mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-13 11:34:26 +00:00
74688394d8
* docs: add scope to request private labeling * feat: add enum to project * fix: remove unused code, add private labeling setting to query side * fix: set private labeling depending on setting * fix: private labeling depending on project setting * Update proto/zitadel/management.proto Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: rename sql file * fix: private labeling setting Co-authored-by: Livio Amstutz <livio.a@gmail.com>
302 lines
10 KiB
Go
302 lines
10 KiB
Go
package project
|
|
|
|
import (
|
|
"google.golang.org/protobuf/types/known/durationpb"
|
|
|
|
object_grpc "github.com/caos/zitadel/internal/api/grpc/object"
|
|
"github.com/caos/zitadel/internal/domain"
|
|
"github.com/caos/zitadel/internal/errors"
|
|
proj_model "github.com/caos/zitadel/internal/project/model"
|
|
app_pb "github.com/caos/zitadel/pkg/grpc/app"
|
|
message_pb "github.com/caos/zitadel/pkg/grpc/message"
|
|
)
|
|
|
|
func AppsToPb(apps []*proj_model.ApplicationView) []*app_pb.App {
|
|
a := make([]*app_pb.App, len(apps))
|
|
for i, app := range apps {
|
|
a[i] = AppToPb(app)
|
|
}
|
|
return a
|
|
}
|
|
|
|
func AppToPb(app *proj_model.ApplicationView) *app_pb.App {
|
|
return &app_pb.App{
|
|
Id: app.ID,
|
|
Details: object_grpc.ToViewDetailsPb(app.Sequence, app.CreationDate, app.ChangeDate, app.ResourceOwner),
|
|
State: AppStateToPb(app.State),
|
|
Name: app.Name,
|
|
Config: AppConfigToPb(app),
|
|
}
|
|
}
|
|
|
|
func AppConfigToPb(app *proj_model.ApplicationView) app_pb.AppConfig {
|
|
if app.IsOIDC {
|
|
return AppOIDCConfigToPb(app)
|
|
}
|
|
return AppAPIConfigToPb(app)
|
|
}
|
|
|
|
func AppOIDCConfigToPb(app *proj_model.ApplicationView) *app_pb.App_OidcConfig {
|
|
return &app_pb.App_OidcConfig{
|
|
OidcConfig: &app_pb.OIDCConfig{
|
|
RedirectUris: app.OIDCRedirectUris,
|
|
ResponseTypes: OIDCResponseTypesFromModel(app.OIDCResponseTypes),
|
|
GrantTypes: OIDCGrantTypesFromModel(app.OIDCGrantTypes),
|
|
AppType: OIDCApplicationTypeToPb(domain.OIDCApplicationType(app.OIDCApplicationType)),
|
|
ClientId: app.OIDCClientID,
|
|
AuthMethodType: OIDCAuthMethodTypeToPb(domain.OIDCAuthMethodType(app.OIDCAuthMethodType)),
|
|
PostLogoutRedirectUris: app.OIDCPostLogoutRedirectUris,
|
|
Version: OIDCVersionToPb(domain.OIDCVersion(app.OIDCVersion)),
|
|
NoneCompliant: app.NoneCompliant,
|
|
ComplianceProblems: ComplianceProblemsToLocalizedMessages(app.ComplianceProblems),
|
|
DevMode: app.DevMode,
|
|
AccessTokenType: oidcTokenTypeToPb(domain.OIDCTokenType(app.AccessTokenType)),
|
|
AccessTokenRoleAssertion: app.AccessTokenRoleAssertion,
|
|
IdTokenRoleAssertion: app.IDTokenRoleAssertion,
|
|
IdTokenUserinfoAssertion: app.IDTokenUserinfoAssertion,
|
|
ClockSkew: durationpb.New(app.ClockSkew),
|
|
AdditionalOrigins: app.AdditionalOrigins,
|
|
AllowedOrigins: app.OriginAllowList,
|
|
},
|
|
}
|
|
}
|
|
|
|
func AppAPIConfigToPb(app *proj_model.ApplicationView) app_pb.AppConfig {
|
|
return &app_pb.App_ApiConfig{
|
|
ApiConfig: &app_pb.APIConfig{
|
|
ClientId: app.OIDCClientID,
|
|
ClientSecret: "", //TODO: remove from proto
|
|
AuthMethodType: APIAuthMethodeTypeToPb(domain.APIAuthMethodType(app.OIDCAuthMethodType)),
|
|
},
|
|
}
|
|
}
|
|
|
|
func AppStateToPb(state proj_model.AppState) app_pb.AppState {
|
|
switch state {
|
|
case proj_model.AppStateActive:
|
|
return app_pb.AppState_APP_STATE_ACTIVE
|
|
case proj_model.AppStateInactive:
|
|
return app_pb.AppState_APP_STATE_INACTIVE
|
|
default:
|
|
return app_pb.AppState_APP_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func OIDCResponseTypesFromModel(responseTypes []proj_model.OIDCResponseType) []app_pb.OIDCResponseType {
|
|
oidcResponseTypes := make([]app_pb.OIDCResponseType, len(responseTypes))
|
|
for i, responseType := range responseTypes {
|
|
switch responseType {
|
|
case proj_model.OIDCResponseTypeCode:
|
|
oidcResponseTypes[i] = app_pb.OIDCResponseType_OIDC_RESPONSE_TYPE_CODE
|
|
case proj_model.OIDCResponseTypeIDToken:
|
|
oidcResponseTypes[i] = app_pb.OIDCResponseType_OIDC_RESPONSE_TYPE_ID_TOKEN
|
|
case proj_model.OIDCResponseTypeIDTokenToken:
|
|
oidcResponseTypes[i] = app_pb.OIDCResponseType_OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN
|
|
}
|
|
}
|
|
return oidcResponseTypes
|
|
}
|
|
|
|
func OIDCResponseTypesToDomain(responseTypes []app_pb.OIDCResponseType) []domain.OIDCResponseType {
|
|
if responseTypes == nil || len(responseTypes) == 0 {
|
|
return []domain.OIDCResponseType{domain.OIDCResponseTypeCode}
|
|
}
|
|
oidcResponseTypes := make([]domain.OIDCResponseType, len(responseTypes))
|
|
for i, responseType := range responseTypes {
|
|
switch responseType {
|
|
case app_pb.OIDCResponseType_OIDC_RESPONSE_TYPE_CODE:
|
|
oidcResponseTypes[i] = domain.OIDCResponseTypeCode
|
|
case app_pb.OIDCResponseType_OIDC_RESPONSE_TYPE_ID_TOKEN:
|
|
oidcResponseTypes[i] = domain.OIDCResponseTypeIDToken
|
|
case app_pb.OIDCResponseType_OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN:
|
|
oidcResponseTypes[i] = domain.OIDCResponseTypeIDTokenToken
|
|
}
|
|
}
|
|
return oidcResponseTypes
|
|
}
|
|
|
|
func OIDCGrantTypesFromModel(grantTypes []proj_model.OIDCGrantType) []app_pb.OIDCGrantType {
|
|
oidcGrantTypes := make([]app_pb.OIDCGrantType, len(grantTypes))
|
|
for i, grantType := range grantTypes {
|
|
switch grantType {
|
|
case proj_model.OIDCGrantTypeAuthorizationCode:
|
|
oidcGrantTypes[i] = app_pb.OIDCGrantType_OIDC_GRANT_TYPE_AUTHORIZATION_CODE
|
|
case proj_model.OIDCGrantTypeImplicit:
|
|
oidcGrantTypes[i] = app_pb.OIDCGrantType_OIDC_GRANT_TYPE_IMPLICIT
|
|
case proj_model.OIDCGrantTypeRefreshToken:
|
|
oidcGrantTypes[i] = app_pb.OIDCGrantType_OIDC_GRANT_TYPE_REFRESH_TOKEN
|
|
}
|
|
}
|
|
return oidcGrantTypes
|
|
}
|
|
|
|
func OIDCGrantTypesToDomain(grantTypes []app_pb.OIDCGrantType) []domain.OIDCGrantType {
|
|
if grantTypes == nil || len(grantTypes) == 0 {
|
|
return []domain.OIDCGrantType{domain.OIDCGrantTypeAuthorizationCode}
|
|
}
|
|
oidcGrantTypes := make([]domain.OIDCGrantType, len(grantTypes))
|
|
for i, grantType := range grantTypes {
|
|
switch grantType {
|
|
case app_pb.OIDCGrantType_OIDC_GRANT_TYPE_AUTHORIZATION_CODE:
|
|
oidcGrantTypes[i] = domain.OIDCGrantTypeAuthorizationCode
|
|
case app_pb.OIDCGrantType_OIDC_GRANT_TYPE_IMPLICIT:
|
|
oidcGrantTypes[i] = domain.OIDCGrantTypeImplicit
|
|
case app_pb.OIDCGrantType_OIDC_GRANT_TYPE_REFRESH_TOKEN:
|
|
oidcGrantTypes[i] = domain.OIDCGrantTypeRefreshToken
|
|
}
|
|
}
|
|
return oidcGrantTypes
|
|
}
|
|
|
|
func OIDCApplicationTypeToPb(appType domain.OIDCApplicationType) app_pb.OIDCAppType {
|
|
switch appType {
|
|
case domain.OIDCApplicationTypeWeb:
|
|
return app_pb.OIDCAppType_OIDC_APP_TYPE_WEB
|
|
case domain.OIDCApplicationTypeUserAgent:
|
|
return app_pb.OIDCAppType_OIDC_APP_TYPE_USER_AGENT
|
|
case domain.OIDCApplicationTypeNative:
|
|
return app_pb.OIDCAppType_OIDC_APP_TYPE_NATIVE
|
|
default:
|
|
return app_pb.OIDCAppType_OIDC_APP_TYPE_WEB
|
|
}
|
|
}
|
|
|
|
func OIDCApplicationTypeToDomain(appType app_pb.OIDCAppType) domain.OIDCApplicationType {
|
|
switch appType {
|
|
case app_pb.OIDCAppType_OIDC_APP_TYPE_WEB:
|
|
return domain.OIDCApplicationTypeWeb
|
|
case app_pb.OIDCAppType_OIDC_APP_TYPE_USER_AGENT:
|
|
return domain.OIDCApplicationTypeUserAgent
|
|
case app_pb.OIDCAppType_OIDC_APP_TYPE_NATIVE:
|
|
return domain.OIDCApplicationTypeNative
|
|
}
|
|
return domain.OIDCApplicationTypeWeb
|
|
}
|
|
|
|
func OIDCAuthMethodTypeToPb(authType domain.OIDCAuthMethodType) app_pb.OIDCAuthMethodType {
|
|
switch authType {
|
|
case domain.OIDCAuthMethodTypeBasic:
|
|
return app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_BASIC
|
|
case domain.OIDCAuthMethodTypePost:
|
|
return app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_POST
|
|
case domain.OIDCAuthMethodTypeNone:
|
|
return app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_NONE
|
|
case domain.OIDCAuthMethodTypePrivateKeyJWT:
|
|
return app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
|
|
default:
|
|
return app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_BASIC
|
|
}
|
|
}
|
|
|
|
func OIDCAuthMethodTypeToDomain(authType app_pb.OIDCAuthMethodType) domain.OIDCAuthMethodType {
|
|
switch authType {
|
|
case app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_BASIC:
|
|
return domain.OIDCAuthMethodTypeBasic
|
|
case app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_POST:
|
|
return domain.OIDCAuthMethodTypePost
|
|
case app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_NONE:
|
|
return domain.OIDCAuthMethodTypeNone
|
|
case app_pb.OIDCAuthMethodType_OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT:
|
|
return domain.OIDCAuthMethodTypePrivateKeyJWT
|
|
default:
|
|
return domain.OIDCAuthMethodTypeBasic
|
|
}
|
|
}
|
|
|
|
func OIDCVersionToPb(version domain.OIDCVersion) app_pb.OIDCVersion {
|
|
switch version {
|
|
case domain.OIDCVersionV1:
|
|
return app_pb.OIDCVersion_OIDC_VERSION_1_0
|
|
}
|
|
return app_pb.OIDCVersion_OIDC_VERSION_1_0
|
|
}
|
|
|
|
func OIDCVersionToDomain(version app_pb.OIDCVersion) domain.OIDCVersion {
|
|
switch version {
|
|
case app_pb.OIDCVersion_OIDC_VERSION_1_0:
|
|
return domain.OIDCVersionV1
|
|
}
|
|
return domain.OIDCVersionV1
|
|
}
|
|
|
|
func oidcTokenTypeToPb(tokenType domain.OIDCTokenType) app_pb.OIDCTokenType {
|
|
switch tokenType {
|
|
case domain.OIDCTokenTypeBearer:
|
|
return app_pb.OIDCTokenType_OIDC_TOKEN_TYPE_BEARER
|
|
case domain.OIDCTokenTypeJWT:
|
|
return app_pb.OIDCTokenType_OIDC_TOKEN_TYPE_JWT
|
|
default:
|
|
return app_pb.OIDCTokenType_OIDC_TOKEN_TYPE_BEARER
|
|
}
|
|
}
|
|
|
|
func OIDCTokenTypeToDomain(tokenType app_pb.OIDCTokenType) domain.OIDCTokenType {
|
|
switch tokenType {
|
|
case app_pb.OIDCTokenType_OIDC_TOKEN_TYPE_BEARER:
|
|
return domain.OIDCTokenTypeBearer
|
|
case app_pb.OIDCTokenType_OIDC_TOKEN_TYPE_JWT:
|
|
return domain.OIDCTokenTypeJWT
|
|
default:
|
|
return domain.OIDCTokenTypeBearer
|
|
}
|
|
}
|
|
|
|
func ComplianceProblemsToLocalizedMessages(problems []string) []*message_pb.LocalizedMessage {
|
|
converted := make([]*message_pb.LocalizedMessage, len(problems))
|
|
for i, p := range problems {
|
|
converted[i] = message_pb.NewLocalizedMessage(p)
|
|
}
|
|
return converted
|
|
|
|
}
|
|
|
|
func APIAuthMethodeTypeToPb(methodType domain.APIAuthMethodType) app_pb.APIAuthMethodType {
|
|
switch methodType {
|
|
case domain.APIAuthMethodTypeBasic:
|
|
return app_pb.APIAuthMethodType_API_AUTH_METHOD_TYPE_BASIC
|
|
case domain.APIAuthMethodTypePrivateKeyJWT:
|
|
return app_pb.APIAuthMethodType_API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT
|
|
default:
|
|
return app_pb.APIAuthMethodType_API_AUTH_METHOD_TYPE_BASIC
|
|
}
|
|
}
|
|
|
|
func APIAuthMethodTypeToDomain(authType app_pb.APIAuthMethodType) domain.APIAuthMethodType {
|
|
switch authType {
|
|
case app_pb.APIAuthMethodType_API_AUTH_METHOD_TYPE_BASIC:
|
|
return domain.APIAuthMethodTypeBasic
|
|
case app_pb.APIAuthMethodType_API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT:
|
|
return domain.APIAuthMethodTypePrivateKeyJWT
|
|
default:
|
|
return domain.APIAuthMethodTypeBasic
|
|
}
|
|
}
|
|
|
|
func AppQueriesToModel(queries []*app_pb.AppQuery) (_ []*proj_model.ApplicationSearchQuery, err error) {
|
|
q := make([]*proj_model.ApplicationSearchQuery, len(queries))
|
|
for i, query := range queries {
|
|
q[i], err = AppQueryToModel(query)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
}
|
|
return q, nil
|
|
}
|
|
|
|
func AppQueryToModel(query *app_pb.AppQuery) (*proj_model.ApplicationSearchQuery, error) {
|
|
switch q := query.Query.(type) {
|
|
case *app_pb.AppQuery_NameQuery:
|
|
return AppQueryNameToModel(q.NameQuery), nil
|
|
default:
|
|
return nil, errors.ThrowInvalidArgument(nil, "APP-Add46", "List.Query.Invalid")
|
|
}
|
|
}
|
|
|
|
func AppQueryNameToModel(query *app_pb.AppNameQuery) *proj_model.ApplicationSearchQuery {
|
|
return &proj_model.ApplicationSearchQuery{
|
|
Key: proj_model.AppSearchKeyName,
|
|
Method: object_grpc.TextMethodToModel(query.Method),
|
|
Value: query.Name,
|
|
}
|
|
}
|