Livio Spring
4552fe7d99
fix: potential panics in login and return proper http 405 ( #8065 )
...
# Which Problems Are Solved
We identified some parts in the code, which could panic with a nil
pointer when accessed without auth request.
Additionally, if a GRPC method was called with an unmapped HTTP method,
e.g. POST instead of GET a 501 instead of a 405 was returned.
# How the Problems Are Solved
- Additional checks for existing authRequest
- custom http status code mapper for gateway
# Additional Changes
None.
# Additional Context
- noted internally in OPS
(cherry picked from commit 26c7d95c88
)
2024-06-12 08:43:47 +02:00
Elio Bischof
ed0bc39ea4
feat: block instances ( #7129 )
...
* docs: fix init description typos
* feat: block instances using limits
* translate
* unit tests
* fix translations
* redirect /ui/login
* fix http interceptor
* cleanup
* fix http interceptor
* fix: delete cookies on gateway 200
* add integration tests
* add command test
* docs
* fix integration tests
* add bulk api and integration test
* optimize bulk set limits
* unit test bulk limits
* fix broken link
* fix assets middleware
* fix broken link
* validate instance id format
* Update internal/eventstore/search_query.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* remove support for owner bulk limit commands
* project limits to instances
* migrate instances projection
* Revert "migrate instances projection"
This reverts commit 214218732a
.
* join limits, remove owner
* remove todo
* use optional bool
* normally validate instance ids
* use 302
* cleanup
* cleanup
* Update internal/api/grpc/system/limits_converter.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* remove owner
* remove owner from reset
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-01-17 10:16:48 +00:00
Stefan Benz
ef11609142
fix: add https status to activity log ( #6978 )
...
* fix: add https status to activity log
* create prerelease
* create RC
* pass info from gateway to grpc server
* fix: update releaserc to create RC version
* cleanup
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-11-28 16:56:29 +01:00
Elio Bischof
e0a5f8661d
feat: improve UX for external configuration ( #6861 )
...
* docs: simplify traefik external tls
* remove pass host header
* docs: simplify and fix nginx external tls
* fix: readiness with enabled tls
* improve proxy docs
* improve proxy docs
* fix(ready): don't verify server cert
* complete nginx docs
* cleanup
* complete traefik docs
* add caddy docs
* simplify traefik
* standardize
* fix caddy
* add httpd docs
* improve external config docs
* guiding error message
* docs(defaults.yaml): remove misleading comments
* guiding error message cs and ru
* improve proxy testability
* fix compose up command
* improve commands
* fix nginx tls disabled
* fix nginx tls enabled
* fix: serve gateway when tls is enabled
* fmt caddy files
* fix caddy enabled tls
* remove not-working commands
* review
* fix checks
* fix link
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-11-09 11:30:15 +01:00
Elio Bischof
2e86c44aa5
fix: delete cookies ( #5885 )
...
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-19 05:12:31 +00:00
Elio Bischof
0e251a29c8
fix: set exhausted cookie with env json ( #5868 )
...
* fix: set exhausted cookie with env json
* lint
2023-05-15 08:51:02 +02:00
Elio Bischof
35a0977663
fix: improve exhausted SetCookie header ( #5789 )
...
* fix: remove access interceptor for console
* feat: template quota cookie value
* fix: send exhausted cookie from grpc-gateway
* refactor: remove ineffectual err assignments
* Update internal/api/grpc/server/gateway.go
Co-authored-by: Livio Spring <livio.a@gmail.com>
* use dynamic host header to find instance
* add instance mgmt url to environment.json
* support hosts with default ports
* fix linting
* docs: update lb example
* print access logs to stdout
* fix grpc gateway exhausted cookies
* cleanup
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-11 09:24:44 +02:00
Miguel Cabrerizo
3ca7147808
fix: introduce measures to avoid bots crawling and indexing activities ( #5728 )
...
* fix: 404 for robots.txt and meta robots tags
* fix: add unit tests for robots txt and tag
* fix: add meta tag robots none for login pages
* fix: weird format issue in header.go
* fix: add x-robots-tag=none to grpcwebserver
* fix linting
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-05 10:25:02 +02:00
Livio Spring
f1534c0c4c
refactor: use new protoc plugin for api v2 ( #5798 )
...
* refactor: use new protoc plugin for api v2
* simplify code
2023-05-04 08:50:19 +00:00
Livio Spring
b3d8787921
feat: add new api services ( #5619 )
...
* feat: add new services
* improve demos and comments
* remove unused field
* add comment to demo proto calls
* Apply suggestions from code review
Co-authored-by: Silvan <silvan.reusser@gmail.com>
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-04-11 15:37:42 +02:00
Silvan
e38abdcdf3
perf: query data AS OF SYSTEM TIME
( #5231 )
...
Queries the data in the storage layser at the timestamp when the call hit the API layer
2023-02-27 22:36:43 +01:00
Livio Amstutz
3a1569bd94
fix: grpc gateway interceptors ( #3767 )
2022-06-03 12:44:04 +00:00
Florian Forster
fa9f581d56
chore(v2): move to new org ( #3499 )
...
* chore: move to new org
* logging
* fix: org rename caos -> zitadel
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Livio Amstutz
389eb4a27a
feat: run on a single port ( #3163 )
...
* start v2
* start
* run
* some cleanup
* remove v2 pkg again
* simplify
* webauthn
* remove unused config
* fix login path in Dockerfile
* fix asset_generator.go
* health handler
* fix grpc web
* refactor
* merge
* build new main.go
* run new main.go
* update logging pkg
* fix error msg
* update logging
* cleanup
* cleanup
* go mod tidy
* change localDevMode
* fix customEndpoints
* update logging
* comments
* change local flag to external configs
* fix location generated go code
* fix
Co-authored-by: fforootd <florian@caos.ch>
2022-02-14 17:22:30 +01:00
Livio Amstutz
ed80a8bb1e
feat: actions ( #2377 )
...
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-09-27 13:43:49 +02:00
Livio Amstutz
bd8133aedd
fix: do not cache api (incl. grpc) and http errors ( #2088 )
...
* fix: add cache-control headers (no-store, no-cache) on grpc (for grpc-web)
* fix: do not cache api response (incl. grpc) and http errors
2021-07-28 13:19:44 +02:00
Livio Amstutz
eb75ba87fb
fix: ignore unknown field in json gateway ( #1619 )
2021-04-19 17:20:18 +02:00
Silvan
dabd5920dc
feat: protos refactoring
...
* start with user
* user first try done in all services
* user, org, idp for discussion
* remove unused stuff
* bla
* dockerbuild
* rename search, get multiple to list...
* add annotation
* update proto dependencies
* update proto dependencies
* change proto imports
* replace all old imports
* fix go out
* remove unused lines
* correct protoc flags
* grpc and openapi flags
* go out source path relative
* -p
* remove dead code
* sourcepath relative
* ls
* is onenapi the problem?
* hobla
* authoption output
* wrong field name
* gopf
* correct option, add correct flags
* small improvments
* SIMPLYFY
* relative path
* gopf bin ich en tubel
* correct path
* default policies in admin
* grpc generation in one file
* remove non ascii
* metadata on manipulations
* correct auth_option import
* fixes
* larry
* idp provider to idp
* fix generate
* admin and auth nearly done
* admin and auth nearly done
* gen
* healthz
* imports
* deleted too much imports
* fix org
* add import
* imports
* import
* naming
* auth_opt
* gopf
* management
* imports
* _TYPE_UNSPECIFIED
* improts
* auth opts
* management policies
* imports
* passwordlessType to MFAType
* auth_opt
* add user grant calls
* add missing messages
* result
* fix option
* improvements
* ids
* fix http
* imports
* fixes
* fields
* body
* add fields
* remove wrong member query
* fix request response
* fixes
* add copy files
* variable versions
* generate all files
* improvements
* add dependencies
* factors
* user session
* oidc information, iam
* remove unused file
* changes
* enums
* dockerfile
* fix build
* remove unused folder
* update readme for build
* move old server impl
* add event type to change
* some changes
* start admin
* remove wrong field
* admin only list calls missing
* fix proto numbers
* surprisingly it compiles
* service ts changes
* admin mgmt
* mgmt
* auth manipulation and gets done, lists missing
* validations and some field changes
* validations
* enum validations
* remove todo
* move proto files to proto/zitadel
* change proto path in dockerfile
* it compiles!
* add validate import
* remove duplicate import
* fix protos
* fix import
* tests
* cleanup
* remove unimplemented methods
* iam member multiple queries
* all auth and admin calls
* add initial password on crate human
* message names
* management user server
* machine done
* fix: todos (#1346 )
* fix: pub sub in new eventstore
* fix: todos
* fix: todos
* fix: todos
* fix: todos
* fix: todos
* fix tests
* fix: search method domain
* admin service, user import type typescript
* admin changes
* admin changes
* fix: search method domain
* more user grpc and begin org, fix configs
* fix: return object details
* org grpc
* remove creation date add details
* app
* fix: return object details
* fix: return object details
* mgmt service, project members
* app
* fix: convert policies
* project, members, granted projects, searches
* fix: convert usergrants
* fix: convert usergrants
* auth user detail, user detail, mfa, second factor, auth
* fix: convert usergrants
* mfa, memberships, password, owned proj detail
* fix: convert usergrants
* project grant
* missing details
* changes, userview
* idp table, keys
* org list and user table filter
* unify rest paths (#1381 )
* unify rest paths
* post for all searches,
mfa to multi_factor,
secondfactor to second_factor
* remove v1
* fix tests
* rename api client key to app key
* machine keys, age policy
* user list, machine keys, changes
* fix: org states
* add default flag to policy
* second factor to type
* idp id
* app type
* unify ListQuery, ListDetails, ObjectDetails field names
* user grants, apps, memberships
* fix type params
* metadata to detail, linke idps
* api create, membership, app detail, create
* idp, app, policy
* queries, multi -> auth factors and missing fields
* update converters
* provider to user, remove old mgmt refs
* temp remove authfactor dialog, build finish
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2021-03-09 10:30:11 +01:00
Fabi
6b3f5b984c
feat: metrics ( #1024 )
...
* refactor: switch from opencensus to opentelemetry
* tempo works as designed nooooot
* fix: log traceids
* with grafana agent
* fix: http tracing
* fix: cleanup files
* chore: remove todo
* fix: bad test
* fix: ignore methods in grpc interceptors
* fix: remove test log
* clean up
* typo
* fix(config): configure tracing endpoint
* fix(span): add error id to span
* feat: metrics package
* feat: metrics package
* fix: counter
* fix: metric
* try metrics
* fix: coutner metrics
* fix: active sessin counter
* fix: active sessin counter
* fix: change current Sequence table
* fix: change current Sequence table
* fix: current sequences
* fix: spooler div metrics
* fix: console view
* fix: merge master
* fix: Last spool run on search result instead of eventtimestamp
* fix: go mod
* Update console/src/assets/i18n/de.json
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: pr review
* fix: map
* update oidc pkg
* fix: handlers
* fix: value observer
* fix: remove fmt
* fix: handlers
* fix: tests
* fix: handler minimum cycle duration 1s
* fix(spooler): handler channel buffer
* fix interceptors
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-12-02 08:50:59 +01:00
Silvan
168242e725
fix(tracing): from opencensus to opentelemetry ( #937 )
...
* refactor: switch from opencensus to opentelemetry
* tempo works as designed nooooot
* fix: log traceids
* with grafana agent
* fix: http tracing
* fix: cleanup files
* chore: remove todo
* fix: bad test
* fix: ignore methods in grpc interceptors
* fix: remove test log
* clean up
* typo
* fix(config): configure tracing endpoint
* fix(span): add error id to span
2020-11-20 07:57:39 +01:00
Livio Amstutz
4e1e8a714a
fix: cors ( #621 )
...
* fix: dont (re)generate client secret with auth type none
* fix(cors): allow Origin from request
* feat: add origin allow list and fix some core issues
* rename migration
* fix UserIDsByDomain
* check origin on userinfo
* update oidc pkg
2020-08-24 10:06:55 +02:00
Livio Amstutz
3549a8b64e
feat: port reduction ( #323 )
...
* move mgmt pkg
* begin package restructure
* rename auth package to authz
* begin start api
* move auth
* move admin
* fix merge
* configs and interceptors
* interceptor
* revert generate-grpc.sh
* some cleanups
* console
* move console
* fix tests and merging
* js linting
* merge
* merging and configs
* change k8s base to current ports
* fixes
* cleanup
* regenerate proto
* remove unnecessary whitespace
* missing param
* go mod tidy
* fix merging
* move login pkg
* cleanup
* move api pkgs again
* fix pkg naming
* fix generate-static.sh for login
* update workflow
* fixes
* logging
* remove duplicate
* comment for optional gateway interfaces
* regenerate protos
* fix proto imports for grpc web
* protos
* grpc web generate
* grpc web generate
* fix changes
* add translation interceptor
* fix merging
* regenerate mgmt proto
2020-07-08 13:56:37 +02:00
Livio Amstutz
1c59d18fee
fix: improvements for login and oidc ( #227 )
...
* add csrf
* caching
* caching
* caching
* caching
* security headers
* csp and security headers
* error handler csp
* select user with display name
* csp
* user selection styling
* username to loginname
* regenerate grpc
* regenerate
* change to login name
2020-06-17 08:06:40 +02:00
Livio Amstutz
96b88f5d8c
add tracing and refactor some api pkgs
2020-03-24 14:15:01 +01:00