112 Commits

Author SHA1 Message Date
Silvan
cf7a906023
feat(auth): My user changes (#318)
* fix: project by id loads project from view and from eventstore

* fix: correct search key for role

* feat(auth): my user changes

* fix: improve error handling in change converters

* fix: log-id
2020-07-01 07:18:05 +02:00
Silvan
566161ae89
fix: correct search params for project role by id (#316)
* fix: project by id loads project from view and from eventstore

* fix: correct search key for role
2020-06-30 07:56:03 +02:00
Silvan
3c56fe6a0f
fix: project by id loads project from view and from eventstore (#315) 2020-06-30 07:54:39 +02:00
Fabi
5a0876cf98
fix: rename tables failed_event to failed_events (#287)
* fix: rename tables failed_event to failed_events

* fix: use const
2020-06-29 09:56:29 +02:00
Fabi
79eff2795f
feat: on logout we terminate all sessions from agent (#288)
* feat: on logout we terminate all sessions from agent

* Update eventstore.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-29 09:49:40 +02:00
Fabi
c8a0a050ba
fix: editorname (#281)
* feat: editorname on changes

* feat: editorname on changes

* feat: editorname on changes

* feat: editorname on changes

* fix: tests

* fix: tests
2020-06-29 09:37:10 +02:00
Fabi
f31bea8d1c
fix: otp level (#292) 2020-06-26 14:44:35 +02:00
Fabi
ee73dc07dd
fix: use email as account name in otp instead of userid (#274)
* fix: use email as account name in otp instead of userid

* fix: use email as account name in otp instead of userid
2020-06-26 08:31:25 +02:00
Silvan
d947bb1247
feat(changes): add editor (#273)
* fix(changes): add editor to change mapper

* fix(eventstore): only add latest sequence if greater 0 to query

* sort order in request for changes

* fix(changes): map editor for org, app and project
2020-06-25 11:25:38 +02:00
Fabi
62b654ea18
feat: iam members in admin api (#272)
* feat: iam members in admin api

* feat: add error id in translate error

* fix: resolve merge conflicts
2020-06-25 08:12:29 +02:00
Fabi
8bfa1a083c
feat: administrator (#271)
* feat: get views and failed events

* feat: get views and failed events

* feat: get views and failed events

* Update internal/view/repository/sequence.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/view/repository/general_query.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-25 08:01:13 +02:00
Fabi
f7aed1c864
feat: my user mfas (#264) 2020-06-24 10:47:11 +02:00
Fabi
3cd3a238c2
fix: all enums same style (#262)
* fix: all enums same style

* fix: rename process to reduce

* add some missing enum renaming

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-23 14:47:47 +02:00
Fabi
c376b92315
fix: proto (#260)
* fix: global search calls

* fix: management proto

* fix: management proto mock

* fix: remove unused request

* fix: add mock file

* fix: remove unused objects

* fix: unique username
2020-06-23 10:09:30 +02:00
Livio Amstutz
83ff4c8ee6
fix: password reset (#258)
* feat: translate error messages in error interceptor

* fix: add statik import

* feat: user error msgs

* feat: add translations

* feat: add translations

* feat: add translations

* feat: add translations

* feat: add translations

* feat: add translations

* some fixes and improved error messages

* display loginname only on authReq

* fix: login names (and query) (#253)

* fix: add interceptors for console (#255)

* add interceptors for console

* add interceptors for console to env.json

* fix: query side (#257)

* fix: project by id return projectview

* fix: return always view model on query side

* fix: return always view model on query side

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
2020-06-23 09:45:08 +02:00
Fabi
1de574df42
fix: query side (#257)
* fix: project by id return projectview

* fix: return always view model on query side

* fix: return always view model on query side
2020-06-23 07:06:07 +02:00
Fabi
6556d053b2
feat: translate error messages (#254)
* feat: translate error messages in error interceptor

* fix: add statik import

* feat: user error msgs

* feat: add translations

* feat: add translations

* feat: add translations

* feat: add translations

* feat: add translations

* feat: add translations

* some fixes and improved error messages

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-22 13:51:44 +02:00
Livio Amstutz
f68a5e63b5
fix: add interceptors for console (#255)
* add interceptors for console

* add interceptors for console to env.json
2020-06-22 13:17:29 +02:00
Livio Amstutz
66cca48b62
fix: login names (and query) (#253) 2020-06-22 10:38:29 +02:00
Fabi
d89087cbe0
feat: get my project permission (#245) 2020-06-19 15:33:54 +02:00
Fabi
710652ef24
feat: delete (#243)
* feat: project role remove

* feat: search queries

* feat: search queries

* feat: cascade remove/change project role

* fix: comment in project grant

* fix: remove projecr grant

* fix: only search usergrants of my org

* fix: delete usergrants

* fix: delete usergrants

* fix: check if role exists on project grant

* feat: bulk add project role

* fix: tests

* fix: update user grants on project update

* fix: return roles

* feat: add resourceowner name on project grants

* fix: migration number

* fix: tests

* fix: generate protos

* fix: some unnecessary code
2020-06-19 15:32:03 +02:00
Livio Amstutz
e653eaab86
fix: login (#242)
* password in init user only if needed

* reactivate user session

* set context AuthorizeClientIDSecret

* fix qr code for light

* fix copy

* check user and org active in auth

* add org view provider

* handle inactive projects

* translate error messages
2020-06-19 14:52:04 +02:00
Fabi
add4c103cf
fix: internal grant view (#239)
* fix: internal grant view

* feat: add orgiam policy in management

* fix: roleSuffix
2020-06-19 07:27:16 +02:00
Fabi
5e39a5f813
fix: delete org domain (#234) 2020-06-17 17:23:39 +02:00
Livio Amstutz
e7b139ba2c
fix: preferred login name (#231)
* fix: add preferred login name to my user sessions and get user info from view

* fix: my user in auth
2020-06-17 16:43:53 +02:00
Livio Amstutz
1c59d18fee
fix: improvements for login and oidc (#227)
* add csrf

* caching

* caching

* caching

* caching

* security headers

* csp and security headers

* error handler csp

* select user with display name

* csp

* user selection styling

* username to loginname

* regenerate grpc

* regenerate

* change to login name
2020-06-17 08:06:40 +02:00
Fabi
6fa62ccd0a
feat: fixes (#228)
* feat: user login names

* fix: user login names

* fix: generate login name
2020-06-17 07:25:04 +02:00
Fabi
7a6ca24625
feat: multiple domains (#188)
* check uniqueness on create and register user

* change user email, reserve release unique email

* usergrant unique aggregate

* usergrant uniqueness

* validate UserGrant

* fix tests

* domain is set on username in all orgs

* domain in admin

* org domain sql

* zitadel domain org name

* org domains

* org iam policy

* default org iam policy

* SETUP

* load login names

* login by login name

* login name

* fix: merge master

* fix: merge master

* Update internal/user/repository/eventsourcing/user.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix: fix unique domains

* fix: rename env variable

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-16 11:40:18 +02:00
Fabi
64b14b4e19
fix: update profile (#223)
* fix: update profile

* Update management.proto

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-06-16 07:03:31 +02:00
Michael Waeger
1dd82ab1b7
Changes (#195)
* Changes added

* Reading of events for applications changed.

* Proto changed

* Tests added

* Added more tests.

* Struct for Data expanded with additional fields.

* refactoring

* Changes from review.

* Merge in to Master

* Changes from review.

* fix: generate proto

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2020-06-15 16:50:09 +02:00
Fabi
8dd6082b17
feat: add project creator role on register user (#222)
* feat: add project creator role on register user

* fix: better error message

* fix: tests
2020-06-15 14:57:19 +02:00
Fabi
e63179514c
fix: projects (#221)
* feat: projects and project grants seperated

* fix: tests

* fix: add mock
2020-06-15 14:50:39 +02:00
Fabi
c4eaeee7af
fix: org member in setup (#213) 2020-06-11 16:43:22 +02:00
Livio Amstutz
e57d4b1ed4
fix: terminate usersession (#212) 2020-06-11 16:34:54 +02:00
Livio Amstutz
44d41b8d97
fix: failed events (#211)
* fix: add iam roles to permissions

* fix: show state initial on usersearch

* fix: search project roles returns only roles of project

* fix: add project member owner on project create

* fix: create new object oon failed event

* feat: parse error body on chat message

* feat: remove comment

* fix: set policy eventstore in admin

* fix failed events

* fix resend for password set

* fix: create user with correct resource owner

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
2020-06-11 14:59:57 +02:00
Fabi
ddf9434282
fix: Fixes (#210)
* fix: add iam roles to permissions

* fix: show state initial on usersearch

* fix: search project roles returns only roles of project

* fix: add project member owner on project create

* fix: create new object oon failed event

* feat: parse error body on chat message

* feat: remove comment

* fix: set policy eventstore in admin
2020-06-11 13:49:03 +02:00
Fabi
43dc925f16
fix: bugs (#208)
* fix: add iam roles to permissions

* fix: show state initial on usersearch

* fix: search project roles returns only roles of project

* fix: add project member owner on project create

* fix: create new object oon failed event

* feat: parse error body on chat message

* feat: remove comment
2020-06-11 13:27:25 +02:00
Fabi
2c97794538
feat: login errors (#204)
* feat: nice error messages

* feat: nice error messages

* fix: add project type

* fix: message ids

* handle error messages in login

* add some better error messages

* fix: better error messages on login

* fix: better error messages on login

* fix: add internal errors

* fix: tests
2020-06-11 13:22:24 +02:00
Fabi
9965beee9c
fix: add project id on project grant (#202)
* fix: add project id on project grant

* fix: get granted project grant member
2020-06-10 14:28:15 +02:00
Fabi
652a408c99
fix: project type (#201) 2020-06-10 13:24:55 +02:00
Fabi
207842be91
fix: fix some requests (#198)
* fix: alway do permission check

* fix: alway do permission check

* fix: add project query to applications search request

* fix: add email template to statik

* fix: org members
2020-06-10 10:47:50 +02:00
Fabi
25b97b1bcc
fix: projectorgs (#193)
* fix: get my project orgs

* fix: get project orgs
2020-06-09 16:20:14 +02:00
Fabi
17f0eea4a1
feat: Notification translation (#192)
* feat: translate emails

* feat: translate emails

* fix: add notification statik to build

* fix: add codes to templates
2020-06-09 15:11:42 +02:00
Fabi
e87fca28e7
feat: Check zitadel project (#191)
* feat: check if zitadel project is changed

* feat: check if zitadel project is changed
2020-06-09 14:41:09 +02:00
Fabi
8135b6d2ec
sonyflake fix (#180) 2020-06-05 19:56:40 +02:00
Livio Amstutz
8a5badddf6
feat: Login, OP Support and Auth Queries (#177)
* fix: change oidc config

* fix: change oidc config secret

* begin models

* begin repo

* fix: implement grpc app funcs

* fix: add application requests

* fix: converter

* fix: converter

* fix: converter and generate clientid

* fix: tests

* feat: project grant aggregate

* feat: project grant

* fix: project grant check if role existing

* fix: project grant requests

* fix: project grant fixes

* fix: project grant member model

* fix: project grant member aggregate

* fix: project grant member eventstore

* fix: project grant member requests

* feat: user model

* begin repo

* repo models and more

* feat: user command side

* lots of functions

* user command side

* profile requests

* commit before rebase on user

* save

* local config with gopass and more

* begin new auth command (user centric)

* Update internal/user/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/address.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/email.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/mfa.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/password.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/phone.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/model/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/usergrant/repository/eventsourcing/user_grant.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/user_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* Update internal/user/repository/eventsourcing/eventstore_mock_test.go

Co-Authored-By: Livio Amstutz <livio.a@gmail.com>

* changes from mr review

* save files into basedir

* changes from mr review

* changes from mr review

* move to auth request

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/usergrant/repository/eventsourcing/cache.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* changes requested on mr

* fix generate codes

* fix return if no events

* password code

* email verification step

* more steps

* lot of mfa

* begin tests

* more next steps

* auth api

* auth api (user)

* auth api (user)

* auth api (user)

* differ requests

* merge

* tests

* fix compilation error

* mock for id generator

* Update internal/user/repository/eventsourcing/model/password.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* Update internal/user/repository/eventsourcing/model/user.go

Co-authored-by: Silvan <silvan.reusser@gmail.com>

* requests of mr

* check email

* begin separation of command and query

* otp

* change packages

* some cleanup and fixes

* tests for auth request / next steps

* add VerificationLifetimes to config and make it run

* tests

* fix code challenge validation

* cleanup

* fix merge

* begin view

* repackaging tests and configs

* fix startup config for auth

* add migration

* add PromptSelectAccount

* fix copy / paste

* remove user_agent files

* fixes

* fix sequences in user_session

* token commands

* token queries and signout

* fix

* fix set password test

* add token handler and table

* handle session init

* add session state

* add user view test cases

* change VerifyMyMfaOTP

* some fixes

* fix user repo in auth api

* cleanup

* add user session view test

* fix merge

* begin oidc

* user agent and more

* config

* keys

* key command and query

* add login statics

* key handler

* start login

* login handlers

* lot of fixes

* merge oidc

* add missing exports

* add missing exports

* fix some bugs

* authrequestid in htmls

* getrequest

* update auth request

* fix userid check

* add username to authrequest

* fix user session and auth request handling

* fix UserSessionsByAgentID

* fix auth request tests

* fix user session on UserPasswordChanged and MfaOtpRemoved

* fix MfaTypesSetupPossible

* handle mfa

* fill username

* auth request query checks new events

* fix userSessionByIDs

* fix tokens

* fix userSessionByIDs test

* add user selection

* init code

* user code creation date

* add init user step

* add verification failed types

* add verification failures

* verify init code

* user init code handle

* user init code handle

* fix userSessionByIDs

* update logging

* user agent cookie

* browserinfo from request

* add DeleteAuthRequest

* add static login files to binary

* add login statik to build

* move generate to separate file and remove statik.go files

* remove static dirs from startup.yaml

* generate into separate namespaces

* merge master

* auth request code

* auth request type mapping

* fix keys

* improve tokens

* improve register and basic styling

* fix ailerons font

* improve password reset

* add audience to token

* all oidc apps as audience

* fix test nextStep

* fix email texts

* remove "not set"

* lot of style changes

* improve copy to clipboard

* fix footer

* add cookie handler

* remove placeholders

* fix compilation after merge

* fix auth config

* remove comments

* typo

* use new secrets store

* change default pws to match default policy

* fixes

* add todo

* enable login

* fix db name

* Auth queries (#179)

* my usersession

* org structure/ auth handlers

* working user grant spooler

* auth internal user grants

* search my project orgs

* remove permissions file

* my zitadel permissions

* my zitadel permissions

* remove unused code

* authz

* app searches in view

* token verification

* fix user grant load

* fix tests

* fix tests

* read configs

* remove unused const

* remove todos

* env variables

* app_name

* working authz

* search projects

* global resourceowner

* Update internal/api/auth/permissions.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* Update internal/api/auth/permissions.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* model2 rename

* at least it works

* check token expiry

* search my user grants

* remove token table from authz

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* fix test

* fix ports and enable console

Co-authored-by: Fabiennne <fabienne.gerschwiler@gmail.com>
Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
Co-authored-by: Silvan <silvan.reusser@gmail.com>
2020-06-05 07:50:04 +02:00
Fabi
a4c7b39552
feat: Policy check (#149)
* check password complexity policy

* check password complexity policy

* fix tests

* Update internal/admin/repository/eventsourcing/setup/setup.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>

* changes for mr

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-05-29 08:44:01 +02:00
Fabi
e3f9e9c05e
use global id generator (#142)
* use global id generator

* remove duplicate `UserRemoved`

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
2020-05-28 13:28:36 +02:00
Fabi
2758bf30b1
fix: Project checks (#141)
* project validations

* unique project on resourceowner
2020-05-28 06:53:12 +02:00
Fabi
d447f68d78
fix: User checks (#139)
* check uniqueness on create and register user

* change user email, reserve release unique email

* usergrant unique aggregate

* usergrant uniqueness

* validate UserGrant

* fix tests
2020-05-28 06:49:22 +02:00