zitadel/internal/api/grpc/admin
Tim Möhlmann 6398349c24
feat(oidc): token exchange impersonation (#7516)
* add token exchange feature flag

* allow setting reason and actor to access tokens

* impersonation

* set token types and scopes in response

* upgrade oidc to working draft state

* fix tests

* audience and scope validation

* id toke and jwt as input

* return id tokens

* add grant type  token exchange to app config

* add integration tests

* check and deny actors in api calls

* fix instance setting tests by triggering projection on write and cleanup

* insert sleep statements again

* solve linting issues

* add translations

* pin oidc v3.15.0

* resolve comments, add event translation

* fix refreshtoken test

* use ValidateAuthReqScopes from oidc

* apparently the linter can't make up its mind

* persist actor thru refresh tokens and check in tests

* remove unneeded triggers
2024-03-20 10:18:46 +00:00
..
custom_text_converter.go feat: SMS and email OTP texts (#6281) 2023-08-09 05:49:12 +00:00
custom_text.go feat: SMS and email OTP texts (#6281) 2023-08-09 05:49:12 +00:00
domain_policy.go fix: handle UserLoginMustBeDomain changes correctly (#4765) 2022-12-06 09:01:31 +01:00
event_test.go fix(ListEvents): add aggregate types to filter if not set (#7490) 2024-03-05 15:44:51 +00:00
event.go fix(ListEvents): add aggregate types to filter if not set (#7490) 2024-03-05 15:44:51 +00:00
export.go perf: user grant owner removed (#6962) 2024-01-08 15:26:30 +00:00
failed_event_converter.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
failed_event.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
feature.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
iam_member_converter_test.go remove negated integration tags 2023-04-26 19:55:13 +03:00
iam_member_converter.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
iam_member_integration_test.go feat: impersonation roles (#7442) 2024-02-28 10:21:11 +00:00
iam_member.go perf: remove owner removed columns from projections for oidc (#6925) 2023-11-20 17:21:08 +02:00
iam_settings_converter.go feat: impersonation roles (#7442) 2024-02-28 10:21:11 +00:00
iam_settings_integration_test.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
iam_settings.go feat: impersonation roles (#7442) 2024-02-28 10:21:11 +00:00
idp_converter_test.go remove negated integration tags 2023-04-26 19:55:13 +03:00
idp_converter.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
idp.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
import.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
information_integration_test.go feat: option to disallow public org registration (#6917) 2023-11-22 09:29:38 +00:00
information.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
instance_converter.go fix: cleanup some todos (#3642) 2022-05-16 16:35:49 +02:00
instance.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
label_policy_converter.go feat: add attribute to only enable specific themes (#6798) 2023-10-26 05:54:09 +00:00
label_policy.go fix: return absolute asset urls (#3676) 2022-05-20 10:30:12 +02:00
language_converter.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
language.go fix: restrict languages in console (#6964) 2023-12-07 08:43:23 +00:00
lockout_converter.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
lockout.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
login_policy_converter.go feat: allow to force MFA local only (#6234) 2023-07-20 04:06:16 +00:00
login_policy.go fix: keep user idp links (#7079) 2023-12-19 10:25:50 +00:00
milestone_converter.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
milestone.go perf: query projected milestones for onboarding view (#6760) 2023-10-25 11:16:34 +00:00
notification_policy.go feat: add notification policy and password change message (#5065) 2023-01-25 09:49:41 +01:00
notification_provider.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
oidc_settings_converter.go fix: correct oidcsettings management (#4413) 2022-09-27 12:53:49 +02:00
oidc_settings.go fix: correct oidcsettings management (#4413) 2022-09-27 12:53:49 +02:00
oneof.go feat: protos refactoring 2021-03-09 10:30:11 +01:00
org_converter.go fix: cleanup some todos (#3642) 2022-05-16 16:35:49 +02:00
org.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
password_age_converter.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
password_age.go fix(query): realtime data on defined requests (#3726) 2022-06-14 07:51:00 +02:00
password_complexity_converter.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
password_complexity.go fix(query): realtime data on defined requests (#3726) 2022-06-14 07:51:00 +02:00
privacy_policy_converter.go feat: add Help/Support e-mail for instance/org (#5445) 2023-03-28 21:36:52 +02:00
privacy_policy.go fix(query): realtime data on defined requests (#3726) 2022-06-14 07:51:00 +02:00
restrictions_integration_allow_public_org_registrations_test.go fix: restrict languages in console (#6964) 2023-12-07 08:43:23 +00:00
restrictions_integration_allowed_languages_test.go fix: restrict languages in console (#6964) 2023-12-07 08:43:23 +00:00
restrictions.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
server_integration_test.go feat: impersonation roles (#7442) 2024-02-28 10:21:11 +00:00
server.go feat: add activity logs on user actions with authentication, resource… (#6748) 2023-10-25 12:09:15 +00:00
sms_converter.go refactor: rename config structs (#5459) 2023-03-16 17:24:30 +00:00
sms.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
user_converter.go fix: make user creation errors helpful (#5382) 2023-03-14 19:20:38 +00:00
view_converter.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
view.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00