Fabi
48bda9aa07
fix: Role ( #6160 )
...
* fix: add user self manager role (can delete himself)
* fix: add user self manager role (can delete himself)
* fix: add user self manager role (can delete himself)
2023-07-07 20:14:07 +00:00
Elio Bischof
bb756482c7
feat: push telemetry ( #6027 )
...
* document analytics config
* rework configuration and docs
* describe HandleActiveInstances better
* describe active instances on quotas better
* only projected events are considered
* cleanup
* describe changes at runtime
* push milestones
* stop tracking events
* calculate and push 4 in 6 milestones
* reduce milestone pushed
* remove docs
* fix scheduled pseudo event projection
* push 5 in 6 milestones
* push 6 in 6 milestones
* ignore client ids
* fix text array contains
* push human readable milestone type
* statement unit tests
* improve dev and db performance
* organize imports
* cleanup
* organize imports
* test projection
* check rows.Err()
* test search query
* pass linting
* review
* test 4 milestones
* simplify milestone by instance ids query
* use type NamespacedCondition
* cleanup
* lint
* lint
* dont overwrite original error
* no opt-in in examples
* cleanup
* prerelease
* enable request headers
* make limit configurable
* review fixes
* only requeue special handlers secondly
* include integration tests
* Revert "include integration tests"
This reverts commit 96db9504ec
.
* pass reducers
* test handlers
* fix unit test
* feat: increment version
* lint
* remove prerelease
* fix integration tests
2023-07-06 08:38:13 +02:00
Tim Möhlmann
a301c40f9f
feat: implement register Passkey user API v2 ( #5873 )
...
* command/crypto: DRY the code
- reuse the the algorithm switch to create a secret generator
- add a verifyCryptoCode function
* command: crypto code tests
* migrate webauthn package
* finish integration tests with webauthn mock client
2023-05-24 10:22:00 +00:00
Elio Bischof
35a0977663
fix: improve exhausted SetCookie header ( #5789 )
...
* fix: remove access interceptor for console
* feat: template quota cookie value
* fix: send exhausted cookie from grpc-gateway
* refactor: remove ineffectual err assignments
* Update internal/api/grpc/server/gateway.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* use dynamic host header to find instance
* add instance mgmt url to environment.json
* support hosts with default ports
* fix linting
* docs: update lb example
* print access logs to stdout
* fix grpc gateway exhausted cookies
* cleanup
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-11 09:24:44 +02:00
Silvan
39bdef35e7
chore: merge ( #5773 )
...
* feat: allow skip of success page for native apps (#5627 )
add possibility to return to callback directly after login without rendering the successful login page
* build next
* fix(console): disallow inline fonts, critical styles (#5714 )
fix: disallow inline
* fix(setup): step 10 for postgres (#5717 )
* fix(setup): smaller transactions (#5743 )
* fix: order by sequence by default
* test: add allowCreationDateFilter
* fix(step10): separate executions (#5754 )
* feat: allow skip of success page for native apps (#5627 )
add possibility to return to callback directly after login without rendering the successful login page
* build next
* fix(console): disallow inline fonts, critical styles (#5714 )
fix: disallow inline
* fix(setup): step 10 for postgres (#5717 )
* fix(setup): smaller transactions (#5743 )
* fix(step10): split statements
* fix(step10): split into separate execs
* chore: prerelease
* add truncate before insert
* fix: add truncate
* Merge branch 'main' into optimise-step-10
* chore: reset release definition
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2023-04-28 14:56:51 +00:00
bitfactory-sem-denbroeder
19f2f83b61
feat: add otp name and make it configurable ( #5631 )
...
* feat: add otp name and make it configurable
* feat: use pre-existing otp env var
* feat: use requested domain if otp issuer is empty
* cleanup
---------
Co-authored-by: Sem den Broeder <semnelldenbroeder@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-26 07:17:23 +02:00
Tim Möhlmann
5819924275
feat: device authorization RFC 8628 ( #5646 )
...
* device auth: implement the write events
* add grant type device code
* fix(init): check if default value implements stringer
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-19 08:46:02 +00:00
Max Peintner
1c1d66cbe8
chore(console): remove first and lastName fallback from user ( #5629 )
...
* chore(console): remove first and lastName fallback from user
* use display name and ensure it's set without required name fields
* add user type to user grant and memberships responses
* contributor, members
* fix avatar display checks
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-11 15:56:51 +00:00
Elio Bischof
887e2f474d
fix: use fixed active instances duration ( #5567 )
...
* fix: use fixed active instances duration
* fix active instances tests
* fix syntax error
* run pipeline
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-30 13:01:27 +02:00
Elio Bischof
cccccd005c
feat: call webhooks at least once ( #5454 )
...
* feat: call webhooks at least once
* self review
* feat: improve notification observability
* feat: add notification tracing
* test(e2e): test at-least-once webhook delivery
* fix webhook notifications
* dedicated quota notifications handler
* fix linting
* fix e2e test
* wait less in e2e test
* fix: don't ignore failed events in handlers
* fix: don't ignore failed events in handlers
* faster requeues
* question
* fix retries
* fix retries
* retry
* don't instance ids query
* revert handler_projection
* statements can be nil
* cleanup
* make unit tests pass
* add comments
* add comments
* lint
* spool only active instances
* feat(config): handle inactive instances
* customizable HandleInactiveInstances
* call inactive instances quota webhooks
* test: handling with and w/o inactive instances
* omit retrying noop statements
* docs: describe projection options
* enable global handling of inactive instances
* self review
* requeue quota notifications every 5m
* remove caos_errors reference
* fix comment styles
* make handlers package flat
* fix linting
* fix repeating quota notifications
* test with more usage
* debug log channel init failures
2023-03-28 22:09:06 +00:00
Miguel Cabrerizo
1b9cea0e0c
feat: add Help/Support e-mail for instance/org ( #5445 )
...
feat: help and support email in privacy policy
2023-03-28 21:36:52 +02:00
Elio Bischof
62bd606593
feat: enable handling projections for inactive instances ( #5523 )
...
* fix: don't ignore failed events in handlers
* question
* fix retries
* don't instance ids query
* statements can be nil
* make unit tests pass
* add comments
* spool only active instances
* feat(config): handle inactive instances
* customizable HandleInactiveInstances
* test: handling with and w/o inactive instances
* docs: describe projection options
* enable global handling of inactive instances
* accept NowFunc, not Clock interface
* add comment about stringer usage
* remove enum stringer implementations
* fix enum format types
* Update internal/eventstore/repository/mock/repository.mock.impl.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-27 12:34:01 +00:00
Silvan
a3b36a0138
refactor(changes): use queries.SearchEvents
( #5388 )
...
* refactor(changes): use `queries.SearchEvents`
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-17 09:14:06 +00:00
Silvan
9ff810eb92
fix(roles): remove org.create
permission from org owner ( #5444 )
...
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-14 16:48:39 +00:00
Livio Spring
c5d0c109da
fix: allow "org.read" and "policy.read" on ORG_USER_MANAGER ( #5256 )
2023-02-21 08:31:35 +00:00
Silvan
5cf27d7959
fix(defaults): tracing fraction as float ( #5194 )
...
Changes the type of the default tracing fraction to float so that it can get changed to less than every trace in the configuration
2023-02-17 14:32:52 +00:00
Elio Bischof
681541f41b
feat: add quotas ( #4779 )
...
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
Stefan Benz
19621acfd3
feat: add notification policy and password change message ( #5065 )
...
Implementation of new notification policy with functionality to send email when a password is changed
2023-01-25 09:49:41 +01:00
Elio Bischof
0316c2c187
fix: add port to SMTP host label ( #4980 )
...
* fix: add port to SMTP host label
* fix gRPC request message
* fix: validate port in backend
* make defaults.yaml host field more clear
* add placeholder smtp host field
* make ipv6 smtp host valid
* hide smtp password input
* fix smtp host not filled
* dont let browsers prefill smtp password
2023-01-17 09:20:16 +00:00
Silvan
1bf1f335dc
feat(admin-api): list events ( #4989 )
...
* docs: update cockroachdb version to 22.2
* feat(adminAPI): ListEventTypes returns the list of event types ZITADEL implements
* feat(adminAPI): ListAggregateTypes returns the list of aggregate types ZITADEL implements
* feat(adminAPI): ListEvents allows `IAM_OWNERS` to search for events
2023-01-16 11:30:03 +00:00
Livio Spring
d21bb902f1
fix: push timeout ( #4882 ) ( #4885 )
...
* push with timeout
* test: config for eventstore
(cherry picked from commit b9156da76d
)
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-12-15 09:40:13 +00:00
Stefan Benz
47ffa52f0f
feat: Instance create ( #4502 )
...
* feat(instance): implement create instance with direct machine user and credentials
* fix: deprecated add endpoint and variable declaration
* fix(instance): update logic for pats and machinekeys
* fix(instance): unit test corrections and additional unit test for pats and machinekeys
* fix(instance-create): include review changes
* fix(instance-create): linter fixes
* move iframe usage to solution scenarios configurations
* Revert "move iframe usage to solution scenarios configurations"
This reverts commit 9db31f3808
.
* fix merge
* fix: add review suggestions
Co-authored-by: Livio Spring <livio.a@gmail.com>
* fix: add review changes
* fix: add review changes for default definitions
* fix: add review changes for machinekey details
* fix: add machinekey output when setup with machineuser
* fix: add changes from review
* fix instance converter for machine and allow overwriting of further machine fields
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-09 14:04:33 +01:00
Silvan
fabecca4e4
fix(database): add MaxIdleConns
configuration ( #4856 )
2022-12-08 15:22:39 +00:00
Florian Forster
5c6971a6a4
chore: replace docs links ( #4843 )
...
* chore: replace docs links
* Update index.js
* prettier
2022-12-06 23:09:50 +00:00
Silvan
f3e6f3b23b
feat: remove org ( #4148 )
...
* feat(command): remove org
* refactor: imports, unused code, error handling
* reduce org removed in action
* add org deletion to projections
* add org removal to projections
* add org removal to projections
* org removed projection
* lint import
* projections
* fix: table names in tests
* fix: table names in tests
* logging
* add org state
* fix(domain): add Owner removed to object details
* feat(ListQuery): add with owner removed
* fix(org-delete): add bool to functions to select with owner removed
* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner
* fix(org-delete): add unit tests for owner removed and org removed events
* fix(org-delete): add handling of org remove for grants and members
* fix(org-delete): correction of unit tests for owner removed
* fix(org-delete): update projections, unit tests and get functions
* fix(org-delete): add change date to authnkeys and owner removed to org metadata
* fix(org-delete): include owner removed for login names
* fix(org-delete): some column fixes in projections and build for queries with owner removed
* indexes
* fix(org-delete): include review changes
* fix(org-delete): change user projection name after merge
* fix(org-delete): include review changes for project grant where no project owner is necessary
* fix(org-delete): include auth and adminapi tables with owner removed information
* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed
* fix(org-delete): add permissions for org.remove
* remove unnecessary unique constraints
* fix column order in primary keys
* fix(org-delete): include review changes
* fix(org-delete): add owner removed indexes and chang setup step to create tables
* fix(org-delete): move PK order of instance_id and change added user_grant from review
* fix(org-delete): no params for prepareUserQuery
* change to step 6
* merge main
* fix(org-delete): OldUserName rename to private
* fix linting
* cleanup
* fix: remove org test
* create prerelease
* chore: delete org-delete as prerelease
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00
Livio Spring
e8babf1048
fix: reduce load on view tables ( #4716 )
...
* fix: reduce load on view tables
* create prerelease
* linting: pass context to view handlers
* fix error handling of refresh token handler
* fix: improve processing of successful instanceIDs on views
* fix revert intended change in .golangci.yaml
* fix: set timeout for processInstances in spooler
* fix: reduce update to active tokens on profile change
* change token expiration query to db now()
* remove branch from .releaserc.js
2022-11-22 07:36:48 +01:00
Max Peintner
7db87f4646
fix(console): improve project counters, dark primary color change, smaller UI improvements ( #4620 )
...
* dark primary color change, project counter, link color improvements
* update fallback colors
* fallback colors
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-17 07:43:53 +00:00
Elio Bischof
e15e733cc3
docs(self-hosted): describe production setup ( #4645 )
...
* docs(manage): add production checklist
* chore: add tracing to defaults
* fix links
* fix links
* link custom domain page
* Update docs/docs/guides/deploy/overview.mdx
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/deploy/overview.mdx
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/deploy/overview.mdx
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/deploy/overview.mdx
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/manage/self-hosted/production.md
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/manage/self-hosted/production.md
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/manage/self-hosted/production.md
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/manage/self-hosted/production.md
Co-authored-by: Florian Forster <florian@zitadel.com>
* Update docs/docs/guides/manage/self-hosted/production.md
Co-authored-by: Florian Forster <florian@zitadel.com>
* fix typos
* link to metrics page
* link to projections concept
* chore(docs): format docs
* visually add spaces
* use explicit line breaks
* fix italic underscores
* reuse .prettierignore
* cd to docs
* ignore generated .md files
* pin prettier version
* format non docs markdown files
* fix glob file pattern
* fix glob file pattern
* fix glob file pattern
* enforce prose wrap
* fix italic env vars
* use .prettierrc.yaml
* use folder specific configs
* fmt docs and md in other branch
Co-authored-by: Florian Forster <florian@zitadel.com>
2022-11-03 11:22:17 +00:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules ( #4337 )
...
* fix: potential memory leak
* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls
* add query call
* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects
* fix(translations): add action translations
* use `domain.FlowType`
* localizers
* localization
* trigger types
* options on `query.Action`
* add functions for actions
* feat: management api: add list flow and trigger (#4352 )
* console changes
* cleanup
* fix: wrong localization
Co-authored-by: Max Peintner <max@caos.ch>
* id token works
* check if claims not nil
* feat(actions): metadata api
* refactor(actions): modules
* fix: allow prerelease
* fix: test
* feat(actions): deny list for http hosts
* feat(actions): deny list for http hosts
* refactor: actions
* fix: different error ids
* fix: rename statusCode to status
* Actions objects as options (#4418 )
* fix: rename statusCode to status
* fix(actions): objects as options
* fix(actions): objects as options
* fix(actions): set fields
* add http client to old actions
* fix(actions): add log module
* fix(actions): add user to context where possible
* fix(actions): add user to ctx in external authorization/pre creation
* fix(actions): query correct flow in claims
* test: actions
* fix(id-generator): panic if no machine id
* tests
* maybe this?
* fix linting
* refactor: improve code
* fix: metadata and usergrant usage in actions
* fix: appendUserGrant
* fix: allowedToFail and timeout in action execution
* fix: allowed to fail in token complement flow
* docs: add action log claim
* Update defaults.yaml
* fix log claim
* remove prerelease build
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00
Livio Spring
bffb10a4b4
feat: allow domain discovery for unknown usernames ( #4484 )
...
* fix: wait for projection initialization to be done
* feat: allow domain discovery for unknown usernames
* fix linting
* Update console/src/assets/i18n/de.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix zh i18n text
* fix projection table name
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-06 13:30:14 +02:00
Livio Spring
df624f0de5
fix: change default log level to info ( #4470 )
...
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-10-03 13:20:16 +00:00
Stefan Benz
2957407b5b
fix: correct oidcsettings management ( #4413 )
...
* fix(oidcsettings): corrected projection, unittests and added the add endpoint
* fix(oidcsettings): corrected default handling and instance setup
* fix: set oidc settings correctly in console
* cleanup
* e2e test
* improve e2e test
* lint e2e
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 12:53:49 +02:00
Livio Spring
7dfa1925cc
feat: restrict login to specific org by id (scope) ( #4294 )
...
* feat: add new org scope
* change default of UserLoginMustBeDomain to false
* return resource owner claims
* fix: use email style for first user
* fix: ensure email style for default users (backwards compatibility)
* change to external domain (as it was before UserLoginMustBeDomain change)
* update e2e tests to use email style usernames
* document new scope
* lint e2e
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-23 12:08:10 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 ( #3618 )
2022-09-12 18:18:08 +02:00
Livio Spring
5aa91ad105
fix: improve performance ( #4300 )
...
## Note
This release requires a setup step to fully improve performance.
Be sure to start ZITADEL with an appropriate command (zitadel start-from-init / start-from-setup)
## Changes
- fix: only run projection scheduler on active instances
- fix: set default for concurrent instances of projections to 1 (for scheduling)
- fix: create more indexes on eventstore.events table
- fix: get current sequence for token check (improve reread performance)
2022-09-02 14:05:13 +00:00
Livio Spring
bee616c11a
fix: SMTP config setup ( #4272 )
...
* fix: change default for SMTPSenderAddressMatchesInstanceDomain to false
* fix: handle error in console
2022-09-02 09:04:29 +02:00
Silvan
77b4fc5487
feat(database): support for postgres ( #3998 )
...
* beginning with postgres statements
* try pgx
* use pgx
* database
* init works for postgres
* arrays working
* init for cockroach
* init
* start tests
* tests
* TESTS
* ch
* ch
* chore: use go 1.18
* read stmts
* fix typo
* tests
* connection string
* add missing error handler
* cleanup
* start all apis
* go mod tidy
* old update
* switch back to minute
* on conflict
* replace string slice with `database.StringArray` in db models
* fix tests and start
* update go version in dockerfile
* setup go
* clean up
* remove notification migration
* update
* docs: add deploy guide for postgres
* fix: revert sonyflake
* use `database.StringArray` for daos
* use `database.StringArray` every where
* new tables
* index naming,
metadata primary key,
project grant role key type
* docs(postgres): change to beta
* chore: correct compose
* fix(defaults): add empty postgres config
* refactor: remove unused code
* docs: add postgres to self hosted
* fix broken link
* so?
* change title
* add mdx to link
* fix stmt
* update goreleaser in test-code
* docs: improve postgres example
* update more projections
* fix: add beta log for postgres
* revert index name change
* prerelease
* fix: add sequence to v1 "reduce paniced"
* log if nil
* add logging
* fix: log output
* fix(import): check if org exists and user
* refactor: imports
* fix(user): ignore malformed events
* refactor: method naming
* fix: test
* refactor: correct errors.Is call
* ci: don't build dev binaries on main
* fix(go releaser): update version to 1.11.0
* fix(user): projection should not break
* fix(user): handle error properly
* docs: correct config example
* Update .releaserc.js
* Update .releaserc.js
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2022-08-31 07:52:43 +00:00
Livio Spring
dcac08b1d5
fix: caching of assets (correct headers and versioned avatar and variables.css url) ( #4118 )
...
* fix: caching of assets (correct headers and versioned avatar url)
* serve variables.css versioned and extend shared max age of assets
* fix TestCommandSide_AddHumanAvatar
* refactor: const types
* refactor: return values
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-08-16 05:04:36 +00:00
Livio Spring
d4d39dbd80
docs: document authentication for system api ( #4140 )
...
* docs: add authentication for system api
* update defaults.yaml
2022-08-08 14:52:59 +02:00
Livio Spring
f610d48569
feat: prepare for multiple database types ( #4068 )
...
BREAKING CHANGE: the database and admin user config has changed.
2022-07-28 16:25:42 +02:00
Livio Spring
aed7010508
fix: scheduling ( #3978 )
...
* fix: improve scheduling
* build pre-release
* fix: locker
* fix: user handler and print stack in case of panic in reducer
* chore: remove sentry
* fix: improve handler projection and implement tests
* more tests
* fix: race condition in tests
* Update internal/eventstore/repository/sql/query.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: implemented suggested changes
* fix: lock statement
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-07-22 10:08:39 +00:00
Livio Spring
9b6dad18cb
feat: provide metrics endpoint ( #3902 )
...
* feat: provide metrics endpoint
* config
* enable otel metrics by default
Co-authored-by: Florian Forster <florian@caos.ch>
2022-07-18 10:42:32 +02:00
Fabi
2cf097332c
fix: add new org settings member role ( #3944 )
...
* fix: add new role to iam members
* fix: add new role to iam members
* fix: add new role to iam members
* fix: add new role to iam members
* fix: add new role to iam members
* fix: add new role to iam members
* fix: add new role to iam members
2022-07-12 08:03:44 +00:00
Livio Spring
ed5721d39e
feat: TLS support ( #3862 )
...
* feat: TLS support
* add comment
* fix comment
2022-06-24 12:38:22 +00:00
Livio Spring
5e4b38d69b
fix: improve oidc issuer / endpoints ( #3753 )
...
* fix: improve oidc issuer / endpoints
* docs: update endpoints
2022-06-07 10:04:51 +02:00
Silvan
3513148cf6
fix: SMTP config in defaults ( #3736 )
...
* fix(command): create smtp provider cmds after domains
* chore(defaults): add smtp configuration
2022-05-30 17:39:18 +02:00
Livio Amstutz
2fc39c0da0
feat: system api requires authenticated requests ( #3570 )
...
* begin auth
* feat: system api requires authenticated requests
* fix tests
2022-05-30 13:38:30 +02:00
Livio Amstutz
79452da7d6
fix: check membership from projection ( #3710 )
...
* fix: check membership from projection
* remove authz setup
2022-05-25 14:07:16 +02:00
Alexei-Barnes
09b021b257
feat: Configurable Unique Machine Identification ( #3626 )
...
* feat: Configurable Unique Machine Identification
This change fixes Segfault on AWS App Runner with v2 #3625
The change introduces two new dependencies:
* github.com/drone/envsubst for supporting AWS ECS, which has its metadata endpoint described by an environment variable
* github.com/jarcoal/jpath so that only relevant data from a metadata response is used to identify the machine.
The change ads new configuration (see `defaults.yaml`):
* `Machine.Identification` enables configuration of how machines are uniquely identified - I'm not sure about the top level category `Machine`, as I don't have anything else to add to it. Happy to hear suggestions for better naming or structure here.
* `Machine.Identifiation.PrivateId` turns on or off the existing private IP based identification. Default is on.
* `Machine.Identification.Hostname` turns on or off using the OS hostname to identify the machine. Great for most cloud environments, where this tends to be set to something that identifies the machine uniquely. Enabled by default.
* `Machine.Identification.Webhook` configures identification based on the response to an HTTP GET request. Request headers can be configured, a JSONPath can be set for processing the response (no JSON parsing is done if this is not set), and the URL is allowed to contain environment variables in the format `"${var}"`.
The new flow for getting a unique machine id is:
1. PrivateIP (if enabled)
2. Hostname (if enabled)
3. Webhook (if enabled, to configured URL)
4. Give up and error out.
It's important that init configures machine identity first. Otherwise we could try to get an ID before configuring it. To prevent this from causing difficult to debug issues, where for example the default configuration was used, I've ensured that
the application will generate an error if the module hasn't been configured and you try to get an ID.
Misc changes:
* Spelling and gramatical corrections to `init.go::New()` long description.
* Spelling corrections to `verify_zitadel.go::newZitadel()`.
* Updated `production.md` and `development.md` based on the new build process. I think the run instructions are also out of date, but I'll leave that for someone else.
* `id.SonyFlakeGenerator` is now a function, which sets `id.sonyFlakeGenerator`, this allows us to defer initialization until configuration has been read.
* Update internal/id/config.go
Co-authored-by: Alexei-Barnes <82444470+Alexei-Barnes@users.noreply.github.com>
* Fix authored by @livio-a for tests
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-24 16:57:57 +02:00
Florian Forster
0ba165363e
chore: rename docs links ( #3668 )
2022-05-20 14:32:06 +00:00
Livio Amstutz
4ec006dd02
fix: remove custom domain from default instance ( #3653 )
2022-05-17 19:23:51 +02:00
Elio Bischof
4261959914
feat: default to local development ( #3645 )
...
* fix: default to local dev run
* sane defaults
2022-05-17 10:35:29 +02:00
Fabi
5c0f527a49
feat: restrict smtp sender address ( #3637 )
...
* fix: check if sender address is custom domain
* fix: check if sender address is custom domain
* fix: check if sender address is custom domain
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-16 14:08:47 +00:00
Livio Amstutz
411d7c6c5c
feat: add default redirect uri and handling of unknown usernames ( #3616 )
...
* feat: add possibility to ignore username errors on first login screen
* console changes
* fix: handling of unknown usernames (#3445 )
* fix: handling of unknown usernames
* fix: handle HideLoginNameSuffix on unknown users
* feat: add default redirect uri on login policy (#3607 )
* feat: add default redirect uri on login policy
* fix tests
* feat: Console login policy default redirect (#3613 )
* console default redirect
* placeholder
* validate default redirect uri
* allow empty default redirect uri
Co-authored-by: Max Peintner <max@caos.ch>
* remove wonrgly cherry picked migration
Co-authored-by: Max Peintner <max@caos.ch>
2022-05-16 13:39:09 +00:00
Livio Amstutz
4fcf03c9c8
fix: email sender and template ( #3633 )
2022-05-16 09:52:10 +02:00
Livio Amstutz
5571db3e1b
feat: improve console caching and provide build info ( #3621 )
...
* feat: improve console caching and provide build info
* Update info.go
2022-05-13 14:06:44 +02:00
Livio Amstutz
79db247801
feat: set default language on instance ( #3594 )
2022-05-03 15:58:38 +02:00
Livio Amstutz
ef6fd5a843
fix: remove 3rd party assets from mail ( #3569 )
2022-05-02 14:41:57 +00:00
Livio Amstutz
861cf07700
feat: permit all features to every instance and organisation ( #3566 )
2022-05-02 11:18:17 +02:00
Max Peintner
41e60b3d8a
feat(console): v2 feature cleanup, fix styling issues, instance naming ( #3530 )
...
* new console
* move npm ci to angular build
* rel path for assets
* local grpc copy
* login policy, rm clear views, features rel path
* login_hint param
* edit default color values
* remove features, zitadel-tier, contact styles
* html formatter
* rm feature restrictions, fix theming issues
* instance naming
* statehandler
* rm class
* rm class
* update footer links
* statehandler
* stroked color
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-29 10:25:12 +02:00
Livio Amstutz
00f7dbe875
fix: setup instance domain handling ( #3529 )
2022-04-28 10:30:41 +02:00
Livio Amstutz
2c4799c223
feat: complete dynamic domain handling ( #3482 )
...
* feat: dynamic issuer
* feat: default language from context
* remove zitadel docs from defaults
* remove ConsoleOverwriteDir
* remove notification endpoints from defaults
* custom domains in emails
* remove (external) domain
* external domain completely removed, console handling fixed
* fix test
* fix defaults.yaml
2022-04-25 11:16:36 +02:00
Livio Amstutz
75ec73ca4a
feat: dynamic issuer ( #3481 )
...
* feat: dynamic issuer
* dynamic domain handling
* key rotation durations
* feat: dynamic issuer
* make webauthn displayname dynamic
2022-04-25 10:01:17 +02:00
Fabi
3d5891eb11
feat: System api ( #3461 )
...
* feat: start system api
* feat: remove auth
* feat: change gitignore
* feat: run system api
* feat: remove clear view form admin api
* feat: search instances
* feat: add instance
* fix: set primary domain
* Update .gitignore
* fix: add instance
* fix: add instance
* fix: handle errors
* fix: handle instance name
* fix: test
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-21 12:37:39 +02:00
Livio Amstutz
958362e6c9
feat: handle instance from context ( #3382 )
...
* commander
* commander
* selber!
* move to packages
* fix(errors): implement Is interface
* test: command
* test: commands
* add init steps
* setup tenant
* add default step yaml
* possibility to set password
* merge v2 into v2-commander
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: search query builder can filter events in memory
* fix: filters for add member
* fix(setup): add `ExternalSecure` to config
* chore: name iam to instance
* fix: matching
* remove unsued func
* base url
* base url
* test(command): filter funcs
* test: commands
* fix: rename orgiampolicy to domain policy
* start from init
* commands
* config
* fix indexes and add constraints
* fixes
* fix: merge conflicts
* fix: protos
* fix: md files
* setup
* add deprecated org iam policy again
* typo
* fix search query
* fix filter
* Apply suggestions from code review
* remove custom org from org setup
* add todos for verification
* change apps creation
* simplify package structure
* fix error
* move preparation helper for tests
* fix unique constraints
* fix config mapping in setup
* fix error handling in encryption_keys.go
* fix projection config
* fix query from old views to projection
* fix setup of mgmt api
* set iam project and fix instance projection
* fix tokens view
* fix steps.yaml and defaults.yaml
* fix projections
* change instance context to interface
* instance interceptors and additional events in setup
* cleanup
* tests for interceptors
* fix label policy
* add todo
* single api endpoint in environment.json
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-29 11:53:19 +02:00
Silvan
c5b99274d7
feat(cli): setup ( #3267 )
...
* commander
* commander
* selber!
* move to packages
* fix(errors): implement Is interface
* test: command
* test: commands
* add init steps
* setup tenant
* add default step yaml
* possibility to set password
* merge v2 into v2-commander
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: search query builder can filter events in memory
* fix: filters for add member
* fix(setup): add `ExternalSecure` to config
* chore: name iam to instance
* fix: matching
* remove unsued func
* base url
* base url
* test(command): filter funcs
* test: commands
* fix: rename orgiampolicy to domain policy
* start from init
* commands
* config
* fix indexes and add constraints
* fixes
* fix: merge conflicts
* fix: protos
* fix: md files
* setup
* add deprecated org iam policy again
* typo
* fix search query
* fix filter
* Apply suggestions from code review
* remove custom org from org setup
* add todos for verification
* change apps creation
* simplify package structure
* fix error
* move preparation helper for tests
* fix unique constraints
* fix config mapping in setup
* fix error handling in encryption_keys.go
* fix projection config
* fix query from old views to projection
* fix setup of mgmt api
* set iam project and fix instance projection
* imports
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-28 10:05:09 +02:00
Livio Amstutz
5463244376
feat: encryption keys in database ( #3265 )
...
* enable overwrite of adminUser fields in defaults.yaml
* create schema and table
* cli: create keys
* cli: create keys
* read encryptionkey from db
* merge v2
* file names
* cleanup defaults.yaml
* remove custom errors
* load encryptionKeys on start
* cleanup
* fix merge
* update system defaults
* fix error message
2022-03-14 07:55:09 +01:00
Fabi
7d235e3eed
feat: Default configs sms provider ( #3187 )
...
* feat: sms config
* feat: twilio as sms provider
* feat:sms projection
* feat: sms queries
* feat: sms queries test
* feat: sms configs
* feat: sms configs sql file
* fix merge
* fix: rename from to sendername
* fix: proto comments
* fix: token as crypto
* fix: tests
* fix: sms config sender name to sender number
* fix: sms config sender name to sender number
* Update email.go
* Update channel.go
* Update V1.111__settings.sql
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-21 12:22:20 +00:00
Fabi
e3528ff0b2
feat: Config to eventstore ( #3158 )
...
* feat: add default language to eventstore
* feat: add secret generator configs events
* feat: tests
* feat: secret generators in eventstore
* feat: secret generators in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* feat: smtp config in eventstore
* fix: migrations
* fix migration version
* fix test
* feat: change secret generator type to enum
* feat: change smtp attribute names
* feat: change smtp attribute names
* feat: remove engryption algorithms from command side
* feat: remove engryption algorithms from command side
* feat: smtp config
* feat: smtp config
* format smtp from header
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-16 15:49:17 +00:00
Silvan
4272ea6fe1
fix: init sub commands ( #3218 )
...
* fix(init): add sub commands
* fix(init): admin user in config,
test(init): verify functions
* refactor: config, remove second commands
* refactor: init steps
* chore: fix link in readme
* chore: numerate sql files
* Update cmd/admin/initialise/sql/README.md
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update cmd/admin/initialise/sql/README.md
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix(init): remove unused index
* user
* fix database username in defaults.yaml
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-16 12:30:49 +00:00
Livio Amstutz
389eb4a27a
feat: run on a single port ( #3163 )
...
* start v2
* start
* run
* some cleanup
* remove v2 pkg again
* simplify
* webauthn
* remove unused config
* fix login path in Dockerfile
* fix asset_generator.go
* health handler
* fix grpc web
* refactor
* merge
* build new main.go
* run new main.go
* update logging pkg
* fix error msg
* update logging
* cleanup
* cleanup
* go mod tidy
* change localDevMode
* fix customEndpoints
* update logging
* comments
* change local flag to external configs
* fix location generated go code
* fix
Co-authored-by: fforootd <florian@caos.ch>
2022-02-14 17:22:30 +01:00
Silvan
e8ab237ada
fix(init): prepare database ( #3191 )
...
* fix(init): prepare database
* fix(defaults): cockroach local defaults
2022-02-11 11:02:47 +01:00
Silvan
9d471d0d30
feat(cli): init cli ( #3186 )
...
* feat(cli): initilize cli
* fix(config): allow multiple files
* refactor(cli): constructor naming
* go mod tidy
* refactor: move code out of v2 package
* chore: logging v0.1
* chore: remove old gitignore
* fix func
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-09 15:01:19 +01:00