Commit Graph

130 Commits

Author SHA1 Message Date
Livio Spring
9d2ae1e9fa
fix: password hash update and add missing i18n (#6285)
(cherry picked from commit 789dcd8615)
2023-07-28 10:09:20 +02:00
daniel_michalichyn
fcc1acbf81
feat: Brazilian Portuguese internationalization (#6185)
* feat: Brazilian Portuguese internationalization

Co-authored-by: Daniel Michalichyn <daniel.henrique@st-one.io>
2023-07-20 04:40:45 +00:00
Livio Spring
e1b3cda98a
feat(OIDC): support token revocation of V2 tokens (#6203)
This PR adds support for OAuth2 token revocation of V2 tokens.

Unlike with V1 tokens, it's now possible to revoke a token not only from the authorized client / client which the token was issued to, but rather from all trusted clients (audience)
2023-07-17 14:33:37 +02:00
Livio Spring
80961125a7
feat(API): support V2 token and session token usage (#6180)
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Tim Möhlmann
4589ddad4a
feat: integrate passwap for human user password hashing (#6196)
* feat: use passwap for human user passwords

* fix tests

* passwap config

* add the event mapper

* cleanup query side and api

* solve linting errors

* regression test

* try to fix linter errors again

* pass systemdefaults into externalConfigChange migration

* fix: user password set in auth view

* pin passwap v0.2.0

* v2: validate hashed password hash based on prefix

* resolve remaining comments

* add error tag and translation for unsupported hash encoding

* fix unit test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-14 09:49:57 +03:00
Vlatko Stojkovski
a3a1e245ad
feat: i18n support for Macedonian language (#6178)
* add macedonian language to currently supported languages

* mk yaml login static with en values

* mk json assets with en values

* mk yaml notification static with en values

* add macedonian notification yaml

* mk yaml static with en values

* mk translations for login

* mk translations for internal

* macedonian translations

* - fix lint issues
2023-07-12 08:41:50 +00:00
Livio Spring
14b8cf4894
feat(api): add OIDC session service (#6157)
This PR starts the OIDC implementation for the API V2 including the Implicit and Code Flow.


Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-10 13:27:00 +00:00
Fabi
5182cb3ce3
fix: rename to given and family name (#6152)
* fix: rename to given and family name

* fix: rename to given and family name

* fix: rename to given and family name
2023-07-07 13:13:45 +00:00
Stefan Benz
1b5d6ce89e
feat: session checks with intent (#6031)
* feat: session checks with intent

* feat: session checks with intent

* fix: integration tests for intent session

* fix: integration tests for intent session

* fix merge

* fix: integration tests for intent session

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-21 14:06:18 +00:00
dian mushkov
4378eb7cb5
feat: internationalization Bulgarian (#5998)
* Feature BG init

* lint fix

* Fix merge conflict

* merge main branch add bg lang

* reference centrally defined langs

* refactor supportedLanguages

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-06-16 17:35:03 +02:00
Tim Möhlmann
f456168a74
feat: session v2 passkey authentication (#5952) 2023-06-07 17:28:42 +02:00
Stefan Benz
fa8f191812
feat: v2alpha user service idp endpoints (#5879)
* feat: v2alpha user service idp endpoints

* feat: v2alpha user service intent endpoints

* begin idp intents (callback)

* some cleanup

* runnable idp authentication

* cleanup

* proto cleanup

* retrieve idp info

* improve success and failure handling

* some unit tests

* grpc unit tests

* add permission check AddUserIDPLink

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* provider from write model

* fix idp type model and add integration tests

* proto cleanup

* fix integration test

* add missing import

* add more integration tests

* auth url test

* feat: v2alpha intent writemodel refactoring

* remove unused functions

* check token on RetrieveIdentityProviderInformation

* feat: v2alpha intent writemodel refactoring

* fix TestServer_RetrieveIdentityProviderInformation

* fix test

* i18n and linting

* feat: v2alpha intent review changes

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-24 18:29:58 +00:00
Tim Möhlmann
a301c40f9f
feat: implement register Passkey user API v2 (#5873)
* command/crypto: DRY the code

- reuse the the algorithm switch to create a secret generator
- add a verifyCryptoCode function

* command: crypto code tests

* migrate webauthn package

* finish integration tests with webauthn mock client
2023-05-24 10:22:00 +00:00
Livio Spring
c2cb84cd24
feat(api): new session service (#5801)
* backup new protoc plugin

* backup

* session

* backup

* initial implementation

* change to specific events

* implement tests

* cleanup

* refactor: use new protoc plugin for api v2

* change package

* simplify code

* cleanup

* cleanup

* fix merge

* start queries

* fix tests

* improve returned values

* add token to projection

* tests

* test db map

* update query

* permission checks

* fix tests and linting

* rework token creation

* i18n

* refactor token check and fix tests

* session to PB test

* request to query tests

* cleanup proto

* test user check

* add comment

* simplify database map type

* Update docs/docs/guides/integrate/access-zitadel-system-api.md

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix test

* cleanup

* docs

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-05 15:34:53 +00:00
Silvan
095ec21678
feat: user v2alpha email API (#5708)
* chore(proto): update versions

* change protoc plugin

* some cleanups

* define api for setting emails in new api

* implement user.SetEmail

* move SetEmail buisiness logic into command

* resuse newCryptoCode

* command: add ChangeEmail unit tests

Not complete, was not able to mock the generator.

* Revert "resuse newCryptoCode"

This reverts commit c89e90ae35.

* undo change to crypto code generators

* command: use a generator so we can test properly

* command: reorganise ChangeEmail

improve test coverage

* implement VerifyEmail

including unit tests

* add URL template tests

* proto: change context to object

* remove old auth option

* remove old auth option

* fix linting errors

run gci on modified files

* add permission checks and fix some errors

* comments

* comments

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 09:02:29 +02:00
Miguel Cabrerizo
d140f9373a
feat: Zitadel translated into Spanish (#5634)
* feat: spanish translation in progress

* feat: 85% of translated strings

* feat: spanish translation 95% done

* fix: fix some typos

* fix: add missing translations for recent commits

* Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-14 15:53:19 +02:00
Fabi
cf1ac30970
fix: remove unnecessary cancel button as cancel is not possible (#5511)
* fix: remove unnecessary cancel button as cancel is not possible

* fix: add missing tranlation

* fix: add missing tranlation

* docs: missing translations

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-24 08:00:56 +00:00
tharuta
a8fe15829e
feat: internationalization Japanese (recreated) (#5513)
japanese translation

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-03-22 07:30:46 +01:00
Elio Bischof
e00cc187fa
fix: make user creation errors helpful (#5382)
* fix: make user creation errors helpful

* fix linting and unit testing errors

* fix linting

* make zitadel config reusable

* fix human validations

* translate ssr errors

* make zitadel config reusable

* cover more translations for ssr

* handle email validation message centrally

* fix unit tests

* fix linting

* align signatures

* use more precise wording

* handle phone validation message centrally

* fix: return specific profile errors

* docs: edit comments

* fix unit tests

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-14 19:20:38 +00:00
Elio Bischof
681541f41b
feat: add quotas (#4779)
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
uiopak
84fa20f1ce
feat: internationalization Polish (#5117)
* Add Polish translations

* Add references to Polish translations in files

* Make a consistent translation of languages in Chinese translation

* Add missing language references to fr, it and zh

* Translation corrections

* Add missing language references to zh

* Translation corrections

* add latest translation keys

* Translation corrections and addition of some new ones

* translate auth requests exhausted

* add new untranslated keys

* Translation corrections, fix indentation

---------

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-02-13 12:03:34 +01:00
Stefan Benz
e2fdd3f077
feat: support client_credentials for service users (#5134)
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
2023-01-31 19:52:47 +00:00
Silvan
c54ddc71a2
feat(actions): local users (#5089)
Actions are extended to to local users. It's possible to run custom code during registration and authentication of local users.
2023-01-25 13:08:01 +00:00
Stefan Benz
19621acfd3
feat: add notification policy and password change message (#5065)
Implementation of new notification policy with functionality to send email when a password is changed
2023-01-25 09:49:41 +01:00
Silvan
7b5135e637
fix(adminAPI): localize event type (#5059)
* fix(adminAPI): localisation of event types, aggregate types
* fix(adminAPI): validations of ListEvent request
* implement caching of editor user information
2023-01-19 15:50:05 +00:00
Livio Spring
d3e4281bb6
fix: protect default and zitadel project org from remove (#4875) 2022-12-14 10:44:43 +00:00
Hanrea
79d1c06515
fix: Update missing key of Chinese translation (#4769)
Update missing key of Chinese translation

Update missing key of Chinese translation,
2022-11-28 16:20:11 +01:00
Stefan Benz
556f381a5a
fix(import): add import for app and machine keys (#4536)
* fix(import): add import for app and machine keys

* fix(export): add review changes

* fix(import): Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): add review changes

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-18 15:07:30 +00:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules (#4337)
* fix: potential memory leak

* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls

* add query call

* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects

* fix(translations): add action translations

* use `domain.FlowType`

* localizers

* localization

* trigger types

* options on `query.Action`

* add functions for actions

* feat: management api: add list flow and trigger  (#4352)

* console changes

* cleanup

* fix: wrong localization

Co-authored-by: Max Peintner <max@caos.ch>

* id token works

* check if claims not nil

* feat(actions): metadata api

* refactor(actions): modules

* fix: allow prerelease

* fix: test

* feat(actions): deny list for http hosts

* feat(actions): deny list for http hosts

* refactor: actions

* fix: different error ids

* fix: rename statusCode to status

* Actions objects as options (#4418)

* fix: rename statusCode to status

* fix(actions): objects as options

* fix(actions): objects as options

* fix(actions): set fields

* add http client to old actions

* fix(actions): add log module

* fix(actions): add user to context where possible

* fix(actions): add user to ctx in external authorization/pre creation

* fix(actions): query correct flow in claims

* test: actions

* fix(id-generator): panic if no machine id

* tests

* maybe this?

* fix linting

* refactor: improve code

* fix: metadata and usergrant usage in actions

* fix: appendUserGrant

* fix: allowedToFail and timeout in action execution

* fix: allowed to fail in token complement flow

* docs: add action log claim

* Update defaults.yaml

* fix log claim

* remove prerelease build

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00
Stefan Benz
b32c02a39b
feat(instance): add functionality to update instance (#4440)
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 06:58:50 +00:00
Stefan Benz
2c1f9ac4a8
feat(org): add org metadata functionality (#4234)
* feat(org): add org metadata functionality

* fix(metadata): add unit tests and review for org metadata

* fix(org-metadata): move endpoints to /

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-20 14:32:09 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
George
8ab85afd15
feat: internationalization Chinese (#4222)
* feat: internationalization chinese

* typo: optimize the semantic expression of copywriting

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/zh.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* minor: add Chinese to other language file

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-09-08 15:15:31 +02:00
Livio Spring
d656b3f3c9
fix: instance interceptors return NotFound (404) error for unknown hosts (#4184)
* fix: instance interceptors return "NotFound" (404) error for unknown hosts

* fix tests
2022-08-17 06:07:41 +00:00
Livio Spring
6b30be77e6
fix: restrict domain names to alphanumeric characters (#4104)
* fix: restrict domain names to alphanumeric characters

* improve error message
2022-08-03 07:25:25 +00:00
Silvan
9271623ec9
fix: load auth users (#3907)
* fix: load auth users

* fix: add triggerbulk

* fix: build pre-release

* fix even more french translations

* fix: build version

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-07-07 14:58:00 +02:00
Livio Spring
427d21ad45
fix: (french) translations (#3922) 2022-07-07 10:58:24 +00:00
mffap
3267daedda
feat: internationalization french (#3890)
* initial

* console_fr updates

* console_en fix issues

* notifications_fr

* internal_static_i18n_fr fixes

* internal_static_i18n_en fix

* docs

* search parameter

* missing italian translations

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-06 13:40:11 +00:00
Livio Amstutz
0baaaf8a05
fix: handle default org id (#3769) 2022-06-03 14:30:39 +02:00
mffap
32ccada7a9
chore: more typos (#3688) 2022-05-21 22:41:21 +02:00
Fabi
5c0f527a49
feat: restrict smtp sender address (#3637)
* fix: check if sender address is custom domain

* fix: check if sender address is custom domain

* fix: check if sender address is custom domain

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-05-16 14:08:47 +00:00
Livio Amstutz
411d7c6c5c
feat: add default redirect uri and handling of unknown usernames (#3616)
* feat: add possibility to ignore username errors on first login screen

* console changes

* fix: handling of unknown usernames (#3445)

* fix: handling of unknown usernames

* fix: handle HideLoginNameSuffix on unknown users

* feat: add default redirect uri on login policy (#3607)

* feat: add default redirect uri on login policy

* fix tests

* feat: Console login policy default redirect (#3613)

* console default redirect

* placeholder

* validate default redirect uri

* allow empty default redirect uri

Co-authored-by: Max Peintner <max@caos.ch>

* remove wonrgly cherry picked migration

Co-authored-by: Max Peintner <max@caos.ch>
2022-05-16 13:39:09 +00:00
Livio Amstutz
861cf07700
feat: permit all features to every instance and organisation (#3566) 2022-05-02 11:18:17 +02:00
Livio Amstutz
2c4799c223
feat: complete dynamic domain handling (#3482)
* feat: dynamic issuer

* feat: default language from context

* remove zitadel docs from defaults

* remove ConsoleOverwriteDir

* remove notification endpoints from defaults

* custom domains in emails

* remove (external) domain

* external domain completely removed, console handling fixed

* fix test

* fix defaults.yaml
2022-04-25 11:16:36 +02:00
Livio Amstutz
4a0d61d75a
feat: store assets in database (#3290)
* feat: use database as asset storage

* being only uploading assets if allowed

* tests

* fixes

* cleanup after merge

* renaming

* various fixes

* fix: change to repository event types and removed unused code

* feat: set default features

* error handling

* error handling and naming

* fix tests

* fix tests

* fix merge

* rename
2022-04-06 06:13:40 +00:00
Fabi
9d4f296c62
fix: rename iam to instance (#3345)
* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename orgiampolicy to domain policy

* fix: merge conflicts

* fix: protos

* fix: md files

* implement deprecated org iam policy again

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-24 16:21:34 +00:00
Livio Amstutz
504fe5b761
cherry pick changes from main (#3371)
* feat: remove exif data from uploaded images (#3221)

* feat: remove exif tags from images

* feat: remove exif data

* feat: remove exif

* fix: add preferredLoginName to user grant response (#3271)

* chore: log webauthn parse error (#3272)

* log error

* log error

* feat: Help link in privacy policy

* fix: convert correct detail data on organization (#3279)

* fix: handle empty editor users

* fix: add some missing translations (#3291)

* fix: org policy translations

* fix: metadata event types translation

* fix: translations

* fix: filter resource owner correctly on project grant members (#3281)

* fix: filter resource owner correctly on project grant members

* fix: filter resource owner correctly on project grant members

* fix: add orgIDs to zitadel permissions request

Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>

* fix: get IAM memberships correctly in MyZitadelPermissions (#3309)

* fix: correct login names on auth and notification users (#3349)

* fix: correct login names on auth and notification users

* fix: migration

* fix: handle resource owner in action flows (#3361)

* fix merge

* fix: exchange exif library (#3366)

* fix: exchange exif library

* ignore tiffs

* requested fixes

* feat: Help link in privacy policy

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-24 14:00:24 +01:00
Fabi
7d6c933485
feat: OIDC setting (#3245)
* feat: add oidc config struct

* feat: oidc config command side

* feat: oidc configuration query side

* feat: add translations

* feat: add tests

* feat: add translations

* feat: rename oidc config to oidc settings

* feat: rename oidc config to oidc settings
2022-02-25 16:05:06 +01:00
Fabi
e3528ff0b2
feat: Config to eventstore (#3158)
* feat: add default language to eventstore

* feat: add secret generator configs events

* feat: tests

* feat: secret generators in eventstore

* feat: secret generators in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* fix: migrations

* fix migration version

* fix test

* feat: change secret generator type to enum

* feat: change smtp attribute names

* feat: change smtp attribute names

* feat: remove engryption algorithms from command side

* feat: remove engryption algorithms from command side

* feat: smtp config

* feat: smtp config

* format smtp from header

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-02-16 15:49:17 +00:00
Livio Amstutz
699fdaf68e
feat: add personal access tokens for service users (#2974)
* feat: add machine tokens

* fix test

* rename to pat

* fix merge and tests

* fix scopes

* fix migration version

* fix test

* Update internal/repository/user/personal_access_token.go

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2022-02-08 09:37:28 +01:00