TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-12-31 14:16:37 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
9c5ad4efcc3f44cb8bf4df79d2b8f04a568224fc
zitadel/internal/domain
History
Livio Spring f7309f8295 fix: check for 2fa even if not enforced 
# Which Problems Are Solved

Zitadel enforces MFA if required by the organization's policy, but did not ensure in all cases, if a user voluntarily set it up.

# How the Problems Are Solved

Ensure 2FA/MFA is required in any call to Zitadel if set up by user even if policy does not require.

# Additional Changes

None

# Additional Context

- requires backports

(cherry picked from commit b284f8474e)
2025-10-29 10:14:15 +01:00
..
federatedlogout
feat: federated logout for SAML IdPs (#9931)
2025-05-23 13:52:25 +02:00
mock
feat: App Keys API v2 (#10140)
2025-07-02 07:34:19 +00:00
schema
feat: add schema user create and remove (#8494)
2024-08-28 19:46:45 +00:00
testdata/fuzz/FuzzFromRefreshToken
fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374)
2024-08-02 08:38:37 +00:00
action.go
feat: actions v2 for functions (#9420)
2025-03-04 11:09:30 +00:00
application_api.go
feat(crypto): use passwap for machine and app secrets (#7657)
2024-04-05 09:35:49 +00:00
application_key.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
application_oauth.go
feat(6222): remove @ and project from OIDC client ID (#8178)
2024-07-04 08:31:40 +00:00
application_oidc_test.go
fix(oidc): accept localhost redirect URIs without path nor port (#10836)
2025-10-27 08:44:25 +01:00
application_oidc.go
fix(oidc): accept localhost redirect URIs without path nor port (#10836)
2025-10-27 08:44:25 +01:00
application_saml.go
feat: App API v2 (#10077)
2025-06-27 17:25:44 +02:00
application.go
feat: specify login UI version on instance and apps (#9071)
2024-12-19 10:37:46 +01:00
asset.go
fix: return absolute asset urls (#3676)
2022-05-20 10:30:12 +02:00
auth_request_test.go
feat(oidc): id token for device authorization (#7088)
2023-12-20 13:21:08 +01:00
auth_request.go
feat: add PKCE option to generic OAuth2 / OIDC identity providers (#9373)
2025-02-26 12:20:47 +00:00
authn_key.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
browser_info.go
fix: correctly set user agent / fingerprint id on user sessions (#8231)
2024-07-03 09:43:34 +02:00
bucket.go
feat: asset storage (#1696)
2021-05-03 10:15:50 +02:00
count_trigger.go
feat(projections): resource counters (#9979)
2025-06-03 14:15:30 +00:00
countparenttype_enumer.go
feat(projections): resource counters (#9979)
2025-06-03 14:15:30 +00:00
custom_login_text.go
fix: automatically link user without prompt (#8487)
2024-08-28 05:33:20 +00:00
custom_message_text.go
feat: invite user link (#8578)
2024-09-11 10:53:55 +00:00
custom_text.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
debug_events.go
feat: add debug events API (#8533)
2024-09-11 08:24:00 +00:00
device_auth_test.go
feat(oidc): id token for device authorization (#7088)
2023-12-20 13:21:08 +01:00
device_auth.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
deviceauthstate_string.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
execution.go
feat: add action v2 execution on requests and responses (#7637)
2024-05-04 11:55:57 +02:00
expiration.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
factors.go
feat: enable otp email and sms (#6260)
2023-07-28 07:39:30 +02:00
feature.go
fix: add action v2 execution to features (#7597)
2024-04-09 20:21:21 +03:00
flow.go
feat: actions v2 for functions (#9420)
2025-03-04 11:09:30 +00:00
human_address.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
human_email_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
human_email.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
human_otp.go
fix: import totp in add human user with secret (#7936)
2024-05-14 09:20:31 +02:00
human_password.go
feat(crypto): use passwap for machine and app secrets (#7657)
2024-04-05 09:35:49 +00:00
human_phone_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
human_phone.go
feat: Add Twilio Verification Service (#8678)
2024-09-26 09:14:33 +02:00
human_profile.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
human_test.go
fix: set displayname correctly in EnsureDisplayName (#5702)
2023-04-17 06:26:40 +00:00
human_web_auth_n.go
feat(notification): use event worker pool (#8962)
2024-11-27 15:01:17 +00:00
human.go
fix(import): add tracing spans to all import related functions (#8160)
2024-06-19 12:56:33 +02:00
idp_config.go
feat(login): use new IDP templates (#5315)
2023-02-28 21:20:58 +01:00
idp.go
Merge commit from fork
2025-05-02 13:44:24 +02:00
instance_domain.go
feat: add random string to generated domain (#3634)
2022-05-16 11:26:24 +02:00
instance.go
fix: instance remove (#4602)
2022-10-26 13:06:48 +00:00
key_pair.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00
language.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
machine_key.go
fix: add expiration date information to service users keys (#7497)
2024-03-13 18:21:19 +00:00
machine.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
member.go
feat: user profile requests in resource APIs (#10151)
2025-07-04 18:12:59 +02:00
metadata.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
mfa.go
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
next_step.go
feat: invite user link (#8578)
2024-09-11 10:53:55 +00:00
notification.go
feat(notification): use event worker pool (#8962)
2024-11-27 15:01:17 +00:00
object.go
feat(v3alpha): read actions (#8357)
2024-08-12 22:32:01 +02:00
oidc_code_challenge.go
oidc_error_reason_test.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
oidc_error_reason.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
oidc_mapping_field.go
oidc_session.go
feat(api): add OIDC session service (#6157)
2023-07-10 13:27:00 +00:00
oidc_settings.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
oidcresponsemode_enumer.go
fix(oidc): store requested response_mode (#8145)
2024-06-17 09:50:12 +00:00
org_domain_test.go
fix: allow unicode characters in org domains (#6675)
2023-10-11 09:55:01 +02:00
org_domain.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
org.go
fix(org): adding unique constrants to not allow an org to be added twice with same id (#10243)
2025-07-16 10:07:12 +00:00
permission.go
feat(api): move instance service to v2 (#10919)
2025-10-28 15:10:54 +01:00
policy_domain.go
feat: restrict smtp sender address (#3637)
2022-05-16 14:08:47 +00:00
policy_label_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
policy_label.go
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
policy_login_test.go
feat: add default redirect uri and handling of unknown usernames (#3616)
2022-05-16 13:39:09 +00:00
policy_login.go
fix(login): correct rendering of idps (#7151)
2024-01-05 14:35:51 +00:00
policy_mail_template.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
policy_password_age.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
policy_password_complexity.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
policy_password_lockout.go
feat: provide option to limit (T)OTP checks (#7693)
2024-04-10 09:14:55 +00:00
policy_privacy.go
feat(cnsl): docs link can be customized and custom button is available (#7840)
2024-05-13 16:01:50 +02:00
policy.go
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
project_grant_member.go
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
project_grant.go
feat: project v2beta resource API (#9742)
2025-05-21 14:40:47 +02:00
project_role.go
feat: project v2beta resource API (#9742)
2025-05-21 14:40:47 +02:00
project.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
provider.go
refactor: cleanup unused code (#7130)
2024-01-02 14:26:31 +00:00
refresh_token_test.go
fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374)
2024-08-02 08:38:37 +00:00
refresh_token.go
fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374)
2024-08-02 08:38:37 +00:00
request.go
fix: Revert "feat(oidc): Added new claim in userinfo response to return all requested audience roles (#9861)" (#10874)
2025-10-09 15:37:37 +02:00
roles.go
feat: initial admin PAT has IAM_LOGIN_CLIENT (#10143)
2025-07-02 09:14:36 +00:00
saml_error_reason.go
feat: add saml request to link to sessions (#9001)
2024-12-19 11:11:40 +00:00
saml_request.go
feat: add saml request to link to sessions (#9001)
2024-12-19 11:11:40 +00:00
saml_session.go
feat: add saml request to link to sessions (#9001)
2024-12-19 11:11:40 +00:00
search_method.go
fix: todos (#1346)
2021-03-01 08:48:50 +01:00
secret_generator.go
feat: action v2 signing (#8779)
2024-11-28 10:06:52 +00:00
secretgeneratortype_enumer.go
feat(projections): resource counters (#9979)
2025-06-03 14:15:30 +00:00
session.go
fix: pass sessionID to OTP email link (#8745)
2024-10-10 13:53:32 +00:00
sms.go
feat: Default configs sms provider (#3187)
2022-02-21 12:22:20 +00:00
smtp.go
feat: SMTP Templates (#6932)
2024-04-11 09:16:10 +02:00
target.go
perf(actionsv2): execution target router (#10564)
2025-09-01 08:16:52 +02:00
token_test.go
feat(oidc): organization roles scope (#8120)
2024-06-14 10:00:43 +02:00
token.go
feat(oidc): organization roles scope (#8120)
2024-06-14 10:00:43 +02:00
tokenreason_enumer.go
feat(oidc): token exchange impersonation (#7516)
2024-03-20 10:18:46 +00:00
url_template_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
url_template.go
feat(notification): use event worker pool (#8962)
2024-11-27 15:01:17 +00:00
user_agent_test.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
user_agent.go
perf(oidc): optimize token creation (#7822)
2024-05-16 07:07:56 +02:00
user_grant.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
user_idp_link.go
chore(v2): move to new org (#3499)
2022-04-26 23:01:45 +00:00
user_schema.go
feat: implement user schema management (#7416)
2024-03-12 13:50:13 +00:00
user_v2_passkey_test.go
refactor: rename package errors to zerrors (#7039)
2023-12-08 15:30:55 +01:00
user_v2_passkey.go
feat(v2): register user u2f (#6020)
2023-06-15 05:32:40 +00:00
user.go
fix: check for 2fa even if not enforced
2025-10-29 10:14:15 +01:00
web_key.go
feat(v3alpha): web key resource (#8262)
2024-08-14 14:18:14 +00:00