mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-14 20:08:02 +00:00
6398349c24
* add token exchange feature flag * allow setting reason and actor to access tokens * impersonation * set token types and scopes in response * upgrade oidc to working draft state * fix tests * audience and scope validation * id toke and jwt as input * return id tokens * add grant type token exchange to app config * add integration tests * check and deny actors in api calls * fix instance setting tests by triggering projection on write and cleanup * insert sleep statements again * solve linting issues * add translations * pin oidc v3.15.0 * resolve comments, add event translation * fix refreshtoken test * use ValidateAuthReqScopes from oidc * apparently the linter can't make up its mind * persist actor thru refresh tokens and check in tests * remove unneeded triggers
74 lines
2.4 KiB
Go
74 lines
2.4 KiB
Go
package command
|
|
|
|
import (
|
|
"context"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/command/preparation"
|
|
"github.com/zitadel/zitadel/internal/domain"
|
|
"github.com/zitadel/zitadel/internal/eventstore"
|
|
"github.com/zitadel/zitadel/internal/repository/feature/feature_v2"
|
|
"github.com/zitadel/zitadel/internal/zerrors"
|
|
)
|
|
|
|
type InstanceFeatures struct {
|
|
LoginDefaultOrg *bool
|
|
TriggerIntrospectionProjections *bool
|
|
LegacyIntrospection *bool
|
|
UserSchema *bool
|
|
TokenExchange *bool
|
|
}
|
|
|
|
func (m *InstanceFeatures) isEmpty() bool {
|
|
return m.LoginDefaultOrg == nil &&
|
|
m.TriggerIntrospectionProjections == nil &&
|
|
m.LegacyIntrospection == nil &&
|
|
m.UserSchema == nil &&
|
|
m.TokenExchange == nil
|
|
}
|
|
|
|
func (c *Commands) SetInstanceFeatures(ctx context.Context, f *InstanceFeatures) (*domain.ObjectDetails, error) {
|
|
if f.isEmpty() {
|
|
return nil, zerrors.ThrowInvalidArgument(nil, "COMMAND-Vigh1", "Errors.NoChangesFound")
|
|
}
|
|
wm := NewInstanceFeaturesWriteModel(authz.GetInstance(ctx).InstanceID())
|
|
if err := c.eventstore.FilterToQueryReducer(ctx, wm); err != nil {
|
|
return nil, err
|
|
}
|
|
cmds := wm.setCommands(ctx, f)
|
|
if len(cmds) == 0 {
|
|
return writeModelToObjectDetails(wm.WriteModel), nil
|
|
}
|
|
events, err := c.eventstore.Push(ctx, cmds...)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return pushedEventsToObjectDetails(events), nil
|
|
}
|
|
|
|
func prepareSetFeatures(instanceID string, f *InstanceFeatures) preparation.Validation {
|
|
return func() (preparation.CreateCommands, error) {
|
|
return func(ctx context.Context, _ preparation.FilterToQueryReducer) ([]eventstore.Command, error) {
|
|
wm := NewInstanceFeaturesWriteModel(instanceID)
|
|
return wm.setCommands(ctx, f), nil
|
|
}, nil
|
|
}
|
|
}
|
|
|
|
func (c *Commands) ResetInstanceFeatures(ctx context.Context) (*domain.ObjectDetails, error) {
|
|
instanceID := authz.GetInstance(ctx).InstanceID()
|
|
wm := NewInstanceFeaturesWriteModel(instanceID)
|
|
if err := c.eventstore.FilterToQueryReducer(ctx, wm); err != nil {
|
|
return nil, err
|
|
}
|
|
if wm.isEmpty() {
|
|
return writeModelToObjectDetails(wm.WriteModel), nil
|
|
}
|
|
aggregate := feature_v2.NewAggregate(instanceID, instanceID)
|
|
events, err := c.eventstore.Push(ctx, feature_v2.NewResetEvent(ctx, aggregate, feature_v2.InstanceResetEventType))
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
return pushedEventsToObjectDetails(events), nil
|
|
}
|