mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 11:04:25 +00:00
5699fe80d5
* feat: check oidc compliance * fix: add tests * fix: add oidc config tests * fix: add oidc config tests user agent * fix: test oidc config compliance * fix: test oidc config compliance * fix: useragent implicit authmethod none * fix: merge master * feat: translate compliance problems * feat: check native app for custom url * fix: better compliance handling * fix: better compliance handling * feat: add odidc dev mode * fix: remove deprecated request fro management api * fix: oidc package version * fix: migration * fix: tests * fix: remove unused functions * fix: generate proto files * fix: native implicit and code none compliant * fix: create project * Update internal/project/model/oidc_config_test.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: tests * Update internal/project/model/oidc_config.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/project/model/oidc_config.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * fix: tests Co-authored-by: Livio Amstutz <livio.a@gmail.com>
315 lines
11 KiB
YAML
315 lines
11 KiB
YAML
Errors:
|
|
Internal: An internal error occured
|
|
NoChangesFound: No changes found
|
|
User:
|
|
NotFound: User could not be found
|
|
UserIDMissing: User ID missing
|
|
OrgIamPolicyNil: Organisation Policy is empty
|
|
EmailAsUsernameNotAllowed: Email is not allowed as username
|
|
Invalid: Userdata is invalid
|
|
DomainNotAllowedAsUsername: Domain is already reserved
|
|
AlreadyInactive: User already inactive
|
|
NotInactive: User is not inactive
|
|
ShouldBeActiveOrInitial: User is not active or inital
|
|
NotLocked: User is not locked
|
|
NoChanges: No changes found
|
|
InitCodeNotFound: Initialization Code not found
|
|
ProfileNotFound: Profile not found
|
|
ProfileInvalid: Profildata invalid
|
|
EmailNotFound: Email not found
|
|
EmailInvalid: Email is invalid
|
|
EmailAlreadyVerified: Email is alredy verified
|
|
PhoneNotFound: Phone not found
|
|
PhoneInvalid: Phone is invalid
|
|
PhoneAlreadyVerified: Phone already verified
|
|
AddressNotFound: Address not found
|
|
Code:
|
|
Empty: Code is empty
|
|
NotFound: Code not found
|
|
Expired: Code is expired
|
|
GeneratorAlgNotSupported: Unsupported generator algorithm
|
|
Password:
|
|
NotFound: Passoword not found
|
|
Empty: Password is empty
|
|
Invalid: Passwort is invalid
|
|
PasswordComplexityPolicy:
|
|
NotFound: Password policy not found
|
|
MinLength: Password is to short
|
|
MinLengthNotAllowed: Given minimum length is not allowed
|
|
HasLower: Password must contain lower case
|
|
HasUpper: Password must contain upper case
|
|
HasNumber: Password must contain number
|
|
HasSymbol: Password must contain symbol
|
|
Mfa:
|
|
Otp:
|
|
AlreadyReady: Multifactor OTP (OneTimePassword) is already set up
|
|
NotExisting: Multifactor OTP (OneTimePassword) doesn't exist
|
|
NotReady: Multifactor OTP (OneTimePassword) isn't ready
|
|
InvalidCode: Invalid code
|
|
Org:
|
|
Invalid: Organisation is invalid
|
|
AlreadyDeactivated: Organisation is already deactivated
|
|
AlreadyActive: Organisation is already ative
|
|
Empty: Organisation is empty
|
|
NotFound: Organisation not found
|
|
InvalidDomain: Invalid domain
|
|
DomainMissing: Domain missing
|
|
DomainNotOnOrg: Domain doesn't exist on organisation
|
|
DomainNotVerified: Domain is not verified
|
|
DomainAlreadyVerified: Domain is already verified
|
|
DomainVerificationTypeInvalid: Domain verification type is invalid
|
|
DomainVerificationMissing: Domain verification not yet startet
|
|
DomainVerificationFailed: Domain verification failed
|
|
PrimaryDomainNotDeletable: Primary domain must not be deleted
|
|
DomainNotFound: Domain not found
|
|
MemberIDMissing: Member ID missing
|
|
MemberNotFound: Organisations member not found
|
|
InvalidMember: Organisation member is invalid
|
|
UserIDMissing: User ID missing
|
|
PolicyAlreadyExists: Policy alredy exists
|
|
PolicyNotExisting: Policy doesn't exist
|
|
Project:
|
|
ProjectIDMissing: Project Id missing
|
|
AlreadyExists: Project already exists on organisation
|
|
OrgNotExisting: Organisation doesn't exist
|
|
UserNotExisting: User doesn't exist
|
|
CouldNotGenerateClientSecret: Could not generate client secret
|
|
Invalid: Project is invalid
|
|
NotActive: Project is not active
|
|
NotInactive: Project is not deactivated
|
|
NotFound: Porject not found
|
|
UserIDMissing: User ID missing
|
|
MemberNotFound: Project member not found
|
|
MemberInvalid: Project member is invalid
|
|
MemberAlreadyExists: Project member already exists
|
|
MemberNotExisting: Project member doesn't exist
|
|
MinimumOneRoleNeeded: At least one role should be added
|
|
RoleAlreadyExists: Role already exists
|
|
RoleInvalid: Role is invalid
|
|
RoleNotExisting: Role doesn't exist
|
|
IDMissing: ID missing
|
|
AppNotFound: Application not found
|
|
AppInvalid: Application invalid
|
|
AppNotExisting: Application doesn't exist
|
|
OIDCConfigInvalid: OIDC configuration is invalid
|
|
AppIsNotOIDC: Application is not type oidc
|
|
OIDCAuthMethodNoneSecret: OIDC Auth Method None does not require a secret
|
|
RequiredFieldsMissing: Some required fields are missing
|
|
GrantNotFound: Grant not found
|
|
GrantInvalid: Project grant is invalid
|
|
GrantAlreadyExists: Project grant already exists
|
|
GrantNotExists: Project grant doesn't exist
|
|
GrantHasNotExistingRole: One role doesn't exist on project
|
|
UserIDMisisng: User ID missing
|
|
Iam:
|
|
MemberInvalid: Member is invalid
|
|
MemberAlreadyExisting: Member already exists
|
|
MemberNotExisting: Member does not exist
|
|
IDMissing: Id missing
|
|
GlobalOrgMissing: Global organisation missing
|
|
IamProjectIDMisisng: Iam project id missing
|
|
Policy:
|
|
AlreadyExists: Policy already exists
|
|
UserGrant:
|
|
NotFound: User grant not found
|
|
Invalid: User grant is invalid
|
|
IDMissing: Id missing
|
|
NotActive: User grant is not active
|
|
NotInactive: User grant is not deactivated
|
|
NoPermissionForProject: User has no permissions on this project
|
|
Changes:
|
|
NotFound: No history found
|
|
Token:
|
|
NotFound: Token not found
|
|
UserSession:
|
|
NotFound: UserSession not found
|
|
EventTypes:
|
|
user:
|
|
added: User added
|
|
selfregistered: User registered himself
|
|
initialization:
|
|
code:
|
|
added: Initialisation code generated
|
|
sent: Initialisation code sent
|
|
check:
|
|
succeeded: Initialisation check succeded
|
|
failed: Initialisation check failed
|
|
username:
|
|
reserved: Username reserved
|
|
released: Username released
|
|
email:
|
|
reserved: Email address reserved
|
|
released: Email address released
|
|
changed: Email address changed
|
|
verified: Email address verified
|
|
verification:
|
|
failed: Email address verification failed
|
|
code:
|
|
added: Email address verification code generated
|
|
sent: Email address verification code sent
|
|
locked: User locked
|
|
unlocked: User unlocked
|
|
deactivated: User deactivated
|
|
reactivated: User reactivated
|
|
removed: User removed
|
|
password:
|
|
changed: Password changed
|
|
code:
|
|
added: Password code generated
|
|
sent: Password code sent
|
|
check:
|
|
succeeded: Password check succeeded
|
|
failed: Password check failed
|
|
phone:
|
|
changed: Phone number changed
|
|
verified: Phone number verified
|
|
verification:
|
|
failed: Phone number verification failed
|
|
code:
|
|
added: Phone number code generated
|
|
sent: Phone number code sent
|
|
profile:
|
|
changed: User profile changed
|
|
address:
|
|
changed: User address changed
|
|
mfa:
|
|
otp:
|
|
added: Multifactor OTP added
|
|
verified: Multifactor OTP verified
|
|
removed: Multifactor OTP removed
|
|
check:
|
|
succeeded: Multifactor OTP check succeeded
|
|
failed: Multifactor OTP check failed
|
|
init:
|
|
skipped: Multifactor initialisation skipped
|
|
signed:
|
|
out: User signed out
|
|
grant:
|
|
added: Authorization added
|
|
changed: Authorization changed
|
|
removed: Authorization removed
|
|
deactivated: Authorization deactivated
|
|
reactivated: Authorization reactivated
|
|
reserved: Authorization reserved
|
|
released: Authorization released
|
|
cascade:
|
|
removed: Authorization removed
|
|
changed: Authorization changed
|
|
org:
|
|
added: Organization added
|
|
changed: Organization changed
|
|
deactivated: Organization deactivated
|
|
reactivated: Organization reactivated
|
|
removed: Organization removed
|
|
domain:
|
|
added: Domain added
|
|
verified: Domain verified
|
|
removed: Domain removed
|
|
primary:
|
|
set: Primary domain set
|
|
reserved: Domain reserved
|
|
released: Domain released
|
|
name:
|
|
reserved: Organization name reserved
|
|
released: Organization name released
|
|
member:
|
|
added: Organization member added
|
|
changed: Organization member changed
|
|
removed: Organization member removed
|
|
iam:
|
|
policy:
|
|
added: System policy added
|
|
changed: System policy changed
|
|
removed: System policy removed
|
|
project:
|
|
added: Project added
|
|
changed: Project changed
|
|
deactivated: Project deactivated
|
|
reactivated: Project reactivated
|
|
removed: Project removed
|
|
member:
|
|
added: Project member added
|
|
changed: Project member changed
|
|
removed: Project member removed
|
|
role:
|
|
added: Project role added
|
|
changed: Project role changed
|
|
removed: Project role removed
|
|
grant:
|
|
added: Management access added
|
|
changed: Management access changed
|
|
removed: Management access removed
|
|
deactivated: Management access deactivated
|
|
reactivated: Management access reactivated
|
|
cascade:
|
|
changed: Management access changed
|
|
member:
|
|
added: Management access member added
|
|
changed: Management access member changed
|
|
removed: Management access member removed
|
|
application:
|
|
added: Application added
|
|
changed: Application changed
|
|
removed: Application removed
|
|
deactivated: Application deactivated
|
|
reactivated: Application reactivated
|
|
oidc:
|
|
secret:
|
|
check:
|
|
succeeded: OIDC Client Secret check succeeded
|
|
failed: OIDC Client Secret check failed
|
|
config:
|
|
oidc:
|
|
added: OIDC Configuration added
|
|
changed: OIDC Configuration changed
|
|
secret:
|
|
changed: OIDC secret changed
|
|
policy:
|
|
password:
|
|
complexity:
|
|
added: Password complexity policy added
|
|
changed: Password complexity policy changed
|
|
age:
|
|
added: Password age policy added
|
|
changed: Password age policy changed
|
|
lockout:
|
|
added: Password lockout policy added
|
|
changed: Password lockout policy changed
|
|
iam:
|
|
setup:
|
|
started: ZITADEL setup started
|
|
done: ZITADEL setup done
|
|
global:
|
|
org:
|
|
set: Global org set
|
|
project:
|
|
iam:
|
|
set: ZITADEL project set
|
|
member:
|
|
added: ZITADEL member added
|
|
changed: ZITADEL member changed
|
|
removed: ZITADEL member removed
|
|
key_pair:
|
|
added: Key pair added
|
|
Application:
|
|
OIDC:
|
|
V1:
|
|
NotCompliant: Your configuration is not compliant and differs from OIDC 1.0 standard.
|
|
NotAllCombinationsAreAllowed: Configuration is compliant, but not all possible combinations are allowed.
|
|
Code:
|
|
RedirectUris:
|
|
HttpOnlyForWeb: Grant type code only allowed http redirect uris for apptype web.
|
|
CustomOnlyForNative: Grant type code only allowes custom redirect uris for apptype native (e.g appname:// )
|
|
Implicit:
|
|
RedirectUris:
|
|
CustomNotAllowed: Grant type implicit doesn't allow custom redirect uris
|
|
HttpNotAllowed: Grant tpye implicit doesn't allow http redirect uris
|
|
NativeShouldBeHttpLocalhost: Grant tpye implicit only allowed http://localhost for native apptype
|
|
HttpLocalhostOnlyForNative: Http://localhost redirect uri is only allowed for native applications.
|
|
Native:
|
|
AuthMethodType:
|
|
NotNone: Native applications should have authmethodtype none.
|
|
UserAgent:
|
|
AuthMethodType:
|
|
NotNone: User agent app should have authmethodtype none.
|