mirror of
https://github.com/zitadel/zitadel.git
synced 2025-07-16 22:48:37 +00:00
9ebf2316c6
# Which Problems Are Solved The current maintained gRPC server in combination with a REST (grpc) gateway is getting harder and harder to maintain. Additionally, there have been and still are issues with supporting / displaying `oneOf`s correctly. We therefore decided to exchange the server implementation to connectRPC, which apart from supporting connect as protocol, also also "standard" gRCP clients as well as HTTP/1.1 / rest like clients, e.g. curl directly call the server without any additional gateway. # How the Problems Are Solved - All v2 services are moved to connectRPC implementation. (v1 services are still served as pure grpc servers) - All gRPC server interceptors were migrated / copied to a corresponding connectRPC interceptor. - API.ListGrpcServices and API. ListGrpcMethods were changed to include the connect services and endpoints. - gRPC server reflection was changed to a `StaticReflector` using the `ListGrpcServices` list. - The `grpc.Server` interfaces was split into different combinations to be able to handle the different cases (grpc server and prefixed gateway, connect server with grpc gateway, connect server only, ...) - Docs of services serving connectRPC only with no additional gateway (instance, webkey, project, app, org v2 beta) are changed to expose that - since the plugin is not yet available on buf, we download it using `postinstall` hook of the docs # Additional Changes - WebKey service is added as v2 service (in addition to the current v2beta) # Additional Context closes #9483 --------- Co-authored-by: Elio Bischof <elio@zitadel.com>
64 lines
1.9 KiB
Go
64 lines
1.9 KiB
Go
package user
|
|
|
|
import (
|
|
"context"
|
|
|
|
"connectrpc.com/connect"
|
|
"google.golang.org/protobuf/types/known/timestamppb"
|
|
|
|
"github.com/zitadel/zitadel/internal/command"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/eventstore/v1/models"
|
|
"github.com/zitadel/zitadel/pkg/grpc/user/v2"
|
|
)
|
|
|
|
func (s *Server) AddKey(ctx context.Context, req *connect.Request[user.AddKeyRequest]) (*connect.Response[user.AddKeyResponse], error) {
|
|
newMachineKey := &command.MachineKey{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.Msg.GetUserId(),
|
|
},
|
|
ExpirationDate: req.Msg.GetExpirationDate().AsTime(),
|
|
Type: domain.AuthNKeyTypeJSON,
|
|
PermissionCheck: s.command.NewPermissionCheckUserWrite(ctx),
|
|
}
|
|
newMachineKey.PublicKey = req.Msg.GetPublicKey()
|
|
|
|
pubkeySupplied := len(newMachineKey.PublicKey) > 0
|
|
details, err := s.command.AddUserMachineKey(ctx, newMachineKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
// Return key details only if the pubkey wasn't supplied, otherwise the user already has
|
|
// private key locally
|
|
var keyDetails []byte
|
|
if !pubkeySupplied {
|
|
var err error
|
|
keyDetails, err = newMachineKey.Detail()
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
return connect.NewResponse(&user.AddKeyResponse{
|
|
KeyId: newMachineKey.KeyID,
|
|
KeyContent: keyDetails,
|
|
CreationDate: timestamppb.New(details.EventDate),
|
|
}), nil
|
|
}
|
|
|
|
func (s *Server) RemoveKey(ctx context.Context, req *connect.Request[user.RemoveKeyRequest]) (*connect.Response[user.RemoveKeyResponse], error) {
|
|
machineKey := &command.MachineKey{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: req.Msg.GetUserId(),
|
|
},
|
|
PermissionCheck: s.command.NewPermissionCheckUserWrite(ctx),
|
|
KeyID: req.Msg.GetKeyId(),
|
|
}
|
|
objectDetails, err := s.command.RemoveUserMachineKey(ctx, machineKey)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return connect.NewResponse(&user.RemoveKeyResponse{
|
|
DeletionDate: timestamppb.New(objectDetails.EventDate),
|
|
}), nil
|
|
}
|