Livio Spring
220c09d941
fix(login): correctly reload policies on auth request ( #7839 )
2024-04-24 10:54:55 +02:00
Tim Möhlmann
e22689c125
feat(oidc): id token for device authorization ( #7088 )
...
* cleanup todo
* pass id token details to oidc
* feat(oidc): id token for device authorization
This changes updates to the newest oidc version,
so the Device Authorization grant can return ID tokens when
the scope `openid` is set.
There is also some refactoring done, so that the eventstore can be
queried directly when polling for state.
The projection is cleaned up to a minimum with only data required for the login UI.
* try to be explicit wit hthe timezone to fix github
* pin oidc v3.8.0
* remove TBD entry
2023-12-20 13:21:08 +01:00
Tim Möhlmann
f680dd934d
refactor: rename package errors to zerrors ( #7039 )
...
* chore: rename package errors to zerrors
* rename package errors to gerrors
* fix error related linting issues
* fix zitadel error assertion
* fix gosimple linting issues
* fix deprecated linting issues
* resolve gci linting issues
* fix import structure
---------
Co-authored-by: Elio Bischof <elio@zitadel.com>
2023-12-08 15:30:55 +01:00
Stefan Benz
15fd3045e0
feat: add SAML as identity provider ( #6454 )
...
* feat: first implementation for saml sp
* fix: add command side instance and org for saml provider
* fix: add query side instance and org for saml provider
* fix: request handling in event and retrieval of finished intent
* fix: add review changes and integration tests
* fix: add integration tests for saml idp
* fix: correct unit tests with review changes
* fix: add saml session unit test
* fix: add saml session unit test
* fix: add saml session unit test
* fix: changes from review
* fix: changes from review
* fix: proto build error
* fix: proto build error
* fix: proto build error
* fix: proto require metadata oneof
* fix: login with saml provider
* fix: integration test for saml assertion
* lint client.go
* fix json tag
* fix: linting
* fix import
* fix: linting
* fix saml idp query
* fix: linting
* lint: try all issues
* revert linting config
* fix: add regenerate endpoints
* fix: translations
* fix mk.yaml
* ignore acs path for user agent cookie
* fix: add AuthFromProvider test for saml
* fix: integration test for saml retrieve information
---------
Co-authored-by: Livio Spring <livio.a@gmail.com>
2023-09-29 11:26:14 +02:00
Livio Spring
68bfab2fb3
feat(login): use default org for login without provided org context ( #6625 )
...
* start feature flags
* base feature events on domain const
* setup default features
* allow setting feature in system api
* allow setting feature in admin api
* set settings in login based on feature
* fix rebasing
* unit tests
* i18n
* update policy after domain discovery
* some changes from review
* check feature and value type
* check feature and value type
2023-09-29 08:21:32 +00:00
Livio Spring
7c494fd219
feat(login): add OTP (email and sms) ( #6353 )
...
* feat: login with otp
* fix(i18n): japanese translation
* add missing files
* fix provider change
* add event types translations to en
* add tests
* resourceOwner
* remove unused handler
* fix: secret generators and add comments
* add setup step
* rename
* linting
* fix setup
* improve otp handling
* fix autocomplete
* translations for login and notifications
* translations for event types
* changes from review
* check selected mfa type
2023-08-15 12:47:05 +00:00
Livio Spring
a1942ecdaa
feat(api): add and remove OTP (SMS and email) ( #6295 )
...
* refactor: rename otp to totp
* feat: add otp sms and email
* implement tests
2023-08-02 18:57:53 +02:00
Livio Spring
14b8cf4894
feat(api): add OIDC session service ( #6157 )
...
This PR starts the OIDC implementation for the API V2 including the Implicit and Code Flow.
Co-authored-by: Livio Spring <livio.a@gmail.com>
Co-authored-by: Tim Möhlmann <tim+github@zitadel.com>
Co-authored-by: Stefan Benz <46600784+stebenz@users.noreply.github.com>
2023-07-10 13:27:00 +00:00
Livio Spring
1c8037f291
fix: external user check ( #6038 )
2023-06-16 10:27:43 +02:00
Tim Möhlmann
5819924275
feat: device authorization RFC 8628 ( #5646 )
...
* device auth: implement the write events
* add grant type device code
* fix(init): check if default value implements stringer
---------
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2023-04-19 08:46:02 +00:00
Elio Bischof
e00cc187fa
fix: make user creation errors helpful ( #5382 )
...
* fix: make user creation errors helpful
* fix linting and unit testing errors
* fix linting
* make zitadel config reusable
* fix human validations
* translate ssr errors
* make zitadel config reusable
* cover more translations for ssr
* handle email validation message centrally
* fix unit tests
* fix linting
* align signatures
* use more precise wording
* handle phone validation message centrally
* fix: return specific profile errors
* docs: edit comments
* fix unit tests
---------
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2023-03-14 19:20:38 +00:00
Livio Spring
bffb10a4b4
feat: allow domain discovery for unknown usernames ( #4484 )
...
* fix: wait for projection initialization to be done
* feat: allow domain discovery for unknown usernames
* fix linting
* Update console/src/assets/i18n/de.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/en.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/it.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* Update console/src/assets/i18n/fr.json
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
* fix zh i18n text
* fix projection table name
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-10-06 13:30:14 +02:00
Livio Spring
7dfa1925cc
feat: restrict login to specific org by id (scope) ( #4294 )
...
* feat: add new org scope
* change default of UserLoginMustBeDomain to false
* return resource owner claims
* fix: use email style for first user
* fix: ensure email style for default users (backwards compatibility)
* change to external domain (as it was before UserLoginMustBeDomain change)
* update e2e tests to use email style usernames
* document new scope
* lint e2e
Co-authored-by: Fabi <38692350+hifabienne@users.noreply.github.com>
2022-09-23 12:08:10 +00:00
Stefan Benz
7a5f7f82cf
feat(saml): implementation of saml for ZITADEL v2 ( #3618 )
2022-09-12 18:18:08 +02:00
Livio Spring
02d2032790
feat: add ZITADEL project id scope ( #4146 )
...
* feat: add ZITADEL project id scope
* update documentation
* documentation
* fix scopes
* change to lowercase
2022-08-09 09:45:59 +02:00
Florian Forster
fa9f581d56
chore(v2): move to new org ( #3499 )
...
* chore: move to new org
* logging
* fix: org rename caos -> zitadel
Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
2022-04-26 23:01:45 +00:00
Livio Amstutz
56b916a2b0
feat: projections auto create their tables ( #3324 )
...
* begin init checks for projections
* first projection checks
* debug notification providers with query fixes
* more projections and first index
* more projections
* more projections
* finish projections
* fix tests (remove db name)
* create tables in setup
* fix logging / error handling
* add tenant to views
* rename tenant to instance_id
* add instance_id to all projections
* add instance_id to all queries
* correct instance_id on projections
* add instance_id to failed_events
* use separate context for instance
* implement features projection
* implement features projection
* remove unique constraint from setup when migration failed
* add error to failed setup event
* add instance_id to primary keys
* fix IAM projection
* remove old migrations folder
* fix keysFromYAML test
2022-03-23 09:02:39 +01:00
Livio Amstutz
ed80a8bb1e
feat: actions ( #2377 )
...
* feat(actions): begin api
* feat(actions): begin api
* api and projections
* fix: handle multiple statements for a single event in projections
* export func type
* fix test
* update to new reduce interface
* flows in login
* feat: jwt idp
* feat: command side
* feat: add tests
* actions and flows
* fill idp views with jwt idps and return apis
* add jwtEndpoint to jwt idp
* begin jwt request handling
* add feature
* merge
* merge
* handle jwt idp
* cleanup
* bug fixes
* autoregister
* get token from specific header name
* fix: proto
* fixes
* i18n
* begin tests
* fix and log http proxy
* remove docker cache
* fixes
* usergrants in actions api
* tests adn cleanup
* cleanup
* fix add user grant
* set login context
* i18n
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
2021-09-27 13:43:49 +02:00
Fabi
74688394d8
feat: set private labeling setting on project ( #2184 )
...
* docs: add scope to request private labeling
* feat: add enum to project
* fix: remove unused code, add private labeling setting to query side
* fix: set private labeling depending on setting
* fix: private labeling depending on project setting
* Update proto/zitadel/management.proto
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
* fix: rename sql file
* fix: private labeling setting
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-08-24 08:34:10 +02:00
Fabi
bc951985ed
feat: Lockout policy ( #2121 )
...
* feat: lock users if lockout policy is set
* feat: setup
* feat: lock user on password failes
* feat: render error
* feat: lock user on command side
* feat: auth_req tests
* feat: lockout policy docs
* feat: remove show lockout failures from proto
* fix: console lockout
* feat: tests
* fix: tests
* unlock function
* add unlock button
* fix migration version
* lockout policy
* lint
* Update internal/auth/repository/eventsourcing/eventstore/auth_request.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
* fix: err message
* Update internal/command/setup_step4.go
Co-authored-by: Silvan <silvan.reusser@gmail.com>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2021-08-11 06:36:32 +00:00
Livio Amstutz
f93337e99b
fix: race condition in auth request unmarshalling ( #1993 )
2021-07-08 16:38:34 +00:00
Fabi
99b2c33ccb
feat: Custom text login ( #1925 )
...
* feat: default custom message text
* feat: org custom message text
* feat: org custom message text
* feat: custom messages query side
* feat: default messages
* feat: message text user fields
* feat: check for inactive user
* feat: fix send password reset
* feat: fix custom org text
* feat: add variables to docs
* feat: custom text tests
* feat: fix notifications
* feat: add custom text feature
* feat: add custom text feature
* feat: feature in custom message texts
* feat: add custom text feature in frontend
* feat: merge main
* feat: feature tests
* feat: change phone message in setup
* fix: remove unused code, add event translation
* fix: merge main and fix problems
* fix: english translation file
* fix: migration versions
* fix: setup
* fix: custom login text
* feat: add all possible custom texts for login
* feat: iam login texts
* feat: org login texts
* feat: protos
* fix: custom text in admin api
* fix: add success login text
* fix: docs
* fix: add custom login texts to management api
* fix: add sub messages to custom login texts
* fix: setup custom texts
* feat: get org login texts
* feat: get org login texts
* feat: handler in adminapi
* feat: handlers in auth and admin
* feat: render login texts
* feat: custom login text
* feat: add all login text keys
* feat: handle correct login texts
* feat: custom login texts in command side
* feat: custom login texts in command side
* feat: fix yaml file
* feat: merge master and add confirmation text
* feat: fix html
* feat: read default login texts
* feat: get default text files
* feat: get custom texts org
* feat: tests
* feat: change translator handling
* fix translator from authReq
* feat: change h1 on login screens
* feat: add custom login text for remove
* feat: add custom login text for remove
* feat: cache translation files
* feat: cache translation files
* feat: zitadel user in env var
* feat: add registration user description
* feat: better func naming
* feat: tests
* feat: add mutex to read file
* feat: add mutex to read file
* fix mutex for accessing translation map
* fix: translation key
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-07-05 15:10:49 +02:00
Fabi
beb1c1604a
feat: Privacy policy ( #1957 )
...
* feat: command side privacy policy
* feat: add privacy policy to api
* feat: add privacy policy query side
* fix: add privacy policy to mgmt api
* fix: add privacy policy to auth and base data
* feat: use privacyPolicy in login gui
* feat: use privacyPolicy in login gui
* feat: test org fatures
* feat: typos
* feat: tos in register
2021-07-05 10:36:51 +02:00
Livio Amstutz
4a2ca5a1e8
fix: handle reauth correctly (max_age=0 or prompt=login) ( #1870 )
...
* max age
* merge main
* fix when no prompt is set
* fix: update oidc pkg
* fix tests
2021-06-16 10:02:15 +02:00
Livio Amstutz
ab78b34c6c
feat: request registration process by prompt ( #1798 )
...
* feat: request registration process by prompt
* fix merge
* add prompt create to docs
2021-06-14 10:40:38 +02:00
Fabi
73d37459bb
feat: label policy ( #1708 )
...
* feat: label policy proto extension
* feat: label policy and activate event
* feat: label policy asset events
* feat: label policy asset commands
* feat: add storage key
* feat: storage key validation
* feat: label policy asset tests
* feat: label policy query side
* feat: avatar
* feat: avatar event
* feat: human avatar
* feat: avatar read side
* feat: font on iam label policy
* feat: label policy font
* feat: possiblity to create bucket on put file
* uplaoder
* login policy logo
* set bucket prefix
* feat: avatar upload
* feat: avatar upload
* feat: use assets on command side
* feat: fix human avatar removed event
* feat: remove human avatar
* feat: mock asset storage
* feat: remove human avatar
* fix(operator): add configuration of asset storage to zitadel operator
* feat(console): private labeling policy (#1697 )
* private labeling component, routing, preview
* font, colors, upload, i18n
* show logo
* fix: uniqueness (#1710 )
* fix: uniqueconstraint to lower
* feat: change org
* feat: org change test
* feat: change org
* fix: tests
* fix: handle domain claims correctly
* feat: update org
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: handle domain claimed event correctly for service users (#1711 )
* fix: handle domain claimed event correctly on user view
* fix: ignore domain claimed events for email notifications
* fix: change org
* handle org changed in read models correctly
* fix: change org in user grant handler
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
* fix: correct value (#1695 )
* docs(api): correct link (#1712 )
* upload service
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
Co-authored-by: Florian Forster <florian@caos.ch>
* feat: fix tests,
* feat: remove assets from label policy
* fix npm, set environment
* lint ts
* remove stylelinting
* fix(operator): add mapping for console with changed unit tests
* fix(operator): add secrets as env variables to pod
* feat: remove human avatar
* fix(operator): add secrets as env variables to pod
* feat: map label policy
* feat: labelpolicy, admin, mgmt, adv settings (#1715 )
* fetch label policy, mgmt, admin service
* feat: advanced beh, links, add, update
* lint ts
* feat: watermark
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: remove human avatar
* feat: custom css
* css
* css
* css
* css
* css
* getobject
* feat: dynamic handler
* feat: varibale css
* content info
* css overwrite
* feat: variablen css
* feat: generate css file
* feat: dark mode
* feat: dark mode
* fix logo css
* feat: upload logos
* dark mode with cookie
* feat: handle images in login
* avatar css and begin font
* feat: avatar
* feat: user avatar
* caching of static assets in login
* add avatar.js to main.html
* feat: header dont show logo if no url
* feat: label policy colors
* feat: mock asset storage
* feat: mock asset storage
* feat: fix tests
* feat: user avatar
* feat: header logo
* avatar
* avatar
* make it compatible with go 1.15
* feat: remove unused logos
* fix handler
* fix: styling error handling
* fonts
* fix: download func
* switch to mux
* fix: change upload api to assets
* fix build
* fix: download avatar
* fix: download logos
* fix: my avatar
* font
* fix: remove error msg popup possibility
* fix: docs
* fix: svalidate colors
* rem msg popup from frontend
* fix: email with private labeling
* fix: tests
* fix: email templates
* fix: change migration version
* fix: fix duplicate imports
* fix(console): assets, service url, upload, policy current and preview (#1781 )
* upload endpoint, layout
* fetch current, preview, fix upload
* cleanup private labeling
* fix linting
* begin generated asset handler
* generate asset api in dockerfile
* features for label policy
* features for label policy
* features
* flag for asset generator
* change asset generator flag
* fix label policy view in grpc
* fix: layout, activate policy (#1786 )
* theme switcher up on top
* change layout
* activate policy
* feat(console): label policy back color, layout (#1788 )
* theme switcher up on top
* change layout
* activate policy
* fix overwrite value fc
* reset policy, reset service
* autosave policy, preview desc, layout impv
* layout, i18n
* background colors, inject material styles
* load images
* clean, lint
* fix layout
* set custom hex
* fix content size conversion
* remove font format in generated css
* fix features for assets
* fix(console): label policy colors, image downloads, preview (#1804 )
* load images
* colors, images binding
* lint
* refresh emitter
* lint
* propagate font colors
* upload error handling
* label policy feature check
* add blob in csp for console
* log
* fix: feature edits for label policy, refresh state on upload (#1807 )
* show error on load image, stop spinner
* fix merge
* fix migration versions
* fix assets
* fix csp
* fix background color
* scss
* fix build
* lint scss
* fix statik for console
* fix features check for label policy
* cleanup
* lint
* public links
* fix notifications
* public links
* feat: merge main
* feat: fix translation files
* fix migration
* set api domain
* fix logo in email
* font face in email
* font face in email
* validate assets on upload
* cleanup
* add missing translations
* add missing translations
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Stefan Benz <stefan@caos.ch>
Co-authored-by: Max Peintner <max@caos.ch>
Co-authored-by: Florian Forster <florian@caos.ch>
2021-06-04 14:53:51 +02:00
Fabi
4d10f3e715
fix: import user, hide login name suffix ( #1474 )
...
* fix: import user, and label policy command side
* feat: Import user and hide loginname suffix (#1464 )
* fix: import user
* fix: label policy
* fix: label policy
* fix: label policy
* fix: migrations
* fix: migrations
* fix: migrations
* fix: label policy
* loginSuffix in login ui
* suffix
* fix cursor on disabled user selection
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
(cherry picked from commit 03ddb8fc38
)
* feat: Import user and hide loginname suffix (#1464 )
* fix: import user
* fix: label policy
* fix: label policy
* fix: label policy
* fix: migrations
* fix: migrations
* fix: migrations
* fix: label policy
* loginSuffix in login ui
* suffix
* fix cursor on disabled user selection
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
(cherry picked from commit 03ddb8fc38
)
* feat: Import user and hide loginname suffix (#1464 )
* fix: import user
* fix: label policy
* fix: label policy
* fix: label policy
* fix: migrations
* fix: migrations
* fix: migrations
* fix: label policy
* loginSuffix in login ui
* suffix
* fix cursor on disabled user selection
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
(cherry picked from commit 03ddb8fc38
)
* fix: label policy events
* loginname placeholder
* fix: tests
* fix: tests
* Update internal/command/iam_policy_label_model.go
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2021-03-25 14:41:07 +01:00
Fabi
d8e42744b4
fix: move v2 pkgs ( #1331 )
...
* fix: move eventstore pkgs
* fix: move eventstore pkgs
* fix: remove v2 view
* fix: remove v2 view
2021-02-23 15:13:04 +01:00