mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-14 20:08:02 +00:00
3549a8b64e
* move mgmt pkg * begin package restructure * rename auth package to authz * begin start api * move auth * move admin * fix merge * configs and interceptors * interceptor * revert generate-grpc.sh * some cleanups * console * move console * fix tests and merging * js linting * merge * merging and configs * change k8s base to current ports * fixes * cleanup * regenerate proto * remove unnecessary whitespace * missing param * go mod tidy * fix merging * move login pkg * cleanup * move api pkgs again * fix pkg naming * fix generate-static.sh for login * update workflow * fixes * logging * remove duplicate * comment for optional gateway interfaces * regenerate protos * fix proto imports for grpc web * protos * grpc web generate * grpc web generate * fix changes * add translation interceptor * fix merging * regenerate mgmt proto
376 lines
12 KiB
Go
376 lines
12 KiB
Go
package auth
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
|
|
"github.com/caos/logging"
|
|
"github.com/golang/protobuf/ptypes"
|
|
"golang.org/x/text/language"
|
|
"google.golang.org/protobuf/encoding/protojson"
|
|
"google.golang.org/protobuf/types/known/structpb"
|
|
|
|
"github.com/caos/zitadel/internal/api/authz"
|
|
"github.com/caos/zitadel/internal/eventstore/models"
|
|
usr_model "github.com/caos/zitadel/internal/user/model"
|
|
"github.com/caos/zitadel/pkg/grpc/auth"
|
|
"github.com/caos/zitadel/pkg/grpc/message"
|
|
)
|
|
|
|
func userViewFromModel(user *usr_model.UserView) *auth.UserView {
|
|
creationDate, err := ptypes.TimestampProto(user.CreationDate)
|
|
logging.Log("GRPC-sd32g").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(user.ChangeDate)
|
|
logging.Log("GRPC-FJKq1").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
lastLogin, err := ptypes.TimestampProto(user.LastLogin)
|
|
logging.Log("GRPC-Gteh2").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
passwordChanged, err := ptypes.TimestampProto(user.PasswordChanged)
|
|
logging.Log("GRPC-fgQFT").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserView{
|
|
Id: user.ID,
|
|
State: userStateFromModel(user.State),
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
LastLogin: lastLogin,
|
|
PasswordChanged: passwordChanged,
|
|
UserName: user.UserName,
|
|
FirstName: user.FirstName,
|
|
LastName: user.LastName,
|
|
DisplayName: user.DisplayName,
|
|
NickName: user.NickName,
|
|
PreferredLanguage: user.PreferredLanguage,
|
|
Gender: genderFromModel(user.Gender),
|
|
Email: user.Email,
|
|
IsEmailVerified: user.IsEmailVerified,
|
|
Phone: user.Phone,
|
|
IsPhoneVerified: user.IsPhoneVerified,
|
|
Country: user.Country,
|
|
Locality: user.Locality,
|
|
PostalCode: user.PostalCode,
|
|
Region: user.Region,
|
|
StreetAddress: user.StreetAddress,
|
|
Sequence: user.Sequence,
|
|
ResourceOwner: user.ResourceOwner,
|
|
LoginNames: user.LoginNames,
|
|
PreferredLoginName: user.PreferredLoginName,
|
|
}
|
|
}
|
|
|
|
func profileFromModel(profile *usr_model.Profile) *auth.UserProfile {
|
|
creationDate, err := ptypes.TimestampProto(profile.CreationDate)
|
|
logging.Log("GRPC-56t5s").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(profile.ChangeDate)
|
|
logging.Log("GRPC-K58ds").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserProfile{
|
|
Id: profile.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: profile.Sequence,
|
|
UserName: profile.UserName,
|
|
FirstName: profile.FirstName,
|
|
LastName: profile.LastName,
|
|
DisplayName: profile.DisplayName,
|
|
NickName: profile.NickName,
|
|
PreferredLanguage: profile.PreferredLanguage.String(),
|
|
Gender: genderFromModel(profile.Gender),
|
|
}
|
|
}
|
|
|
|
func profileViewFromModel(profile *usr_model.Profile) *auth.UserProfileView {
|
|
creationDate, err := ptypes.TimestampProto(profile.CreationDate)
|
|
logging.Log("GRPC-s9iKs").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(profile.ChangeDate)
|
|
logging.Log("GRPC-9sujE").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserProfileView{
|
|
Id: profile.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: profile.Sequence,
|
|
UserName: profile.UserName,
|
|
FirstName: profile.FirstName,
|
|
LastName: profile.LastName,
|
|
DisplayName: profile.DisplayName,
|
|
NickName: profile.NickName,
|
|
PreferredLanguage: profile.PreferredLanguage.String(),
|
|
Gender: genderFromModel(profile.Gender),
|
|
LoginNames: profile.LoginNames,
|
|
PreferredLoginName: profile.PreferredLoginName,
|
|
}
|
|
}
|
|
|
|
func updateProfileToModel(ctx context.Context, u *auth.UpdateUserProfileRequest) *usr_model.Profile {
|
|
preferredLanguage, err := language.Parse(u.PreferredLanguage)
|
|
logging.Log("GRPC-lk73L").OnError(err).Debug("language malformed")
|
|
|
|
return &usr_model.Profile{
|
|
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
|
|
FirstName: u.FirstName,
|
|
LastName: u.LastName,
|
|
NickName: u.NickName,
|
|
PreferredLanguage: preferredLanguage,
|
|
Gender: genderToModel(u.Gender),
|
|
}
|
|
}
|
|
|
|
func emailFromModel(email *usr_model.Email) *auth.UserEmail {
|
|
creationDate, err := ptypes.TimestampProto(email.CreationDate)
|
|
logging.Log("GRPC-sdoi3").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(email.ChangeDate)
|
|
logging.Log("GRPC-klJK3").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserEmail{
|
|
Id: email.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: email.Sequence,
|
|
Email: email.EmailAddress,
|
|
IsEmailVerified: email.IsEmailVerified,
|
|
}
|
|
}
|
|
|
|
func emailViewFromModel(email *usr_model.Email) *auth.UserEmailView {
|
|
creationDate, err := ptypes.TimestampProto(email.CreationDate)
|
|
logging.Log("GRPC-LSp8s").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(email.ChangeDate)
|
|
logging.Log("GRPC-6szJe").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserEmailView{
|
|
Id: email.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: email.Sequence,
|
|
Email: email.EmailAddress,
|
|
IsEmailVerified: email.IsEmailVerified,
|
|
}
|
|
}
|
|
|
|
func updateEmailToModel(ctx context.Context, e *auth.UpdateUserEmailRequest) *usr_model.Email {
|
|
return &usr_model.Email{
|
|
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
|
|
EmailAddress: e.Email,
|
|
}
|
|
}
|
|
|
|
func phoneFromModel(phone *usr_model.Phone) *auth.UserPhone {
|
|
creationDate, err := ptypes.TimestampProto(phone.CreationDate)
|
|
logging.Log("GRPC-kjn5J").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(phone.ChangeDate)
|
|
logging.Log("GRPC-LKA9S").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserPhone{
|
|
Id: phone.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: phone.Sequence,
|
|
Phone: phone.PhoneNumber,
|
|
IsPhoneVerified: phone.IsPhoneVerified,
|
|
}
|
|
}
|
|
|
|
func phoneViewFromModel(phone *usr_model.Phone) *auth.UserPhoneView {
|
|
creationDate, err := ptypes.TimestampProto(phone.CreationDate)
|
|
logging.Log("GRPC-s5zJS").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(phone.ChangeDate)
|
|
logging.Log("GRPC-s9kLe").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserPhoneView{
|
|
Id: phone.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: phone.Sequence,
|
|
Phone: phone.PhoneNumber,
|
|
IsPhoneVerified: phone.IsPhoneVerified,
|
|
}
|
|
}
|
|
|
|
func updatePhoneToModel(ctx context.Context, e *auth.UpdateUserPhoneRequest) *usr_model.Phone {
|
|
return &usr_model.Phone{
|
|
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
|
|
PhoneNumber: e.Phone,
|
|
}
|
|
}
|
|
|
|
func addressFromModel(address *usr_model.Address) *auth.UserAddress {
|
|
creationDate, err := ptypes.TimestampProto(address.CreationDate)
|
|
logging.Log("GRPC-65FRs").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(address.ChangeDate)
|
|
logging.Log("GRPC-aslk4").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserAddress{
|
|
Id: address.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: address.Sequence,
|
|
Country: address.Country,
|
|
StreetAddress: address.StreetAddress,
|
|
Region: address.Region,
|
|
PostalCode: address.PostalCode,
|
|
Locality: address.Locality,
|
|
}
|
|
}
|
|
|
|
func addressViewFromModel(address *usr_model.Address) *auth.UserAddressView {
|
|
creationDate, err := ptypes.TimestampProto(address.CreationDate)
|
|
logging.Log("GRPC-sk4fS").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
changeDate, err := ptypes.TimestampProto(address.ChangeDate)
|
|
logging.Log("GRPC-9siEs").OnError(err).Debug("unable to parse timestamp")
|
|
|
|
return &auth.UserAddressView{
|
|
Id: address.AggregateID,
|
|
CreationDate: creationDate,
|
|
ChangeDate: changeDate,
|
|
Sequence: address.Sequence,
|
|
Country: address.Country,
|
|
StreetAddress: address.StreetAddress,
|
|
Region: address.Region,
|
|
PostalCode: address.PostalCode,
|
|
Locality: address.Locality,
|
|
}
|
|
}
|
|
|
|
func updateAddressToModel(ctx context.Context, address *auth.UpdateUserAddressRequest) *usr_model.Address {
|
|
return &usr_model.Address{
|
|
ObjectRoot: models.ObjectRoot{AggregateID: authz.GetCtxData(ctx).UserID},
|
|
Country: address.Country,
|
|
StreetAddress: address.StreetAddress,
|
|
Region: address.Region,
|
|
PostalCode: address.PostalCode,
|
|
Locality: address.Locality,
|
|
}
|
|
}
|
|
|
|
func otpFromModel(otp *usr_model.OTP) *auth.MfaOtpResponse {
|
|
return &auth.MfaOtpResponse{
|
|
UserId: otp.AggregateID,
|
|
Url: otp.Url,
|
|
Secret: otp.SecretString,
|
|
State: mfaStateFromModel(otp.State),
|
|
}
|
|
}
|
|
|
|
func userStateFromModel(state usr_model.UserState) auth.UserState {
|
|
switch state {
|
|
case usr_model.UserStateActive:
|
|
return auth.UserState_USERSTATE_ACTIVE
|
|
case usr_model.UserStateInactive:
|
|
return auth.UserState_USERSTATE_INACTIVE
|
|
case usr_model.UserStateLocked:
|
|
return auth.UserState_USERSTATE_LOCKED
|
|
case usr_model.UserStateInitial:
|
|
return auth.UserState_USERSTATE_INITIAL
|
|
case usr_model.UserStateSuspend:
|
|
return auth.UserState_USERSTATE_SUSPEND
|
|
default:
|
|
return auth.UserState_USERSTATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func genderFromModel(gender usr_model.Gender) auth.Gender {
|
|
switch gender {
|
|
case usr_model.GenderFemale:
|
|
return auth.Gender_GENDER_FEMALE
|
|
case usr_model.GenderMale:
|
|
return auth.Gender_GENDER_MALE
|
|
case usr_model.GenderDiverse:
|
|
return auth.Gender_GENDER_DIVERSE
|
|
default:
|
|
return auth.Gender_GENDER_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func genderToModel(gender auth.Gender) usr_model.Gender {
|
|
switch gender {
|
|
case auth.Gender_GENDER_FEMALE:
|
|
return usr_model.GenderFemale
|
|
case auth.Gender_GENDER_MALE:
|
|
return usr_model.GenderMale
|
|
case auth.Gender_GENDER_DIVERSE:
|
|
return usr_model.GenderDiverse
|
|
default:
|
|
return usr_model.GenderUnspecified
|
|
}
|
|
}
|
|
|
|
func mfaStateFromModel(state usr_model.MfaState) auth.MFAState {
|
|
switch state {
|
|
case usr_model.MfaStateReady:
|
|
return auth.MFAState_MFASTATE_READY
|
|
case usr_model.MfaStateNotReady:
|
|
return auth.MFAState_MFASTATE_NOT_READY
|
|
default:
|
|
return auth.MFAState_MFASTATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func mfasFromModel(mfas []*usr_model.MultiFactor) []*auth.MultiFactor {
|
|
converted := make([]*auth.MultiFactor, len(mfas))
|
|
for i, mfa := range mfas {
|
|
converted[i] = mfaFromModel(mfa)
|
|
}
|
|
return converted
|
|
}
|
|
|
|
func mfaFromModel(mfa *usr_model.MultiFactor) *auth.MultiFactor {
|
|
return &auth.MultiFactor{
|
|
State: mfaStateFromModel(mfa.State),
|
|
Type: mfaTypeFromModel(mfa.Type),
|
|
}
|
|
}
|
|
|
|
func mfaTypeFromModel(mfatype usr_model.MfaType) auth.MfaType {
|
|
switch mfatype {
|
|
case usr_model.MfaTypeOTP:
|
|
return auth.MfaType_MFATYPE_OTP
|
|
case usr_model.MfaTypeSMS:
|
|
return auth.MfaType_MFATYPE_SMS
|
|
default:
|
|
return auth.MfaType_MFATYPE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func userChangesToResponse(response *usr_model.UserChanges, offset uint64, limit uint64) (_ *auth.Changes) {
|
|
return &auth.Changes{
|
|
Limit: limit,
|
|
Offset: offset,
|
|
Changes: userChangesToAPI(response),
|
|
}
|
|
}
|
|
|
|
func userChangesToAPI(changes *usr_model.UserChanges) (_ []*auth.Change) {
|
|
result := make([]*auth.Change, len(changes.Changes))
|
|
|
|
for i, change := range changes.Changes {
|
|
var data *structpb.Struct
|
|
changedData, err := json.Marshal(change.Data)
|
|
if err == nil {
|
|
data = new(structpb.Struct)
|
|
err = protojson.Unmarshal(changedData, data)
|
|
logging.Log("GRPC-0kRsY").OnError(err).Debug("unable to marshal changed data to struct")
|
|
}
|
|
result[i] = &auth.Change{
|
|
ChangeDate: change.ChangeDate,
|
|
EventType: message.NewLocalizedEventType(change.EventType),
|
|
Sequence: change.Sequence,
|
|
Data: data,
|
|
EditorId: change.ModifierId,
|
|
Editor: change.ModifierName,
|
|
}
|
|
}
|
|
|
|
return result
|
|
}
|