3100 Commits

Author SHA1 Message Date
Tim Möhlmann
94cf30c547
feat(oidc): use the new oidc server interface (#6779)
* feat(oidc): use the new oidc server interface

* rename from provider to server

* pin logging and oidc packages

* use oidc introspection fix branch

* add overloaded methods with tracing

* cleanup unused code

* include latest oidc fixes

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-10-25 15:44:05 +00:00
Elio Bischof
4980cd6a0c
feat: add SYSTEM_OWNER role (#6765)
* define roles and permissions

* support system user memberships

* don't limit system users

* cleanup permissions

* restrict memberships to aggregates

* default to SYSTEM_OWNER

* update unit tests

* test: system user token test (#6778)

* update unit tests

* refactor: make authz testable

* move session constants

* cleanup

* comment

* comment

* decode member type string to enum (#6780)

* decode member type string to enum

* handle all membership types

* decode enums where necessary

* decode member type in steps config

* update system api docs

* add technical advisory

* tweak docs a bit

* comment in comment

* lint

* extract token from Bearer header prefix

* review changes

* fix tests

* fix: add fix for activityhandler

* add isSystemUser

* remove IsSystemUser from activity info

* fix: add fix for activityhandler

---------

Co-authored-by: Stefan Benz <stefan@caos.ch>
2023-10-25 15:10:45 +00:00
Silvan
c8b9b0ac75
docs: replace fix cockroachdb version with latest stable (#6803) 2023-10-25 14:20:55 +00:00
Stefan Benz
48ae5d58ac
feat: add activity logs on user actions with authentication, resource… (#6748)
* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI

* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI

* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI

* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI

* feat: add activity logs on user actions with authentication, resourceAPI and sessionAPI

* fix: add unit tests to info package for context changes

* fix: add activity_interceptor.go suggestion

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: refactoring and fixes through PR review

* fix: add auth service to lists of resourceAPIs

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-10-25 12:09:15 +00:00
Elio Bischof
385a55bd21
feat: limit audit trail (#6744)
* feat: enable limiting audit trail

* support AddExclusiveQuery

* fix invalid condition

* register event mappers

* fix NullDuration validity

* test query side for limits

* lint

* acceptance test audit trail limit

* fix acceptance test

* translate limits not found

* update tests

* fix linting

* add audit log retention to default instance

* fix tests

* update docs

* remove todo

* improve test name
2023-10-25 11:42:00 +00:00
Elio Bischof
1c839e308b
perf: query projected milestones for onboarding view (#6760)
* feat: support list milestones api

* show milestones in onboarding view

* add authenticated milestone

* add icon to login milestone

* update main

* lint

* fix import

* fix import

* lint

* reuse proto milestone type mapping
2023-10-25 11:16:34 +00:00
Livio Spring
56897926a1
fix: add csp to assets handler
Merge pull request from GHSA-954h-jrpm-72pm

(cherry picked from commit 73dbf3136862ed97ddda1f531a06389dedd35ed5)
v2.39.2
2023-10-25 11:18:31 +02:00
Livio Spring
73dbf31368
Merge pull request from GHSA-954h-jrpm-72pm 2023-10-25 11:15:22 +02:00
Justice Chinedu
1fafefc2c1
docs: Updated README.md (#6795)
Updated README.md

I updated the existing Read.me file adding checkmarks for easier reading. I also adjusted some sentences for better grammatical meaning.

The overall purpose of these actions is to improve user and customer experience and understanding.

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-10-25 07:23:06 +00:00
Fabi
93122efe9f
fix: cryptic error message for user not found (#6787)
* fix: cryptic error message for user not found

* fix: cryptic error message for user not found, fix test
2023-10-24 21:19:12 +00:00
Miguel Cabrerizo
6f82285ad6
fix: country flag and phone now in sync (#6727)
* fix: country flag and phone now in sync

* change default country

---------

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-24 13:47:44 +00:00
Miguel Cabrerizo
36eeae1071
fix(console): update Twilio sms provider settings (#6732)
fix: update sms provider settings

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-24 12:55:39 +00:00
Miguel Cabrerizo
b4fd566746
fix: missing ngOnInit fetch data (#6730)
* fix: missing ngoninit fetch data

* fix: e2e test for sms check setting has been added

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-24 12:26:24 +00:00
Tim Möhlmann
2025434b1e fix(eventstore): prevent allocation of filtered events (#6749)
* fix(eventstore): prevent allocation of filtered events

Directly reduce each event obtained from a sql.Rows scan,
so that we do not have to allocate all events in a slice.

* reinstate the mutex as RWMutex

* scan data directly

* add todos

* fix(writemodels): add reduce of parent

* test: remove comment

* update comments

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
v2.39.1
2023-10-20 09:17:56 +02:00
Silvan
ba33a2ee8a fix(db): allow unlimited connections (#6758) v2.39.0 2023-10-20 08:48:26 +02:00
Tim Möhlmann
ab79855cf0
fix(eventstore): prevent allocation of filtered events (#6749)
* fix(eventstore): prevent allocation of filtered events

Directly reduce each event obtained from a sql.Rows scan,
so that we do not have to allocate all events in a slice.

* reinstate the mutex as RWMutex

* scan data directly

* add todos

* fix(writemodels): add reduce of parent

* test: remove comment

* update comments

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-10-19 15:21:31 +00:00
Silvan
459761d99a
docs: correct title of tech advisory 06 (#6759) 2023-10-19 14:55:09 +00:00
Silvan
4d4f649eda
fix(db): allow unlimited connections (#6758) 2023-10-19 13:37:22 +00:00
Silvan
3a01558c61
docs: add technical advisory 06 (#6756) 2023-10-19 15:13:50 +02:00
Silvan
e8b25f3143
merge 'next' into main (#6754) 2023-10-19 13:39:23 +02:00
adlerhurst
cc56eeadca Merge branch 'main' into next-to-main 2023-10-19 12:41:09 +02:00
adlerhurst
bd23a7a56f merge main into next 2023-10-19 12:34:00 +02:00
Silvan
b5564572bc
feat(eventstore): increase parallel write capabilities (#5940)
This implementation increases parallel write capabilities of the eventstore.
Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005) and  [06](https://zitadel.com/docs/support/advisory/a10006).
The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`.
If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 12:19:10 +02:00
Silvan
259faba3f0
merge 'main' into next 2023-10-19 11:29:44 +02:00
adlerhurst
9c069806c4 ci(lint): use ref_base instead of main 2023-10-19 10:47:37 +02:00
Elio Bischof
c0ddaf87e6 fix: origin from proxies (#6738)
* fix: origin from proxies

* test multiple forwarded header values
2023-10-19 10:35:47 +02:00
Livio Spring
426c4acbfe fix(notification): get origin from all relevant events and fix nil pointer (#6726) 2023-10-19 10:34:52 +02:00
adlerhurst
46187f7619 Merge branch 'main' into next-merge 2023-10-19 10:11:02 +02:00
adlerhurst
9a7517dd2c Merge branch 'main' into next-merge 2023-10-19 10:08:05 +02:00
Miguel Cabrerizo
c06dc106b8
fix(Makefile): add -r to delete .artifacts/grpc (#6697) 2023-10-18 09:46:45 +00:00
Silvan
fb2bd15780
ci: allow restore errors (#6740) 2023-10-17 15:53:00 +00:00
Tim Möhlmann
3bbcc3434a
chore(deps): upgrade to oidc v3 (#6737)
This pr upgrades oidc to v3 . Function signature changes have been migrated as well. Specifically there are more client calls that take a context now. Where feasable a context is added to those calls. Where a context is not (easily) available context.TODO() is used as a reminder for when it does.

Related to #6619
2023-10-17 15:19:51 +00:00
Elio Bischof
bb1994c318
fix: origin from proxies (#6738)
* fix: origin from proxies

* test multiple forwarded header values
2023-10-17 13:01:47 +00:00
Christoph Schmatzler
7b91d90eb2
docs: fix environment variable name for steps (#6728)
The yaml schema has a `Machine` object nested inside another one, which was improperly represented in the corresponding environment variable.

Signed-off-by: Christoph Schmatzler <christoph@medium.place>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-16 09:59:55 +00:00
Livio Spring
cb0a0f996e
fix(api): add remove otp sms and email to management api (#6721)
* fix(api): add remove otp sms and email to management api

* fix(console): remove otpsms and otpemail from user

---------

Co-authored-by: peintnermax <max@caos.ch>
2023-10-16 10:49:02 +03:00
Livio Spring
ce719a3fa4
fix(notification): get origin from all relevant events and fix nil pointer (#6726) 2023-10-13 14:45:38 +00:00
Tim Möhlmann
0af1c65c4c
fix: allow unused keys in hasher config (#6724) 2023-10-13 13:11:20 +00:00
Livio Spring
95889cf576
fix(api): use organization instead of organisation (#6720)
* fix(api): use organization instead of organisation

* fix test

* docs: add deprecation notice

* remove validation
2023-10-13 12:37:35 +00:00
Livio Spring
27e03120dc
fix(api): extend client_secret length for generic oauth and oidc providers to 1000 (#6722) 2023-10-13 14:31:39 +03:00
cpli
5a9609ef29
feat(actions): add "zitadel/uuid" module (#6135)
* feat: add "zitadel/uuid" module

* feat(actions/uuid): add v1, v3, and v4 UUIDs

* add namespaces and improve hash based functions

* add docs

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-10-13 09:31:23 +02:00
dependabot[bot]
831a21a6e2
chore(deps): bump node from 18-buster to 20-buster in /build (#6258)
Bumps node from 18-buster to 20-buster.

---
updated-dependencies:
- dependency-name: node
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-10-12 16:51:50 +00:00
Austin Turner
b24e120c66
fix: typo in verify email default text (#6694)
Fix typo in Verify email default text

Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-12 15:12:22 +00:00
mffap
53034a5fb1
docs(legal): onboarding support services (#6665)
* docs(legal): onboarding support services

* remove trainings, outline

* wip

* finish

* call to action

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@zitadel.com>

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
2023-10-12 13:08:38 +00:00
Tim Möhlmann
c71bf85b7a
feat(api/v2): store user agent details in the session (#6711)
This change adds the ability to set and get user agent data, such as fingerprint, IP, request headers and a description to the session. All fields are optional.

Closes #6028
2023-10-12 12:16:59 +00:00
Livio Spring
a272b1201f
fix(api): use (provided) organisation instead of resourceOwner of caller (#6714) 2023-10-12 10:00:36 +02:00
Miguel Cabrerizo
ef18cd2e2c
feat(console): allow setting development mode when creating an OIDC app (#6593)
* fix: don't show verify domain if policy disabled

* feat: set dev mode on/off when oidc app is created

* fix: linting json files

* fix: add @peintnermax suggestions

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-10-11 17:37:14 +02:00
Austin Turner
dad1b4db7f
docs: fix typo in saas.md (#6692)
* Fix typos in saas docs

Fix typo and remove gender specific pronoun

* Fixed grammar error

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-10-11 15:05:20 +02:00
Silvan
2fba12d5c2
docs: add technical advisories for eventstore (#6702)
* docs: add technical advisories for eventstore

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
2023-10-11 09:13:11 +00:00
Miguel Cabrerizo
7588f8a0bb
fix(console): add jwks uri to app URLs (#6672)
Co-authored-by: Max Peintner <max@caos.ch>
2023-10-11 08:27:14 +00:00
Miguel Cabrerizo
2d4cd331da
fix: allow unicode characters in org domains (#6675)
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-10-11 09:55:01 +02:00