Commit Graph

2399 Commits

Author SHA1 Message Date
Tim Möhlmann
11b5a73551
fix: trigger session by id in verifySessionToken (#6325) 2023-08-04 18:16:27 +03:00
Livio Spring
45262e6829
fix: migrate external id of federated users (#6312)
* feat: migrate external id

* implement tests and some renaming

* fix projection

* cleanup

* i18n

* fix event type

* handle migration for new services as well

* typo
2023-08-04 11:35:36 +02:00
Elio Bischof
d33a4fbb2f
fix: project telemetry once for all instances (#6323) 2023-08-04 09:05:20 +00:00
Stefan Benz
ef012d0081
feat: user v2 phone verification (#6309)
* feat: add phone change and code verification for user v2 api

* feat: add phone change and code verification for user v2 api

* fix: add ignored phone.proto

* fix: integration tests

* Update proto/zitadel/user/v2alpha/user_service.proto

* Update idp_template.go

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-03 06:42:59 +02:00
Livio Spring
a1942ecdaa
feat(api): add and remove OTP (SMS and email) (#6295)
* refactor: rename otp to totp

* feat: add otp sms and email

* implement tests
2023-08-02 18:57:53 +02:00
Fabi
ca13e70c92
docs: update oidc flow with new services (#6294)
* docs: oidc documentation

* docs: oidc documentation

* Update docs/docs/guides/integrate/login-ui/oidc-standard.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/oidc-standard.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/oidc-standard.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/oidc-standard.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/oidc-standard.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update docs/docs/guides/integrate/login-ui/oidc-standard.mdx

Co-authored-by: Livio Spring <livio.a@gmail.com>

* Update oidc-standard.mdx

* docs: fix broken links

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-08-02 14:55:19 +02:00
Dominik from Unique
4e1dcc0692
docs: describe database user credentials handling (#6283)
* feat: Add full example for helmfile + PostgreSQL

- Adds full helmfile + PostgreSQL example
- Extends production checklist for bullet about insecure credentials
- Extends database documentation to ensure secure user rotation

Refs: https://discord.com/channels/927474939156643850/927866013545025566/1133692721710772294

* chore: revert example and move to zitadel-charts

---------

Co-authored-by: Elio Bischof <elio@zitadel.com>
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-08-02 14:35:13 +02:00
Tim Möhlmann
4d09409328
feat(crypto): add pbkdf2 support (#6303)
This change brings pbkdf2 support for password hashing and verification.
2023-08-02 11:27:18 +00:00
Livio Spring
dd480f8a8d
feat(login): reuse existing session if no prompt is provided and only single session exists (#6272)
* feat: reuse existing session if no prompt is provided and only single session exists

* fix tests
2023-08-01 11:21:44 +00:00
Livio Spring
782f7ad647
fix(OIDC): introspection (#6298)
* fix(OIDC): introspect for PAT

* fix(OIDC): introspect for PAT

* fix(OIDC): introspect

* remove adding projectID into audience
2023-07-31 13:55:26 +00:00
Fabi
b8dbfc71b6
docs: add org scope to quickstart (#6261)
* docs: add org scope to quickstart

* docs: move org login description
2023-07-28 13:25:02 +02:00
sazzad-eu
fca925659c
docs: typo in the readme (#6273)
Update modules.md

Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-28 13:22:32 +02:00
Livio Spring
43cb62ca4e
fix(i18n): do not translate language itself (#6286) 2023-07-28 09:58:05 +02:00
Livio Spring
789dcd8615
fix: password hash update and add missing i18n (#6285) 2023-07-28 09:09:15 +02:00
Elio Bischof
31ec1d83b9
feat: enable otp email and sms (#6260)
* feat: enable otp email and sms

* feat: enable otp factors in login settings

* remove tests without value

* translate second factors

* don't add new factors yet

* add comment

* add factors to docs

* backward compatible settings api

* compile tests

* add available 2fa types

* test: add mapping tests

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-28 07:39:30 +02:00
Livio Spring
d3e403f645
perf: reduce events read from eventstore (#6280)
* fix: events query user

* fix: events query user

* user events query

* fix tests

* fix query

* cleanup

---------

Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
2023-07-27 12:10:19 +00:00
Livio Spring
b0dc02509b
docs: fix formatting of idp migration (#6279) 2023-07-27 08:01:36 +00:00
Stefan Benz
48330fc4b1
docs: correct steps for idp migration with terraform (#6259)
docs: correct steps for idp migration with terraform (#6259)
2023-07-27 04:39:33 +00:00
Livio Spring
2fe76acd14
feat: add secret generators for OTP (#6262)
This PR adds configuration options for OTP codes through Admin API.
2023-07-26 11:00:41 +00:00
Elio Bischof
2241c82134
test: more generous quota e2e timeout (#6269)
test: more generous quota e2e to
2023-07-26 12:40:23 +02:00
Elio Bischof
4656020ea6
docs: fix add instance domain description (#6267) 2023-07-25 11:54:22 +00:00
Fabi
f331a88a16
docs: remove beta state from postgreSQL (#6245) 2023-07-25 07:10:04 +00:00
Elio Bischof
35f4f74b08
fix: remove logstore beta warning (#6244)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-25 08:44:47 +02:00
Livio Spring
702dfaf314
chore: build release on next branch (#6266) 2023-07-25 08:43:06 +02:00
Livio Spring
2183b9a7c5
fix: build css for login correctly (#6265) 2023-07-25 07:52:59 +02:00
Elio Bischof
57d6113e2a
fix: upper ZITADEL banner (#6246)
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-25 05:12:13 +00:00
Fabi
65f948daec
docs: add version to technical advisory (#6263) 2023-07-24 14:28:56 +00:00
Elio Bischof
f6bc0479f4
fix: emit project.grant.member.changed event (#6252) 2023-07-21 16:57:09 +02:00
Livio Spring
13e284dd56
fix: ensure resource owner in update human profile (#6253) 2023-07-21 13:42:24 +00:00
Dakshitha Ratnayake
cedf4dda5b
docs: add guide on retrieving user roles (#6248)
* Added documenation for retrieving user roles.

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

* Update retrieve-user-roles.md

* Update retrieve-user-roles.md

* Update docs/docs/guides/integrate/retrieve-user-roles.md

Co-authored-by: Fabi <fabienne@zitadel.com>

---------

Co-authored-by: Fabi <fabienne@zitadel.com>
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-21 15:10:16 +02:00
Livio Spring
01dce17b14
chore: remove on push and merge_group from pipeline execution (#6254) 2023-07-21 12:37:07 +00:00
Livio Spring
cd5e176e30
fix: user grant by id (#6242) 2023-07-21 11:04:55 +00:00
Livio Spring
cfb8f3c07f
chore: linting in console (#6243)
chore: linting in console
2023-07-21 06:54:38 +00:00
Marko Heikkilä
ccc903a13e
docs: fix loadbalancing-example (#6167)
* Fix loadbalancing-example.

* Fix typo.

---------

Co-authored-by: Florian Forster <florian@zitadel.com>
Co-authored-by: Fabi <fabienne@zitadel.com>
2023-07-20 07:27:58 +00:00
Fabi
07ef9af513
fix: api docs (#6229)
Co-authored-by: Florian Forster <florian@zitadel.com>
2023-07-20 06:59:06 +00:00
daniel_michalichyn
fcc1acbf81
feat: Brazilian Portuguese internationalization (#6185)
* feat: Brazilian Portuguese internationalization

Co-authored-by: Daniel Michalichyn <daniel.henrique@st-one.io>
2023-07-20 04:40:45 +00:00
Livio Spring
fed15574f6
feat: allow to force MFA local only (#6234)
This PR adds an option to the LoginPolicy to "Force MFA for local users", so that users authenticated through an IDP must not configure (and verify) an MFA.
2023-07-20 04:06:16 +00:00
Max Peintner
1c3a15ff57
chore(contributing): use yarn instead of npm (#6233) 2023-07-19 12:32:33 +00:00
Livio Spring
59f3c328ec
feat(OIDC): add support for end_session for V2 tokens (#6226)
This PR adds support for the OIDC end_session_endpoint for V2 tokens. Sending an id_token_hint as parameter will directly terminate the underlying (SSO) session and all its tokens. Without this param, the user will be redirected to the Login UI, where he will able to choose if to logout.
2023-07-19 13:17:39 +02:00
Florian Forster
1e5fd2f66e
chore: redirect api path (#6232)
* chore: redirect api path

* Update vercel.json

* Update vercel.json

* Update vercel.json
2023-07-19 00:15:41 +02:00
Miguel Cabrerizo
ffb587f9ee
fix: sanitize primary domain for orgs (#6125)
* fix: sanitize primary domain for orgs

* fix: add @stebenz requested changes

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-18 12:42:57 +00:00
Silvan
ebb7a90ca7
ci: run pipeline on every push (#6221)
* ci: run pipeline on every push

* ci: run pipeline on every push on all branches

---------

Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-18 14:32:23 +02:00
Miguel Cabrerizo
7b44209bfd
feat: show all available organizations when creating project grants (#6040)
* feat: show available orgs (project) grants

* feat: add e2e for project grant

* feat: add bulgarian missing translations

* feat: update docs

* fix: add @peintnermax suggested changes

---------

Co-authored-by: Max Peintner <max@caos.ch>
2023-07-18 06:45:34 +00:00
Livio Spring
e1b3cda98a
feat(OIDC): support token revocation of V2 tokens (#6203)
This PR adds support for OAuth2 token revocation of V2 tokens.

Unlike with V1 tokens, it's now possible to revoke a token not only from the authorized client / client which the token was issued to, but rather from all trusted clients (audience)
2023-07-17 14:33:37 +02:00
Silvan
ecf9835cb8
ci: run pipeline on every push (#6219) 2023-07-17 10:55:41 +02:00
Silvan
1c354ca977
ci: improve performance (#5953)
* pipeline runs on ubuntu instead of docker
* added Makefile to build zitadel core (backend) and console (frontend)
* pipeline runs in parallel where possible
* pipeline is split into multiple jobs
* removed goreleaser
* added command to check if zitadel instance is running
2023-07-17 10:08:20 +02:00
Florian Forster
bcf4bfc585
fix: autofill related issues (#6201) 2023-07-14 12:35:25 +00:00
Livio Spring
80961125a7
feat(API): support V2 token and session token usage (#6180)
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Tim Möhlmann
4589ddad4a
feat: integrate passwap for human user password hashing (#6196)
* feat: use passwap for human user passwords

* fix tests

* passwap config

* add the event mapper

* cleanup query side and api

* solve linting errors

* regression test

* try to fix linter errors again

* pass systemdefaults into externalConfigChange migration

* fix: user password set in auth view

* pin passwap v0.2.0

* v2: validate hashed password hash based on prefix

* resolve remaining comments

* add error tag and translation for unsupported hash encoding

* fix unit test

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-07-14 09:49:57 +03:00
mffap
6fcfa63f54
docs: plausible script with pageprops (#6199)
update plausible
2023-07-13 22:42:36 +02:00