Silvan
bed0f6293b
fix: check error before using token ( #7664 )
2024-03-28 12:19:03 +00:00
Tim Möhlmann
6398349c24
feat(oidc): token exchange impersonation ( #7516 )
...
* add token exchange feature flag
* allow setting reason and actor to access tokens
* impersonation
* set token types and scopes in response
* upgrade oidc to working draft state
* fix tests
* audience and scope validation
* id toke and jwt as input
* return id tokens
* add grant type token exchange to app config
* add integration tests
* check and deny actors in api calls
* fix instance setting tests by triggering projection on write and cleanup
* insert sleep statements again
* solve linting issues
* add translations
* pin oidc v3.15.0
* resolve comments, add event translation
* fix refreshtoken test
* use ValidateAuthReqScopes from oidc
* apparently the linter can't make up its mind
* persist actor thru refresh tokens and check in tests
* remove unneeded triggers
2024-03-20 10:18:46 +00:00
Livio Spring
19d9b8ad41
fix: reduce eventual consistency ( #7075 )
...
* fix: reduce eventual consistency
* fix tests
* fix linting
2023-12-14 11:07:47 +01:00
Tim Möhlmann
f680dd934d
refactor: rename package errors to zerrors ( #7039 )
...
* chore: rename package errors to zerrors
* rename package errors to gerrors
* fix error related linting issues
* fix zitadel error assertion
* fix gosimple linting issues
* fix deprecated linting issues
* resolve gci linting issues
* fix import structure
---------
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-12-08 15:30:55 +01:00
Tim Möhlmann
24b05dc88c
fix(authz): add logging to access token verification errors ( #6976 )
...
* fix(authz): add logging to access token verification errors
Related to #6949
* use logging fields
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-11-27 15:35:08 +00:00
Tim Möhlmann
ba9b807854
perf(oidc): optimize the introspection endpoint ( #6909 )
...
* get key by id and cache them
* userinfo from events for v2 tokens
* improve keyset caching
* concurrent token and client checks
* client and project in single query
* logging and otel
* drop owner_removed column on apps and authN tables
* userinfo and project roles in go routines
* get oidc user info from projections and add actions
* add avatar URL
* some cleanup
* pull oidc work branch
* remove storage from server
* add config flag for experimental introspection
* legacy introspection flag
* drop owner_removed column on user projections
* drop owner_removed column on useer_metadata
* query userinfo unit test
* query introspection client test
* add user_grants to the userinfo query
* handle PAT scopes
* bring triggers back
* test instance keys query
* add userinfo unit tests
* unit test keys
* go mod tidy
* solve some bugs
* fix missing preferred login name
* do not run triggers in go routines, they seem to deadlock
* initialize the trigger handlers late with a sync.OnceValue
* Revert "do not run triggers in go routines, they seem to deadlock"
This reverts commit 2a03da2127
.
* add missing translations
* chore: update go version for linting
* pin oidc version
* parse a global time location for query test
* fix linter complains
* upgrade go lint
* fix more linting issues
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-11-21 13:11:38 +01:00
Stefan Benz
0ec7a74877
perf: remove owner removed columns from projections for oidc ( #6925 )
...
* fix: remove owner removed columns from login names projection
* fix: remove owner removed columns from flow projection
* fix: remove owner removed columns from project, projectgrant and member projections
* fix: correct unit tests for session projection
* fix: correct unit tests for session projection
2023-11-20 17:21:08 +02:00
Livio Spring
f3b8a3aece
feat: add possibility to set an expiration to a session ( #6851 )
...
* add lifetime to session api
* extend session with lifetime
* check session token expiration
* fix typo
* integration test to check session token expiration
* integration test to check session token expiration
* i18n
* cleanup
* improve tests
* prevent negative lifetime
* fix error message
* fix lifetime check
2023-11-06 10:48:28 +01:00
Elio Bischof
4980cd6a0c
feat: add SYSTEM_OWNER role ( #6765 )
...
* define roles and permissions
* support system user memberships
* don't limit system users
* cleanup permissions
* restrict memberships to aggregates
* default to SYSTEM_OWNER
* update unit tests
* test: system user token test (#6778 )
* update unit tests
* refactor: make authz testable
* move session constants
* cleanup
* comment
* comment
* decode member type string to enum (#6780 )
* decode member type string to enum
* handle all membership types
* decode enums where necessary
* decode member type in steps config
* update system api docs
* add technical advisory
* tweak docs a bit
* comment in comment
* lint
* extract token from Bearer header prefix
* review changes
* fix tests
* fix: add fix for activityhandler
* add isSystemUser
* remove IsSystemUser from activity info
* fix: add fix for activityhandler
---------
Co-authored-by: Stefan Benz <stefan@caos.ch>
2023-10-25 15:10:45 +00:00
adlerhurst
bd23a7a56f
merge main into next
2023-10-19 12:34:00 +02:00
Silvan
b5564572bc
feat(eventstore): increase parallel write capabilities ( #5940 )
...
This implementation increases parallel write capabilities of the eventstore.
Please have a look at the technical advisories: [05](https://zitadel.com/docs/support/advisory/a10005 ) and [06](https://zitadel.com/docs/support/advisory/a10006 ).
The implementation of eventstore.push is rewritten and stored events are migrated to a new table `eventstore.events2`.
If you are using cockroach: make sure that the database user of ZITADEL has `VIEWACTIVITY` grant. This is used to query events.
2023-10-19 12:19:10 +02:00
Livio Spring
e3ac217424
fix: ensure no events are skipped on token check ( #6663 )
...
fix: ensure no events are skipped on token check
2023-10-09 09:26:27 +02:00
Tim Möhlmann
241befc185
fix(sessions/v2): resolve tOTP TODO for Auth Methods ( #6470 )
...
Fixes #6450
2023-09-01 12:53:10 +00:00
Livio Spring
bb40e173bd
feat(api): add otp (sms and email) checks in session api ( #6422 )
...
* feat: add otp (sms and email) checks in session api
* implement sending
* fix tests
* add tests
* add integration tests
* fix merge main and add tests
* put default OTP Email url into config
---------
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-08-24 09:41:52 +00:00
Tim Möhlmann
86af67d1be
feat(api/v2): implement U2F session check ( #6339 )
2023-08-11 15:36:18 +00:00
Tim Möhlmann
11b5a73551
fix: trigger session by id in verifySessionToken ( #6325 )
2023-08-04 18:16:27 +03:00
Livio Spring
a1942ecdaa
feat(api): add and remove OTP (SMS and email) ( #6295 )
...
* refactor: rename otp to totp
* feat: add otp sms and email
* implement tests
2023-08-02 18:57:53 +02:00
Livio Spring
d3e403f645
perf: reduce events read from eventstore ( #6280 )
...
* fix: events query user
* fix: events query user
* user events query
* fix tests
* fix query
* cleanup
---------
Co-authored-by: Fabienne <fabienne.gerschwiler@gmail.com>
2023-07-27 12:10:19 +00:00
Livio Spring
fed15574f6
feat: allow to force MFA local only ( #6234 )
...
This PR adds an option to the LoginPolicy to "Force MFA for local users", so that users authenticated through an IDP must not configure (and verify) an MFA.
2023-07-20 04:06:16 +00:00
Livio Spring
80961125a7
feat(API): support V2 token and session token usage ( #6180 )
...
This PR adds support for userinfo and introspection of V2 tokens. Further V2 access tokens and session tokens can be used for authentication on the ZITADEL API (like the current access tokens).
2023-07-14 11:16:16 +00:00
Livio Spring
458a383de2
fix: use current sequence for refetching of events ( #5772 )
...
* fix: use current sequence for refetching of events
* fix: use client ids
2023-04-28 16:28:13 +02:00
Silvan
095ec21678
feat: user v2alpha email API ( #5708 )
...
* chore(proto): update versions
* change protoc plugin
* some cleanups
* define api for setting emails in new api
* implement user.SetEmail
* move SetEmail buisiness logic into command
* resuse newCryptoCode
* command: add ChangeEmail unit tests
Not complete, was not able to mock the generator.
* Revert "resuse newCryptoCode"
This reverts commit c89e90ae35
.
* undo change to crypto code generators
* command: use a generator so we can test properly
* command: reorganise ChangeEmail
improve test coverage
* implement VerifyEmail
including unit tests
* add URL template tests
* proto: change context to object
* remove old auth option
* remove old auth option
* fix linting errors
run gci on modified files
* add permission checks and fix some errors
* comments
* comments
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
2023-04-25 09:02:29 +02:00
Tim Möhlmann
25c3c17986
chore: upgrade to oidc v2 release ( #5437 )
...
* chore: upgrade to oidc v2 release
* fix tests
* fix build errors after rebase
* pin oidc v2.1.0
* pin oidc v2.1.1 (include bugfix)
* pin oidc v2.1.2 (include bugfix)
* pin oidc v2.2.1 (bugfix)
include fix zitadel/oidc#349
* fix: refresh token handling
* simplify cognitive complexity
* fix: handle error
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-03-28 11:28:56 +00:00
Silvan
f3e6f3b23b
feat: remove org ( #4148 )
...
* feat(command): remove org
* refactor: imports, unused code, error handling
* reduce org removed in action
* add org deletion to projections
* add org removal to projections
* add org removal to projections
* org removed projection
* lint import
* projections
* fix: table names in tests
* fix: table names in tests
* logging
* add org state
* fix(domain): add Owner removed to object details
* feat(ListQuery): add with owner removed
* fix(org-delete): add bool to functions to select with owner removed
* fix(org-delete): add bools to user grants with events to determine if dependencies lost owner
* fix(org-delete): add unit tests for owner removed and org removed events
* fix(org-delete): add handling of org remove for grants and members
* fix(org-delete): correction of unit tests for owner removed
* fix(org-delete): update projections, unit tests and get functions
* fix(org-delete): add change date to authnkeys and owner removed to org metadata
* fix(org-delete): include owner removed for login names
* fix(org-delete): some column fixes in projections and build for queries with owner removed
* indexes
* fix(org-delete): include review changes
* fix(org-delete): change user projection name after merge
* fix(org-delete): include review changes for project grant where no project owner is necessary
* fix(org-delete): include auth and adminapi tables with owner removed information
* fix(org-delete): cleanup username and orgdomain uniqueconstraints when org is removed
* fix(org-delete): add permissions for org.remove
* remove unnecessary unique constraints
* fix column order in primary keys
* fix(org-delete): include review changes
* fix(org-delete): add owner removed indexes and chang setup step to create tables
* fix(org-delete): move PK order of instance_id and change added user_grant from review
* fix(org-delete): no params for prepareUserQuery
* change to step 6
* merge main
* fix(org-delete): OldUserName rename to private
* fix linting
* cleanup
* fix: remove org test
* create prerelease
* chore: delete org-delete as prerelease
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2022-11-30 17:01:17 +01:00
Silvan
84b20bc4e1
fix(auth): always get token by id and user id ( #4371 )
...
Co-authored-by: Florian Forster <florian@zitadel.com>
2022-09-15 12:59:40 +00:00
Livio Spring
5aa91ad105
fix: improve performance ( #4300 )
...
## Note
This release requires a setup step to fully improve performance.
Be sure to start ZITADEL with an appropriate command (zitadel start-from-init / start-from-setup)
## Changes
- fix: only run projection scheduler on active instances
- fix: set default for concurrent instances of projections to 1 (for scheduling)
- fix: create more indexes on eventstore.events table
- fix: get current sequence for token check (improve reread performance)
2022-09-02 14:05:13 +00:00
Livio Spring
69534a2f7a
feat: allow JWT for ZITADEL APIs ( #4206 )
...
* feat: allow JWT for ZITADEL APIs
* improve getTokenIDAndSubject
* comment
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2022-08-23 08:02:36 +02:00
Livio Spring
5bd9badbcf
fix: project grants ( #4031 )
...
* fix: filter granted memberships correctly
* fix: only show changes of granted project
* Apply suggestions from code review
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update internal/query/user_membership.go
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-07-27 07:55:44 +00:00
Livio Amstutz
79452da7d6
fix: check membership from projection ( #3710 )
...
* fix: check membership from projection
* remove authz setup
2022-05-25 14:07:16 +02:00
Livio Amstutz
cf6f4d6894
fix(tracing): parsing of fraction ( #3705 )
...
* fix(tracing): parsing of fraction
* log id
2022-05-24 09:18:25 +00:00
Livio Amstutz
616b31c959
fix: token check and error unwrapping ( #3648 )
...
* fix: token check and error unwrapping
* remove unused code
2022-05-18 10:49:16 +02:00
Livio Amstutz
861cf07700
feat: permit all features to every instance and organisation ( #3566 )
2022-05-02 11:18:17 +02:00
Livio Amstutz
dc7fdb240b
fix: token verification (don't cache zitadel id system wide) ( #3542 )
2022-04-29 14:16:23 +02:00
Florian Forster
fa9f581d56
chore(v2): move to new org ( #3499 )
...
* chore: move to new org
* logging
* fix: org rename caos -> zitadel
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Livio Amstutz
1305c14e49
feat: handle instanceID in projections ( #3442 )
...
* feat: handle instanceID in projections
* rename functions
* fix key lock
* fix import
2022-04-19 08:26:12 +02:00
Fabi
c740ee5d81
feat: Instance commands ( #3385 )
...
* fix: add events for domain
* fix: add/remove domain command side
* fix: add/remove domain command side
* fix: add/remove domain query side
* fix: create instance
* fix: merge v2
* fix: instance domain
* fix: instance domain
* fix: instance domain
* fix: instance domain
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from writemodels
* fix: remove domain.IAMID from api
* fix: remove domain.IAMID
* fix: remove domain.IAMID
* fix: add instance domain queries
* fix: fix after merge
* Update auth_request.go
* fix keypair
* remove unused code
* feat: read instance id from context
* feat: remove unused code
* feat: use instance id from context
* some fixes
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-04-05 05:58:09 +00:00
Livio Amstutz
87560157c1
fix: change to repository event types and removed unused code ( #3386 )
...
* fix: change to repository event types and removed unused code
* some fixes
* remove unused code
2022-03-31 11:36:26 +02:00
Livio Amstutz
958362e6c9
feat: handle instance from context ( #3382 )
...
* commander
* commander
* selber!
* move to packages
* fix(errors): implement Is interface
* test: command
* test: commands
* add init steps
* setup tenant
* add default step yaml
* possibility to set password
* merge v2 into v2-commander
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: search query builder can filter events in memory
* fix: filters for add member
* fix(setup): add `ExternalSecure` to config
* chore: name iam to instance
* fix: matching
* remove unsued func
* base url
* base url
* test(command): filter funcs
* test: commands
* fix: rename orgiampolicy to domain policy
* start from init
* commands
* config
* fix indexes and add constraints
* fixes
* fix: merge conflicts
* fix: protos
* fix: md files
* setup
* add deprecated org iam policy again
* typo
* fix search query
* fix filter
* Apply suggestions from code review
* remove custom org from org setup
* add todos for verification
* change apps creation
* simplify package structure
* fix error
* move preparation helper for tests
* fix unique constraints
* fix config mapping in setup
* fix error handling in encryption_keys.go
* fix projection config
* fix query from old views to projection
* fix setup of mgmt api
* set iam project and fix instance projection
* fix tokens view
* fix steps.yaml and defaults.yaml
* fix projections
* change instance context to interface
* instance interceptors and additional events in setup
* cleanup
* tests for interceptors
* fix label policy
* add todo
* single api endpoint in environment.json
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2022-03-29 11:53:19 +02:00
Fabi
9d4f296c62
fix: rename iam to instance ( #3345 )
...
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename iam command side to instance
* fix: rename orgiampolicy to domain policy
* fix: merge conflicts
* fix: protos
* fix: md files
* implement deprecated org iam policy again
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2022-03-24 16:21:34 +00:00
Livio Amstutz
56b916a2b0
feat: projections auto create their tables ( #3324 )
...
* begin init checks for projections
* first projection checks
* debug notification providers with query fixes
* more projections and first index
* more projections
* more projections
* finish projections
* fix tests (remove db name)
* create tables in setup
* fix logging / error handling
* add tenant to views
* rename tenant to instance_id
* add instance_id to all projections
* add instance_id to all queries
* correct instance_id on projections
* add instance_id to failed_events
* use separate context for instance
* implement features projection
* implement features projection
* remove unique constraint from setup when migration failed
* add error to failed setup event
* add instance_id to primary keys
* fix IAM projection
* remove old migrations folder
* fix keysFromYAML test
2022-03-23 09:02:39 +01:00
Livio Amstutz
699fdaf68e
feat: add personal access tokens for service users ( #2974 )
...
* feat: add machine tokens
* fix test
* rename to pat
* fix merge and tests
* fix scopes
* fix migration version
* fix test
* Update internal/repository/user/personal_access_token.go
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2022-02-08 09:37:28 +01:00
Livio Amstutz
1367a2e139
feat: limit amount of active actions ( #3143 )
...
* max actions
* fix: max allowed actions
* fix: max allowed actions
* fix tests
2022-02-02 09:04:05 +01:00
Livio Amstutz
e99b7f4972
fix: move activity log to queries and remove old code ( #3096 )
...
* move changes to queries and remove old code
* fix changes query
* remove unused code
* fix sorting
* fix sorting
* refactor and remove old code
* remove accidental go.mod replace
* add missing file
* remove listDetail from ChangesResponse
2022-01-26 10:16:33 +01:00
Fabi
b363ddd707
feat: Iam projection ( #3074 )
...
* feat: implement projection for iam and clean up code
* feat: add migration
* fix: remove unused tests
* fix: handler
2022-01-21 08:52:12 +01:00
Silvan
3473156c7e
fix(app): move queries to query package ( #2612 )
...
* fix: move queries to query package
* fix(auth): switch project role requests to query pkg
* refactor: delete unused project role code
* remove repo
* implement sql queries
* fix(database): oidc config change type to int2
* fix(queries): implement app queries
* refactor: simplify code
* fix: correct app query
* Update app.go
* fix token check
* fix mock
* test: app prepares
* test: oidc compliance
* test: OIDCOriginAllowList
* fix: converter
* resolve unsupported oidc version
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-11-26 07:57:05 +01:00
Fabi
76346cb070
fix: features query ( #2610 )
2021-11-21 20:22:25 +01:00
Silvan
39c35c9455
feat(queries): use org projection ( #2342 )
...
* job queue
* wg improvements
* start handler
* statement
* statements
* imporve handler
* improve statement
* statement in seperate file
* move handlers
* move query/old to query
* handler
* read models
* bulk works
* cleanup
* contrib
* rename readmodel to projection
* rename read_models schema to projections
* rename read_models schema to projections
* search query as func,
bulk iterates as long as new events
* add event sequence less query
* update checks for events between current sequence and sequence of first statement if it has previous sequence 0
* cleanup crdb projection
* refactor projection handler
* start with testing
* tests for handler
* remove todo
* refactor statement: remove table name,
add tests
* improve projection handler shutdown,
no savepoint if noop stmt,
tests for stmt handler
* tests
* start failed events
* seperate branch for contrib
* move statement constructors to crdb pkg
* correct import
* Subscribe for eventtypes (#1800 )
* fix: is default (#1737 )
* fix: use email as username on global org (#1738 )
* fix: use email as username on global org
* Update user_human.go
* Update register_handler.go
* chore(deps): update docusaurus (#1739 )
* chore: remove PAT and use GH Token (#1716 )
* chore: remove PAT and use GH Token
* fix env
* fix env
* fix env
* md lint
* trigger ci
* change user
* fix GH bug
* replace login part
* chore: add GH Token to sem rel (#1746 )
* chore: add GH Token to sem rel
* try branch
* add GH Token
* remove test branch again
* docs: changes acme to acme-caos (#1744 )
* changes acme to acme-caos
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: add additional origins on applications (#1691 )
* feat: add additional origins on applications
* app additional redirects
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706 )
* fix: show org with regex (#1688 )
* fix: flag mapping (#1699 )
* chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console
Bumps [@angular/cli](https://github.com/angular/angular-cli ) from 11.2.8 to 11.2.11.
- [Release notes](https://github.com/angular/angular-cli/releases )
- [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703 )
* fix: show org with regex (#1688 )
* fix: flag mapping (#1699 )
* chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console
Bumps [stylelint](https://github.com/stylelint/stylelint ) from 13.10.0 to 13.13.1.
- [Release notes](https://github.com/stylelint/stylelint/releases )
- [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md )
- [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702 )
* fix: show org with regex (#1688 )
* fix: flag mapping (#1699 )
* chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console
Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node ) from 14.14.37 to 15.0.1.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701 )
* fix: show org with regex (#1688 )
* fix: flag mapping (#1699 )
* chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console
Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen ) from 0.14.0 to 0.15.0.
- [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases )
- [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md )
- [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682 )
Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine ) from 3.6.9 to 3.6.10.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump @types/google-protobuf in /console (#1681 )
Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf ) from 3.7.4 to 3.15.2.
- [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases )
- [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666 )
Bumps [grpc](https://github.com/grpc/grpc-node ) from 1.24.5 to 1.24.7.
- [Release notes](https://github.com/grpc/grpc-node/releases )
- [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7 )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* lock
* chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704 )
* fix: show org with regex (#1688 )
* fix: flag mapping (#1699 )
* chore(deps-dev): bump @angular/language-service in /console
Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service ) from 11.2.9 to 11.2.12.
- [Release notes](https://github.com/angular/angular/releases )
- [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md )
- [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service )
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* package lock
* downgrade grpc
* downgrade protobuf types
* revert npm packs 🥸
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* docs: update run and start section texts (#1745 )
* update run and start section texts
* adds showcase
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
* fix: additional origin list (#1753 )
* fix: handle api configs in authz handler (#1755 )
* fix(console): add model for api keys, fix toast, binding (#1757 )
* fix: add model for api keys, fix toast, binding
* show api clientid
* fix: missing patchvalue (#1758 )
* feat: refresh token (#1728 )
* begin refresh tokens
* refresh tokens
* list and revoke refresh tokens
* handle remove
* tests for refresh tokens
* uniqueness and default expiration
* rename oidc token methods
* cleanup
* migration version
* Update internal/static/i18n/en.yaml
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fixes
* feat: update oidc pkg for refresh tokens
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* fix: correct json name of clientId in key.json (#1760 )
* fix: migration version (#1767 )
* start subscription
* eventtypes
* fix(login): links (#1778 )
* fix(login): href for help
* fix(login): correct link to tos
* fix: access tokens for service users and refresh token infos (#1779 )
* fix: access token for service user
* handle info from refresh request
* uniqueness
* postpone access token uniqueness change
* chore(coc): recommend code of conduct (#1782 )
* subscribe for events
* feat(console): refresh toggle out of granttype context (#1785 )
* refresh toggle
* disable if not code flow, lint
* lint
* fix: change oidc config order
* accept refresh option within flow
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: refresh token activation (#1795 )
* fix: oidc grant type check
* docs: add offline_access scope
* docs: update refresh token status in supported grant types
* fix: update oidc pkg
* fix: check refresh token grant type (#1796 )
* configuration structs
* org admins
* failed events
* fixes
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
* remove comment
* aggregate reducer
* remove eventtypes
* add protoc-get-validate to mod
* fix transaltion
* upsert
* add gender on org admins,
allow to retry failed stmts after configurable time
* remove if
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* current sequences
* make org and org_admins work again
* add aggregate type to current sequence
* fix(contibute): listing
* add validate module
* fix: search queries
* feat(eventstore): previous aggregate root sequence (#1810 )
* feat(eventstore): previous aggregate root sequence
* fix tests
* fix: eventstore v1 test
* add col to all mocked rows
* next try
* fix mig
* rename aggregate root to aggregate type
* update comment
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* small refactorings
* allow update multiple current sequences
* unique log id
* fix migrations
* rename org admin to org owner
* improve error handling and logging
* fix(migration): optimize prev agg root seq
* fix: projection handler test
* fix: sub queries
* small fixes
* additional event types
* correct org owner projection
* fix primary key
* feat(eventstore): jobs for projections (#2026 )
* fix: template names in login (#1974 )
* fix: template names in login
* fix: error.html
* fix: check for features on mgmt only (#1976 )
* fix: add sentry in ui, http and projection handlers (#1977 )
* fix: add sentry in ui, http and projection handlers
* fix test
* fix(eventstore): sub queries (#1805 )
* sub queries
* fix: tests
* add builder to tests
* new search query
* rename searchquerybuilder to builder
* remove comment from code
* test with multiple queries
* add filters test
* fix(contibute): listing
* add validate module
* fix: search queries
* remove unused event type in query
* ignore query if error in marshal
* go mod tidy
* update privacy policy query
* update queries
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* feat: Extend oidc idp with oauth endpoints (#1980 )
* feat: add oauth attributes to oidc idp configuration
* feat: return idpconfig id on create idp
* feat: tests
* feat: descriptions
* feat: docs
* feat: tests
* docs: update to beta 3 (#1984 )
* fix: role assertion (#1986 )
* fix: enum to display access token role assertion
* improve assertion descriptions
* fix nil pointer
* docs: eventstore (#1982 )
* docs: eventstore
* Apply suggestions from code review
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
* fix(sentry): trigger sentry release (#1989 )
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix: set version for sentry release (#1990 )
* feat(send sentry release): send sentry release
* fix(moved step and added releasetag): moved step and added releasetag
* fix(corrected var name): corrected var name
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: log error reason on terminate session (#1973 )
* fix: return default language file, if requested lang does not exist for default login texts (#1988 )
* fix: return default language file, if requested lang doesnt exists
* feat: read default translation file
* feat: docs
* fix: race condition in auth request unmarshalling (#1993 )
* feat: handle ui_locales in login (#1994 )
* fix: handle ui_locales in login
* move supportedlanguage func into i18n package
* update oidc pkg
* fix: handle closed channels on unsubscribe (#1995 )
* fix: give restore more time (#1997 )
* fix: translation file read (#2009 )
* feat: translation file read
* feat: readme
* fix: enable idp add button for iam users (#2010 )
* fix: filter event_data (#2011 )
* feat: Custom message files (#1992 )
* feat: add get custom message text to admin api
* feat: read custom message texts from files
* feat: get languages in apis
* feat: get languages in apis
* feat: get languages in apis
* feat: pr feedback
* feat: docs
* feat: merge main
* fix: sms notification (#2013 )
* fix: phone verifications
* feat: fix password reset as sms
* fix: phone verification
* fix: grpc status in sentry and validation interceptors (#2012 )
* fix: remove oauth endpoints from oidc config proto (#2014 )
* try with view
* fix(console): disable sw (#2021 )
* fix: disable sw
* angular.json disable sw
* project projections
* fix typos
* customize projections
* customizable projections,
add change date to projects
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
* env file
* typo
* correct users
* correct migration
* fix: merge fail
* fix test
* fix(tests): unordered matcher
* improve currentSequenceMatcher
* correct certs
* correct certs
* add zitadel database on database list
* refctor switch in match
* enable all handlers
* Delete io.env
* cleanup
* add handlers
* rename view to projection
* rename view to projection
* fix type typo
* remove unnecessary logs
* refactor stmts
* simplify interval calculation
* fix tests
* fix unlock test
* fix migration
* migs
* fix(operator): update cockroach and flyway versions (#2138 )
* chore(deps): bump k8s.io/apiextensions-apiserver from 0.19.2 to 0.21.3
Bumps [k8s.io/apiextensions-apiserver](https://github.com/kubernetes/apiextensions-apiserver ) from 0.19.2 to 0.21.3.
- [Release notes](https://github.com/kubernetes/apiextensions-apiserver/releases )
- [Commits](https://github.com/kubernetes/apiextensions-apiserver/compare/v0.19.2...v0.21.3 )
---
updated-dependencies:
- dependency-name: k8s.io/apiextensions-apiserver
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore(deps): bump google.golang.org/api from 0.34.0 to 0.52.0
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client ) from 0.34.0 to 0.52.0.
- [Release notes](https://github.com/googleapis/google-api-go-client/releases )
- [Changelog](https://github.com/googleapis/google-api-go-client/blob/master/CHANGES.md )
- [Commits](https://github.com/googleapis/google-api-go-client/compare/v0.34.0...v0.52.0 )
---
updated-dependencies:
- dependency-name: google.golang.org/api
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* start update dependencies
* update mods and otlp
* fix(build): update to go 1.16
* old version for k8s mods
* update k8s versions
* update orbos
* fix(operator): update cockroach and flyway version
* Update images.go
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
* fix import
* fix typo
* fix(migration): add org projection
* fix(projection): correct table for org events in org owners
* better insert stmt
* fix typo
* fix typo
* set max connection lifetime
* set max conns and conn lifetime in eventstore v1
* configure sql connection settings
* add mig for agg type index
* fix replace tab in yaml
* handler interfaces
* subscription
* first try
* handler
* move sql client initialization
* first part implemented
* removed all occurencies of org by id and search orgs
* fix merge issues
* cleanup code
* fix: queries implements orgviewprovider
* cleanup
* refactor text comparison
* remove unused file
* remove unused code
* log
* remove unused code
* remove unused field
* remove unused file
* refactor
* tests for search query
* remove try
* simplify state change mappers
* projection tests
* query functions
* move reusable objects to separate files
* rename domain column to primar_domain
* fix tests
* add current sequence
* remove log prints
* fix tests
* fix: verifier
* fix test
* rename domain col migrations
* simplify search response
* add custom column constructors
* fix: org projection table const
* fix: full column name
* feat: text query extension
* fix: tests for query
* number query
* add deprection message
* column in a single place (#2416 )
* column in a single place
* use projection for columns
* query column with aliases
* rename methods
* remove unused code
* column for current sequences
* global counter column
* fix is org unique
* fix: merge main and change actions / flow projections to new query side (#2434 )
* feat: actions (#2377 )
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* change actions / flow projections to new query side
* fixes
* enable org projection
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fixes
* cleanup
* add tests
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
Co-authored-by: mffap <mpa@caos.ch>
Co-authored-by: Maximilian Panne <maximilian.panne@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Christian Jakob <47860090+thesephirot@users.noreply.github.com>
Co-authored-by: Elio Bischof <eliobischof@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-09-29 13:20:57 +02:00
Livio Amstutz
ed80a8bb1e
feat: actions ( #2377 )
...
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-09-27 13:43:49 +02:00
Fabi
59e393728e
feat: Lockout policy feature ( #2341 )
...
* feat: add lockoutpolicy feature
* feat: add tests
* fix: err handling
2021-09-09 13:42:28 +00:00
Fabi
f4fa3ecef3
fix: Custom text split features ( #2225 )
...
* fix: separate tier of custom text (message and login)
* fix: add migration
* fix: build problems
* fix: tests
* Update internal/api/grpc/admin/features.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* Update internal/api/grpc/admin/features.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: rename sql file
* fix: change sql files
* fix: console
* fix: console
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-08-18 10:58:57 +00:00