TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-01-07 07:28:57 +00:00
Code Issues Packages Projects Releases Wiki Activity
zitadel/internal/query
History
Stefan Benz 7caa43ab23
feat: action v2 signing (#8779) 
# Which Problems Are Solved

The action v2 messages were didn't contain anything providing security
for the sent content.

# How the Problems Are Solved

Each Target now has a SigningKey, which can also be newly generated
through the API and returned at creation and through the Get-Endpoints.
There is now a HTTP header "Zitadel-Signature", which is generated with
the SigningKey and Payload, and also contains a timestamp to check with
a tolerance if the message took to long to sent.

# Additional Changes

The functionality to create and check the signature is provided in the
pkg/actions package, and can be reused in the SDK.

# Additional Context

Closes #7924

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-11-28 10:06:52 +00:00
..
projection
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
testdata
feat(6222): remove @ and project from OIDC client ID (#8178)
2024-07-04 08:31:40 +00:00
access_token.go
perf(oidc): nest position clause for session terminated query (#8738)
2024-10-07 12:49:55 +00:00
action_flow_test.go
fix(actions): preserve order of execution (#8895)
2024-11-14 14:04:39 +00:00
action_flow.go
fix(actions): preserve order of execution (#8895)
2024-11-14 14:04:39 +00:00
action_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
action.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
app_test.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
app.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
auth_request_by_id.sql
feat(oidc): optimize the userinfo endpoint (#7706)
2024-04-09 15:15:35 +02:00
auth_request_test.go
chore: use pgx v5 (#7577)
2024-03-27 15:48:22 +02:00
auth_request.go
feat(oidc): optimize the userinfo endpoint (#7706)
2024-04-09 15:15:35 +02:00
authn_key_test.go
perf(oidc): remove get user by ID from jwt profile grant (#8580)
2024-09-11 12:04:09 +03:00
authn_key_user.sql
perf(oidc): remove get user by ID from jwt profile grant (#8580)
2024-09-11 12:04:09 +03:00
authn_key.go
perf(oidc): remove get user by ID from jwt profile grant (#8580)
2024-09-11 12:04:09 +03:00
cache.go
feat(cache): organization (#8903)
2024-11-21 08:05:03 +02:00
certificate_test.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
certificate.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
converter.go
feat(api): feature flags (#7356)
2024-02-28 10:55:54 +02:00
current_state_test.go
fix(eventstore): revert precise decimal (#8527) (#8679)
2024-09-24 18:43:29 +02:00
current_state.go
fix(eventstore): revert precise decimal (#8527) (#8679)
2024-09-24 18:43:29 +02:00
custom_text_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
custom_text.go
fix: automatically link user without prompt (#8487)
2024-08-28 05:33:20 +00:00
debug_events_state_by_id.sql
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
debug_events_states.sql
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
debug_events.go
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
device_auth_test.go
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
device_auth.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
domain_policy_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
domain_policy.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
event.go
chore: remove bloating span (#7780)
2024-04-16 11:19:17 +00:00
execution_targets.sql
feat: add action v2 execution on requests and responses (#7637)
2024-05-04 11:55:57 +02:00
execution_test.go
feat(v3alpha): read actions (#8357)
2024-08-12 22:32:01 +02:00
execution.go
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
failed_events_test.go
feat(eventstore): increase parallel write capabilities (#5940)
2023-10-19 12:19:10 +02:00
failed_events.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
generic.go
feat: query side for executions and targets for actions v2 (#7524)
2024-03-14 09:56:23 +00:00
iam_member_test.go
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
iam_member.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
idp_login_policy_link_test.go
feat(idp): provide option to auto link user (#7734)
2024-04-10 15:46:30 +00:00
idp_login_policy_link.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
idp_template_test.go
feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979)
2024-05-23 05:04:07 +00:00
idp_template.go
feat: idp v2 api GetIDPByID (#8425)
2024-08-14 18:18:29 +00:00
idp_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
idp_user_link_test.go
fix: generalise permission check for query user information (#8458)
2024-08-23 06:44:18 +00:00
idp_user_link.go
fix: generalise permission check for query user information (#8458)
2024-08-23 06:44:18 +00:00
idp.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
instance_by_domain.sql
feat(storage): generic cache interface (#8628)
2024-09-25 21:40:21 +02:00
instance_by_id.sql
feat(storage): generic cache interface (#8628)
2024-09-25 21:40:21 +02:00
instance_domain_test.go
feat(storage): read only transactions for queries (#6415)
2023-08-22 10:49:22 +00:00
instance_domain.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
instance_features_model.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
instance_features_test.go
fix: add action v2 execution to features (#7597)
2024-04-09 20:21:21 +03:00
instance_features.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
instance_test.go
feat(api): feature flags (#7356)
2024-02-28 10:55:54 +02:00
instance_trusted_domain_test.go
feat: trusted (instance) domains (#8369)
2024-07-31 18:00:38 +03:00
instance_trusted_domain.go
feat: trusted (instance) domains (#8369)
2024-07-31 18:00:38 +03:00
instance.go
feat(cache): organization (#8903)
2024-11-21 08:05:03 +02:00
instanceindex_enumer.go
perf(cache): pgx pool connector (#8703)
2024-10-04 13:15:41 +00:00
introspection_client_by_id.sql
fix: correctly check app state on authentication (#8630)
2024-09-17 11:34:14 +00:00
introspection_test.go
fix: correctly check app state on authentication (#8630)
2024-09-17 11:34:14 +00:00
introspection.go
fix: correctly check app state on authentication (#8630)
2024-09-17 11:34:14 +00:00
key_test.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
key.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
label_policy.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
lockout_policy_test.go
feat: provide option to limit (T)OTP checks (#7693)
2024-04-10 09:14:55 +00:00
lockout_policy.go
fix: correct error messages for policy queries (#8722)
2024-10-03 17:53:03 +02:00
login_name.go
perf: remove owner removed columns from projections for oidc (#6925)
2023-11-20 17:21:08 +02:00
login_policy_test.go
chore: use pgx v5 (#7577)
2024-03-27 15:48:22 +02:00
login_policy.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
mail_template.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
member_roles.go
fix(query): realtime data on defined requests (#3726)
2022-06-14 07:51:00 +02:00
member.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
message_text_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
message_text.go
feat: invite user link (#8578)
2024-09-11 10:53:55 +00:00
milestone_test.go
fix(milestones): use previous spelling for milestone types (#8886)
2024-11-11 11:28:27 +00:00
milestone.go
perf(milestones): refactor (#8788)
2024-10-28 08:29:34 +00:00
notification_policy_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
notification_policy.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
notification_provider_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
notification_provider.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
oidc_client_by_id.sql
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
oidc_client_test.go
fix: correctly check app state on authentication (#8630)
2024-09-17 11:34:14 +00:00
oidc_client.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
oidc_settings_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
oidc_settings.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
org_domain_test.go
feat(storage): read only transactions for queries (#6415)
2023-08-22 10:49:22 +00:00
org_domain.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
org_member_test.go
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
org_member.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
org_metadata_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
org_metadata.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
org_test.go
fix: generalise permission check for query user information (#8458)
2024-08-23 06:44:18 +00:00
org.go
feat(cache): organization (#8903)
2024-11-21 08:05:03 +02:00
orgindex_enumer.go
feat(cache): organization (#8903)
2024-11-21 08:05:03 +02:00
password_age_policy_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
password_age_policy.go
fix: correct error messages for policy queries (#8722)
2024-10-03 17:53:03 +02:00
password_complexity_policy_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
password_complexity_policy.go
fix: correct error messages for policy queries (#8722)
2024-10-03 17:53:03 +02:00
prepare_test.go
perf(query): remove transactions for queries (#8614)
2024-11-04 10:06:14 +01:00
privacy_policy_test.go
feat(cnsl): docs link can be customized and custom button is available (#7840)
2024-05-13 16:01:50 +02:00
privacy_policy.go
feat(cnsl): docs link can be customized and custom button is available (#7840)
2024-05-13 16:01:50 +02:00
project_grant_member_test.go
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
project_grant_member.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
project_grant_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
project_grant.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
project_member_test.go
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
project_member.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
project_role_test.go
perf: remove owner removed columns from projections for oidc (#6925)
2023-11-20 17:21:08 +02:00
project_role.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
project_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
project.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
query_test.go
fix(setup): init projections (#7194)
2024-01-25 17:28:20 +01:00
query.go
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
quota_notifications_test.go
perf: project quotas and usages (#6441)
2023-09-15 16:58:45 +02:00
quota_notifications.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
quota_periods_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
quota_periods.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
quota_test.go
chore: use pgx v5 (#7577)
2024-03-27 15:48:22 +02:00
quota.go
chore: use pgx v5 (#7577)
2024-03-27 15:48:22 +02:00
restrictions_test.go
fix: projection version of restrictions (#7028)
2023-12-06 10:30:56 +00:00
restrictions.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
search_query_test.go
feat: add action v2 execution on requests and responses (#7637)
2024-05-04 11:55:57 +02:00
search_query.go
feat: add action v2 execution on requests and responses (#7637)
2024-05-04 11:55:57 +02:00
secret_generator_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
secret_generators.go
fix(query): print log line on secret generator error (#8424)
2024-08-13 14:52:43 +02:00
security_policy.go
feat: impersonation roles (#7442)
2024-02-28 10:21:11 +00:00
session.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
sessions_test.go
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
sms_test.go
feat: Add Twilio Verification Service (#8678)
2024-09-26 09:14:33 +02:00
sms.go
feat: Add Twilio Verification Service (#8678)
2024-09-26 09:14:33 +02:00
smtp_test.go
fix: correctly create SMTP provider list (#8724)
2024-10-04 09:34:44 +00:00
smtp.go
feat: add http as smtp provider (#8545)
2024-09-12 06:27:29 +02:00
system_features_model.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
system_features_test.go
fix: add action v2 execution to features (#7597)
2024-04-09 20:21:21 +03:00
system_features.go
feat(OIDC): add back channel logout (#8837)
2024-10-31 15:57:17 +01:00
target_test.go
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
target.go
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
targets_by_execution_id.sql
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
targets_by_execution_ids.sql
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
user_auth_method_test.go
fix: add domain as attribute to list user auth methods (#8718)
2024-10-10 16:50:53 +00:00
user_auth_method.go
fix: add domain as attribute to list user auth methods (#8718)
2024-10-10 16:50:53 +00:00
user_by_id.sql
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
user_by_login_name.sql
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
user_grant_test.go
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
user_grant.go
fix(eventstore): revert precise decimal (#8527) (#8679)
2024-09-24 18:43:29 +02:00
user_membership_test.go
perf: remove owner removed columns from projections for oidc (#6925)
2023-11-20 17:21:08 +02:00
user_membership.go
fix(eventstore): revert precise decimal (#8527) (#8679)
2024-09-24 18:43:29 +02:00
user_metadata_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
user_metadata.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
user_notify_by_id.sql
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
user_notify_by_login_name.sql
feat: password age policy (#8132)
2024-06-18 11:27:44 +00:00
user_otp.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
user_password.go
feat(crypto): use passwap for machine and app secrets (#7657)
2024-04-05 09:35:49 +00:00
user_personal_access_token_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
user_personal_access_token.go
refactor(fmt): run gci on complete project (#7557)
2024-04-03 10:43:43 +00:00
user_schema_test.go
feat: add schema user create and remove (#8494)
2024-08-28 19:46:45 +00:00
user_schema.go
feat: add schema user create and remove (#8494)
2024-08-28 19:46:45 +00:00
user_test.go
fix: generalise permission check for query user information (#8458)
2024-08-23 06:44:18 +00:00
user.go
fix: generalise permission check for query user information (#8458)
2024-08-23 06:44:18 +00:00
userinfo_by_id.sql
fix: correctly check user state (#8631)
2024-09-17 13:21:49 +00:00
userinfo_client_by_id.sql
feat(oidc): optimize the userinfo endpoint (#7706)
2024-04-09 15:15:35 +02:00
userinfo_test.go
feat(oidc): organization roles scope (#8120)
2024-06-14 10:00:43 +02:00
userinfo.go
feat(oidc): organization roles scope (#8120)
2024-06-14 10:00:43 +02:00
web_key_by_state.sql
fix(webkeys): remove include private key from projection index (#8436)
2024-08-16 11:41:09 +00:00
web_key_list.sql
fix(webkeys): remove include private key from projection index (#8436)
2024-08-16 11:41:09 +00:00
web_key_model.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
web_key_public_keys.sql
fix(webkeys): remove include private key from projection index (#8436)
2024-08-16 11:41:09 +00:00
web_key_test.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
web_key.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
zitadel_permission.go
perf: remove owner removed columns from projections for oidc (#6925)
2023-11-20 17:21:08 +02:00