code

* email verification step

* more steps

* lot of mfa

* begin tests

* more next steps

* auth api

* auth api (user)

* auth api (user)

* auth api (user)

* differ requests

* merge

* tests

* fix compilation error

* mock for id generator

* Update internal/user/repository/eventsourcing/model/password.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* requests of mr

* check email

* begin separation of command and query

* otp

* change packages

* some cleanup and fixes

* tests for auth request / next steps

* add VerificationLifetimes to config and make it run

* tests

* fix code challenge validation

* cleanup

* fix merge

* begin view

* repackaging tests and configs

* fix startup config for auth

* add migration

* add PromptSelectAccount

* fix copy / paste

* remove user_agent files

* fixes

* fix sequences in user_session

* token commands

* token queries and signout

* fix

* fix set password test

* add token handler and table

* handle session init

* add session state

* add user view test cases

* change VerifyMyMfaOTP

* some fixes

* fix user repo in auth api

* cleanup

* add user session view test

* fix merge

* fixes

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

* extract method usersForUserSelection

* add todo for policy check

* id on auth req

* fix enum name

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
 2020-05-18 12:06:36 +02:00