Commit Graph

3061 Commits

Author SHA1 Message Date
Livio Spring
266abcb23b
docs: describe session validation (#7548)
* docs: describe session validation

* typo

* resolve comments
2024-03-13 07:24:33 +00:00
Livio Spring
a28b3a1c2d
fix: rendering of TOTP QR code (#7549) 2024-03-12 16:20:42 +00:00
Livio Spring
0e181b218c
feat: implement user schema management (#7416)
This PR adds the functionality to manage user schemas through the new user schema service.
It includes the possibility to create a basic JSON schema and also provides a way on defining permissions (read, write) for owner and self context with an annotation.

Further annotations for OIDC claims and SAML attribute mappings will follow.

A guide on how to create a schema and assign permissions has been started. It will be extended though out the process of implementing the schema and users based on those.

Note:
This feature is in an early stage and therefore not enabled by default. To test it out, please enable the UserSchema feature flag on your instance / system though the feature service.
2024-03-12 13:50:13 +00:00
Fabi
2a39cc16f5
docs: external audit log (#7510)
* docs: external audit log

* docs: cockroach change data capture

* docs: add actions possibility

* docs: change sidebar

* docs: requested changes

* docs: requested changes

* docs: requested changes

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2024-03-11 14:07:58 +00:00
Silvan
4224c7ad3a
chore(core): update dependencies (#7517)
* chore(core): update dependencies

* chore(core): update dependencies
2024-03-11 10:43:56 +00:00
Livio Spring
860b80c9ee
refactor: copy only required frameworks icons from docs in console (#7538) 2024-03-11 08:33:05 +00:00
Silvan
7b537243c4
docs: describe combinations of flow and trigger types (#7519)
* docs(api): describe which flow and trigger types word together

* docs(actions): describe which flow and trigger types work together

* Update management.proto

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-03-11 07:24:24 +00:00
Livio Spring
07ec2efa9d
fix: use correct template package (#7522) 2024-03-11 07:52:02 +01:00
Silvan
60ee2610f2
fix(eventstore): consider IsGlobal-flag of constraints (#7518)
* fix(eventstore): consider `IsGlobal`-flag of constraints

* fix(setup): set `instance_domain`-constraint global
2024-03-08 13:33:53 +00:00
Fabi
fd39729089
docs: add note about x-zitadel-login-client matching pat when building your login ui (#7521)
docs: add note about x-zitadel-login-client matching pat
2024-03-08 13:02:53 +00:00
Stefan Benz
9f72fc63ac
fix: add additional permission tests to user v2 query endpoints (#7382)
Add additional permission integration tests to the user v2 query endpoints including some fixes to correctly check the permissions after the data is known which you want to query.
2024-03-08 08:37:23 +00:00
Stefan Benz
6df4b1b2c2
fix: combine resourceowner query in reduce function for user grant (#7383)
* fix: projection reduce correction with unit tests

* fix: remove eventcout variable as not used anymore

* fix: add errors if resoureowner is not found in user grants reduce
2024-03-08 07:52:59 +00:00
dependabot[bot]
213c425806
chore(deps): bump codecov/codecov-action from 3.1.4 to 4.1.0 (#7470)
* chore(deps): bump codecov/codecov-action from 3.1.4 to 4.1.0

Bumps [codecov/codecov-action](https://github.com/codecov/codecov-action) from 3.1.4 to 4.1.0.
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/codecov/codecov-action/compare/v3.1.4...v4.1.0)

---
updated-dependencies:
- dependency-name: codecov/codecov-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

* add CODECOV_TOKEN

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-03-08 08:20:33 +01:00
dependabot[bot]
87086c190b
chore(deps): bump docker/build-push-action from 4 to 5 (#7469)
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 4 to 5.
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](https://github.com/docker/build-push-action/compare/v4...v5)

---
updated-dependencies:
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-08 06:52:49 +00:00
dependabot[bot]
37eea6940a
chore(deps): bump actions/cache from 3 to 4 (#7473)
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-08 07:38:32 +01:00
Livio Spring
98bd355ce2
chore(workflow): update github actions (#7508) 2024-03-07 15:38:38 +00:00
mffap
89a3ffa6fd
docs(legal): update cookies in privacy policy (#7493)
* docs(legal): update cookies in privacy policy

* add note about customer instances

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@zitadel.com>

* perf: filter events by instance ids (#7489)

fix: filter events by instance ids

* docs: describe DefaultInstance vs FirstInstance (#7487)

* docs: describe DefaultInstance vs FirstInstance

* link to docs

* add better searchable tip to the docs

* add better searchable tip to the docs

* add link

* docs: remove localhost from links (#7503)

* remove visitor analytics

* Update docs/docs/legal/policies/privacy-policy.mdx

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2024-03-07 11:35:22 +00:00
mffap
383b68b48f
docs: add video to quickstart (#7512) 2024-03-06 18:31:49 +00:00
Tim Möhlmann
3af28d29d2
fix(query): optimize instance by domain query (#7513)
fix(query): optimize instance by domain query

On zitadel cloud we noticed an increase in database CPU usage and slightly higher response times.
By analyzes we found that the instance by domain query was wrongly joining all instance_feature rows against all instances.
This PR adds an additional CTE to limit the join set to only the features that apply to the found instance.

The query was introduced with https://github.com/zitadel/zitadel/pull/7356 and part of the v2.47 release.
2024-03-06 18:02:16 +00:00
petrmifek
ab5fc05579
feat(i18n-cs): czech translation improvements (#7511)
Czech translation fixes.
2024-03-06 14:53:31 +00:00
Elio Bischof
680dba1628
docs: don't propose setting a random masterkey to env (#7495)
* docs: don't suggest setting a random masterkey to env

* read masterkey from file

* read masterkey from file
2024-03-06 12:41:17 +00:00
Fabi
258e91cf66
docs: rename instance settings to default settings (#7484)
* docs: rename instance settings to default settings

* docs: correct local reference to docs

* docs: correct local reference to docs

---------

Co-authored-by: Max Peintner <max@caos.ch>
2024-03-06 10:36:04 +00:00
Tim Möhlmann
84f5b9433c
docs: correct usage of key parameter in go login example (#7491)
The example was falsely stating that the key was used for a json private key, obtained from zitadel.
This lead to confusion as we do not use JWT assertion in the example, but PKCE.
Instead, the key is used for symmetric encryption.

https://stackoverflow.com/questions/78080163/zitadel-example-go-webapp-encryption-key/78087242#78087242
2024-03-06 09:29:27 +00:00
dependabot[bot]
c03c054aea
chore(deps): bump docker/setup-qemu-action from 2 to 3 (#7474)
Bumps [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) from 2 to 3.
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](https://github.com/docker/setup-qemu-action/compare/v2...v3)

---
updated-dependencies:
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 08:29:51 +00:00
dependabot[bot]
a8dbb052de
chore(deps): bump actions/upload-artifact from 3 to 4 (#7471)
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 3 to 4.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-03-06 07:26:03 +00:00
Silvan
ec3076c3c8
fix(ListEvents): add aggregate types to filter if not set (#7490) 2024-03-05 15:44:51 +00:00
Tim Möhlmann
dfcc26de1e
fix: assign instance ID to aggregate ID when converting from v1 to v2 feature (#7505)
* fix: assign instance ID to aggregate ID when converting from v1 to v2 feature

This change fixes a mismatch between v1 and v2 aggregate IDs for instance feature events.
The old v1 used a random aggregate ID, while v2 uses the instance ID as aggregate ID.
The adapter was not correctly mapping, which resulted in the projections.instance_features table being filled with wrong instance IDs.

Closes #7501

* fix unit test
2024-03-05 16:12:49 +01:00
Silvan
8f898775c9
docs: remove localhost from links (#7503) 2024-03-05 09:46:42 +00:00
Elio Bischof
3ae4e9e6cf
docs: describe DefaultInstance vs FirstInstance (#7487)
* docs: describe DefaultInstance vs FirstInstance

* link to docs

* add better searchable tip to the docs

* add better searchable tip to the docs

* add link
2024-03-05 08:37:12 +01:00
Elio Bischof
38777b478e
perf: filter events by instance ids (#7489)
fix: filter events by instance ids
2024-03-04 07:56:48 +01:00
Fabi
437c834a40
chore: update github action with correct dependabot actor (#7485) 2024-03-01 07:10:14 +00:00
Livio Spring
ef8d0c86f7
chore: update stable (#7370)
* chore: update stable

* Update release-channels.yaml

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2024-02-29 16:13:20 +00:00
Miguel Cabrerizo
dfd7cba3f4
fix: remove hard requirement of grant type auth code for device code apps + warnings for missing urls (#7429)
* fix: if device Code is selected Auth Code no longer a hard requirement

* fix: create device code app without auth code as grant type

* fix: don't show redirect uris in overview for devicecode app wizard

* feat: reload component when oidc app is updated

* fix: oidcapp is valid grantTypes cannot be empty

* fix: auth code not mandatory if refresh token and device code combined
2024-02-29 15:28:06 +00:00
Silvan
b0e3d3d912
docs(actions): add possibilities to examples text (#7418) 2024-02-29 13:41:35 +01:00
Livio Spring
60a73df459
chore: add github-actions to dependabot (#7468) 2024-02-29 09:17:38 +00:00
Max Peintner
0fcdfe460c
feat(console): integrate app (#7417)
* docs, frameworks view

* project select, integrate app page

* fix search project autocomplete

* framework autocomplete

* framwork select component, integrate, mapping to oidc config

* param

* fix route handler

* setname projectid context

* app-create page without context

* show description of app type, info section

* redirects section

* updatevalue observable

* fix redirect uris section

* i18n

* setup config

* backbutton behavior, cleanup

* cleanup

* lint

* allow other framework jump off

* dev mode warning

* navigate to project

* rm import

* i18n, guide link

* edit name dialog

* show warning for duplicate name
2024-02-28 16:52:21 +00:00
Elio Bischof
f4c72cbe14
feat: improve instance not found error (#7413)
* feat: improve instance not found error

* unit tests

* check if is templatable

* lint

* assert

* compile tests

* remove error templates

* link to instance not found page

* fmt

* cleanup

* lint
2024-02-28 10:49:57 +00:00
Tim Möhlmann
062d153cfe
feat: impersonation roles (#7442)
* partial work done

* test IAM membership roles

* org membership tests

* console :(, translations and docs

* fix integration test

* fix tests

* add EnableImpersonation to security policy API

* fix integration test timestamp checking

* add security policy tests and fix projections

* add impersonation setting in console

* add security settings to the settings v2 API

* fix typo

* move impersonation to instance

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-28 10:21:11 +00:00
Livio Spring
68af4f59c9
fix(api): handle user disabling events correctly in session API (#7380)
This PR makes sure that user disabling events (deactivate, locked, ...) are correctly checked for sessions.
2024-02-28 09:30:05 +00:00
Tim Möhlmann
26d1563643
feat(api): feature flags (#7356)
* feat(api): feature API proto definitions

* update proto based on discussion with @livio-a

* cleanup old feature flag stuff

* authz instance queries

* align defaults

* projection definitions

* define commands and event reducers

* implement system and instance setter APIs

* api getter implementation

* unit test repository package

* command unit tests

* unit test Get queries

* grpc converter unit tests

* migrate the V1 features

* migrate oidc to dynamic features

* projection unit test

* fix instance by host

* fix instance by id data type in sql

* fix linting errors

* add system projection test

* fix behavior inversion

* resolve proto file comments

* rename SystemDefaultLoginInstanceEventType to SystemLoginDefaultOrgEventType so it's consistent with the instance level event

* use write models and conditional set events

* system features integration tests

* instance features integration tests

* error on empty request

* documentation entry

* typo in feature.proto

* fix start unit tests

* solve linting error on key case switch

* remove system defaults after discussion with @eliobischof

* fix system feature projection

* resolve comments in defaults.yaml

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-28 10:55:54 +02:00
Tim Möhlmann
2801167668
chore(make): add docker_image make target (#7440) 2024-02-27 16:29:09 +00:00
Fabi
53099a282a
docs: log module for actions (#7448)
* docs: log module for actions

* Update modules.md

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-02-27 08:39:21 +00:00
Livio Spring
b877abd7a2
fix(login): ignore domain suffix for email / phone check (#7446)
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-26 14:05:18 +00:00
Fabi
0542b29517
docs: Contribution guidelines (#7443)
* docs: gender neutrality

* docs: gender neutrality

* docs: gender neutrality

* Update docs/docs/concepts/features/identity-brokering.md

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/mfa.mdx

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update docs/docs/guides/integrate/login-ui/passkey.mdx

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update internal/static/i18n/en.yaml

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* Update internal/static/i18n/en.yaml

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-26 13:11:09 +00:00
Stefan Benz
2731099db3
feat: add executions for actions v2 (#7433)
* feat: add events for execution

* feat: add events for execution and command side

* feat: add events for execution and command side

* feat: add api endpoints for set and delete executions with integration tests

* feat: add integration and unit tests and more existence checks

* feat: add integration and unit tests and more existence checks

* feat: unit tests for includes in executions

* feat: integration tests for includes in executions

* fix: linting

* fix: update internal/api/api.go

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: update internal/command/command.go

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: apply suggestions from code review

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix: change api return

* fix: change aggregateID with prefix of execution type and add to documentation

* fix: change body in proto for documentation and correct linting

* fix: changed existing check to single query in separate writemodel

* fix: linter changes and list endpoints for conditions in executions

* fix: remove writemodel query on exeuction set as state before is irrelevant

* fix: testing for exists write models and correction

* fix: translations for errors and event types

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2024-02-26 12:49:43 +02:00
mffap
ce7ebffa84
docs: update headings for custom login ui (#7453)
update headings for custom login ui
2024-02-26 10:02:07 +00:00
mffap
da8a79f280
docs(integrate): Update login users docs (#7414)
* wip

* update intro of device auth

* add custom domain concept

* wip sidebar

* wip introduction

* add passkeys

* replace azure ad with entra id

* wip

* wip

* login methods

* expand sections automatically

* update selfservice docs

* wip - hosted done

* move onboarding

* clean up

* wip

* unbreak my hrefs

* finish login users

* update managers

* add console as feature

* update b2b with multi-tenancy

* update saml

* update console concept

* add opaque tokens as knowledge

* redirects

* intro b2b

* remove login/saml

* unbreak link

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne@zitadel.com>

* passkeys: add custom domain first

* update passkeys

* Apply suggestions from code review

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/guides/integrate/login/login-users.mdx

Co-authored-by: Florian Forster <florian@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
2024-02-26 13:04:09 +05:30
Tim Möhlmann
1890e28f79
fix(eventstore): retry push on primary key sequence collision (#7420)
* fix(eventstore): retry push on primary key sequence collision

* MaxRetries config option and unit test
2024-02-23 08:29:10 +00:00
Omar Mokhtar
71373caab3
docs(integrate): fix typo in logout page (#7438)
fix typo in logout.md
2024-02-23 07:49:41 +00:00
Elio Bischof
4f54cfb0a9
fix(projections): stop updating creation dates (#6930)
* feat: return 404 or 409 if org reg disallowed

* fix: system limit permissions

* feat: add iam limits api

* feat: disallow public org registrations on default instance

* add integration test

* test: integration

* fix test

* docs: describe public org registrations

* avoid updating docs deps

* fix system limits integration test

* silence integration tests

* fix linting

* ignore strange linter complaints

* review

* improve reset properties naming

* redefine the api

* use restrictions aggregate

* test query

* simplify and test projection

* test commands

* fix unit tests

* move integration test

* support restrictions on default instance

* also test GetRestrictions

* self review

* lint

* fix(projections): stop updating creation dates

* abstract away resource owner

* fix tests

* update main

* fix tests
2024-02-22 17:25:47 +00:00