Commit Graph

738 Commits

Author SHA1 Message Date
Elio Bischof
31ec1d83b9
feat: enable otp email and sms (#6260)
* feat: enable otp email and sms

* feat: enable otp factors in login settings

* remove tests without value

* translate second factors

* don't add new factors yet

* add comment

* add factors to docs

* backward compatible settings api

* compile tests

* add available 2fa types

* test: add mapping tests

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-28 07:39:30 +02:00
Livio Spring
2fe76acd14
feat: add secret generators for OTP (#6262)
This PR adds configuration options for OTP codes through Admin API.
2023-07-26 11:00:41 +00:00
Livio Spring
13e284dd56
fix: ensure resource owner in update human profile (#6253) 2023-07-21 13:42:24 +00:00
Livio Spring
cd5e176e30
fix: user grant by id (#6242) 2023-07-21 11:04:55 +00:00
daniel_michalichyn
fcc1acbf81
feat: Brazilian Portuguese internationalization (#6185)
* feat: Brazilian Portuguese internationalization

Co-authored-by: Daniel Michalichyn <daniel.henrique@st-one.io>
2023-07-20 04:40:45 +00:00
Livio Spring
fed15574f6
feat: allow to force MFA local only (#6234)
This PR adds an option to the LoginPolicy to "Force MFA for local users", so that users authenticated through an IDP must not configure (and verify) an MFA.
2023-07-20 04:06:16 +00:00
Livio Spring
59f3c328ec
feat(OIDC): add support for end_session for V2 tokens (#6226)
This PR adds support for the OIDC end_session_endpoint for V2 tokens. Sending an id_token_hint as parameter will directly terminate the underlying (SSO) session and all its tokens. Without this param, the user will be redirected to the Login UI, where he will able to choose if to logout.
2023-07-19 13:17:39 +02:00
Livio Spring
e1b3cda98a
feat(OIDC): support token revocation of V2 tokens (#6203)
This PR adds support for OAuth2 token revocation of V2 tokens.

Unlike with V1 tokens, it's now possible to revoke a token not only from the authorized client / client which the token was issued to, but rather from all trusted clients (audience)
2023-07-17 14:33:37 +02:00
Silvan
1c354ca977
ci: improve performance (#5953)
* pipeline runs on ubuntu instead of docker
* added Makefile to build zitadel core (backend) and console (frontend)
* pipeline runs in parallel where possible
* pipeline is split into multiple jobs
* removed goreleaser
* added command to check if zitadel instance is running
2023-07-17 10:08:20 +02:00
Florian Forster
bcf4bfc585
fix: autofill related issues (#6201) 2023-07-14 12:35:25 +00:00
Livio Spring
80961125a7
feat(API): support V2 token and session token usage (#6180)
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Tim Möhlmann
4589ddad4a
feat: integrate passwap for human user password hashing (#6196)
* feat: use passwap for human user passwords

* fix tests

* passwap config

* add the event mapper

* cleanup query side and api

* solve linting errors

* regression test

* try to fix linter errors again

* pass systemdefaults into externalConfigChange migration

* fix: user password set in auth view

* pin passwap v0.2.0

* v2: validate hashed password hash based on prefix

* resolve remaining comments

* add error tag and translation for unsupported hash encoding

* fix unit test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-14 09:49:57 +03:00
Livio Spring
ee26f99ebf
fix: store auth methods instead of AMR in auth request linking and OIDC Session (#6192)
This PR changes the information stored on the SessionLinkedEvent and (OIDC Session) AddedEvent from OIDC AMR strings to domain.UserAuthMethodTypes, so no information is lost in the process (e.g. authentication with an IDP)
2023-07-12 12:24:01 +00:00
Vlatko Stojkovski
a3a1e245ad
feat: i18n support for Macedonian language (#6178)
* add macedonian language to currently supported languages

* mk yaml login static with en values

* mk json assets with en values

* mk yaml notification static with en values

* add macedonian notification yaml

* mk yaml static with en values

* mk translations for login

* mk translations for internal

* macedonian translations

* - fix lint issues
2023-07-12 08:41:50 +00:00
Livio Spring
14b8cf4894
feat(api): add OIDC session service (#6157)
This PR starts the OIDC implementation for the API V2 including the Implicit and Code Flow.


Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-10 13:27:00 +00:00
Livio Spring
5cba5cd635
fix: set samesite to none for user agent cookie for iframe usage (#6162)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-10 07:51:56 +02:00
Livio Spring
26d63cd233
fix: handle missing parameters in external provider callback (#6158) 2023-07-07 21:04:55 +02:00
Livio Spring
6319fdda9e
fix: add scope profile to PAT (#6154)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-07 17:31:42 +02:00
Livio Spring
59d67bde5f
fix: return secret generators (#6159) 2023-07-07 14:46:02 +00:00
Livio Spring
94fdb9a022
fix: org metadata query (#6161)
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-07 15:48:41 +02:00
Fabi
5182cb3ce3
fix: rename to given and family name (#6152)
* fix: rename to given and family name

* fix: rename to given and family name

* fix: rename to given and family name
2023-07-07 13:13:45 +00:00
Stefan Benz
d8b823660b
fix: add .txt ending to domain validation as given in console (#6079)
* fix: add .txt ending to domain validation as given in console

* fix console

---------

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-07 11:50:45 +00:00
Max Peintner
699fc86d1b
fix(login): improve and streamline identity provider styles (#5456)
* fix: login idp styles

* rem dead code
2023-07-07 11:17:08 +00:00
Livio Spring
9fed1a7a5b
fix: add font color on new label policy (#6155) 2023-07-07 09:21:10 +00:00
Tim Möhlmann
c0e45b63d8
fix: reset the call timestamp after a bulk trigger (#6080)
* reproduce #5808

Add an integration test that imports and gets N amount of human users.
- With N set to 1-10 the operation seems to succeed always
- With N set to 100 the operation seems to fail between 1 and 7 times.

* fix merge issue

* fix: reset the call timestamp after a bulk trigger

With the use of `AS OF SYSTEM TIME` in queries,
there was a change for the query package not
finding the latest projection verson after
a bulk trigger.
If events where processed in the bulk trigger,
the resulting row timestamp would be after the call
start timestamp.
This sometimes resulted in consistency issues when
Set and Get API methods are called in short succession.
For example a Import and Get user could sometimes result in a Not Found
error.

Although the issue was reported for the Management API user import,
it is likely this bug contributed to the flaky integration and e2e tests.

Fixes #5808

* trigger bulk action in GetSession

* don't use the new context in handler schedule

* disable reproduction test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-07 08:15:05 +00:00
Miguel Cabrerizo
ae31aa52e4
fix: 404 if asset object not found (#6149)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-07 09:34:50 +02:00
Elio Bischof
bb756482c7
feat: push telemetry (#6027)
* document analytics config

* rework configuration and docs

* describe HandleActiveInstances better

* describe active instances on quotas better

* only projected events are considered

* cleanup

* describe changes at runtime

* push milestones

* stop tracking events

* calculate and push 4 in 6 milestones

* reduce milestone pushed

* remove docs

* fix scheduled pseudo event projection

* push 5 in 6 milestones

* push 6 in 6 milestones

* ignore client ids

* fix text array contains

* push human readable milestone type

* statement unit tests

* improve dev and db performance

* organize imports

* cleanup

* organize imports

* test projection

* check rows.Err()

* test search query

* pass linting

* review

* test 4 milestones

* simplify milestone by instance ids query

* use type NamespacedCondition

* cleanup

* lint

* lint

* dont overwrite original error

* no opt-in in examples

* cleanup

* prerelease

* enable request headers

* make limit configurable

* review fixes

* only requeue special handlers secondly

* include integration tests

* Revert "include integration tests"

This reverts commit 96db9504ec.

* pass reducers

* test handlers

* fix unit test

* feat: increment version

* lint

* remove prerelease

* fix integration tests
2023-07-06 08:38:13 +02:00
Livio Spring
bd5defa96a
fix: provide domain in session, passkey and u2f (#6097)
This fix provides a possibility to pass a domain on the session, which
will be used (as rpID) to create a passkey / u2f assertion and
attestation. This is useful in cases where the login UI is served under
a different domain / origin than the ZITADEL API.
2023-06-27 14:36:07 +02:00
Tim Möhlmann
56e33ce1a7 fix: rename OTP to TOTP in v2 alpha user api
This change renames the v2 user OTP registration endpoints and objects
to TOTP.
Also the v2 related code paths have been renamed to TOTP.

This change was discussed during the sprint review.
2023-06-22 12:06:32 +02:00
Stefan Benz
1b5d6ce89e
feat: session checks with intent (#6031)
* feat: session checks with intent

* feat: session checks with intent

* fix: integration tests for intent session

* fix: integration tests for intent session

* fix merge

* fix: integration tests for intent session

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-21 14:06:18 +00:00
Livio Spring
84085478ec
fix(login): ensure auth request information is up-to-date in external user check (#6060) 2023-06-21 05:00:03 +00:00
Livio Spring
7046194530
feat(api): list authentication method types in user api v2 (#6058) 2023-06-20 16:23:28 +00:00
Livio Spring
82e7333169
feat(api): add password reset and change to user service (#6036)
* feat(api): add password reset and change to user service

* integration tests

* invalidate password check after password change

* handle notification type

* fix proto
2023-06-20 17:34:06 +02:00
Livio Spring
1017568cf1
fix: provide more information in the retrieve idp information (#5927)
* fix: provide more information in the retrieve idp information

* change raw_information to proto struct

* change unmarshal

* improve description
2023-06-20 14:39:50 +02:00
Tim Möhlmann
09aafb35eb
feat(v2): implement user register OTP (#6030)
* feat(v2): implement user register OTP

* feat(v2): implement user verify OTP

* session: retry on permission denied
2023-06-20 10:36:21 +00:00
Florian Forster
62f424e69a
chore: translation error in fr (#6052) 2023-06-19 09:59:14 +00:00
dian mushkov
4378eb7cb5
feat: internationalization Bulgarian (#5998)
* Feature BG init

* lint fix

* Fix merge conflict

* merge main branch add bg lang

* reference centrally defined langs

* refactor supportedLanguages

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-06-16 17:35:03 +02:00
Livio Spring
1c8037f291
fix: external user check (#6038) 2023-06-16 10:27:43 +02:00
Stefan Benz
8dfaa1dfa5
fix: check if application is active in saml logic (#6003)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-15 11:04:27 +02:00
Stefan Benz
2d13d412a2
fix: update linking users if action changed values (#6024)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-15 07:02:53 +00:00
Stefan Benz
855d6b1bd5
fix: nil pointer on create instance add machine (#6000)
* fix: nil pointer on create instance add machine

* fix: instance setup with machine user pat

* fix: correct logic to write pat and key from setup without configurable scope

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-06-15 06:16:39 +00:00
Tim Möhlmann
2e323e8044
feat(v2): register user u2f (#6020) 2023-06-15 05:32:40 +00:00
Max Peintner
58cfb94e1d
fix(login): url safe encoding base64 (#5983)
* url safe encoding base64

* js rm export

* fix: publish docker image

* rm releaserc

---------

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-06-08 09:27:03 +02:00
Stefan Benz
5562ee94a6
feat: migrate external idp to other types (#5984)
* feat: migrate instance oidc to azureAD

* feat: migrate instance oidc to azureAD

* feat: migrate org oidc to azureAD

* feat: migrate oidc to google

* fix: correct idp writemodels

* fix: review changes
2023-06-08 00:50:53 +02:00
Stefan Benz
0b1738dc5d
fix: check linked users before postAuthentication action (#5980)
* fix: check linked users before postAuthentication action

* fix: apply suggestions from code review

Co-authored-by: Silvan <silvan.reusser@gmail.com>

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-06-08 00:16:02 +02:00
Tim Möhlmann
f456168a74
feat: session v2 passkey authentication (#5952) 2023-06-07 17:28:42 +02:00
Tim Möhlmann
d5eaa8fa16
fix: display loginname in machine client credentials (#5936) 2023-05-26 13:04:45 +00:00
Stefan Benz
9aed0319c5
fix: token for post authentication action and change phone and email (#5933)
* fix: token for post authentication action and change phone and email

* fix checks and add tests

* improve change checks and add tests

* add more tests

* remove unintended test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-26 07:24:52 +00:00
Stefan Benz
fa8f191812
feat: v2alpha user service idp endpoints (#5879)
* feat: v2alpha user service idp endpoints

* feat: v2alpha user service intent endpoints

* begin idp intents (callback)

* some cleanup

* runnable idp authentication

* cleanup

* proto cleanup

* retrieve idp info

* improve success and failure handling

* some unit tests

* grpc unit tests

* add permission check AddUserIDPLink

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* feat: v2alpha intent writemodel refactoring

* provider from write model

* fix idp type model and add integration tests

* proto cleanup

* fix integration test

* add missing import

* add more integration tests

* auth url test

* feat: v2alpha intent writemodel refactoring

* remove unused functions

* check token on RetrieveIdentityProviderInformation

* feat: v2alpha intent writemodel refactoring

* fix TestServer_RetrieveIdentityProviderInformation

* fix test

* i18n and linting

* feat: v2alpha intent review changes

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-24 18:29:58 +00:00
Tim Möhlmann
a301c40f9f
feat: implement register Passkey user API v2 (#5873)
* command/crypto: DRY the code

- reuse the the algorithm switch to create a secret generator
- add a verifyCryptoCode function

* command: crypto code tests

* migrate webauthn package

* finish integration tests with webauthn mock client
2023-05-24 10:22:00 +00:00
Elio Bischof
2e86c44aa5
fix: delete cookies (#5885)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-19 05:12:31 +00:00
Elio Bischof
885e3385aa
fix: send exhausted property in env json (#5877) 2023-05-17 11:41:54 +02:00
Livio Spring
383e68b819
Merge branch 'main' into grcp-server-reflect 2023-05-16 10:51:32 +02:00
Elio Bischof
0e251a29c8
fix: set exhausted cookie with env json (#5868)
* fix: set exhausted cookie with env json

* lint
2023-05-15 08:51:02 +02:00
Silvan
098c27d3da
fix: render authrequest id only if possible (#5823) 2023-05-11 16:02:34 +00:00
Stefan Benz
8d13f170e8
feat(api): new settings service (#5775)
* feat: add v2alpha policies service

* feat: add v2alpha policies service

* fix: rename of attributes and messages in v2alpha api

* fix: rename of attributes and messages in v2alpha api

* fix: linter corrections

* fix: review corrections

* fix: review corrections

* fix: review corrections

* fix: review corrections

* fix grpc

* refactor: rename to settings and more

* Apply suggestions from code review

Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>

* add service to docs and rename legal settings

* unit tests for converters

* go mod tidy

* ensure idp name and return list details

* fix: use correct resource owner for active idps

* change query to join

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-11 09:23:40 +00:00
Elio Bischof
35a0977663
fix: improve exhausted SetCookie header (#5789)
* fix: remove access interceptor for console

* feat: template quota cookie value

* fix: send exhausted cookie from grpc-gateway

* refactor: remove ineffectual err assignments

* Update internal/api/grpc/server/gateway.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

* use dynamic host header to find instance

* add instance mgmt url to environment.json

* support hosts with default ports

* fix linting

* docs: update lb example

* print access logs to stdout

* fix grpc gateway exhausted cookies

* cleanup

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-11 09:24:44 +02:00
Tim Möhlmann
1461d9ec6d Merge branch 'main' into grcp-server-reflect 2023-05-07 16:47:52 +02:00
Tim Möhlmann
62b4c31834 add server reflection to Probes list 2023-05-07 16:47:43 +02:00
Livio Spring
c2cb84cd24
feat(api): new session service (#5801)
* backup new protoc plugin

* backup

* session

* backup

* initial implementation

* change to specific events

* implement tests

* cleanup

* refactor: use new protoc plugin for api v2

* change package

* simplify code

* cleanup

* cleanup

* fix merge

* start queries

* fix tests

* improve returned values

* add token to projection

* tests

* test db map

* update query

* permission checks

* fix tests and linting

* rework token creation

* i18n

* refactor token check and fix tests

* session to PB test

* request to query tests

* cleanup proto

* test user check

* add comment

* simplify database map type

* Update docs/docs/guides/integrate/access-zitadel-system-api.md

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>

* fix test

* cleanup

* docs

---------

Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-05-05 15:34:53 +00:00
Miguel Cabrerizo
3ca7147808
fix: introduce measures to avoid bots crawling and indexing activities (#5728)
* fix: 404 for robots.txt and meta robots tags

* fix: add unit tests for robots txt and tag

* fix: add meta tag robots none for login pages

* fix: weird format issue in header.go

* fix: add x-robots-tag=none to grpcwebserver

* fix linting

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-05-05 10:25:02 +02:00
Livio Spring
f1534c0c4c
refactor: use new protoc plugin for api v2 (#5798)
* refactor: use new protoc plugin for api v2

* simplify code
2023-05-04 08:50:19 +00:00
Tim Möhlmann
4934d6f4fa Merge branch 'main' into integration-tests 2023-05-02 19:24:37 +03:00
Tim Möhlmann
c839cb3ce0 tie loose ends, documentation 2023-05-02 19:24:24 +03:00
Livio Spring
e0505b2def
fix: use correct org id for external authentication actions (#5793) 2023-05-02 16:03:33 +00:00
Silvan
40bf7e49cc
fix: correct tracing in access interceptor (#5766) 2023-05-02 08:46:44 +00:00
Tim Möhlmann
f011882b2d Merge branch 'main' into grcp-server-reflect 2023-04-30 14:40:13 +03:00
Tim Möhlmann
498c4436ae inegration tests for user email 2023-04-28 17:44:59 +03:00
Tim Möhlmann
4b7f5ae186 AddHumanUser tests 2023-04-28 14:39:53 +03:00
Tim Möhlmann
11ab645bb7 Merge branch 'main' into integration-tests 2023-04-27 12:47:35 +03:00
Tim Möhlmann
1dc46b16b0 remove negated integration tags 2023-04-26 19:55:13 +03:00
Tim Möhlmann
90ba3a8d92 poll on test start 2023-04-26 19:54:47 +03:00
Livio Spring
6774e7f444
fix: handle userID and context correctly (#5755)
* fix: handle userID and context correctly

* fix linting
2023-04-26 16:19:32 +02:00
Livio Spring
e4a4b7cfbe
feat(api): add user creation to user service (#5745)
* chore(proto): update versions

* change protoc plugin

* some cleanups

* define api for setting emails in new api

* implement user.SetEmail

* move SetEmail buisiness logic into command

* resuse newCryptoCode

* command: add ChangeEmail unit tests

Not complete, was not able to mock the generator.

* Revert "resuse newCryptoCode"

This reverts commit c89e90ae35.

* undo change to crypto code generators

* command: use a generator so we can test properly

* command: reorganise ChangeEmail

improve test coverage

* implement VerifyEmail

including unit tests

* add URL template tests

* begin user creation

* change protos

* implement metadata and move context

* merge commands

* proto: change context to object

* remove old auth option

* remove old auth option

* fix linting errors

run gci on modified files

* add permission checks and fix some errors

* comments

* comments

* update email requests

* rename proto requests

* cleanup and docs

* simplify

* simplify

* fix setup

* remove unused proto messages / fields

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-26 07:47:57 +02:00
Elio Bischof
c12c2f09a4
fix: switch log level of failed locks to debug (#5746) 2023-04-25 19:20:59 +02:00
Tim Möhlmann
79084089ea add github action for integration tests 2023-04-25 18:11:04 +03:00
Tim Möhlmann
a22b58f1c0 simple test of a health endpoint 2023-04-25 15:04:35 +03:00
Silvan
095ec21678
feat: user v2alpha email API (#5708)
* chore(proto): update versions

* change protoc plugin

* some cleanups

* define api for setting emails in new api

* implement user.SetEmail

* move SetEmail buisiness logic into command

* resuse newCryptoCode

* command: add ChangeEmail unit tests

Not complete, was not able to mock the generator.

* Revert "resuse newCryptoCode"

This reverts commit c89e90ae35.

* undo change to crypto code generators

* command: use a generator so we can test properly

* command: reorganise ChangeEmail

improve test coverage

* implement VerifyEmail

including unit tests

* add URL template tests

* proto: change context to object

* remove old auth option

* remove old auth option

* fix linting errors

run gci on modified files

* add permission checks and fix some errors

* comments

* comments

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 09:02:29 +02:00
Tim Möhlmann
5819924275
feat: device authorization RFC 8628 (#5646)
* device auth: implement the write events

* add grant type device code

* fix(init): check if default value implements stringer

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-19 08:46:02 +00:00
Miguel Cabrerizo
d140f9373a
feat: Zitadel translated into Spanish (#5634)
* feat: spanish translation in progress

* feat: 85% of translated strings

* feat: spanish translation 95% done

* fix: fix some typos

* fix: add missing translations for recent commits

* Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-14 15:53:19 +02:00
Tim Möhlmann
27e9852367 feat: enable grpc server reflection 2023-04-14 16:34:12 +03:00
Max Peintner
2ec36bd63b
fix(console): add state filter to org table, filter context (#5650)
* fix: add state filter to org table, filter context

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-12 15:02:54 +02:00
Silvan
ed2588f13d
fix(idp): handle scopes in azureAD (#5665) 2023-04-12 07:27:07 +02:00
Silvan
c216d6effd
fix(mfa): correct change url (#5663) 2023-04-11 19:27:18 +02:00
Max Peintner
1c1d66cbe8
chore(console): remove first and lastName fallback from user (#5629)
* chore(console): remove first and lastName fallback from user

* use display name and ensure it's set without required name fields

* add user type to user grant and memberships responses

* contributor, members

* fix avatar display checks

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-04-11 15:56:51 +00:00
Livio Spring
8bf36301ed
feat: allow skip of success page for native apps (#5627)
add possibility to return to callback directly after login without rendering the successful login page
2023-04-11 15:07:32 +00:00
Livio Spring
b3d8787921
feat: add new api services (#5619)
* feat: add new services

* improve demos and comments

* remove unused field

* add comment to demo proto calls

* Apply suggestions from code review

Co-authored-by: Silvan <silvan.reusser@gmail.com>

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-04-11 15:37:42 +02:00
Stefan Benz
440ba9f5ef
fix: update saml to v0.0.11 (#5628)
* fix: update saml to v0.0.11

* chore: remove unused sum

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-11 07:39:12 +00:00
Livio Spring
991a56341b
fix: role claims mapping (#5601)
* fix: role claims mapping

* update oidc pkg

* update oidc pkg
2023-04-04 12:36:39 +00:00
Silvan
e688954308
feat: role claims for service user tokens (#5577)
tokens of service users can now contain role claims by requesting them through scopes
2023-04-03 14:26:51 +02:00
Miguel Cabrerizo
1b9cea0e0c
feat: add Help/Support e-mail for instance/org (#5445)
feat: help and support email in privacy policy
2023-03-28 21:36:52 +02:00
Stefan Benz
12a7c4b994
fix: correct conditions for user update after actions in post authent… (#5535)
Correct conditions on when the user gets updated through actions in post-authentication, with an added boolean for checking if anything changed in the actions.
2023-03-28 12:53:21 +00:00
Tim Möhlmann
25c3c17986
chore: upgrade to oidc v2 release (#5437)
* chore: upgrade to oidc v2 release

* fix tests

* fix build errors after rebase

* pin oidc v2.1.0

* pin oidc v2.1.1 (include bugfix)

* pin oidc v2.1.2 (include bugfix)

* pin oidc v2.2.1 (bugfix)

include fix zitadel/oidc#349

* fix: refresh token handling

* simplify cognitive complexity

* fix: handle error

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-28 11:28:56 +00:00
Stefan Benz
41ff0bbc63
feat: ldap provider login (#5448)
Add the logic to configure and use LDAP provider as an external IDP with a dedicated login GUI.
2023-03-24 15:18:56 +00:00
Fabi
cf1ac30970
fix: remove unnecessary cancel button as cancel is not possible (#5511)
* fix: remove unnecessary cancel button as cancel is not possible

* fix: add missing tranlation

* fix: add missing tranlation

* docs: missing translations

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-24 08:00:56 +00:00
Livio Spring
1cf84b5a56
fix: map metadata correctly in actions (#5526) 2023-03-23 14:28:53 +01:00
tharuta
a8fe15829e
feat: internationalization Japanese (recreated) (#5513)
japanese translation

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-03-22 07:30:46 +01:00
Livio Spring
4ca50e0802
fix: check for empty applicationID on assertRoles (#5509)
* fix: check for empty applicationID on assertRoles

* remove unintended added file
2023-03-21 08:59:44 +01:00
Silvan
a3b36a0138
refactor(changes): use queries.SearchEvents (#5388)
* refactor(changes): use `queries.SearchEvents`

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-17 09:14:06 +00:00
Elio Bischof
09abf06d4d
refactor: rename config structs (#5459) 2023-03-16 17:24:30 +00:00
Livio Spring
1896f13952
fix: use idToken for mapping when using old configs (#5458)
* fix: use idToken for mapping when using old configs

* fix events and add tests
2023-03-16 16:47:22 +01:00
Elio Bischof
fecd197bf2
fix: open dialogs (#5451) 2023-03-15 14:40:35 +00:00
Livio Spring
5a307afe62
feat: add azure provider templates (#5441)
Adds possibility to manage and use Microsoft Azure template based providers
2023-03-15 07:48:37 +01:00
Elio Bischof
e00cc187fa
fix: make user creation errors helpful (#5382)
* fix: make user creation errors helpful

* fix linting and unit testing errors

* fix linting

* make zitadel config reusable

* fix human validations

* translate ssr errors

* make zitadel config reusable

* cover more translations for ssr

* handle email validation message centrally

* fix unit tests

* fix linting

* align signatures

* use more precise wording

* handle phone validation message centrally

* fix: return specific profile errors

* docs: edit comments

* fix unit tests

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-14 19:20:38 +00:00
Stefan Benz
f99cf50f69
fix: add authURLParams to urls for external idps (#5404)
add authURL parameters to urls for external IDPs, depended on the contents of the authRequest

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-14 15:42:29 +00:00
Livio Spring
c0843e6b4c
feat: add gitlab provider templates (#5405)
* feat(api): add google provider template

* refactor reduce functions

* handle removed event

* linting

* fix projection

* feat(api): add generic oauth provider template

* feat(api): add github provider templates

* feat(api): add github provider templates

* fixes

* proto comment

* fix filtering

* requested changes

* feat(api): add generic oauth provider template

* remove wrongly committed message

* increase budget for angular build

* fix linting

* fixes

* fix merge

* fix merge

* fix projection

* fix merge

* updates from previous PRs

* enable github providers in login

* fix merge

* fix test and add github styling in login

* cleanup

* feat(api): add gitlab provider templates

* fix: merge

* fix display of providers in login

* implement gitlab in login and make prompt `select_account` optional since gitlab can't handle it

* fix merge

* fix merge and add tests for command side

* requested changes

* requested changes

* Update internal/query/idp_template.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* fix merge

* requested changes

---------

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-13 17:34:29 +01:00
Silvan
eb4f7c5d7c
fix(auth): update user grants before check (#5406) 2023-03-13 08:03:49 +01:00
Livio Spring
26fdc3e84e
fix(api): return id_attribute of oauth provider (#5397) 2023-03-09 06:13:43 +00:00
Livio Spring
8cbde57047
fix(api): allow HTTP/1.1 for grpc-web (#5376)
Handles grpc-web on HTTP/1.1 with H2C for HTTP/2, but does not enforce it.
2023-03-08 18:33:43 +00:00
Silvan
20e4f1ce57
feat(actions): add fields to complement token flow (#5336)
* deprecated `ctx.v1.userinfo`-field in "pre userinfo creation" trigger in favour of `ctx.v1.claims`. The trigger now behaves the same as "pre access token creation"
* added `ctx.v1.claims` to "complement tokens" flow
* added `ctx.v1.grants` to "complement tokens" flow
* document `ctx.v1.getUser()` in "complement tokens" flow

* feat(actions): add getUser() and grant

* map user grants

* map claims

* feat(actions): claims in complement token ctx

* docs(actions): add new fields of complement token

* docs(actions): additions to complement token

* docs(actions): correct field names
2023-03-08 15:26:28 +01:00
Livio Spring
3042d7ef5c
feat: add github provider template (#5334)
Adds possibility to manage and use GitHub (incl. Enterprise Server) template based providers
2023-03-08 10:17:28 +00:00
Livio Spring
2efa305e10
fix: use of generic oauth provider (#5345)
Adds a id_attribute to the GenericOAuthProvider, which is used to map the external User. Further mapping can be done in actions by using the `rawInfo` of the new `ctx.v1.providerInfo` field.
2023-03-03 10:38:49 +00:00
Livio Spring
966df56026
fix(providers): set prompt select_account again (#5329) 2023-03-01 07:17:51 +00:00
Livio Spring
48f9815b7c
feat(login): use new IDP templates (#5315)
The login uses the new template based IDPs with backwards compatibility for old IDPs
2023-02-28 21:20:58 +01:00
Silvan
e38abdcdf3
perf: query data AS OF SYSTEM TIME (#5231)
Queries the data in the storage layser at the timestamp when the call hit the API layer
2023-02-27 22:36:43 +01:00
Livio Spring
80003939ad
feat(api): add oidc and jwt provider template (#5290)
Adds possibility to manage OIDC and JWT template based providers
2023-02-27 16:32:18 +01:00
Max Peintner
9396e8b2f5
fix(console): use authService for auth user page (#5233)
* auth grant

* fix: add missing attributes to ListMyUserGrantsResponse

* user grants typing

* typing

* auth grant link

* disable without role

* edit with auth grant

* chore(console): auto organize imports (#5293)

fix(console): auto organize imports

* Update console/src/app/modules/user-grants/user-grants-datasource.ts

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/app/modules/user-grants/user-grants-datasource.ts

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/app/modules/user-grants/user-grants-datasource.ts

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* linter, rm unused import

* add examples again

* lint

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-02-27 12:03:44 +01:00
Livio Spring
82ffd6dffb
fix(actions): provide browser info and handle nil pointer (#5277)
* fix(actions): provide browser info and handle nil pointer

* fix(actions): use correct user id in post registration

---------

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-02-24 16:13:11 +01:00
Livio Spring
737d14e81b
feat(api): add generic oauth provider template (#5260)
adds functionality to manage templates based OIDC IDPs
2023-02-24 15:16:06 +01:00
Livio Spring
40e7356f3e
feat(api): add google provider template (#5247)
add functionality to manage templates based Google IDP
2023-02-21 17:18:28 +00:00
Miguel Cabrerizo
7fc3ecf665
feat: request users ordered by creation date (#5160)
* feat: request users ordered by creation date

* fix: missing case for creationDate in user-table

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-17 13:15:21 +00:00
Stefan Benz
586495a0be
feat: add management for ldap idp template (#5220)
Add management functionality for LDAP idps with templates and the basic functionality for the LDAP provider, which can then be used with a separate login page in the future.

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-02-15 08:14:59 +00:00
Elio Bischof
681541f41b
feat: add quotas (#4779)
adds possibilities to cap authenticated requests and execution seconds of actions on a defined intervall
2023-02-15 02:52:11 +01:00
Max Peintner
df4a173264
feat(console): machine user accesstoken type (#5196)
Set machine user Access Token type
2023-02-14 17:05:55 +01:00
uiopak
84fa20f1ce
feat: internationalization Polish (#5117)
* Add Polish translations

* Add references to Polish translations in files

* Make a consistent translation of languages in Chinese translation

* Add missing language references to fr, it and zh

* Translation corrections

* Add missing language references to zh

* Translation corrections

* add latest translation keys

* Translation corrections and addition of some new ones

* translate auth requests exhausted

* add new untranslated keys

* Translation corrections, fix indentation

---------

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2023-02-13 12:03:34 +01:00
Livio Spring
8ef13d77e7
fix(actions): check for nil pointer on set claims in access_token (#5172) 2023-02-09 06:27:39 +00:00
Stefan Benz
3616b6b028
feat(api): allow specifying access_token type (opaque/JWT) for service users (#5150)
Add functionality to configure the access token type on the service accounts to provide the oidc library with the necessary information to create the right type of access token.
2023-02-08 08:06:34 +00:00
Livio Spring
44a995c660
fix: only remove idp links from users of own organisation (#5156)
ensure linked users of the (instance) idp are only affected if they are part of the organisation where the idp is removed from the login policy
2023-02-03 14:56:19 +07:00
Stefan Benz
e2fdd3f077
feat: support client_credentials for service users (#5134)
Request an access_token for service users with OAuth 2.0 Client Credentials Grant. Added functionality to generate and remove a secret on service users.
2023-01-31 19:52:47 +00:00
Stefan Benz
eb17d0c378
feat: add http request to interal and external authentication actions (#5103)
Add functionality to provide http.Request and authError to actions for logging or other logic.
2023-01-26 10:40:49 +00:00
Silvan
c54ddc71a2
feat(actions): local users (#5089)
Actions are extended to to local users. It's possible to run custom code during registration and authentication of local users.
2023-01-25 13:08:01 +00:00
Stefan Benz
19621acfd3
feat: add notification policy and password change message (#5065)
Implementation of new notification policy with functionality to send email when a password is changed
2023-01-25 09:49:41 +01:00
Fabi
8b5894c0bb
fix: add description to password screen (#5096) 2023-01-24 09:46:31 +00:00
Silvan
7b5135e637
fix(adminAPI): localize event type (#5059)
* fix(adminAPI): localisation of event types, aggregate types
* fix(adminAPI): validations of ListEvent request
* implement caching of editor user information
2023-01-19 15:50:05 +00:00
Stefan Benz
a36fdf8fe6
feat: add listIamMembers to system api (#5013)
Added ListIAMMembers endpoint to system-API to provide the functionality to the customer portal
2023-01-17 20:35:41 +00:00
Silvan
1bf1f335dc
feat(admin-api): list events (#4989)
* docs: update cockroachdb version to 22.2
* feat(adminAPI): ListEventTypes returns the list of event types ZITADEL implements
* feat(adminAPI): ListAggregateTypes returns the list of aggregate types ZITADEL implements
* feat(adminAPI): ListEvents allows `IAM_OWNERS` to search for events
2023-01-16 11:30:03 +00:00
Max Peintner
e7a97b1f3b
fix(login): add text-decoration: underline on the sub-formfield links (#5012)
* fix: login underline

* a styles
2023-01-12 14:04:04 +00:00
Livio Spring
0a30e39b46
fix(CORS): add X-Requested-With to Access-Control-Request-Headers (#5009)
allows clients with `X-Requested-With` header to succeed with their CORS request
2023-01-09 13:37:10 +01:00
Livio Spring
5651f98600
feat(auth api): expose login policy of authenticated user (#4979)
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-01-05 13:04:38 +00:00
Stefan Benz
b1d7433eba
fix: correct display name when adding an instance (#4930)
* fix: handling of default values inside add instance

* fix: remove release from 2.16.x branch

* chore(lint): show all issues

* refactor: instance converter

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-01-03 10:16:36 +01:00
Livio Spring
0530f19d94
feat: allow usernames without @ when UserMustBeDomain false (#4852)
* feat: allow usernames without @ when UserMustBeDomain false

* e2e

* test(e2e): table driven tests for humans and machines

* cleanup

* fix(e2e): ensure there are no username conflicts

* e2e: make awaitDesired async

* rm settings mapping

* e2e: make awaitDesired async

* e2e: parse sequence as int

* e2e: ensure test fails if awaitDesired fails

Co-authored-by: Max Peintner <max@caos.ch>
2022-12-22 11:16:17 +00:00
Stefan Benz
7d9fc2c6e7
feat: org remove on admin api and org query with state (#4917)
* feat: org remove on admin api and org query with state

* docs: change description for admin api remove org

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-22 10:46:06 +00:00
Livio Spring
a99da4f8e4
fix: user queries (#4920) 2022-12-22 09:22:08 +00:00
Livio Spring
6093440747
fix(import): activate label policy after creation (#4879) 2022-12-21 08:46:05 +00:00
Stefan Benz
f5eddcc490
fix: separate tos and privacy checkbox into two (#4848) 2022-12-21 09:27:31 +01:00
Stefan Benz
339fbd4f0c
fix: change back to login button and add to register option screen (#4847)
* fix: change back to login button and add to register option screen

* fix: change back to login button and add logic for remove and set events

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-12-20 09:26:48 +01:00
Max Peintner
806b9e8238
fix(login): allow setting language on registered users (#4862)
* fix: user language for notifications

* fix(login): allow setting language on registered users

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-14 11:23:09 +00:00
Livio Spring
632639ae7f
feat: enable iframe use (#4766)
* feat: enable iframe use

* cleanup

* fix mocks

* fix linting

* docs: add iframe usage to solution scenarios configurations

* improve api

* feat(console): security policy

* description

* remove unnecessary line

* disable input button and urls when not enabled

* add image to docs

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-12-14 07:17:36 +01:00
Stefan Benz
47ffa52f0f
feat: Instance create (#4502)
* feat(instance): implement create instance with direct machine user and credentials

* fix: deprecated add endpoint and variable declaration

* fix(instance): update logic for pats and machinekeys

* fix(instance): unit test corrections and additional unit test for pats and machinekeys

* fix(instance-create): include review changes

* fix(instance-create): linter fixes

* move iframe usage to solution scenarios configurations

* Revert "move iframe usage to solution scenarios configurations"

This reverts commit 9db31f3808.

* fix merge

* fix: add review suggestions

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix: add review changes

* fix: add review changes for default definitions

* fix: add review changes for machinekey details

* fix: add machinekey output when setup with machineuser

* fix: add changes from review

* fix instance converter for machine and allow overwriting of further machine fields

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-12-09 14:04:33 +01:00
Livio Spring
3539418a4a
fix: handle UserLoginMustBeDomain changes correctly (#4765)
* fix: handle UserLoginMustBeDomain changes correctly

* fix: remove verified domains (and not only primary) as suffix

* fix: ensure testability by changing map to slice

* cleanup

* reduce complexity of DomainPolicyUsernamesWriteModel.Reduce()

* add test for removed org policy
2022-12-06 09:01:31 +01:00
Stefan Benz
9626897834
fix(logintexts): fix several custom text attributes for get and set (#4733)
* fix(logintexts): fix several custom text attributes for get and set

* fix(logintexts): fix externalUserNotFound attribute for json unmarshalling and reduce for customTexts

* fix: correct imports for linting
2022-12-01 13:31:46 +01:00
Silvan
f3e6f3b23b
feat: remove org (#4148)
* feat(command): remove org

* refactor: imports, unused code, error handling

* reduce org removed in action

* add org deletion to projections

* add org removal to projections

* add org removal to projections

* org removed projection

* lint import

* projections

* fix: table names in tests

* fix: table names in tests

* logging

* add org state

* fix(domain): add Owner removed to object details

* feat(ListQuery): add with owner removed

* fix(org-delete): add bool to functions to select with owner removed

* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner

* fix(org-delete): add unit tests for owner removed and org removed events

* fix(org-delete): add handling of org remove for grants and members

* fix(org-delete): correction of unit tests for owner removed

* fix(org-delete): update projections, unit tests and get functions

* fix(org-delete): add change date to authnkeys and owner removed to org metadata

* fix(org-delete): include owner removed for login names

* fix(org-delete): some column fixes in projections and build for queries with owner removed

* indexes

* fix(org-delete): include review changes

* fix(org-delete): change user projection name after merge

* fix(org-delete): include review changes for project grant where no project owner is necessary

* fix(org-delete): include auth and adminapi tables with owner removed information

* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed

* fix(org-delete): add permissions for org.remove

* remove unnecessary unique constraints

* fix column order in primary keys

* fix(org-delete): include review changes

* fix(org-delete): add owner removed indexes and chang setup step to create tables

* fix(org-delete): move PK order of instance_id and change added user_grant from review

* fix(org-delete): no params for prepareUserQuery

* change to step 6

* merge main

* fix(org-delete): OldUserName rename to private

* fix linting

* cleanup

* fix: remove org test

* create prerelease

* chore: delete org-delete as prerelease

Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00
Livio Spring
29441ce4b6
feat: save last occurrence of failed events and fix instance filtering (#4710)
* fix: filter failed events and current sequence correctly

* fix failed events sorting column

* feat: save last occurrence of failed event

* fix failedEvents query and update sql statements

* change sql statement to only create index

* fix linting

* fix linting

* Update internal/query/failed_events.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* update job name on test-docs to match the one from test-code

Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-11-18 13:49:38 +01:00
Livio Spring
6d787bfd62
fix: ensure actions execution on idp flows (#4711) 2022-11-18 12:49:17 +01:00
Max Peintner
2a8dfab192
fix(login): mfa prompt UI improvements, fix register field validation, email validation (#4672)
* fix: mfa prompt styling

* register password field validation

* loginname overflow, mfa hover effect

* cleanup

* Update internal/api/ui/login/static/resources/scripts/password_policy_check.js

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* prettier if check

* cleanup

* Update internal/api/ui/login/static/resources/scripts/password_policy_check.js

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix confirmation validation, cleanup

* rm log

* email type validation

* add email validation

* change pattern

* pattern

* comment RFC 2822

* dont wrapp org name

* rm email validation

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-17 13:25:09 +01:00
Max Peintner
7db87f4646
fix(console): improve project counters, dark primary color change, smaller UI improvements (#4620)
* dark primary color change, project counter, link color improvements

* update fallback colors

* fallback colors

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-17 07:43:53 +00:00
Livio Spring
eba602e064
feat: allow import of federated users in ImportHumanUser (#4675)
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-11-09 08:33:50 +00:00
Livio Spring
4eb8ad8777
fix: redirect / to login UI (#4669) 2022-11-09 07:19:05 +00:00
Max Peintner
b432cf4963
fix(login): use label policy settings for favicon, translate titles (#4641)
* fix: render favicon from label policy

* translate main title

* translation

* i18n

* i18n

* i18nkey

* rm attr

* select user title

* Add description meta

* Update internal/api/ui/login/mfa_init_verify_handler.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update internal/api/ui/login/renderer.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

* merge ifs

* use errors.internal

* check for i18ndescriptionkey

* missing i18n

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-11-07 08:55:12 +00:00
Stefan Benz
5d17da542d
fix(user): add search query for login name (#4173)
* fix(user): add search query for login name

* fix(user): change login name query to IN from EXISTS

* fix(loginname): include InQuery into ListQuery with SubSelect as possible datasource

* fix(user): apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix: correct unit test for search query

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-31 13:03:23 +00:00
Livio Spring
b45e5b0adc
fix: nil pointer on jwt idps in actions (#4619) 2022-10-27 14:53:40 +02:00
Livio Spring
d721f725fd
fix: instance remove (#4602) 2022-10-26 13:06:48 +00:00
Stefan Benz
71fb5c526f
fix(machine): delete domain policy dependency and restructure functions (#4605)
* fix(machine): delete domain policy dependency and restructure functions

* fix(machine): delete domain policy dependency and restructure functions

* fix(machine): move check for username and name

* fix: correct unit test for machine

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-26 08:39:56 +00:00
Max Peintner
05d875c992
fix(login, console): correctly fill username on initialization, password and change password view (#4546)
* fix(login): add loginname as query param, send with inituserlink

* set loginname as username autofill on password site

* add loginname input on change password

* fix console password change autocomplete

* fix(console): apply labelpolicy if icon is provided, signout page (#4499)

* label policy as observable

* signedout policy via state

* add caching

* disable loading spinner on signedout

* cleanup

* catch error

* update deps

* move policy to localstorage

* handle labelpolicy for users without org

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix(email): set sender address as return-path header (#4569)

* feat(login): additionally use email/phone for authentication (#4563)

* feat: add ability to disable login by email and phone

* feat: check login by email and phone

* fix: set verified email / phone correctly on notify users

* update projection version

* fix merge

* fix email/phone verified reduce tests

* fix user tests

* loginname check

* cleanup

* fix: update user projection version to handle fixed statement

* ci(e2e): give console init time (#4567)

* fix: idp usage (#4571)

* fix: send email verification instead of init code for idp users

* fix: select single idp of external only users

* fix: use single idp on login

* fix(import): add import for app and machine keys (#4536)

* fix(import): add import for app and machine keys

* fix(export): add review changes

* fix(import): Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): add review changes

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(console): hide metadata on auth side if no `user.read` role present (#4512)

* check for role

* require user.read for showing metadata section in auth-user

* remove aggregate id from role check

Co-authored-by: Livio Spring <livio.a@gmail.com>

* update stable release to 2.8.2 (#4574)

* fix: import of trigger actions and export of idp links (#4576)

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(console): split password from contact information, initialization mail on top (#4380)

* chore(console): split password from contact information

* change user detail, initialization mail

* fix translation

* Update console/src/assets/i18n/de.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/de.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* i18n

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* fix(import): import json marshal to jsonpb (#4580)

* fix(import): import json marshal to jsonpb

* fix: add unmarshaloptions discard unknown

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): import json marshal to jsonpb

Co-authored-by: Livio Spring <livio.a@gmail.com>

* feat(console): rename org (#4542)

* rename org

* add data-e2e

* e2e test

* restore state after

* use ngIf instead of hasrole directive and initialized regex

* rm h2 check

* Update e2e/cypress/e2e/organization/organizations.cy.ts

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/de.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/de.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* change e2e test

* org param

* reintroduct org param

* use org query param

* org rename test

* no initial focus on button

* contain name

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* feat: instance remove (#4345)

* feat(instance): add remove instance event with projections cleanup

* fix(instance): corrected used id to clean up projections

* fix merge

* fix: correct unit test projection names

* fix: current sequence of lists and query for ensuring keypair based projections

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* docs: change nextjs quickstart (#4566)

* docs: change nextjs repo update readme

* Update docs/docs/examples/login/nextjs.md

Co-authored-by: Florian Forster <florian@zitadel.com>

* Update docs/docs/examples/login/nextjs.md

Co-authored-by: Florian Forster <florian@zitadel.com>

Co-authored-by: Florian Forster <florian@zitadel.com>

* fix(console): preserve logo and icon aspect ratios, remove border radius in header  (#4585)

* chore(e2e): Skip asking for new password on Admin in dev environment (#4599)

* feat(e2e): Skip asking for new password on Admin

* remove password changing

Co-authored-by: Elio Bischof <eliobischof@gmail.com>

* docs(contributing): remove guides folder (#4603)

* preferredLoginName as queryParam

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: p_0g_8mm3_ <37022952+pr0gr8mm3r@users.noreply.github.com>
2022-10-24 16:33:06 +02:00
Stefan Benz
c2a5b785fb
feat: instance remove (#4345)
* feat(instance): add remove instance event with projections cleanup

* fix(instance): corrected used id to clean up projections

* fix merge

* fix: correct unit test projection names

* fix: current sequence of lists and query for ensuring keypair based projections

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-20 14:36:52 +02:00
Stefan Benz
2bfa51da1c
fix(import): import json marshal to jsonpb (#4580)
* fix(import): import json marshal to jsonpb

* fix: add unmarshaloptions discard unknown

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): import json marshal to jsonpb

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-19 13:36:51 +00:00
Stefan Benz
c8e1733b39
fix: import of trigger actions and export of idp links (#4576)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-19 13:58:03 +02:00
Stefan Benz
556f381a5a
fix(import): add import for app and machine keys (#4536)
* fix(import): add import for app and machine keys

* fix(export): add review changes

* fix(import): Apply suggestions from code review

Co-authored-by: Livio Spring <livio.a@gmail.com>

* fix(import): add review changes

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-18 15:07:30 +00:00
Livio Spring
3270a94291
fix: idp usage (#4571)
* fix: send email verification instead of init code for idp users

* fix: select single idp of external only users

* fix: use single idp on login
2022-10-18 14:48:26 +00:00
Livio Spring
b0b1e94090
feat(login): additionally use email/phone for authentication (#4563)
* feat: add ability to disable login by email and phone

* feat: check login by email and phone

* fix: set verified email / phone correctly on notify users

* update projection version

* fix merge

* fix email/phone verified reduce tests

* fix user tests

* loginname check

* cleanup

* fix: update user projection version to handle fixed statement
2022-10-17 19:19:15 +00:00
Livio Spring
3b03ad82bf
fix: registration allowed check and pass loginname to registration (#4507) 2022-10-07 12:17:17 +00:00
Silvan
43fb3fd1a6
feat(actions): add token customization flow and extend functionally with modules (#4337)
* fix: potential memory leak

* feat(actions): possibility to parse json
feat(actions): possibility to perform http calls

* add query call

* feat(api): list flow and trigger types
fix(api): switch flow and trigger types to dynamic objects

* fix(translations): add action translations

* use `domain.FlowType`

* localizers

* localization

* trigger types

* options on `query.Action`

* add functions for actions

* feat: management api: add list flow and trigger  (#4352)

* console changes

* cleanup

* fix: wrong localization

Co-authored-by: Max Peintner <max@caos.ch>

* id token works

* check if claims not nil

* feat(actions): metadata api

* refactor(actions): modules

* fix: allow prerelease

* fix: test

* feat(actions): deny list for http hosts

* feat(actions): deny list for http hosts

* refactor: actions

* fix: different error ids

* fix: rename statusCode to status

* Actions objects as options (#4418)

* fix: rename statusCode to status

* fix(actions): objects as options

* fix(actions): objects as options

* fix(actions): set fields

* add http client to old actions

* fix(actions): add log module

* fix(actions): add user to context where possible

* fix(actions): add user to ctx in external authorization/pre creation

* fix(actions): query correct flow in claims

* test: actions

* fix(id-generator): panic if no machine id

* tests

* maybe this?

* fix linting

* refactor: improve code

* fix: metadata and usergrant usage in actions

* fix: appendUserGrant

* fix: allowedToFail and timeout in action execution

* fix: allowed to fail in token complement flow

* docs: add action log claim

* Update defaults.yaml

* fix log claim

* remove prerelease build

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-10-06 14:23:59 +02:00
Livio Spring
bffb10a4b4
feat: allow domain discovery for unknown usernames (#4484)
* fix: wait for projection initialization to be done

* feat: allow domain discovery for unknown usernames

* fix linting

* Update console/src/assets/i18n/de.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix zh i18n text

* fix projection table name

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-06 13:30:14 +02:00
Max Peintner
531c30a031
fix(login): organization suffix overflow (#4374)
fix: org name overflow
2022-10-03 18:01:35 +02:00
Max Peintner
f517077be3
fix(login): improve multifactor prompt (#4474)
* login mfa improvements

* mfa toggles

* styles

* mfa styles

* go rel

* better translations for mfa u2f

* revert goreleaser format
2022-10-03 13:48:24 +02:00
Fabi
f40931e81e
fix: change descriptions and password rule placement (#4425)
* fix: change descriptions and password rule placement

* fix: passwordless descriptions, remove language and gender from register

* fix: less technical texts on login

* fix: texts

* fix: texts

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

* update e2e test

* fix radio

* fix: chinese text corrections

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

* Update internal/api/ui/login/static/i18n/it.yaml

Co-authored-by: Max Peintner <max@caos.ch>

Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-09-28 15:08:45 +02:00
Stefan Benz
2957407b5b
fix: correct oidcsettings management (#4413)
* fix(oidcsettings): corrected projection, unittests and added the add endpoint

* fix(oidcsettings): corrected default handling and instance setup

* fix: set oidc settings correctly in console

* cleanup

* e2e test

* improve e2e test

* lint e2e

Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 12:53:49 +02:00
Stefan Benz
b32c02a39b
feat(instance): add functionality to update instance (#4440)
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-27 06:58:50 +00:00
Silvan
a7646d5a78
fix(translations): language options and init user (#4449)
fix(translations): add chinese to language options
fix(translations): correct key for password confirm label
2022-09-23 17:24:06 +02:00
Livio Spring
7dfa1925cc
feat: restrict login to specific org by id (scope) (#4294)
* feat: add new org scope

* change default of UserLoginMustBeDomain to false

* return resource owner claims

* fix: use email style for first user

* fix: ensure email style for default users (backwards compatibility)

* change to external domain (as it was before UserLoginMustBeDomain change)

* update e2e tests to use email style usernames

* document new scope

* lint e2e

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-23 12:08:10 +00:00
Livio Spring
7aef0ccfee
fix(email): set correct logo url (#4426) 2022-09-21 14:18:55 +00:00
Stefan Benz
2c1f9ac4a8
feat(org): add org metadata functionality (#4234)
* feat(org): add org metadata functionality

* fix(metadata): add unit tests and review for org metadata

* fix(org-metadata): move endpoints to /

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-20 14:32:09 +00:00
Livio Spring
05cb672cff
fix(login): custom texts for pages called directly form mail link (#4415)
* fix(login): translate init password correctly

* refactor: no error return params

* fix(login): custom texts for pages called directly form mail link

* fix custom text on registration pages

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-09-20 07:22:47 +00:00
Silvan
84b20bc4e1
fix(auth): always get token by id and user id (#4371)
Co-authored-by: Florian Forster <florian@zitadel.com>
2022-09-15 12:59:40 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
George
8ab85afd15
feat: internationalization Chinese (#4222)
* feat: internationalization chinese

* typo: optimize the semantic expression of copywriting

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/zh.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/api/ui/login/static/i18n/zh.yaml

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/it.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/en.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update console/src/assets/i18n/fr.json

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* minor: add Chinese to other language file

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

* Update console/src/app/app.module.ts

Co-authored-by: Max Peintner <max@caos.ch>

Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
2022-09-08 15:15:31 +02:00
Livio Spring
adb5394ae3
fix: login text changes (#4269)
* fix: omit empty (zero) dates

* overwrite current date on save

* update date on reset

* smtp

* disable reset

Co-authored-by: Max Peintner <max@caos.ch>
2022-09-02 10:29:06 +02:00
Silvan
b9795b5c57
fix(amr): add pwd because password is wrong (#4284)
* fix(amr): add pwd because password is wrong

* docs: deprecation notice

* docs: nicer wording

* Update docs/docs/apis/openidoauth/claims.md

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-08-31 08:16:31 +00:00
Silvan
77b4fc5487
feat(database): support for postgres (#3998)
* beginning with postgres statements

* try pgx

* use pgx

* database

* init works for postgres

* arrays working

* init for cockroach

* init

* start tests

* tests

* TESTS

* ch

* ch

* chore: use go 1.18

* read stmts

* fix typo

* tests

* connection string

* add missing error handler

* cleanup

* start all apis

* go mod tidy

* old update

* switch back to minute

* on conflict

* replace string slice with `database.StringArray` in db models

* fix tests and start

* update go version in dockerfile

* setup go

* clean up

* remove notification migration

* update

* docs: add deploy guide for postgres

* fix: revert sonyflake

* use `database.StringArray` for daos

* use `database.StringArray` every where

* new tables

* index naming,
metadata primary key,
project grant role key type

* docs(postgres): change to beta

* chore: correct compose

* fix(defaults): add empty postgres config

* refactor: remove unused code

* docs: add postgres to self hosted

* fix broken link

* so?

* change title

* add mdx to link

* fix stmt

* update goreleaser in test-code

* docs: improve postgres example

* update more projections

* fix: add beta log for postgres

* revert index name change

* prerelease

* fix: add sequence to v1 "reduce paniced"

* log if nil

* add logging

* fix: log output

* fix(import): check if org exists and user

* refactor: imports

* fix(user): ignore malformed events

* refactor: method naming

* fix: test

* refactor: correct errors.Is call

* ci: don't build dev binaries on main

* fix(go releaser): update version to 1.11.0

* fix(user): projection should not break

* fix(user): handle error properly

* docs: correct config example

* Update .releaserc.js

* Update .releaserc.js

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
2022-08-31 07:52:43 +00:00
Silvan
60b2092d2c
fix(import): check exists (#4268)
* fix(import): check if org exists and user

* refactor: imports

* fix(user): ignore malformed events

* refactor: method naming

* fix: test

* refactor: correct errors.Is call
2022-08-29 17:09:07 +02:00
Livio Spring
64f589c435
fix: read custom texts for pages called directly form mail link (#4255)
* fix: read custom texts for pages called directly form mail link

* log errors
2022-08-26 08:53:11 +00:00
Livio Spring
e1a981928c
fix: action query (#4257) 2022-08-26 08:38:41 +00:00
Livio Spring
d656b3f3c9
fix: instance interceptors return NotFound (404) error for unknown hosts (#4184)
* fix: instance interceptors return "NotFound" (404) error for unknown hosts

* fix tests
2022-08-17 06:07:41 +00:00
Livio Spring
dcac08b1d5
fix: caching of assets (correct headers and versioned avatar and variables.css url) (#4118)
* fix: caching of assets (correct headers and versioned avatar url)

* serve variables.css versioned and extend shared max age of assets

* fix TestCommandSide_AddHumanAvatar

* refactor: const types

* refactor: return values

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-08-16 05:04:36 +00:00
Stefan Benz
2388764f1c
fix(IDP): correct org idp response resourceowner (#4165) 2022-08-11 11:56:59 +02:00
cyb3rd0g1
2746b4f3a7
fix(login): update automatic registration to pull form data (#4103)
* update automatic registration to pull form data

* prioritize form-derived usernames when registering via external oidc

* allow for customization of displayname on registration via external IdP

* Update internal/api/ui/login/external_login_handler.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update internal/api/ui/login/external_login_handler.go

Co-authored-by: Livio Spring <livio.a@gmail.com>

Co-authored-by: Livio Spring <livio.a@gmail.com>
2022-08-08 13:05:38 +00:00
Livio Spring
fbd04d399d
fix: hide / show username suffix correctly on registration pages (#4097) 2022-08-02 16:31:35 +02:00
Stefan Benz
bc9a85daf3
feat: V2 alpha import and export of organizations (#3798)
* feat(import): add functionality to import data into an instance

* feat(import): move import to admin api and additional checks for nil pointer

* fix(export): export implementation with filtered members and grants

* fix: export and import implementation

* fix: add possibility to export hashed passwords with the user

* fix(import): import with structure of v1 and v2

* docs: add v1 proto

* fix(import): check im imported user is already existing

* fix(import): add otp import function

* fix(import): add external idps, domains, custom text and messages

* fix(import): correct usage of default values from login policy

* fix(export): fix renaming of add project function

* fix(import): move checks for unit tests

* expect filter

* fix(import): move checks for unit tests

* fix(import): move checks for unit tests

* fix(import): produce prerelease from branch

* fix(import): correctly use provided user id for machine user imports

* fix(import): corrected otp import and added guide for export and import

* fix: import verified and primary domains

* fix(import): add reading from gcs, s3 and localfile with tracing

* fix(import): gcs and s3, file size correction and error logging

* Delete docker-compose.yml

* fix(import): progress logging and count of resources

* fix(import): progress logging and count of resources

* log subscription

* fix(import): incorporate review

* fix(import): incorporate review

* docs: add suggestion for import

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* fix(import): add verification otp event and handling of deleted but existing users

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-28 13:42:35 +00:00
Livio Spring
096e12d3d0
fix: set domain verified if domain policy does not require validation (#4061)
* fix: set domain verified if domain policy does not require validation

* handle domain claimed
2022-07-28 13:18:31 +02:00
Livio Spring
5bd9badbcf
fix: project grants (#4031)
* fix: filter granted memberships correctly

* fix: only show changes of granted project

* Apply suggestions from code review

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

* Update internal/query/user_membership.go

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>

Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00