package admin
import (
"context"
"time"
"google.golang.org/protobuf/types/known/durationpb"
"google.golang.org/protobuf/types/known/timestamppb"
authn_grpc "github.com/zitadel/zitadel/internal/api/grpc/authn"
text_grpc "github.com/zitadel/zitadel/internal/api/grpc/text"
"github.com/zitadel/zitadel/internal/domain"
"github.com/zitadel/zitadel/internal/query"
"github.com/zitadel/zitadel/internal/telemetry/tracing"
"github.com/zitadel/zitadel/internal/zerrors"
admin_pb "github.com/zitadel/zitadel/pkg/grpc/admin"
app_pb "github.com/zitadel/zitadel/pkg/grpc/app"
idp_pb "github.com/zitadel/zitadel/pkg/grpc/idp"
management_pb "github.com/zitadel/zitadel/pkg/grpc/management"
org_pb "github.com/zitadel/zitadel/pkg/grpc/org"
policy_pb "github.com/zitadel/zitadel/pkg/grpc/policy"
project_pb "github.com/zitadel/zitadel/pkg/grpc/project"
user_pb "github.com/zitadel/zitadel/pkg/grpc/user"
v1_pb "github.com/zitadel/zitadel/pkg/grpc/v1"
)
func (s *Server) ExportData(ctx context.Context, req *admin_pb.ExportDataRequest) (_ *admin_pb.ExportDataResponse, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
orgSearchQuery := &query.OrgSearchQueries{}
if len(req.OrgIds) > 0 {
orgIDsSearchQuery, err := query.NewOrgIDsSearchQuery(req.OrgIds...)
if err != nil {
return nil, err
}
orgSearchQuery.Queries = []query.SearchQuery{orgIDsSearchQuery}
}
queriedOrgs, err := s.query.SearchOrgs(ctx, orgSearchQuery, nil)
if err != nil {
return nil, err
}
orgs := make([]*admin_pb.DataOrg, len(queriedOrgs.Orgs))
processedOrgs := make([]string, len(queriedOrgs.Orgs))
processedProjects := make([]string, 0)
processedGrants := make([]string, 0)
processedUsers := make([]string, 0)
processedActions := make([]string, 0)
for i, queriedOrg := range queriedOrgs.Orgs {
if req.ExcludedOrgIds != nil {
found := false
for _, excludedOrg := range req.ExcludedOrgIds {
if excludedOrg == queriedOrg.ID {
found = true
}
}
if found {
continue
}
}
processedOrgs = append(processedOrgs, queriedOrg.ID)
/******************************************************************************************************************
Organization
******************************************************************************************************************/
org := &admin_pb.DataOrg{OrgId: queriedOrg.ID, Org: &management_pb.AddOrgRequest{Name: queriedOrg.Name}}
orgs[i] = org
}
for _, org := range orgs {
org.DomainPolicy, err = s.getDomainPolicy(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
org.Domains, err = s.getDomains(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
org.OidcIdps, org.JwtIdps, err = s.getIDPs(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
orgIDPs := make([]string, 0)
for _, idp := range org.OidcIdps {
orgIDPs = append(orgIDPs, idp.GetIdpId())
}
for _, idp := range org.JwtIdps {
orgIDPs = append(orgIDPs, idp.GetIdpId())
}
org.LabelPolicy, err = s.getLabelPolicy(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
org.LoginPolicy, err = s.getLoginPolicy(ctx, org.GetOrgId(), orgIDPs)
if err != nil {
return nil, err
}
org.UserLinks, err = s.getUserLinks(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
org.LockoutPolicy, err = s.getLockoutPolicy(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
org.PasswordComplexityPolicy, err = s.getPasswordComplexityPolicy(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
org.PrivacyPolicy, err = s.getPrivacyPolicy(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
langResp, err := s.GetSupportedLanguages(ctx, &admin_pb.GetSupportedLanguagesRequest{})
if err != nil {
return nil, err
}
org.LoginTexts, err = s.getCustomLoginTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.InitMessages, err = s.getCustomInitMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.PasswordResetMessages, err = s.getCustomPasswordResetMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.VerifyEmailMessages, err = s.getCustomVerifyEmailMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.VerifyPhoneMessages, err = s.getCustomVerifyPhoneMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.VerifySmsOtpMessages, err = s.getCustomVerifySMSOTPMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.VerifyEmailOtpMessages, err = s.getCustomVerifyEmailOTPMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.DomainClaimedMessages, err = s.getCustomDomainClaimedMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
org.PasswordlessRegistrationMessages, err = s.getCustomPasswordlessRegistrationMessageTexts(ctx, org.GetOrgId(), langResp.Languages)
if err != nil {
return nil, err
}
/******************************************************************************************************************
Users
******************************************************************************************************************/
org.HumanUsers, org.MachineUsers, org.UserMetadata, org.MachineKeys, err = s.getUsers(ctx, org.GetOrgId(), req.WithPasswords, req.WithOtp)
if err != nil {
return nil, err
}
for _, processedUser := range org.HumanUsers {
processedUsers = append(processedUsers, processedUser.UserId)
}
for _, processedUser := range org.MachineUsers {
processedUsers = append(processedUsers, processedUser.UserId)
}
/******************************************************************************************************************
Project and Applications
******************************************************************************************************************/
org.Projects, org.ProjectRoles, org.OidcApps, org.ApiApps, org.AppKeys, err = s.getProjectsAndApps(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
for _, processedProject := range org.Projects {
processedProjects = append(processedProjects, processedProject.ProjectId)
}
/******************************************************************************************************************
Actions
******************************************************************************************************************/
org.Actions, err = s.getActions(ctx, org.GetOrgId())
if err != nil {
return nil, err
}
for _, processedAction := range org.Actions {
processedActions = append(processedActions, processedAction.ActionId)
}
}
for _, org := range orgs {
/******************************************************************************************************************
Flows
******************************************************************************************************************/
org.TriggerActions, err = s.getTriggerActions(ctx, org.OrgId, processedActions)
if err != nil {
return nil, err
}
/******************************************************************************************************************
Grants
******************************************************************************************************************/
org.ProjectGrants, err = s.getNecessaryProjectGrantsForOrg(ctx, org.OrgId, processedOrgs, processedProjects)
if err != nil {
return nil, err
}
for _, processedGrant := range org.ProjectGrants {
processedGrants = append(processedGrants, processedGrant.GrantId)
}
org.UserGrants, err = s.getNecessaryUserGrantsForOrg(ctx, org.OrgId, processedProjects, processedGrants, processedUsers)
if err != nil {
return nil, err
}
}
for _, org := range orgs {
/******************************************************************************************************************
Members
******************************************************************************************************************/
org.OrgMembers, err = s.getNecessaryOrgMembersForOrg(ctx, org.OrgId, processedUsers)
if err != nil {
return nil, err
}
org.ProjectMembers, err = s.getNecessaryProjectMembersForOrg(ctx, processedProjects, processedUsers)
if err != nil {
return nil, err
}
org.ProjectGrantMembers, err = s.getNecessaryProjectGrantMembersForOrg(ctx, org.OrgId, processedProjects, processedGrants, processedUsers)
if err != nil {
return nil, err
}
}
return &admin_pb.ExportDataResponse{
Orgs: orgs,
}, nil
}
func (s *Server) getDomainPolicy(ctx context.Context, orgID string) (_ *admin_pb.AddCustomDomainPolicyRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
queriedDomain, err := s.query.DomainPolicyByOrg(ctx, true, orgID, false)
if err != nil {
return nil, err
}
if !queriedDomain.IsDefault {
return &admin_pb.AddCustomDomainPolicyRequest{
OrgId: orgID,
UserLoginMustBeDomain: queriedDomain.UserLoginMustBeDomain,
ValidateOrgDomains: queriedDomain.ValidateOrgDomains,
SmtpSenderAddressMatchesInstanceDomain: queriedDomain.SMTPSenderAddressMatchesInstanceDomain,
}, nil
}
return nil, nil
}
func (s *Server) getDomains(ctx context.Context, orgID string) (_ []*org_pb.Domain, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
orgDomainOrgIDQuery, err := query.NewOrgDomainOrgIDSearchQuery(orgID)
if err != nil {
return nil, err
}
orgDomainsQuery, err := s.query.SearchOrgDomains(ctx, &query.OrgDomainSearchQueries{Queries: []query.SearchQuery{orgDomainOrgIDQuery}}, false)
if err != nil {
return nil, err
}
orgDomains := make([]*org_pb.Domain, len(orgDomainsQuery.Domains))
for i, orgDomain := range orgDomainsQuery.Domains {
orgDomains[i] = &org_pb.Domain{
OrgId: orgDomain.OrgID,
DomainName: orgDomain.Domain,
IsVerified: orgDomain.IsVerified,
IsPrimary: orgDomain.IsPrimary,
ValidationType: org_pb.DomainValidationType(orgDomain.ValidationType),
}
}
return orgDomains, nil
}
func (s *Server) getIDPs(ctx context.Context, orgID string) (_ []*v1_pb.DataOIDCIDP, _ []*v1_pb.DataJWTIDP, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
ownerType, err := query.NewIDPOwnerTypeSearchQuery(domain.IdentityProviderTypeOrg)
if err != nil {
return nil, nil, err
}
idpQuery, err := query.NewIDPResourceOwnerSearchQuery(orgID)
if err != nil {
return nil, nil, err
}
idps, err := s.query.IDPs(ctx, &query.IDPSearchQueries{Queries: []query.SearchQuery{idpQuery, ownerType}}, false)
if err != nil {
return nil, nil, err
}
oidcIdps := make([]*v1_pb.DataOIDCIDP, 0)
jwtIdps := make([]*v1_pb.DataJWTIDP, 0)
for _, idp := range idps.IDPs {
if idp.OIDCIDP != nil {
clientSecret, err := s.query.GetOIDCIDPClientSecret(ctx, false, orgID, idp.ID, false)
if err != nil && !zerrors.IsNotFound(err) {
return nil, nil, err
}
oidcIdps = append(oidcIdps, &v1_pb.DataOIDCIDP{
IdpId: idp.ID,
Idp: &management_pb.AddOrgOIDCIDPRequest{
Name: idp.Name,
StylingType: idp_pb.IDPStylingType(idp.StylingType),
ClientId: idp.ClientID,
ClientSecret: clientSecret,
Issuer: idp.OIDCIDP.Issuer,
Scopes: idp.Scopes,
DisplayNameMapping: idp_pb.OIDCMappingField(idp.DisplayNameMapping),
UsernameMapping: idp_pb.OIDCMappingField(idp.UsernameMapping),
AutoRegister: idp.AutoRegister,
},
})
} else if idp.JWTIDP != nil {
jwtIdps = append(jwtIdps, &v1_pb.DataJWTIDP{
IdpId: idp.ID,
Idp: &management_pb.AddOrgJWTIDPRequest{
Name: idp.Name,
StylingType: idp_pb.IDPStylingType(idp.StylingType),
JwtEndpoint: idp.JWTIDP.Endpoint,
Issuer: idp.JWTIDP.Issuer,
KeysEndpoint: idp.KeysEndpoint,
HeaderName: idp.HeaderName,
AutoRegister: idp.AutoRegister,
},
})
}
}
return oidcIdps, jwtIdps, nil
}
func (s *Server) getLabelPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomLabelPolicyRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
queriedLabel, err := s.query.ActiveLabelPolicyByOrg(ctx, orgID, false)
if err != nil {
return nil, err
}
if !queriedLabel.IsDefault {
return &management_pb.AddCustomLabelPolicyRequest{
PrimaryColor: queriedLabel.Light.PrimaryColor,
HideLoginNameSuffix: queriedLabel.HideLoginNameSuffix,
WarnColor: queriedLabel.Light.WarnColor,
BackgroundColor: queriedLabel.Light.BackgroundColor,
FontColor: queriedLabel.Light.FontColor,
PrimaryColorDark: queriedLabel.Dark.PrimaryColor,
BackgroundColorDark: queriedLabel.Dark.BackgroundColor,
WarnColorDark: queriedLabel.Dark.WarnColor,
FontColorDark: queriedLabel.Dark.FontColor,
DisableWatermark: queriedLabel.WatermarkDisabled,
}, nil
}
return nil, nil
}
func (s *Server) getLoginPolicy(ctx context.Context, orgID string, orgIDPs []string) (_ *management_pb.AddCustomLoginPolicyRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
queriedLogin, err := s.query.LoginPolicyByID(ctx, false, orgID, false)
if err != nil {
return nil, err
}
if !queriedLogin.IsDefault {
pwCheck := durationpb.New(time.Duration(queriedLogin.PasswordCheckLifetime))
externalLogin := durationpb.New(time.Duration(queriedLogin.ExternalLoginCheckLifetime))
mfaInitSkip := durationpb.New(time.Duration(queriedLogin.MFAInitSkipLifetime))
secondFactor := durationpb.New(time.Duration(queriedLogin.SecondFactorCheckLifetime))
multiFactor := durationpb.New(time.Duration(queriedLogin.MultiFactorCheckLifetime))
secondFactors := []policy_pb.SecondFactorType{}
for _, factor := range queriedLogin.SecondFactors {
secondFactors = append(secondFactors, policy_pb.SecondFactorType(factor))
}
multiFactors := []policy_pb.MultiFactorType{}
for _, factor := range queriedLogin.MultiFactors {
multiFactors = append(multiFactors, policy_pb.MultiFactorType(factor))
}
idpLinksQuery, err := s.query.IDPLoginPolicyLinks(ctx, orgID, &query.IDPLoginPolicyLinksSearchQuery{}, false)
if err != nil {
return nil, err
}
idpLinks := make([]*management_pb.AddCustomLoginPolicyRequest_IDP, 0)
for _, idpLink := range idpLinksQuery.Links {
found := false
for _, orgIDP := range orgIDPs {
if orgIDP == idpLink.IDPID {
found = true
break
}
}
ownerType := idp_pb.IDPOwnerType_IDP_OWNER_TYPE_UNSPECIFIED
if found {
ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_ORG
} else {
ownerType = idp_pb.IDPOwnerType_IDP_OWNER_TYPE_SYSTEM
}
idpLinks = append(idpLinks, &management_pb.AddCustomLoginPolicyRequest_IDP{
IdpId: idpLink.IDPID,
OwnerType: ownerType,
})
}
return &management_pb.AddCustomLoginPolicyRequest{
AllowUsernamePassword: queriedLogin.AllowUsernamePassword,
AllowRegister: queriedLogin.AllowRegister,
AllowExternalIdp: queriedLogin.AllowExternalIDPs,
ForceMfa: queriedLogin.ForceMFA,
ForceMfaLocalOnly: queriedLogin.ForceMFALocalOnly,
PasswordlessType: policy_pb.PasswordlessType(queriedLogin.PasswordlessType),
HidePasswordReset: queriedLogin.HidePasswordReset,
IgnoreUnknownUsernames: queriedLogin.IgnoreUnknownUsernames,
DefaultRedirectUri: queriedLogin.DefaultRedirectURI,
PasswordCheckLifetime: pwCheck,
ExternalLoginCheckLifetime: externalLogin,
MfaInitSkipLifetime: mfaInitSkip,
SecondFactorCheckLifetime: secondFactor,
MultiFactorCheckLifetime: multiFactor,
SecondFactors: secondFactors,
MultiFactors: multiFactors,
Idps: idpLinks,
}, nil
}
return nil, nil
}
func (s *Server) getUserLinks(ctx context.Context, orgID string) (_ []*idp_pb.IDPUserLink, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
userLinksResourceOwner, err := query.NewIDPUserLinksResourceOwnerSearchQuery(orgID)
if err != nil {
return nil, err
}
idpUserLinks, err := s.query.IDPUserLinks(ctx, &query.IDPUserLinksSearchQuery{Queries: []query.SearchQuery{userLinksResourceOwner}}, false)
if err != nil {
return nil, err
}
userLinks := make([]*idp_pb.IDPUserLink, 0)
for _, idpUserLink := range idpUserLinks.Links {
userLinks = append(userLinks, &idp_pb.IDPUserLink{
UserId: idpUserLink.UserID,
IdpId: idpUserLink.IDPID,
IdpName: idpUserLink.IDPName,
ProvidedUserId: idpUserLink.ProvidedUserID,
ProvidedUserName: idpUserLink.ProvidedUsername,
IdpType: idp_pb.IDPType(idpUserLink.IDPType),
})
}
return userLinks, nil
}
func (s *Server) getLockoutPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomLockoutPolicyRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
queriedLockout, err := s.query.LockoutPolicyByOrg(ctx, false, orgID)
if err != nil {
return nil, err
}
if !queriedLockout.IsDefault {
return &management_pb.AddCustomLockoutPolicyRequest{
MaxPasswordAttempts: uint32(queriedLockout.MaxPasswordAttempts),
MaxOtpAttempts: uint32(queriedLockout.MaxOTPAttempts),
}, nil
}
return nil, nil
}
func (s *Server) getPasswordComplexityPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomPasswordComplexityPolicyRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
queriedPasswordComplexity, err := s.query.PasswordComplexityPolicyByOrg(ctx, false, orgID, false)
if err != nil {
return nil, err
}
if !queriedPasswordComplexity.IsDefault {
return &management_pb.AddCustomPasswordComplexityPolicyRequest{
MinLength: queriedPasswordComplexity.MinLength,
HasUppercase: queriedPasswordComplexity.HasUppercase,
HasLowercase: queriedPasswordComplexity.HasLowercase,
HasNumber: queriedPasswordComplexity.HasNumber,
HasSymbol: queriedPasswordComplexity.HasSymbol,
}, nil
}
return nil, nil
}
func (s *Server) getPrivacyPolicy(ctx context.Context, orgID string) (_ *management_pb.AddCustomPrivacyPolicyRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
queriedPrivacy, err := s.query.PrivacyPolicyByOrg(ctx, false, orgID, false)
if err != nil {
return nil, err
}
if !queriedPrivacy.IsDefault {
return &management_pb.AddCustomPrivacyPolicyRequest{
TosLink: queriedPrivacy.TOSLink,
PrivacyLink: queriedPrivacy.PrivacyLink,
HelpLink: queriedPrivacy.HelpLink,
SupportEmail: string(queriedPrivacy.SupportEmail),
DocsLink: queriedPrivacy.DocsLink,
CustomLink: queriedPrivacy.CustomLink,
CustomLinkText: queriedPrivacy.CustomLinkText,
}, nil
}
return nil, nil
}
func (s *Server) getUsers(ctx context.Context, org string, withPasswords bool, withOTP bool) (_ []*v1_pb.DataHumanUser, _ []*v1_pb.DataMachineUser, _ []*management_pb.SetUserMetadataRequest, _ []*v1_pb.DataMachineKey, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
orgSearch, err := query.NewUserResourceOwnerSearchQuery(org, query.TextEquals)
if err != nil {
return nil, nil, nil, nil, err
}
users, err := s.query.SearchUsers(ctx, &query.UserSearchQueries{Queries: []query.SearchQuery{orgSearch}}, nil)
if err != nil {
return nil, nil, nil, nil, err
}
humanUsers := make([]*v1_pb.DataHumanUser, 0)
machineUsers := make([]*v1_pb.DataMachineUser, 0)
userMetadata := make([]*management_pb.SetUserMetadataRequest, 0)
machineKeys := make([]*v1_pb.DataMachineKey, 0)
for _, user := range users.Users {
switch user.Type {
case domain.UserTypeHuman:
dataUser := &v1_pb.DataHumanUser{
UserId: user.ID,
User: &management_pb.ImportHumanUserRequest{
UserName: user.Username,
Profile: &management_pb.ImportHumanUserRequest_Profile{
FirstName: user.Human.FirstName,
LastName: user.Human.LastName,
NickName: user.Human.NickName,
DisplayName: user.Human.DisplayName,
PreferredLanguage: user.Human.PreferredLanguage.String(),
Gender: user_pb.Gender(user.Human.Gender),
},
},
}
if user.Human.Email != "" {
dataUser.User.Email = &management_pb.ImportHumanUserRequest_Email{
Email: string(user.Human.Email),
IsEmailVerified: user.Human.IsEmailVerified,
}
}
if user.Human.Phone != "" {
dataUser.User.Phone = &management_pb.ImportHumanUserRequest_Phone{
Phone: string(user.Human.Phone),
IsPhoneVerified: user.Human.IsPhoneVerified,
}
}
if withPasswords {
ctx, pwspan := tracing.NewSpan(ctx)
encodedHash, err := s.query.GetHumanPassword(ctx, org, user.ID)
pwspan.EndWithError(err)
if err != nil && !zerrors.IsNotFound(err) {
return nil, nil, nil, nil, err
}
if err == nil && encodedHash != "" {
dataUser.User.HashedPassword = &management_pb.ImportHumanUserRequest_HashedPassword{
Value: encodedHash,
}
}
}
if withOTP {
ctx, otpspan := tracing.NewSpan(ctx)
code, err := s.query.GetHumanOTPSecret(ctx, user.ID, org)
otpspan.EndWithError(err)
if err != nil && !zerrors.IsNotFound(err) {
return nil, nil, nil, nil, err
}
if err == nil && code != "" {
dataUser.User.OtpCode = code
}
}
humanUsers = append(humanUsers, dataUser)
case domain.UserTypeMachine:
machineUsers = append(machineUsers, &v1_pb.DataMachineUser{
UserId: user.ID,
User: &management_pb.AddMachineUserRequest{
UserName: user.Username,
Name: user.Machine.Name,
Description: user.Machine.Description,
},
})
userIDQuery, err := query.NewAuthNKeyAggregateIDQuery(user.ID)
if err != nil {
return nil, nil, nil, nil, err
}
orgIDQuery, err := query.NewAuthNKeyResourceOwnerQuery(org)
if err != nil {
return nil, nil, nil, nil, err
}
keys, err := s.query.SearchAuthNKeysData(ctx, &query.AuthNKeySearchQueries{Queries: []query.SearchQuery{userIDQuery, orgIDQuery}})
if err != nil {
return nil, nil, nil, nil, err
}
for _, key := range keys.AuthNKeysData {
machineKeys = append(machineKeys, &v1_pb.DataMachineKey{
KeyId: key.ID,
UserId: user.ID,
Type: authn_grpc.KeyTypeToPb(key.Type),
ExpirationDate: timestamppb.New(key.Expiration),
PublicKey: key.PublicKey,
})
}
}
ctx, metaspan := tracing.NewSpan(ctx)
metadataOrgSearch, err := query.NewUserMetadataResourceOwnerSearchQuery(org)
if err != nil {
return nil, nil, nil, nil, err
}
metadataList, err := s.query.SearchUserMetadata(ctx, false, user.ID, &query.UserMetadataSearchQueries{Queries: []query.SearchQuery{metadataOrgSearch}}, false)
metaspan.EndWithError(err)
if err != nil {
return nil, nil, nil, nil, err
}
for _, metadata := range metadataList.Metadata {
userMetadata = append(userMetadata, &management_pb.SetUserMetadataRequest{
Id: user.ID,
Key: metadata.Key,
Value: metadata.Value,
})
}
}
return humanUsers, machineUsers, userMetadata, machineKeys, nil
}
func (s *Server) getTriggerActions(ctx context.Context, org string, processedActions []string) (_ []*management_pb.SetTriggerActionsRequest, err error) {
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
flowTypes := []domain.FlowType{domain.FlowTypeExternalAuthentication, domain.FlowTypeInternalAuthentication}
triggerActions := make([]*management_pb.SetTriggerActionsRequest, 0)
for _, flowType := range flowTypes {
flow, err := s.query.GetFlow(ctx, flowType, org)
if err != nil {
return nil, err
}
for triggerType, triggerAction := range flow.TriggerActions {
actions := make([]string, 0)
for _, action := range triggerAction {
for _, actionID := range processedActions {
if action.ID == actionID {
actions = append(actions, action.ID)
}
}
}
triggerActions = append(triggerActions, &management_pb.SetTriggerActionsRequest{
FlowType: flowType.ID(),
TriggerType: triggerType.ID(),
ActionIds: actions,
})
}
}
return triggerActions, nil
}
func (s *Server) getActions(ctx context.Context, org string) ([]*v1_pb.DataAction, error) {
actionSearch, err := query.NewActionResourceOwnerQuery(org)
if err != nil {
return nil, err
}
queriedActions, err := s.query.SearchActions(ctx, &query.ActionSearchQueries{Queries: []query.SearchQuery{actionSearch}}, false)
if err != nil {
return nil, err
}
actions := make([]*v1_pb.DataAction, len(queriedActions.Actions))
for i, action := range queriedActions.Actions {
timeout := durationpb.New(action.Timeout())
actions[i] = &v1_pb.DataAction{
ActionId: action.ID,
Action: &management_pb.CreateActionRequest{
Name: action.Name,
Script: action.Script,
Timeout: timeout,
AllowedToFail: action.AllowedToFail,
},
}
}
return actions, nil
}
func (s *Server) getProjectsAndApps(ctx context.Context, org string) ([]*v1_pb.DataProject, []*management_pb.AddProjectRoleRequest, []*v1_pb.DataOIDCApplication, []*v1_pb.DataAPIApplication, []*v1_pb.DataAppKey, error) {
projectSearch, err := query.NewProjectResourceOwnerSearchQuery(org)
if err != nil {
return nil, nil, nil, nil, nil, err
}
queriedProjects, err := s.query.SearchProjects(ctx, &query.ProjectSearchQueries{Queries: []query.SearchQuery{projectSearch}})
if err != nil {
return nil, nil, nil, nil, nil, err
}
projects := make([]*v1_pb.DataProject, len(queriedProjects.Projects))
orgProjectRoles := make([]*management_pb.AddProjectRoleRequest, 0)
oidcApps := make([]*v1_pb.DataOIDCApplication, 0)
apiApps := make([]*v1_pb.DataAPIApplication, 0)
appKeys := make([]*v1_pb.DataAppKey, 0)
for i, queriedProject := range queriedProjects.Projects {
projects[i] = &v1_pb.DataProject{
ProjectId: queriedProject.ID,
Project: &management_pb.AddProjectRequest{
Name: queriedProject.Name,
ProjectRoleAssertion: queriedProject.ProjectRoleAssertion,
ProjectRoleCheck: queriedProject.ProjectRoleCheck,
HasProjectCheck: queriedProject.HasProjectCheck,
PrivateLabelingSetting: project_pb.PrivateLabelingSetting(queriedProject.PrivateLabelingSetting),
},
}
projectRoleSearch, err := query.NewProjectRoleProjectIDSearchQuery(queriedProject.ID)
if err != nil {
return nil, nil, nil, nil, nil, err
}
queriedProjectRoles, err := s.query.SearchProjectRoles(ctx, false, &query.ProjectRoleSearchQueries{Queries: []query.SearchQuery{projectRoleSearch}})
if err != nil {
return nil, nil, nil, nil, nil, err
}
for _, role := range queriedProjectRoles.ProjectRoles {
orgProjectRoles = append(orgProjectRoles, &management_pb.AddProjectRoleRequest{
ProjectId: role.ProjectID,
RoleKey: role.Key,
DisplayName: role.DisplayName,
Group: role.Group,
})
}
appSearch, err := query.NewAppProjectIDSearchQuery(queriedProject.ID)
if err != nil {
return nil, nil, nil, nil, nil, err
}
apps, err := s.query.SearchApps(ctx, &query.AppSearchQueries{Queries: []query.SearchQuery{appSearch}}, false)
if err != nil {
return nil, nil, nil, nil, nil, err
}
for _, app := range apps.Apps {
if app.OIDCConfig != nil {
responseTypes := make([]app_pb.OIDCResponseType, 0)
for _, ty := range app.OIDCConfig.ResponseTypes {
responseTypes = append(responseTypes, app_pb.OIDCResponseType(ty))
}
grantTypes := make([]app_pb.OIDCGrantType, 0)
for _, ty := range app.OIDCConfig.GrantTypes {
grantTypes = append(grantTypes, app_pb.OIDCGrantType(ty))
}
oidcApps = append(oidcApps, &v1_pb.DataOIDCApplication{
AppId: app.ID,
App: &management_pb.AddOIDCAppRequest{
ProjectId: app.ProjectID,
Name: app.Name,
RedirectUris: app.OIDCConfig.RedirectURIs,
ResponseTypes: responseTypes,
GrantTypes: grantTypes,
AppType: app_pb.OIDCAppType(app.OIDCConfig.AppType),
AuthMethodType: app_pb.OIDCAuthMethodType(app.OIDCConfig.AuthMethodType),
PostLogoutRedirectUris: app.OIDCConfig.PostLogoutRedirectURIs,
Version: app_pb.OIDCVersion(app.OIDCConfig.Version),
DevMode: app.OIDCConfig.IsDevMode,
AccessTokenType: app_pb.OIDCTokenType(app.OIDCConfig.AccessTokenType),
AccessTokenRoleAssertion: app.OIDCConfig.AssertAccessTokenRole,
IdTokenRoleAssertion: app.OIDCConfig.AssertIDTokenRole,
IdTokenUserinfoAssertion: app.OIDCConfig.AssertIDTokenUserinfo,
ClockSkew: durationpb.New(app.OIDCConfig.ClockSkew),
AdditionalOrigins: app.OIDCConfig.AdditionalOrigins,
SkipNativeAppSuccessPage: app.OIDCConfig.SkipNativeAppSuccessPage,
},
})
}
if app.APIConfig != nil {
apiApps = append(apiApps, &v1_pb.DataAPIApplication{
AppId: app.ID,
App: &management_pb.AddAPIAppRequest{
ProjectId: app.ProjectID,
Name: app.Name,
AuthMethodType: app_pb.APIAuthMethodType(app.APIConfig.AuthMethodType),
},
})
}
appIDQuery, err := query.NewAuthNKeyObjectIDQuery(app.ID)
if err != nil {
return nil, nil, nil, nil, nil, err
}
projectIDQuery, err := query.NewAuthNKeyAggregateIDQuery(app.ProjectID)
if err != nil {
return nil, nil, nil, nil, nil, err
}
orgIDQuery, err := query.NewAuthNKeyResourceOwnerQuery(org)
if err != nil {
return nil, nil, nil, nil, nil, err
}
keys, err := s.query.SearchAuthNKeysData(ctx, &query.AuthNKeySearchQueries{Queries: []query.SearchQuery{appIDQuery, projectIDQuery, orgIDQuery}})
if err != nil {
return nil, nil, nil, nil, nil, err
}
for _, key := range keys.AuthNKeysData {
appKeys = append(appKeys, &v1_pb.DataAppKey{
Id: key.ID,
ProjectId: app.ProjectID,
AppId: app.ID,
Type: authn_grpc.KeyTypeToPb(key.Type),
ExpirationDate: timestamppb.New(key.Expiration),
ClientId: key.Identifier,
PublicKey: key.PublicKey,
})
}
}
}
return projects, orgProjectRoles, oidcApps, apiApps, appKeys, nil
}
func (s *Server) getNecessaryProjectGrantMembersForOrg(ctx context.Context, org string, processedProjects []string, processedGrants []string, processedUsers []string) ([]*management_pb.AddProjectGrantMemberRequest, error) {
projectMembers := make([]*management_pb.AddProjectGrantMemberRequest, 0)
for _, projectID := range processedProjects {
for _, grantID := range processedGrants {
search, err := query.NewMemberResourceOwnerSearchQuery(org)
if err != nil {
return nil, err
}
queriedProjectMembers, err := s.query.ProjectGrantMembers(ctx, &query.ProjectGrantMembersQuery{ProjectID: projectID, OrgID: org, GrantID: grantID, MembersQuery: query.MembersQuery{Queries: []query.SearchQuery{search}}})
if err != nil {
return nil, err
}
for _, projectMember := range queriedProjectMembers.Members {
for _, userID := range processedUsers {
if userID == projectMember.UserID {
projectMembers = append(projectMembers, &management_pb.AddProjectGrantMemberRequest{
ProjectId: projectID,
UserId: userID,
GrantId: grantID,
Roles: projectMember.Roles,
})
break
}
}
}
}
}
return projectMembers, nil
}
func (s *Server) getNecessaryProjectMembersForOrg(ctx context.Context, processedProjects []string, processedUsers []string) ([]*management_pb.AddProjectMemberRequest, error) {
projectMembers := make([]*management_pb.AddProjectMemberRequest, 0)
for _, projectID := range processedProjects {
queriedProjectMembers, err := s.query.ProjectMembers(ctx, &query.ProjectMembersQuery{ProjectID: projectID})
if err != nil {
return nil, err
}
for _, projectMember := range queriedProjectMembers.Members {
for _, userID := range processedUsers {
if userID == projectMember.UserID {
projectMembers = append(projectMembers, &management_pb.AddProjectMemberRequest{
ProjectId: projectID,
UserId: userID,
Roles: projectMember.Roles,
})
break
}
}
}
}
return projectMembers, nil
}
func (s *Server) getNecessaryOrgMembersForOrg(ctx context.Context, org string, processedUsers []string) ([]*management_pb.AddOrgMemberRequest, error) {
queriedOrgMembers, err := s.query.OrgMembers(ctx, &query.OrgMembersQuery{OrgID: org})
if err != nil {
return nil, err
}
orgMembers := make([]*management_pb.AddOrgMemberRequest, 0, len(queriedOrgMembers.Members))
for _, orgMember := range queriedOrgMembers.Members {
for _, userID := range processedUsers {
if userID == orgMember.UserID {
orgMembers = append(orgMembers, &management_pb.AddOrgMemberRequest{
UserId: orgMember.UserID,
Roles: orgMember.Roles,
})
break
}
}
}
return orgMembers, nil
}
func (s *Server) getNecessaryProjectGrantsForOrg(ctx context.Context, org string, processedOrgs []string, processedProjects []string) ([]*v1_pb.DataProjectGrant, error) {
projectGrantSearchOrg, err := query.NewProjectGrantResourceOwnerSearchQuery(org)
if err != nil {
return nil, err
}
queriedProjectGrants, err := s.query.SearchProjectGrants(ctx, &query.ProjectGrantSearchQueries{Queries: []query.SearchQuery{projectGrantSearchOrg}})
if err != nil {
return nil, err
}
projectGrants := make([]*v1_pb.DataProjectGrant, 0, len(queriedProjectGrants.ProjectGrants))
for _, projectGrant := range queriedProjectGrants.ProjectGrants {
for _, projectID := range processedProjects {
if projectID == projectGrant.ProjectID {
foundOrg := false
for _, orgID := range processedOrgs {
if orgID == projectGrant.GrantedOrgID {
projectGrants = append(projectGrants, &v1_pb.DataProjectGrant{
GrantId: projectGrant.GrantID,
ProjectGrant: &management_pb.AddProjectGrantRequest{
ProjectId: projectGrant.ProjectID,
GrantedOrgId: projectGrant.GrantedOrgID,
RoleKeys: projectGrant.GrantedRoleKeys,
},
})
foundOrg = true
break
}
}
if foundOrg {
break
}
}
}
}
return projectGrants, nil
}
func (s *Server) getNecessaryUserGrantsForOrg(ctx context.Context, org string, processedProjects []string, processedGrants []string, processedUsers []string) ([]*management_pb.AddUserGrantRequest, error) {
userGrantSearchOrg, err := query.NewUserGrantResourceOwnerSearchQuery(org)
if err != nil {
return nil, err
}
queriedUserGrants, err := s.query.UserGrants(ctx, &query.UserGrantsQueries{Queries: []query.SearchQuery{userGrantSearchOrg}}, true)
if err != nil {
return nil, err
}
userGrants := make([]*management_pb.AddUserGrantRequest, 0, len(queriedUserGrants.UserGrants))
for _, userGrant := range queriedUserGrants.UserGrants {
for _, projectID := range processedProjects {
if projectID == userGrant.ProjectID {
//if usergrant is on a granted project
if userGrant.GrantID != "" {
for _, grantID := range processedGrants {
if grantID == userGrant.GrantID {
for _, userID := range processedUsers {
if userID == userGrant.UserID {
userGrants = append(userGrants, &management_pb.AddUserGrantRequest{
UserId: userGrant.UserID,
ProjectId: userGrant.ProjectID,
ProjectGrantId: userGrant.GrantID,
RoleKeys: userGrant.Roles,
})
}
}
}
}
} else {
for _, userID := range processedUsers {
if userID == userGrant.UserID {
userGrants = append(userGrants, &management_pb.AddUserGrantRequest{
UserId: userGrant.UserID,
ProjectId: userGrant.ProjectID,
ProjectGrantId: userGrant.GrantID,
RoleKeys: userGrant.Roles,
})
}
}
}
}
}
}
return userGrants, nil
}
func (s *Server) getCustomLoginTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomLoginTextsRequest, error) {
customTexts := make([]*management_pb.SetCustomLoginTextsRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.GetCustomLoginTexts(ctx, org, lang)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomLoginTextsRequest{
Language: lang,
SelectAccountText: text_grpc.SelectAccountScreenToPb(text.SelectAccount),
LoginText: text_grpc.LoginScreenTextToPb(text.Login),
PasswordText: text_grpc.PasswordScreenTextToPb(text.Password),
UsernameChangeText: text_grpc.UsernameChangeScreenTextToPb(text.UsernameChange),
UsernameChangeDoneText: text_grpc.UsernameChangeDoneScreenTextToPb(text.UsernameChangeDone),
InitPasswordText: text_grpc.InitPasswordScreenTextToPb(text.InitPassword),
InitPasswordDoneText: text_grpc.InitPasswordDoneScreenTextToPb(text.InitPasswordDone),
EmailVerificationText: text_grpc.EmailVerificationScreenTextToPb(text.EmailVerification),
EmailVerificationDoneText: text_grpc.EmailVerificationDoneScreenTextToPb(text.EmailVerificationDone),
InitializeUserText: text_grpc.InitializeUserScreenTextToPb(text.InitUser),
InitializeDoneText: text_grpc.InitializeUserDoneScreenTextToPb(text.InitUserDone),
InitMfaPromptText: text_grpc.InitMFAPromptScreenTextToPb(text.InitMFAPrompt),
InitMfaOtpText: text_grpc.InitMFAOTPScreenTextToPb(text.InitMFAOTP),
InitMfaU2FText: text_grpc.InitMFAU2FScreenTextToPb(text.InitMFAU2F),
InitMfaDoneText: text_grpc.InitMFADoneScreenTextToPb(text.InitMFADone),
MfaProvidersText: text_grpc.MFAProvidersTextToPb(text.MFAProvider),
VerifyMfaOtpText: text_grpc.VerifyMFAOTPScreenTextToPb(text.VerifyMFAOTP),
VerifyMfaU2FText: text_grpc.VerifyMFAU2FScreenTextToPb(text.VerifyMFAU2F),
PasswordlessText: text_grpc.PasswordlessScreenTextToPb(text.Passwordless),
PasswordlessPromptText: text_grpc.PasswordlessPromptScreenTextToPb(text.PasswordlessPrompt),
PasswordlessRegistrationText: text_grpc.PasswordlessRegistrationScreenTextToPb(text.PasswordlessRegistration),
PasswordlessRegistrationDoneText: text_grpc.PasswordlessRegistrationDoneScreenTextToPb(text.PasswordlessRegistrationDone),
PasswordChangeText: text_grpc.PasswordChangeScreenTextToPb(text.PasswordChange),
PasswordChangeDoneText: text_grpc.PasswordChangeDoneScreenTextToPb(text.PasswordChangeDone),
PasswordResetDoneText: text_grpc.PasswordResetDoneScreenTextToPb(text.PasswordResetDone),
RegistrationOptionText: text_grpc.RegistrationOptionScreenTextToPb(text.RegisterOption),
RegistrationUserText: text_grpc.RegistrationUserScreenTextToPb(text.RegistrationUser),
ExternalRegistrationUserOverviewText: text_grpc.ExternalRegistrationUserOverviewScreenTextToPb(text.ExternalRegistrationUserOverview),
RegistrationOrgText: text_grpc.RegistrationOrgScreenTextToPb(text.RegistrationOrg),
LinkingUserPromptText: text_grpc.LinkingUserPromptScreenTextToPb(text.LinkingUserPrompt),
LinkingUserDoneText: text_grpc.LinkingUserDoneScreenTextToPb(text.LinkingUsersDone),
ExternalUserNotFoundText: text_grpc.ExternalUserNotFoundScreenTextToPb(text.ExternalNotFound),
SuccessLoginText: text_grpc.SuccessLoginScreenTextToPb(text.LoginSuccess),
LogoutText: text_grpc.LogoutDoneScreenTextToPb(text.LogoutDone),
FooterText: text_grpc.FooterTextToPb(text.Footer),
})
}
}
return customTexts, nil
}
func (s *Server) getCustomInitMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomInitMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomInitMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.InitCodeMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomInitMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomPasswordResetMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomPasswordResetMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomPasswordResetMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.PasswordResetMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomPasswordResetMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomVerifyEmailMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifyEmailMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomVerifyEmailMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifyEmailMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomVerifyEmailMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomVerifyPhoneMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifyPhoneMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomVerifyPhoneMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifyPhoneMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomVerifyPhoneMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomVerifySMSOTPMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifySMSOTPMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomVerifySMSOTPMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifySMSOTPMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomVerifySMSOTPMessageTextRequest{
Language: lang,
Text: text.Text,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomVerifyEmailOTPMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomVerifyEmailOTPMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomVerifyEmailOTPMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.VerifyEmailOTPMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomVerifyEmailOTPMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomDomainClaimedMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomDomainClaimedMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomDomainClaimedMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.DomainClaimedMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomDomainClaimedMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}
func (s *Server) getCustomPasswordlessRegistrationMessageTexts(ctx context.Context, org string, languages []string) ([]*management_pb.SetCustomPasswordlessRegistrationMessageTextRequest, error) {
customTexts := make([]*management_pb.SetCustomPasswordlessRegistrationMessageTextRequest, 0, len(languages))
for _, lang := range languages {
text, err := s.query.CustomMessageTextByTypeAndLanguage(ctx, org, domain.DomainClaimedMessageType, lang, false)
if err != nil {
return nil, err
}
if !text.IsDefault {
customTexts = append(customTexts, &management_pb.SetCustomPasswordlessRegistrationMessageTextRequest{
Language: lang,
Title: text.Title,
PreHeader: text.PreHeader,
Subject: text.Subject,
Greeting: text.Greeting,
Text: text.Text,
ButtonText: text.ButtonText,
FooterText: text.Footer,
})
}
}
return customTexts, nil
}