mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 02:54:20 +00:00
2e8fa82261
* feat: add additional origins on applications * app additional redirects * chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console (#1706) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump @angular/cli from 11.2.8 to 11.2.11 in /console Bumps [@angular/cli](https://github.com/angular/angular-cli) from 11.2.8 to 11.2.11. - [Release notes](https://github.com/angular/angular-cli/releases) - [Commits](https://github.com/angular/angular-cli/compare/v11.2.8...v11.2.11) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console (#1703) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump stylelint from 13.10.0 to 13.13.1 in /console Bumps [stylelint](https://github.com/stylelint/stylelint) from 13.10.0 to 13.13.1. - [Release notes](https://github.com/stylelint/stylelint/releases) - [Changelog](https://github.com/stylelint/stylelint/blob/master/CHANGELOG.md) - [Commits](https://github.com/stylelint/stylelint/compare/13.10.0...13.13.1) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console (#1702) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump @types/node from 14.14.37 to 15.0.1 in /console Bumps [@types/node](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/node) from 14.14.37 to 15.0.1. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/node) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console (#1701) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps): bump ts-protoc-gen from 0.14.0 to 0.15.0 in /console Bumps [ts-protoc-gen](https://github.com/improbable-eng/ts-protoc-gen) from 0.14.0 to 0.15.0. - [Release notes](https://github.com/improbable-eng/ts-protoc-gen/releases) - [Changelog](https://github.com/improbable-eng/ts-protoc-gen/blob/master/CHANGELOG.md) - [Commits](https://github.com/improbable-eng/ts-protoc-gen/compare/0.14.0...0.15.0) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps-dev): bump @types/jasmine from 3.6.9 to 3.6.10 in /console (#1682) Bumps [@types/jasmine](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/jasmine) from 3.6.9 to 3.6.10. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/jasmine) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump @types/google-protobuf in /console (#1681) Bumps [@types/google-protobuf](https://github.com/DefinitelyTyped/DefinitelyTyped/tree/HEAD/types/google-protobuf) from 3.7.4 to 3.15.2. - [Release notes](https://github.com/DefinitelyTyped/DefinitelyTyped/releases) - [Commits](https://github.com/DefinitelyTyped/DefinitelyTyped/commits/HEAD/types/google-protobuf) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * chore(deps): bump grpc from 1.24.5 to 1.24.7 in /console (#1666) Bumps [grpc](https://github.com/grpc/grpc-node) from 1.24.5 to 1.24.7. - [Release notes](https://github.com/grpc/grpc-node/releases) - [Commits](https://github.com/grpc/grpc-node/compare/grpc@1.24.5...grpc@1.24.7) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * lock * chore(deps-dev): bump @angular/language-service from 11.2.9 to 11.2.12 in /console (#1704) * fix: show org with regex (#1688) * fix: flag mapping (#1699) * chore(deps-dev): bump @angular/language-service in /console Bumps [@angular/language-service](https://github.com/angular/angular/tree/HEAD/packages/language-service) from 11.2.9 to 11.2.12. - [Release notes](https://github.com/angular/angular/releases) - [Changelog](https://github.com/angular/angular/blob/master/CHANGELOG.md) - [Commits](https://github.com/angular/angular/commits/11.2.12/packages/language-service) Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: Silvan <silvan.reusser@gmail.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> * package lock * downgrade grpc * downgrade protobuf types * revert npm packs 🥸 Co-authored-by: Max Peintner <max@caos.ch> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Silvan <silvan.reusser@gmail.com>
229 lines
7.7 KiB
Protocol Buffer
229 lines
7.7 KiB
Protocol Buffer
syntax = "proto3";
|
|
|
|
import "zitadel/object.proto";
|
|
import "zitadel/message.proto";
|
|
import "google/protobuf/duration.proto";
|
|
import "validate/validate.proto";
|
|
import "protoc-gen-openapiv2/options/annotations.proto";
|
|
|
|
package zitadel.app.v1;
|
|
|
|
option go_package ="github.com/caos/zitadel/pkg/grpc/app";
|
|
|
|
message App {
|
|
string id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334\"";
|
|
}
|
|
];
|
|
zitadel.v1.ObjectDetails details = 2;
|
|
AppState state = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "current state of the application";
|
|
}
|
|
];
|
|
string name = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Console\"";
|
|
}
|
|
];
|
|
oneof config {
|
|
OIDCConfig oidc_config = 5;
|
|
APIConfig api_config = 6;
|
|
}
|
|
}
|
|
|
|
enum AppState {
|
|
APP_STATE_UNSPECIFIED = 0;
|
|
APP_STATE_ACTIVE = 1;
|
|
APP_STATE_INACTIVE = 2;
|
|
}
|
|
|
|
message AppQuery {
|
|
oneof query {
|
|
option (validate.required) = true;
|
|
|
|
AppNameQuery name_query = 1;
|
|
}
|
|
}
|
|
|
|
message AppNameQuery {
|
|
string name = 1 [
|
|
(validate.rules).string = {max_len: 200},
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"Conso\""
|
|
}
|
|
];
|
|
zitadel.v1.TextQueryMethod method = 2 [
|
|
(validate.rules).enum.defined_only = true,
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines which text equality method is used"
|
|
}
|
|
];
|
|
}
|
|
|
|
message OIDCConfig {
|
|
repeated string redirect_uris = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"https://console.zitadel.ch/auth/callback\"]";
|
|
description: "Callback URI of the authorization request where the code or tokens will be sent to";
|
|
}
|
|
];
|
|
repeated OIDCResponseType response_types = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "Determines whether a code, id_token token or just id_token will be returned"
|
|
}
|
|
];
|
|
repeated OIDCGrantType grant_types = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "The flow type the application uses to gain access";
|
|
}
|
|
];
|
|
OIDCAppType app_type = 4 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "determines the paradigm of the application";
|
|
}
|
|
];
|
|
string client_id = 5 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334@ZITADEL\"";
|
|
description: "generated oauth2/oidc client id";
|
|
}
|
|
];
|
|
string client_secret = 6 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gjöq34589uasgh\"";
|
|
description: "generated secret for this config";
|
|
}
|
|
];
|
|
OIDCAuthMethodType auth_method_type = 7 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines how the application passes login credentials";
|
|
}
|
|
];
|
|
repeated string post_logout_redirect_uris = 8 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"https://console.zitadel.ch/logout\"]";
|
|
description: "ZITADEL will redirect to this link after a successful logout";
|
|
}
|
|
];
|
|
OIDCVersion version = 9 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "the oidc version used by the application";
|
|
}
|
|
];
|
|
bool none_compliant = 10 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "specifies wheter the config is oidc compliant. A production configuration SHOULD be compliant";
|
|
}
|
|
];
|
|
repeated zitadel.v1.LocalizedMessage compliance_problems = 11 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "lists the problems for non compliancy";
|
|
}
|
|
];
|
|
bool dev_mode = 12 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "used for development";
|
|
}
|
|
];
|
|
OIDCTokenType access_token_type = 13 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "type of the access token returned from ZITADEL";
|
|
}
|
|
];
|
|
bool access_token_role_assertion = 14 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "adds roles to the claims of the access token (only if type == jwt) even if they are not requested by scopes";
|
|
}
|
|
];
|
|
bool id_token_role_assertion = 15 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "adds roles to the claims of the id token even if they are not requested by scopes";
|
|
}
|
|
];
|
|
bool id_token_userinfo_assertion = 16 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "claims of profile, email, address and phone scopes are added to the id token even if an access token is issued. Attention this violates the oidc specification";
|
|
}
|
|
];
|
|
google.protobuf.Duration clock_skew = 17 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "Used to compensate time difference of servers. Duration added to the \"exp\" claim and substracted from \"iat\", \"auth_time\" and \"nbf\" claims";
|
|
// min: "0s";
|
|
// max: "5s";
|
|
}
|
|
];
|
|
repeated string additional_origins = 18 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"https://console.zitadel.ch/auth/callback\"]";
|
|
description: "additional origins (other than the redirect_uris) from where the api can be used";
|
|
}
|
|
];
|
|
repeated string allowed_origins = 19 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "[\"https://console.zitadel.ch/auth/callback\"]";
|
|
description: "all allowed origins from where the api can be used";
|
|
}
|
|
];
|
|
}
|
|
|
|
enum OIDCResponseType {
|
|
OIDC_RESPONSE_TYPE_CODE = 0;
|
|
OIDC_RESPONSE_TYPE_ID_TOKEN = 1;
|
|
OIDC_RESPONSE_TYPE_ID_TOKEN_TOKEN = 2;
|
|
}
|
|
|
|
enum OIDCGrantType{
|
|
OIDC_GRANT_TYPE_AUTHORIZATION_CODE = 0;
|
|
OIDC_GRANT_TYPE_IMPLICIT = 1;
|
|
OIDC_GRANT_TYPE_REFRESH_TOKEN = 2;
|
|
}
|
|
|
|
enum OIDCAppType {
|
|
OIDC_APP_TYPE_WEB = 0;
|
|
OIDC_APP_TYPE_USER_AGENT = 1;
|
|
OIDC_APP_TYPE_NATIVE = 2;
|
|
}
|
|
|
|
enum OIDCAuthMethodType {
|
|
OIDC_AUTH_METHOD_TYPE_BASIC = 0;
|
|
OIDC_AUTH_METHOD_TYPE_POST = 1;
|
|
OIDC_AUTH_METHOD_TYPE_NONE = 2;
|
|
OIDC_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT = 3;
|
|
}
|
|
|
|
enum OIDCVersion {
|
|
OIDC_VERSION_1_0 = 0;
|
|
}
|
|
|
|
enum OIDCTokenType {
|
|
OIDC_TOKEN_TYPE_BEARER = 0;
|
|
OIDC_TOKEN_TYPE_JWT = 1;
|
|
}
|
|
|
|
enum APIAuthMethodType {
|
|
API_AUTH_METHOD_TYPE_BASIC = 0;
|
|
API_AUTH_METHOD_TYPE_PRIVATE_KEY_JWT = 1;
|
|
}
|
|
|
|
message APIConfig {
|
|
string client_id = 1 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"69629023906488334@ZITADEL\"";
|
|
description: "generated oauth2/oidc client_id";
|
|
}
|
|
];
|
|
string client_secret = 2 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
example: "\"gjöq34589uasgh\"";
|
|
description: "generated secret for this config";
|
|
}
|
|
];
|
|
APIAuthMethodType auth_method_type = 3 [
|
|
(grpc.gateway.protoc_gen_openapiv2.options.openapiv2_field) = {
|
|
description: "defines how the api passes the login credentials";
|
|
}
|
|
];
|
|
}
|