zitadel/internal
Livio Spring 4f114e4bf3
fix: session idp intent check (#8040)
# Which Problems Are Solved

If an IdP intent succeeded with the user was not linked yet, the IdP
link was then added, the following IdP check on the session API would
then fail with `Intent meant for another user (COMMAND-O8xk3w)`.
This issue was introduced with when allowing IdP intents from other
organizations (https://github.com/zitadel/zitadel/pull/7871)

# How the Problems Are Solved

The IdP link is now correctly checked in the session API (using the
user's organization instead of the one from the intent).

# Additional Changes

- Improved the corresponding integration test to cover the exact
bahvior.
- Tests, which had to be updated with newer cases where additionally
changed to use expectEventstore instead of deprecated eventstoreExpect
and the two eventstore mocks of the session_tests.go where combined.

# Additional Context

- Relates to #7871
- This issue was reported by a customer.
- will be back ported to 2.52.x

(cherry picked from commit d254828d47)
2024-05-30 09:25:56 +02:00
..
actions feat(actions): allow getting metadata of organizations from user grants (#7782) 2024-04-22 11:34:23 +00:00
activity fix: get orgID when missing on trigger logs (#7555) 2024-03-14 08:49:10 +00:00
admin/repository/eventsourcing fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
api fix: session idp intent check (#8040) 2024-05-30 09:25:56 +02:00
auth/repository fix(oidc): IDP and passwordless user auth methods (#7998) 2024-05-28 08:59:49 +00:00
auth_request/repository fix(login): correctly reload policies on auth request (#7839) 2024-04-24 10:54:55 +02:00
authz fix(oidc): IDP and passwordless user auth methods (#7998) 2024-05-28 08:59:49 +00:00
command fix: session idp intent check (#8040) 2024-05-30 09:25:56 +02:00
config feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
crypto fix(db): wrap BeginTx in spans to get acquire metrics (#7689) 2024-04-09 14:03:03 +02:00
database perf: cache auth request in memory (#7824) 2024-04-23 13:49:01 +02:00
domain fix(oidc): IDP and passwordless user auth methods (#7998) 2024-05-28 08:59:49 +00:00
eventstore fix(eventstore): order by sequence if filter by aggregate id (#8019) 2024-05-28 08:50:42 +02:00
execution feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
feature refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
form refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
i18n fix(middleware): init translation messages (#7778) 2024-04-16 15:46:13 +02:00
iam refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
id fix: add action v2 execution to features (#7597) 2024-04-09 20:21:21 +03:00
idp feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
integration feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
logstore perf: project quotas and usages (#6441) 2023-09-15 16:58:45 +02:00
migration fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
net perf: project quotas and usages (#6441) 2023-09-15 16:58:45 +02:00
notification fix: Update fr translations (#7910) 2024-05-17 13:16:55 +02:00
org refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
protoc merge main into next 2023-10-19 12:34:00 +02:00
qrcode docs(legal): Updated agreements and policies v2 (#3823) 2022-06-15 08:30:58 +02:00
query fix(oidc): IDP and passwordless user auth methods (#7998) 2024-05-28 08:59:49 +00:00
renderer fix(login): (re)allow HTML in custom login texts (#7575) 2024-03-15 16:29:10 +01:00
repository refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
static Merge branch 'main' into next 2024-05-28 14:33:54 +02:00
statik chore: initial version of a devcontainer (#6352) 2023-08-15 10:49:05 +02:00
telemetry refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
test refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user fix(login): correctly set preferred login name in the login ui (#8038) 2024-05-29 17:47:37 +02:00
v2 refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
view/repository refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
webauthn fix: allow other users to set up MFAs (#7914) 2024-05-07 05:38:26 +00:00
zerrors refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00