TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-12 11:04:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
319ebe7898
zitadel/internal/domain
History
Tim Möhlmann 6398349c24
feat(oidc): token exchange impersonation (#7516) 
* add token exchange feature flag

* allow setting reason and actor to access tokens

* impersonation

* set token types and scopes in response

* upgrade oidc to working draft state

* fix tests

* audience and scope validation

* id toke and jwt as input

* return id tokens

* add grant type  token exchange to app config

* add integration tests

* check and deny actors in api calls

* fix instance setting tests by triggering projection on write and cleanup

* insert sleep statements again

* solve linting issues

* add translations

* pin oidc v3.15.0

* resolve comments, add event translation

* fix refreshtoken test

* use ValidateAuthReqScopes from oidc

* apparently the linter can't make up its mind

* persist actor thru refresh tokens and check in tests

* remove unneeded triggers
2024-03-20 10:18:46 +00:00
..
schema feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
action.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
application_api.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
application_key.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
application_oauth.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
application_oidc_test.go fix: remove hard requirement of grant type auth code for device code apps + warnings for missing urls (#7429) 2024-02-29 15:28:06 +00:00
application_oidc.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
application_saml.go feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
application.go feat: protos refactoring 2021-03-09 10:30:11 +01:00
asset.go fix: return absolute asset urls (#3676) 2022-05-20 10:30:12 +02:00
auth_request_test.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
auth_request.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
authn_key.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
browser_info.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
bucket.go feat: asset storage (#1696) 2021-05-03 10:15:50 +02:00
custom_login_text.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
custom_message_text.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
custom_text.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
device_auth_test.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
device_auth.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
deviceauthstate_string.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
execution.go feat: add executions for actions v2 (#7433) 2024-02-26 12:49:43 +02:00
expiration.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
factors.go feat: enable otp email and sms (#6260) 2023-07-28 07:39:30 +02:00
feature.go feat(login): use default org for login without provided org context (#6625) 2023-09-29 08:21:32 +00:00
flow.go feat: add executions for actions v2 (#7433) 2024-02-26 12:49:43 +02:00
human_address.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
human_email_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_email.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_otp.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_password.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_phone_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_phone.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_profile.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
human_test.go fix: set displayname correctly in EnsureDisplayName (#5702) 2023-04-17 06:26:40 +00:00
human_web_auth_n.go fix: provide domain in session, passkey and u2f (#6097) 2023-06-27 14:36:07 +02:00
human.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
idp_config.go feat(login): use new IDP templates (#5315) 2023-02-28 21:20:58 +01:00
idp.go feat: add SAML as identity provider (#6454) 2023-09-29 11:26:14 +02:00
instance_domain.go feat: add random string to generated domain (#3634) 2022-05-16 11:26:24 +02:00
instance.go fix: instance remove (#4602) 2022-10-26 13:06:48 +00:00
key_pair.go feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
language.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
machine_key.go fix: add expiration date information to service users keys (#7497) 2024-03-13 18:21:19 +00:00
machine_secret.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
machine.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
member.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
metadata.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
mfa.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
next_step.go feat: display login succeeded page only for native apps (#2839) 2021-12-14 09:47:49 +01:00
notification.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
object.go feat(api): feature flags (#7356) 2024-02-28 10:55:54 +02:00
oidc_code_challenge.go fix: move v2 pkgs (#1331) 2021-02-23 15:13:04 +01:00
oidc_error_reason.go feat(api): add OIDC session service (#6157) 2023-07-10 13:27:00 +00:00
oidc_mapping_field.go fix: move v2 pkgs (#1331) 2021-02-23 15:13:04 +01:00
oidc_session.go feat(api): add OIDC session service (#6157) 2023-07-10 13:27:00 +00:00
oidc_settings.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_domain_test.go fix: allow unicode characters in org domains (#6675) 2023-10-11 09:55:01 +02:00
org_domain.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org.go fix: allow unicode characters in org domains (#6675) 2023-10-11 09:55:01 +02:00
permission.go feat: user service v2 create, update and remove (#6996) 2023-12-21 10:03:37 +01:00
policy_domain.go feat: restrict smtp sender address (#3637) 2022-05-16 14:08:47 +00:00
policy_label_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
policy_label.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
policy_login_test.go feat: add default redirect uri and handling of unknown usernames (#3616) 2022-05-16 13:39:09 +00:00
policy_login.go fix(login): correct rendering of idps (#7151) 2024-01-05 14:35:51 +00:00
policy_mail_template.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_password_age.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_password_complexity.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
policy_password_lockout.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_privacy.go feat: add Help/Support e-mail for instance/org (#5445) 2023-03-28 21:36:52 +02:00
policy.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project_grant_member.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project_grant.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project_role.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
provider.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
refresh_token.go fix(oidc): return bad request for an invalid refresh token (#7419) 2024-02-20 16:54:52 +01:00
request.go feat(oidc): id token for device authorization (#7088) 2023-12-20 13:21:08 +01:00
roles.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
search_method.go fix: todos (#1346) 2021-03-01 08:48:50 +01:00
secret_generator.go feat: add secret generators for OTP (#6262) 2023-07-26 11:00:41 +00:00
session.go feat(api): add otp (sms and email) checks in session api (#6422) 2023-08-24 09:41:52 +00:00
sms.go feat: Default configs sms provider (#3187) 2022-02-21 12:22:20 +00:00
smtp.go fix: add smtp config, remove smtp and sms provider, console adaptations (#3792) 2022-06-10 12:39:38 +02:00
target.go feat: query side for executions and targets for actions v2 (#7524) 2024-03-14 09:56:23 +00:00
token.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
tokenreason_enumer.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
url_template_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
url_template.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_agent.go feat(api/v2): store user agent details in the session (#6711) 2023-10-12 12:16:59 +00:00
user_grant.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
user_idp_link.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
user_schema.go feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
user_v2_passkey_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_v2_passkey.go feat(v2): register user u2f (#6020) 2023-06-15 05:32:40 +00:00
user.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00