mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-13 19:44:21 +00:00
3d5891eb11
* feat: start system api * feat: remove auth * feat: change gitignore * feat: run system api * feat: remove clear view form admin api * feat: search instances * feat: add instance * fix: set primary domain * Update .gitignore * fix: add instance * fix: add instance * fix: handle errors * fix: handle instance name * fix: test Co-authored-by: Livio Amstutz <livio.a@gmail.com>
84 lines
2.0 KiB
Go
84 lines
2.0 KiB
Go
package setup
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
"fmt"
|
|
|
|
"github.com/caos/zitadel/internal/api/authz"
|
|
"github.com/caos/zitadel/internal/command"
|
|
"github.com/caos/zitadel/internal/config/systemdefaults"
|
|
"github.com/caos/zitadel/internal/crypto"
|
|
crypto_db "github.com/caos/zitadel/internal/crypto/database"
|
|
"github.com/caos/zitadel/internal/eventstore"
|
|
webauthn_helper "github.com/caos/zitadel/internal/webauthn"
|
|
)
|
|
|
|
type DefaultInstance struct {
|
|
InstanceSetup command.InstanceSetup
|
|
|
|
userEncryptionKey *crypto.KeyConfig
|
|
masterKey string
|
|
db *sql.DB
|
|
es *eventstore.Eventstore
|
|
domain string
|
|
defaults systemdefaults.SystemDefaults
|
|
zitadelRoles []authz.RoleMapping
|
|
baseURL string
|
|
externalSecure bool
|
|
}
|
|
|
|
func (mig *DefaultInstance) Execute(ctx context.Context) error {
|
|
keyStorage, err := crypto_db.NewKeyStorage(mig.db, mig.masterKey)
|
|
if err != nil {
|
|
return fmt.Errorf("cannot start key storage: %w", err)
|
|
}
|
|
if err = verifyKey(mig.userEncryptionKey, keyStorage); err != nil {
|
|
return err
|
|
}
|
|
|
|
userAlg, err := crypto.NewAESCrypto(mig.userEncryptionKey, keyStorage)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
|
|
cmd, err := command.StartCommands(mig.es,
|
|
mig.defaults,
|
|
mig.zitadelRoles,
|
|
nil,
|
|
nil,
|
|
//TODO: Livio will fix this, but it ZITADEL doesn't run without this
|
|
webauthn_helper.Config{DisplayName: "HELLO LIVIO", ID: "RPID"},
|
|
nil,
|
|
nil,
|
|
nil,
|
|
nil,
|
|
userAlg,
|
|
nil,
|
|
nil)
|
|
|
|
if err != nil {
|
|
return err
|
|
}
|
|
ctx = authz.WithRequestedDomain(ctx, mig.domain)
|
|
|
|
_, _, err = cmd.SetUpInstance(ctx, &mig.InstanceSetup, mig.externalSecure, mig.baseURL)
|
|
return err
|
|
}
|
|
|
|
func (mig *DefaultInstance) String() string {
|
|
return "03_default_instance"
|
|
}
|
|
|
|
func verifyKey(key *crypto.KeyConfig, storage crypto.KeyStorage) (err error) {
|
|
_, err = crypto.LoadKey(key.EncryptionKeyID, storage)
|
|
if err == nil {
|
|
return nil
|
|
}
|
|
k, err := crypto.NewKey(key.EncryptionKeyID)
|
|
if err != nil {
|
|
return err
|
|
}
|
|
return storage.CreateKeys(k)
|
|
}
|