Livio Spring 
							
						 
					 
					
						
						
							
						
						e57a9b57c8 
					 
					
						
						
							
							feat(saml): allow setting nameid-format and alternative mapping for transient format ( #7979 )  
						
						... 
						
						
						
						# Which Problems Are Solved
ZITADEL currently always uses
`urn:oasis:names:tc:SAML:2.0:nameid-format:persistent` in SAML requests,
relying on the IdP to respect that flag and always return a peristent
nameid in order to be able to map the external user with an existing
user (idp link) in ZITADEL.
In case the IdP however returns a
`urn:oasis:names:tc:SAML:2.0:nameid-format:transient` (transient)
nameid, the attribute will differ between each request and it will not
be possible to match existing users.
# How the Problems Are Solved
This PR adds the following two options on SAML IdP:
- **nameIDFormat**: allows to set the nameid-format used in the SAML
Request
- **transientMappingAttributeName**: allows to set an attribute name,
which will be used instead of the nameid itself in case the returned
nameid-format is transient
# Additional Changes
To reduce impact on current installations, the `idp_templates6_saml`
table is altered with the two added columns by a setup job. New
installations will automatically get the table with the two columns
directly.
All idp unit tests are updated to use `expectEventstore` instead of the
deprecated `eventstoreExpect`.
# Additional Context
Closes  #7483 
Closes  #7743 
---------
Co-authored-by: peintnermax <max@caos.ch >
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com > 
						
						
					 
					
						2024-05-23 05:04:07 +00:00 
						 
				 
			
				
					
						
							
							
								Tim Möhlmann 
							
						 
					 
					
						
						
							
						
						f680dd934d 
					 
					
						
						
							
							refactor: rename package errors to zerrors ( #7039 )  
						
						... 
						
						
						
						* chore: rename package errors to zerrors
* rename package errors to gerrors
* fix error related linting issues
* fix zitadel error assertion
* fix gosimple linting issues
* fix deprecated linting issues
* resolve gci linting issues
* fix import structure
---------
Co-authored-by: Elio Bischof <elio@zitadel.com > 
						
						
					 
					
						2023-12-08 15:30:55 +01:00 
						 
				 
			
				
					
						
							
							
								Stefan Benz 
							
						 
					 
					
						
						
							
						
						15fd3045e0 
					 
					
						
						
							
							feat: add SAML as identity provider ( #6454 )  
						
						... 
						
						
						
						* feat: first implementation for saml sp
* fix: add command side instance and org for saml provider
* fix: add query side instance and org for saml provider
* fix: request handling in event and retrieval of finished intent
* fix: add review changes and integration tests
* fix: add integration tests for saml idp
* fix: correct unit tests with review changes
* fix: add saml session unit test
* fix: add saml session unit test
* fix: add saml session unit test
* fix: changes from review
* fix: changes from review
* fix: proto build error
* fix: proto build error
* fix: proto build error
* fix: proto require metadata oneof
* fix: login with saml provider
* fix: integration test for saml assertion
* lint client.go
* fix json tag
* fix: linting
* fix import
* fix: linting
* fix saml idp query
* fix: linting
* lint: try all issues
* revert linting config
* fix: add regenerate endpoints
* fix: translations
* fix mk.yaml
* ignore acs path for user agent cookie
* fix: add AuthFromProvider test for saml
* fix: integration test for saml retrieve information
---------
Co-authored-by: Livio Spring <livio.a@gmail.com > 
						
						
					 
					
						2023-09-29 11:26:14 +02:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						e17b49e4ca 
					 
					
						
						
							
							feat: add apple as idp ( #6442 )  
						
						... 
						
						
						
						* feat: manage apple idp
* handle apple idp callback
* add tests for provider
* basic console implementation
* implement flow for login UI and add logos / styling
* tests
* cleanup
* add upload button
* begin i18n
* apple logo positioning, file upload component
* fix add apple instance idp
* add missing apple logos for login
* update to go 1.21
* fix slice compare
* revert permission changes
* concrete error messages
* translate login apple logo -y-2px
* change form parsing
* sign in button
* fix tests
* lint console
---------
Co-authored-by: peintnermax <max@caos.ch > 
						
						
					 
					
						2023-08-31 08:39:16 +02:00 
						 
				 
			
				
					
						
							
							
								Stefan Benz 
							
						 
					 
					
						
						
							
						
						5562ee94a6 
					 
					
						
						
							
							feat: migrate external idp to other types ( #5984 )  
						
						... 
						
						
						
						* feat: migrate instance oidc to azureAD
* feat: migrate instance oidc to azureAD
* feat: migrate org oidc to azureAD
* feat: migrate oidc to google
* fix: correct idp writemodels
* fix: review changes 
						
						
					 
					
						2023-06-08 00:50:53 +02:00 
						 
				 
			
				
					
						
							
							
								Stefan Benz 
							
						 
					 
					
						
						
							
						
						41ff0bbc63 
					 
					
						
						
							
							feat: ldap provider login ( #5448 )  
						
						... 
						
						
						
						Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI. 
						
						
					 
					
						2023-03-24 15:18:56 +00:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						1896f13952 
					 
					
						
						
							
							fix: use idToken for mapping when using old configs ( #5458 )  
						
						... 
						
						
						
						* fix: use idToken for mapping when using old configs
* fix events and add tests 
						
						
					 
					
						2023-03-16 16:47:22 +01:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						5a307afe62 
					 
					
						
						
							
							feat: add azure provider templates  ( #5441 )  
						
						... 
						
						
						
						Adds possibility to manage and use Microsoft Azure template based providers 
						
						
					 
					
						2023-03-15 07:48:37 +01:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						c0843e6b4c 
					 
					
						
						
							
							feat: add gitlab provider templates ( #5405 )  
						
						... 
						
						
						
						* feat(api): add google provider template
* refactor reduce functions
* handle removed event
* linting
* fix projection
* feat(api): add generic oauth provider template
* feat(api): add github provider templates
* feat(api): add github provider templates
* fixes
* proto comment
* fix filtering
* requested changes
* feat(api): add generic oauth provider template
* remove wrongly committed message
* increase budget for angular build
* fix linting
* fixes
* fix merge
* fix merge
* fix projection
* fix merge
* updates from previous PRs
* enable github providers in login
* fix merge
* fix test and add github styling in login
* cleanup
* feat(api): add gitlab provider templates
* fix: merge
* fix display of providers in login
* implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it
* fix merge
* fix merge and add tests for command side
* requested changes
* requested changes
* Update internal/query/idp_template.go
Co-authored-by: Silvan <silvan.reusser@gmail.com >
* fix merge
* requested changes
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com > 
						
						
					 
					
						2023-03-13 17:34:29 +01:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						3042d7ef5c 
					 
					
						
						
							
							feat: add github provider template ( #5334 )  
						
						... 
						
						
						
						Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers 
						
						
					 
					
						2023-03-08 10:17:28 +00:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						2efa305e10 
					 
					
						
						
							
							fix: use of generic oauth provider ( #5345 )  
						
						... 
						
						
						
						Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field. 
						
						
					 
					
						2023-03-03 10:38:49 +00:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						48f9815b7c 
					 
					
						
						
							
							feat(login): use new IDP templates ( #5315 )  
						
						... 
						
						
						
						The login uses the new template based IDPs with backwards compatibility for old IDPs 
						
						
					 
					
						2023-02-28 21:20:58 +01:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						80003939ad 
					 
					
						
						
							
							feat(api): add oidc and jwt provider template ( #5290 )  
						
						... 
						
						
						
						Adds possibility to manage OIDC and JWT template based providers 
						
						
					 
					
						2023-02-27 16:32:18 +01:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						737d14e81b 
					 
					
						
						
							
							feat(api): add generic oauth provider template ( #5260 )  
						
						... 
						
						
						
						adds functionality to manage templates based OIDC IDPs 
						
						
					 
					
						2023-02-24 15:16:06 +01:00 
						 
				 
			
				
					
						
							
							
								Livio Spring 
							
						 
					 
					
						
						
							
						
						40e7356f3e 
					 
					
						
						
							
							feat(api): add google provider template ( #5247 )  
						
						... 
						
						
						
						add functionality to manage templates based Google IDP 
						
						
					 
					
						2023-02-21 17:18:28 +00:00 
						 
				 
			
				
					
						
							
							
								Stefan Benz 
							
						 
					 
					
						
						
							
						
						586495a0be 
					 
					
						
						
							
							feat: add management for ldap idp template ( #5220 )  
						
						... 
						
						
						
						Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future.
---------
Co-authored-by: Livio Spring <livio.a@gmail.com > 
						
						
					 
					
						2023-02-15 08:14:59 +00:00