zitadel

mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 19:44:21 +00:00

History

Livio Spring 041af26917 feat(OIDC): add back channel logout (#8837 ) # Which Problems Are Solved Currently ZITADEL supports RP-initiated logout for clients. Back-channel logout ensures that user sessions are terminated across all connected applications, even if the user closes their browser or loses connectivity providing a more secure alternative for certain use cases. # How the Problems Are Solved If the feature is activated and the client used for the authentication has a back_channel_logout_uri configured, a `session_logout.back_channel` will be registered. Once a user terminates their session, a (notification) handler will send a SET (form POST) to the registered uri containing a logout_token (with the user's ID and session ID). - A new feature "back_channel_logout" is added on system and instance level - A `back_channel_logout_uri` can be managed on OIDC applications - Added a `session_logout` aggregate to register and inform about sent `back_channel` notifications - Added a `SecurityEventToken` channel and `Form`message type in the notification handlers - Added `TriggeredAtOrigin` fields to `HumanSignedOut` and `TerminateSession` events for notification handling - Exported various functions and types in the `oidc` package to be able to reuse for token signing in the back_channel notifier. - To prevent that current existing session termination events will be handled, a setup step is added to set the `current_states` for the `projections.notifications_back_channel_logout` to the current position - [x] requires https://github.com/zitadel/oidc/pull/671 # Additional Changes - Updated all OTEL dependencies to v1.29.0, since OIDC already updated some of them to that version. - Single Session Termination feature is correctly checked (fixed feature mapping) # Additional Context - closes https://github.com/zitadel/zitadel/issues/8467 - TODO: - Documentation - UI to be done: https://github.com/zitadel/zitadel/issues/8469 --------- Co-authored-by: Hidde Wieringa <hidde@hiddewieringa.nl>		2024-10-31 15:57:17 +01:00
..
mock	feat: Add Twilio Verification Service (#8678 )	2024-09-26 09:14:33 +02:00
chain.go	fix: use triggering origin for notification links (#6628 )	2023-10-10 13:20:53 +00:00
code_verifier.go	feat: Add Twilio Verification Service (#8678 )	2024-09-26 09:14:33 +02:00
debug.go	refactor: rename config structs (#5459 )	2023-03-16 17:24:30 +00:00
email.go	feat: add http as smtp provider (#8545 )	2024-09-12 06:27:29 +02:00
gen_mock.go	feat: Add Twilio Verification Service (#8678 )	2024-09-26 09:14:33 +02:00
security_event_token.go	feat(OIDC): add back channel logout (#8837 )	2024-10-31 15:57:17 +01:00
sms.go	feat: add http as sms provider (#8540 )	2024-09-06 13:11:36 +00:00
webhook.go	refactor(fmt): run gci on complete project (#7557 )	2024-04-03 10:43:43 +00:00