TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-02 14:22:21 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
next
zitadel/internal/query
History
Livio Spring 8d4f6082ca fix(authz): ignore unready auth methods for mfa requirement check (#11056) 
# Which Problems Are Solved

The recent
[fix](2a7db64881)
made sure the Zitadel API always requires MFA if a user has set up so
even though not required by the login policy. After the deployment,
multiple users reached out that also users without any MFA set up got
the corresponding `[permission_denied] mfa required (AUTHZ-KI3p0)`error.

# How the Problems Are Solved

- Only check the set up factors with are verified and ready to use.
Ignore all unready auth methods.

# Additional Changes

None

# Additional Context

- relates to
2a7db64881
- closes https://github.com/zitadel/zitadel/issues/11055
- requires backport to v2.71.x, v3.x and v4.x

(cherry picked from commit e4a959c321)
2025-11-11 10:33:18 +01:00
..
projection
chore(removing dead code): removing LabelPolicyAssetsRemovedEventType event is never made (#10742)
2025-09-30 07:11:26 +02:00
testdata
feat: saml application configuration for login version (#9351)
2025-02-13 16:03:05 +00:00
access_token.go
fix(eventstore): use decimal, correct mirror (#9914)
2025-05-28 21:54:18 +00:00
action_flow_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
action_flow.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
action_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
action.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
administrators.go
feat(api): move internal permission service to GA (and deprecate v2beta) (#10898)
2025-10-27 08:55:55 +01:00
app_oidc_project_permission.sql
feat: permission check on OIDC and SAML service session API (#9304)
2025-02-11 18:45:09 +00:00
app_saml_project_permission.sql
feat: permission check on OIDC and SAML service session API (#9304)
2025-02-11 18:45:09 +00:00
app_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
app.go
feat: App API v2 (#10077)
2025-06-27 17:25:44 +02:00
auth_request_by_id.sql
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
auth_request_test.go
chore: update dependencies (#9784)
2025-05-19 10:16:49 +00:00
auth_request.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
authn_key_test.go
feat: App Keys API v2 (#10140)
2025-07-02 07:34:19 +00:00
authn_key_user.sql
Merge commit from fork
2025-03-31 12:45:11 +02:00
authn_key.go
fix(api): fix for ListAppKeys() not returning app keys (#10465)
2025-08-15 15:20:40 +02:00
cache.go
refactor(handler): cache active instances (#9008)
2024-12-06 11:32:53 +00:00
certificate_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
certificate.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
converter.go
current_state_test.go
fix(eventstore): use decimal, correct mirror (#9914)
2025-05-28 21:54:18 +00:00
current_state.go
fix(projections): overhaul the event projection system (#10560)
2025-09-15 09:41:49 +02:00
custom_text_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
custom_text.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
debug_events_state_by_id.sql
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
debug_events_states.sql
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
debug_events.go
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
device_auth_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
device_auth.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
domain_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
domain_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
event.go
execution_targets.sql
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
execution_test.go
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
execution.go
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
failed_events_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
failed_events.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
generic.go
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
hosted_login_translation_test.go
feat: Hosted login translation API (#10011)
2025-06-18 13:24:39 +02:00
hosted_login_translation.go
feat: Hosted login translation API (#10011)
2025-06-18 13:24:39 +02:00
iam_member_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
iam_member.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
idp_login_policy_link_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
idp_login_policy_link.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
idp_template_test.go
feat(saml): add SignatureMethod config for SAML IDP (#10520)
2025-08-28 09:22:59 +02:00
idp_template.go
feat(saml): add SignatureMethod config for SAML IDP (#10520)
2025-08-28 09:22:59 +02:00
idp_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
idp_user_link_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
idp_user_link.go
fix(idp): make external id check case insensitive (#10460)
2025-08-15 14:45:40 +02:00
idp.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
instance_by_domain.sql
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
instance_by_id.sql
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
instance_domain_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
instance_domain.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
instance_features_model.go
fix: remove legacy events (#10464)
2025-08-21 09:24:03 +02:00
instance_features_test.go
chore(oidc): remove feature flag for introspection triggers (#10132)
2025-06-30 05:48:04 +00:00
instance_features.go
fix: remove legacy events (#10464)
2025-08-21 09:24:03 +02:00
instance_test.go
feat: instance requests implementation for resource API (#9830)
2025-05-21 10:50:44 +02:00
instance_trusted_domain_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
instance_trusted_domain.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
instance.go
fix: sanitize host headers before use
2025-10-29 10:07:05 +01:00
instanceindex_enumer.go
perf(cache): pgx pool connector (#8703)
2024-10-04 13:15:41 +00:00
introspection_client_by_id.sql
perf(oidc): introspection endpoint query optimization (#10392)
2025-08-21 09:25:25 +02:00
introspection_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
introspection.go
chore(oidc): remove feature flag for introspection triggers (#10132)
2025-06-30 05:48:04 +00:00
key.go
chore(oidc): graduate webkey to stable (#10122)
2025-06-26 19:17:45 +03:00
label_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
lockout_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
lockout_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
login_name.go
login_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
login_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
mail_template.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
member_roles.go
member.go
feat: user profile requests in resource APIs (#10151)
2025-07-04 18:12:59 +02:00
message_text_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
message_text.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
milestone_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
milestone.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
notification_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
notification_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
notification_provider_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
notification_provider.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
oidc_client_by_id.sql
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
oidc_client_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
oidc_client.go
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
oidc_settings_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
oidc_settings.go
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
org_domain_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
org_domain.go
fix(actions v1): return org metadata again (#11040)
2025-11-05 15:44:46 +00:00
org_member_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
org_member.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
org_metadata_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
org_metadata.go
fix(actions v1): return org metadata again (#11040)
2025-11-05 15:44:46 +00:00
org_test.go
fix(cache): prevent org cache overwrite by other instances (#10012)
2025-06-03 14:48:15 +02:00
org.go
fix: query organization directly from event store (#10463)
2025-08-12 11:47:00 +02:00
orgindex_enumer.go
feat(cache): organization (#8903)
2024-11-21 08:05:03 +02:00
password_age_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
password_age_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
password_complexity_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
password_complexity_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
permission_example_test.go
feat(permissions): project member permission filter (#9757)
2025-04-22 08:42:59 +00:00
permission_test.go
feat(permissions): project member permission filter (#9757)
2025-04-22 08:42:59 +00:00
permission.go
feat(permissions): project member permission filter (#9757)
2025-04-22 08:42:59 +00:00
prepare_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
privacy_policy_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
privacy_policy.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
project_grant_member_test.go
feat: user profile requests in resource APIs (#10151)
2025-07-04 18:12:59 +02:00
project_grant_member.go
feat: user profile requests in resource APIs (#10151)
2025-07-04 18:12:59 +02:00
project_grant_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
project_grant.go
fix: project grant permissions v2 remove (#10337)
2025-07-29 18:17:16 +02:00
project_member_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
project_member.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
project_role_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
project_role.go
fix: correct permissions for projects on v2 api (#9973)
2025-06-04 11:46:10 +00:00
project_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
project.go
fix: project grant permissions v2 remove (#10337)
2025-07-29 18:17:16 +02:00
query_test.go
query.go
feat: http provider signing key addition (#10641)
2025-09-15 08:26:41 +02:00
quota_notifications_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
quota_notifications.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
quota_periods_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
quota_periods.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
quota_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
quota.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
resource_counts_list.sql
feat(projections): resource counters (#9979)
2025-06-03 14:15:30 +00:00
resource_counts_test.go
feat(projections): resource counters (#9979)
2025-06-03 14:15:30 +00:00
resource_counts.go
feat(projections): resource counters (#9979)
2025-06-03 14:15:30 +00:00
restrictions_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
restrictions.go
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
saml_request_by_id.sql
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
saml_request_test.go
chore: update dependencies (#9784)
2025-05-19 10:16:49 +00:00
saml_request.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
saml_sp_by_id.sql
feat: saml application configuration for login version (#9351)
2025-02-13 16:03:05 +00:00
saml_sp_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
saml_sp.go
feat: saml application configuration for login version (#9351)
2025-02-13 16:03:05 +00:00
search_query_test.go
fix: use hash to compare user metadata value (#10749)
2025-09-18 12:11:46 +02:00
search_query.go
fix(query): distinct count in user list (#10840)
2025-10-16 08:05:18 +02:00
secret_generator_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
secret_generators.go
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
security_policy.go
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
session.go
fix(sessions): add an expiration date filter to list sessions api (#10384)
2025-08-08 09:53:51 +02:00
sessions_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
sms_test.go
feat: http provider signing key addition (#10641)
2025-09-15 08:26:41 +02:00
sms.go
feat: http provider signing key addition (#10641)
2025-09-15 08:26:41 +02:00
smtp_test.go
feat: http provider signing key addition (#10641)
2025-09-15 08:26:41 +02:00
smtp.go
feat: http provider signing key addition (#10641)
2025-09-15 08:26:41 +02:00
system_features_model.go
fix: remove legacy events (#10464)
2025-08-21 09:24:03 +02:00
system_features_test.go
chore(oidc): remove feature flag for introspection triggers (#10132)
2025-06-30 05:48:04 +00:00
system_features.go
fix: remove legacy events (#10464)
2025-08-21 09:24:03 +02:00
target_test.go
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
target.go
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
user_auth_method_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
user_auth_method_types_required.sql
fix(authz): ignore unready auth methods for mfa requirement check (#11056)
2025-11-11 10:33:18 +01:00
user_auth_method.go
fix: check for 2fa even if not enforced
2025-10-29 10:14:15 +01:00
user_by_id.sql
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
user_by_login_name.sql
fix: correctly use single matching user (by loginname) (#9865)
2025-05-08 07:32:41 +00:00
user_claimed_user_ids.sql
perf: improve org and org domain creation (#10232)
2025-07-10 15:17:49 +00:00
user_grant_test.go
feat(api): move authorization service to v2 (#10914)
2025-10-28 15:09:54 +01:00
user_grant.go
feat(api): move authorization service to v2 (#10914)
2025-10-28 15:09:54 +01:00
user_membership_test.go
feat: user profile requests in resource APIs (#10151)
2025-07-04 18:12:59 +02:00
user_membership.go
feat(api): move internal permission service to GA (and deprecate v2beta) (#10898)
2025-10-27 08:55:55 +01:00
user_metadata_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
user_metadata.go
chore: move converter methods users v2 to separate converter package + add tests (#10567)
2025-08-28 09:23:04 +02:00
user_notify_by_id.sql
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
user_notify_by_login_name.sql
fix: correctly use single matching user (by loginname) (#9865)
2025-05-08 07:32:41 +00:00
user_otp.go
user_password.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
user_personal_access_token_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
user_personal_access_token.go
perf(query): reduce user query duration (#10037)
2025-06-06 08:48:29 +00:00
user_schema_test.go
feat: add schema user create and remove (#8494)
2024-08-28 19:46:45 +00:00
user_schema.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
user_test.go
fix(query): distinct count in user list (#10840)
2025-10-16 08:05:18 +02:00
user.go
fix(query): distinct count in user list (#10840)
2025-10-16 08:05:18 +02:00
userinfo_by_id.sql
feat(users/v2): return prompt information (#9255)
2025-01-29 15:12:31 +00:00
userinfo_client_by_id.sql
userinfo_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
userinfo.go
chore(oidc): remove feature flag for introspection triggers (#10132)
2025-06-30 05:48:04 +00:00
v2-default.json
fix: Registration Form Legal Checkbox Logic (#10597)
2025-09-15 08:30:09 +02:00
web_key_by_state.sql
fix(webkeys): remove include private key from projection index (#8436)
2024-08-16 11:41:09 +00:00
web_key_list.sql
fix(webkeys): remove include private key from projection index (#8436)
2024-08-16 11:41:09 +00:00
web_key_model.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
web_key_public_keys.sql
fix(webkeys): remove include private key from projection index (#8436)
2024-08-16 11:41:09 +00:00
web_key_test.go
chore!: Introduce ZITADEL v3 (#9645)
2025-04-02 16:53:06 +02:00
web_key.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
zitadel_permission.go