Commit Graph

621 Commits

Author SHA1 Message Date
Miguel Cabrerizo
dd80109969
feat: delete organizations (#6083)
* feat: delete organizations

* feat: tests and delete all that depends on org

* fix: grpc delete description

* fix: get back reduce OrgRemovedEvent

* fix: add @muhlemmer review suggestions

* fix: new e2e for add/delete org
2023-09-07 04:54:51 +00:00
some-user123
18c07ab85d
feat: improve translations (#6489)
* feat: improve translations

* feat: improve translations of notifications
2023-09-05 12:14:53 +00:00
some-user123
e844c6834c
feat: Improve German translations (#6488)
Improve German translations

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-09-04 13:20:50 +00:00
Livio Spring
3c8640fbfd
fix: rename (t)otp to code in session checks (#6455)
* fix: rename (t)otp to code in session checks

* update integration tests

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-08-31 07:06:50 +00:00
Livio Spring
e17b49e4ca
feat: add apple as idp (#6442)
* feat: manage apple idp

* handle apple idp callback

* add tests for provider

* basic console implementation

* implement flow for login UI and add logos / styling

* tests

* cleanup

* add upload button

* begin i18n

* apple logo positioning, file upload component

* fix add apple instance idp

* add missing apple logos for login

* update to go 1.21

* fix slice compare

* revert permission changes

* concrete error messages

* translate login apple logo -y-2px

* change form parsing

* sign in button

* fix tests

* lint console

---------

Co-authored-by: peintnermax <max@caos.ch>
2023-08-31 08:39:16 +02:00
Miguel Cabrerizo
fd00ac533a
feat: add reply-to header in email notification (#6393)
* feat: add reply-to header to smtp messages

* fix: grpc reply_to_address min 0 and js var name

* fix: add missing translations

* fix merge and linting

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-29 09:08:24 +02:00
Livio Spring
94d13fd3e1
fix(api): handle id_token_mapping in generic oidc provider correctly (#6428) 2023-08-24 10:31:12 +00:00
Livio Spring
bb40e173bd
feat(api): add otp (sms and email) checks in session api (#6422)
* feat: add otp (sms and email) checks in session api

* implement sending

* fix tests

* add tests

* add integration tests

* fix merge main and add tests

* put default OTP Email url into config

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-08-24 09:41:52 +00:00
Elio Bischof
29fa3d417c
feat(console): enable ID token mapping for generic OIDC provider (#6426)
* fix: use IsIdTokenMapping request property

* feat(console): oidc provider id token mapping

* fix scss

* reduce styles

* fix lint

---------

Co-authored-by: peintnermax <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-23 12:57:20 +00:00
Livio Spring
66772ad0dd
fix: restrict AllowRegistration check to local registration (#5939)
* fix: restrict AllowRegistration check to local registration

* add comment

* add additional tests

* hide registration fields if no registration allowed

* fix: always allow linking and creation of external idps on users in userV2 and admin import

* chore: exclude console dist and node_module folders from cache

* chore: include node_module folders into cache again

* linting
2023-08-23 13:55:52 +02:00
Livio Spring
a9fb2a6e5c
fix(api): naming cleanup in user and session service (#6379)
* fix(api): rename first and last name to given and family name, intent to idp_intent, remove _ actions

* fix merge

* fully rename intent to idp intent in api

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-08-22 10:05:45 +00:00
Livio Spring
e701e05d23
fix(login): add some missing translations for OTP (#6409) 2023-08-21 12:41:39 +00:00
Livio Spring
84faf98bc2
fix: setMetadata in saml and pre access token triggers (#6398) 2023-08-21 14:21:45 +02:00
Livio Spring
69b49ac0ed
fix(api): return correct http code on assets api (#6388)
* fix(api): return correct http code on assets api

* add test

* fix test
2023-08-18 13:51:11 +00:00
Livio Spring
90a62b777b
fix: handle metadata from post authentication on auto creation (#6389) 2023-08-18 09:16:58 +00:00
Stefan Benz
52f68f8db8
feat: add ldap external idp to login api (#5938)
* fix: handling of ldap login through separate endpoint

* fix: handling of ldap login through separate endpoint

* fix: handling of ldap login through separate endpoint

* fix: successful intent for ldap

* fix: successful intent for ldap

* fix: successful intent for ldap

* fix: add changes from code review

* fix: remove set intent credentials and handle ldap errors

* fix: remove set intent credentials and handle ldap errors

* refactor into separate methods and fix merge

* remove mocks

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-16 11:29:57 +00:00
Stefan Benz
26b28ed2af
feat: add saml custom attribute action and translations (#6341)
* feat: add saml custom attribute action and translations

* chore: update saml dependency

* fix: apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix: custom attribute action with variadic parameter

* docs: add customize saml response docs

* docs: update docs/docs/apis/actions/customize-samlresponse.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

* docs: update docs/docs/apis/actions/customize-samlresponse.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-15 15:04:45 +00:00
Max Peintner
d83681a928
fix(login): mfa prompt styles (#6366)
* feat: login with otp

* fix(i18n): japanese translation

* add missing files

* fix provider change

* add event types translations to en

* add tests

* resourceOwner

* remove unused handler

* fix: secret generators and add comments

* add setup step

* rename

* linting

* fix setup

* improve otp handling

* fix autocomplete

* translations for login and notifications

* translations for event types

* fix: mfa prompt styles

* fix merge

* fix merge

* fix html

* rm unused files

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-15 14:05:00 +00:00
Livio Spring
7c494fd219
feat(login): add OTP (email and sms) (#6353)
* feat: login with otp

* fix(i18n): japanese translation

* add missing files

* fix provider change

* add event types translations to en

* add tests

* resourceOwner

* remove unused handler

* fix: secret generators and add comments

* add setup step

* rename

* linting

* fix setup

* improve otp handling

* fix autocomplete

* translations for login and notifications

* translations for event types

* changes from review

* check selected mfa type
2023-08-15 12:47:05 +00:00
Tim Möhlmann
0017542aa2
feat(api/v2): implement TOTP session check (#6362)
* feat(api/v2): implement TOTP session check

* add integration test

* correct typo in projection test

* fix event type typos

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-15 09:50:42 +00:00
Ahmed Fwela
133789fee9
feat: get multiple users by id (#6210)
* feat: introduce InTextQuery, and the ability to get multiple users by id

* added in query tests

* remove append call

* fix lints
2023-08-12 15:37:42 +02:00
Tim Möhlmann
86af67d1be
feat(api/v2): implement U2F session check (#6339) 2023-08-11 15:36:18 +00:00
Livio Spring
372755bddd
feat(api): add organisation service (#6340)
* setup org with multiple admins

* tests

* add missing proto

* remove machine users (for now)

* update tests with idp case

* fix package

* organisation -> organization

* fix test
2023-08-11 14:19:14 +00:00
Miguel Cabrerizo
dfd469c66f
fix: go back to user selection from other user (#6255)
* fix: go back to user selection from other user

* fix: replace button with left arrow
2023-08-10 17:35:52 +00:00
Elio Bischof
343a9428b3
feat: SMS and email OTP texts (#6281)
* manage 2 custom texts proto

* implement methods

* default texts

* console

* improve translations

* lint

* test: fix e2e timeout

* fix translations

* add missing console translations

* remove unused text parts

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-09 05:49:12 +00:00
Livio Spring
8dc1fd06a1
fix: provide tokens in azuread idp session (#6334) 2023-08-08 09:28:47 +00:00
Tim Möhlmann
3c7b603650
fix: always update the timestamp in trigger (#6326)
* always reset timestamp

* re-enable test
2023-08-04 16:17:16 +00:00
Livio Spring
45262e6829
fix: migrate external id of federated users (#6312)
* feat: migrate external id

* implement tests and some renaming

* fix projection

* cleanup

* i18n

* fix event type

* handle migration for new services as well

* typo
2023-08-04 11:35:36 +02:00
Stefan Benz
ef012d0081
feat: user v2 phone verification (#6309)
* feat: add phone change and code verification for user v2 api

* feat: add phone change and code verification for user v2 api

* fix: add ignored phone.proto

* fix: integration tests

* Update proto/zitadel/user/v2alpha/user_service.proto

* Update idp_template.go

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-03 06:42:59 +02:00
Livio Spring
a1942ecdaa
feat(api): add and remove OTP (SMS and email) (#6295)
* refactor: rename otp to totp

* feat: add otp sms and email

* implement tests
2023-08-02 18:57:53 +02:00
Livio Spring
782f7ad647
fix(OIDC): introspection (#6298)
* fix(OIDC): introspect for PAT

* fix(OIDC): introspect for PAT

* fix(OIDC): introspect

* remove adding projectID into audience
2023-07-31 13:55:26 +00:00
Livio Spring
43cb62ca4e
fix(i18n): do not translate language itself (#6286) 2023-07-28 09:58:05 +02:00
Livio Spring
789dcd8615
fix: password hash update and add missing i18n (#6285) 2023-07-28 09:09:15 +02:00
Elio Bischof
31ec1d83b9
feat: enable otp email and sms (#6260)
* feat: enable otp email and sms

* feat: enable otp factors in login settings

* remove tests without value

* translate second factors

* don't add new factors yet

* add comment

* add factors to docs

* backward compatible settings api

* compile tests

* add available 2fa types

* test: add mapping tests

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-28 07:39:30 +02:00
Livio Spring
2fe76acd14
feat: add secret generators for OTP (#6262)
This PR adds configuration options for OTP codes through Admin API.
2023-07-26 11:00:41 +00:00
Livio Spring
13e284dd56
fix: ensure resource owner in update human profile (#6253) 2023-07-21 13:42:24 +00:00
Livio Spring
cd5e176e30
fix: user grant by id (#6242) 2023-07-21 11:04:55 +00:00
daniel_michalichyn
fcc1acbf81
feat: Brazilian Portuguese internationalization (#6185)
* feat: Brazilian Portuguese internationalization

Co-authored-by: Daniel Michalichyn <daniel.henrique@st-one.io>
2023-07-20 04:40:45 +00:00
Livio Spring
fed15574f6
feat: allow to force MFA local only (#6234)
This PR adds an option to the LoginPolicy to "Force MFA for local users", so that users authenticated through an IDP must not configure (and verify) an MFA.
2023-07-20 04:06:16 +00:00
Livio Spring
59f3c328ec
feat(OIDC): add support for end_session for V2 tokens (#6226)
This PR adds support for the OIDC end_session_endpoint for V2 tokens. Sending an id_token_hint as parameter will directly terminate the underlying (SSO) session and all its tokens. Without this param, the user will be redirected to the Login UI, where he will able to choose if to logout.
2023-07-19 13:17:39 +02:00
Livio Spring
e1b3cda98a
feat(OIDC): support token revocation of V2 tokens (#6203)
This PR adds support for OAuth2 token revocation of V2 tokens.

Unlike with V1 tokens, it's now possible to revoke a token not only from the authorized client / client which the token was issued to, but rather from all trusted clients (audience)
2023-07-17 14:33:37 +02:00
Silvan
1c354ca977
ci: improve performance (#5953)
* pipeline runs on ubuntu instead of docker
* added Makefile to build zitadel core (backend) and console (frontend)
* pipeline runs in parallel where possible
* pipeline is split into multiple jobs
* removed goreleaser
* added command to check if zitadel instance is running
2023-07-17 10:08:20 +02:00
Florian Forster
bcf4bfc585
fix: autofill related issues (#6201) 2023-07-14 12:35:25 +00:00
Livio Spring
80961125a7
feat(API): support V2 token and session token usage (#6180)
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Tim Möhlmann
4589ddad4a
feat: integrate passwap for human user password hashing (#6196)
* feat: use passwap for human user passwords

* fix tests

* passwap config

* add the event mapper

* cleanup query side and api

* solve linting errors

* regression test

* try to fix linter errors again

* pass systemdefaults into externalConfigChange migration

* fix: user password set in auth view

* pin passwap v0.2.0

* v2: validate hashed password hash based on prefix

* resolve remaining comments

* add error tag and translation for unsupported hash encoding

* fix unit test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-14 09:49:57 +03:00
Livio Spring
ee26f99ebf
fix: store auth methods instead of AMR in auth request linking and OIDC Session (#6192)
This PR changes the information stored on the SessionLinkedEvent and (OIDC Session) AddedEvent from OIDC AMR strings to domain.UserAuthMethodTypes, so no information is lost in the process (e.g. authentication with an IDP)
2023-07-12 12:24:01 +00:00
Vlatko Stojkovski
a3a1e245ad
feat: i18n support for Macedonian language (#6178)
* add macedonian language to currently supported languages

* mk yaml login static with en values

* mk json assets with en values

* mk yaml notification static with en values

* add macedonian notification yaml

* mk yaml static with en values

* mk translations for login

* mk translations for internal

* macedonian translations

* - fix lint issues
2023-07-12 08:41:50 +00:00
Livio Spring
14b8cf4894
feat(api): add OIDC session service (#6157)
This PR starts the OIDC implementation for the API V2 including the Implicit and Code Flow.


Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-10 13:27:00 +00:00
Livio Spring
5cba5cd635
fix: set samesite to none for user agent cookie for iframe usage (#6162)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-10 07:51:56 +02:00
Livio Spring
26d63cd233
fix: handle missing parameters in external provider callback (#6158) 2023-07-07 21:04:55 +02:00