Livio Amstutz
a321d850ae
feat: project roles ( #843 )
...
* fix logging
* token verification
* feat: assert roles
* feat: add project role assertion on project and token type on app
* id and access token role assertion
* add project role check
* user grant required step in login
* update library
* fix merge
* fix merge
* fix merge
* update oidc library
* fix tests
* add tests for GrantRequiredStep
* add missing field ProjectRoleCheck on project view model
* fix project create
* fix project create
2020-10-16 07:49:38 +02:00
Fabi
265b491696
feat: tokens on user aggregate ( #837 )
...
* fix: fix remove policies in spoolers
* fix: reread of token by id
* fix: update oidc package
* fix: possible nil pointer on token split
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-10-15 13:52:41 +02:00
Livio Amstutz
4e1e8a714a
fix: cors ( #621 )
...
* fix: dont (re)generate client secret with auth type none
* fix(cors): allow Origin from request
* feat: add origin allow list and fix some core issues
* rename migration
* fix UserIDsByDomain
* check origin on userinfo
* update oidc pkg
2020-08-24 10:06:55 +02:00
Fabi
be923343b0
fix: compliance problems ( #607 )
...
* fix: compliance problems
* fix: at least one redirect uri
* fix: at least one redirect uri
* Update de.yaml
* Update en.yaml
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-08-19 09:56:05 +02:00
Fabi
5c4fef296f
fix: app by id, views with computed objects ( #583 )
...
* feat: read app by id if my events
* fix: handlers if no sublist
* fix: removed app
* fix: removed project
* fix: removed app
* fix: removed app
* fix: app by id with projectid
2020-08-13 08:28:18 +02:00
Fabi
5699fe80d5
feat: app handling compliance ( #527 )
...
* feat: check oidc compliance
* fix: add tests
* fix: add oidc config tests
* fix: add oidc config tests user agent
* fix: test oidc config compliance
* fix: test oidc config compliance
* fix: useragent implicit authmethod none
* fix: merge master
* feat: translate compliance problems
* feat: check native app for custom url
* fix: better compliance handling
* fix: better compliance handling
* feat: add odidc dev mode
* fix: remove deprecated request fro management api
* fix: oidc package version
* fix: migration
* fix: tests
* fix: remove unused functions
* fix: generate proto files
* fix: native implicit and code none compliant
* fix: create project
* Update internal/project/model/oidc_config_test.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: tests
* Update internal/project/model/oidc_config.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update internal/project/model/oidc_config.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: tests
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-08-10 09:34:56 +02:00
Fabi
3cd3a238c2
fix: all enums same style ( #262 )
...
* fix: all enums same style
* fix: rename process to reduce
* add some missing enum renaming
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-23 14:47:47 +02:00
Livio Amstutz
8a5badddf6
feat: Login, OP Support and Auth Queries ( #177 )
...
* fix: change oidc config
* fix: change oidc config secret
* begin models
* begin repo
* fix: implement grpc app funcs
* fix: add application requests
* fix: converter
* fix: converter
* fix: converter and generate clientid
* fix: tests
* feat: project grant aggregate
* feat: project grant
* fix: project grant check if role existing
* fix: project grant requests
* fix: project grant fixes
* fix: project grant member model
* fix: project grant member aggregate
* fix: project grant member eventstore
* fix: project grant member requests
* feat: user model
* begin repo
* repo models and more
* feat: user command side
* lots of functions
* user command side
* profile requests
* commit before rebase on user
* save
* local config with gopass and more
* begin new auth command (user centric)
* Update internal/user/model/user.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/address.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/address.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/email.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/email.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/email.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/mfa.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/mfa.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/password.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/password.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/password.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/phone.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/phone.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/phone.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/user.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/user.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/model/user.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/usergrant/repository/eventsourcing/model/user_grant.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/usergrant/repository/eventsourcing/model/user_grant.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/usergrant/repository/eventsourcing/user_grant.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/user_test.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* Update internal/user/repository/eventsourcing/eventstore_mock_test.go
Co-Authored-By: Livio Amstutz <livio.a@gmail.com>
* changes from mr review
* save files into basedir
* changes from mr review
* changes from mr review
* move to auth request
* Update internal/usergrant/repository/eventsourcing/cache.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/usergrant/repository/eventsourcing/cache.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* changes requested on mr
* fix generate codes
* fix return if no events
* password code
* email verification step
* more steps
* lot of mfa
* begin tests
* more next steps
* auth api
* auth api (user)
* auth api (user)
* auth api (user)
* differ requests
* merge
* tests
* fix compilation error
* mock for id generator
* Update internal/user/repository/eventsourcing/model/password.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/user/repository/eventsourcing/model/user.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* requests of mr
* check email
* begin separation of command and query
* otp
* change packages
* some cleanup and fixes
* tests for auth request / next steps
* add VerificationLifetimes to config and make it run
* tests
* fix code challenge validation
* cleanup
* fix merge
* begin view
* repackaging tests and configs
* fix startup config for auth
* add migration
* add PromptSelectAccount
* fix copy / paste
* remove user_agent files
* fixes
* fix sequences in user_session
* token commands
* token queries and signout
* fix
* fix set password test
* add token handler and table
* handle session init
* add session state
* add user view test cases
* change VerifyMyMfaOTP
* some fixes
* fix user repo in auth api
* cleanup
* add user session view test
* fix merge
* begin oidc
* user agent and more
* config
* keys
* key command and query
* add login statics
* key handler
* start login
* login handlers
* lot of fixes
* merge oidc
* add missing exports
* add missing exports
* fix some bugs
* authrequestid in htmls
* getrequest
* update auth request
* fix userid check
* add username to authrequest
* fix user session and auth request handling
* fix UserSessionsByAgentID
* fix auth request tests
* fix user session on UserPasswordChanged and MfaOtpRemoved
* fix MfaTypesSetupPossible
* handle mfa
* fill username
* auth request query checks new events
* fix userSessionByIDs
* fix tokens
* fix userSessionByIDs test
* add user selection
* init code
* user code creation date
* add init user step
* add verification failed types
* add verification failures
* verify init code
* user init code handle
* user init code handle
* fix userSessionByIDs
* update logging
* user agent cookie
* browserinfo from request
* add DeleteAuthRequest
* add static login files to binary
* add login statik to build
* move generate to separate file and remove statik.go files
* remove static dirs from startup.yaml
* generate into separate namespaces
* merge master
* auth request code
* auth request type mapping
* fix keys
* improve tokens
* improve register and basic styling
* fix ailerons font
* improve password reset
* add audience to token
* all oidc apps as audience
* fix test nextStep
* fix email texts
* remove "not set"
* lot of style changes
* improve copy to clipboard
* fix footer
* add cookie handler
* remove placeholders
* fix compilation after merge
* fix auth config
* remove comments
* typo
* use new secrets store
* change default pws to match default policy
* fixes
* add todo
* enable login
* fix db name
* Auth queries (#179 )
* my usersession
* org structure/ auth handlers
* working user grant spooler
* auth internal user grants
* search my project orgs
* remove permissions file
* my zitadel permissions
* my zitadel permissions
* remove unused code
* authz
* app searches in view
* token verification
* fix user grant load
* fix tests
* fix tests
* read configs
* remove unused const
* remove todos
* env variables
* app_name
* working authz
* search projects
* global resourceowner
* Update internal/api/auth/permissions.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update internal/api/auth/permissions.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* model2 rename
* at least it works
* check token expiry
* search my user grants
* remove token table from authz
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix test
* fix ports and enable console
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-06-05 07:50:04 +02:00
Fabi
6e105f662e
feat: project view ( #90 )
...
* init for views (spooler, handler)
* init for views (spooler, handler)
* start view in management
* granted project
* implement granted project view
* search granted projects
* fix search column
* update all projects on project change
* search roles
* filter org
* project members
* project grant members
* fix tests
* application view
* project grant search
* mock
* test appendevents
* test appendevents
* Update internal/view/query.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update internal/eventstore/spooler/spooler.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update internal/view/query.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* merge request changes
* Update internal/project/repository/view/model/application.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* merge request changes
* Project view sql (#92 )
* sql and configs
* error handling
* sql start in eventstore
* on error handling, config
* read user on members
* Update internal/project/repository/view/application_view.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/application.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/application.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/application.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/application.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/application.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/application_query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_grant_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_grant_member_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_grant_member_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_member_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_member_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/granted_project.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* return caos errors
* Update internal/project/repository/view/model/granted_project_query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/project_grant_member.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/project_grant_member_query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/project_member.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/project_member_query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/project_role.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update internal/project/repository/view/model/project_role_query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/application_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/application_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* Update pkg/management/api/grpc/project_converter.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* converter fix
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-05-11 12:16:29 +02:00