TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-14 20:08:02 +00:00
Code Issues Packages Projects Releases Wiki Activity
c6b405ca96
zitadel/internal/command
History
Tim Möhlmann 4e3fd305ab
fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374) 
# Which Problems Are Solved

We noticed logging where 500: Internal Server errors were returned from
the token endpoint, mostly for the `refresh_token` grant. The error was
thrown by the database as it received non-UTF8 strings for token IDs

Zitadel uses symmetric encryption for opaque tokens, including refresh
tokens. Encrypted values are base64 encoded. It appeared to be possible
to send garbage base64 to the token endpoint, which will pass decryption
and string-splitting. In those cases the resulting ID is not a valid
UTF-8 string.

Invalid non-UTF8 strings are now rejected during token decryption.

# How the Problems Are Solved

- `AESCrypto.DecryptString()` checks if the decrypted bytes only contain
valid UTF-8 characters before converting them into a string.
- `AESCrypto.Decrypt()` is unmodified and still allows decryption on
non-UTF8 byte strings.
- `FromRefreshToken` now uses `DecryptString` instead of `Decrypt`

# Additional Changes

- Unit tests added for `FromRefreshToken` and
`AESCrypto.DecryptString()`.
- Fuzz tests added for `FromRefreshToken` and
`AESCrypto.DecryptString()`. This was to pinpoint the problem
- Testdata with values that resulted in invalid strings are committed.
In the pipeline this results in the Fuzz tests to execute as regular
unit-test cases. As we don't use the `-fuzz` flag in the pipeline no
further fuzzing is performed.

# Additional Context

- Closes #7765
- https://go.dev/doc/tutorial/fuzz
2024-08-02 08:38:37 +00:00
..
preparation refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
action_v2_execution_model_test.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
action_v2_execution_model.go feat(v3alpha): write actions (#8225) 2024-07-31 14:42:12 +02:00
action_v2_execution_test.go feat(v3alpha): write actions (#8225) 2024-07-31 14:42:12 +02:00
action_v2_execution.go feat(v3alpha): write actions (#8225) 2024-07-31 14:42:12 +02:00
action_v2_target_model_test.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
action_v2_target_model.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
action_v2_target_test.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
action_v2_target.go feat: add action v2 execution on requests and responses (#7637) 2024-05-04 11:55:57 +02:00
auth_checks.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
auth_request_model.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
auth_request_test.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
auth_request.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
command_test.go perf(oidc): optimize client verification (#6999) 2023-12-05 17:01:03 +00:00
command.go fix: set certificate validity for SAML IdPs (#8170) 2024-06-20 14:09:20 +00:00
converter.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
crypto_test.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
crypto.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
custom_login_text_model.go feat: password age policy (#8132) 2024-06-18 11:27:44 +00:00
custom_login_text.go feat: password age policy (#8132) 2024-06-18 11:27:44 +00:00
custom_message_text_model.go fix(logintexts): fix several custom text attributes for get and set (#4733) 2022-12-01 13:31:46 +01:00
debug_notification_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
device_auth_model.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
device_auth_test.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
device_auth.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
email.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
existing_label_policies_model.go fix(eventstore): prevent allocation of filtered events (#6749) 2023-10-19 15:21:31 +00:00
flow_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
identity_provider_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
idp_config_model.go feat(login): additionally use email/phone for authentication (#4563) 2022-10-17 19:19:15 +00:00
idp_intent_model.go fix: allow start and retrieve IdP intents with IdPs from other organizations (#7871) 2024-05-07 06:11:20 +00:00
idp_intent_test.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
idp_intent.go fix: error handling to prevent panics (#8248) 2024-07-04 14:11:06 +00:00
idp_model_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
idp_model.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
idp.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
instance_converter.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
instance_custom_login_text_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_custom_login_text_test.go feat: password age policy (#8132) 2024-06-18 11:27:44 +00:00
instance_custom_login_text.go fix: empty custom text changes push no events (#8054) 2024-06-17 12:47:38 +00:00
instance_custom_message_text_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_custom_message_text_test.go fix: empty custom text changes push no events (#8054) 2024-06-17 12:47:38 +00:00
instance_custom_message_text.go fix: empty custom text changes push no events (#8054) 2024-06-17 12:47:38 +00:00
instance_debug_notification_file_model.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
instance_debug_notification_file_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_debug_notification_file.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_debug_notification_log_model.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
instance_debug_notification_log_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_debug_notification_log.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_domain_model.go fix(eventstore): prevent allocation of filtered events (#6749) 2023-10-19 15:21:31 +00:00
instance_domain_test.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
instance_domain.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
instance_features_model.go refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
instance_features_test.go fix: add action v2 execution to features (#7597) 2024-04-09 20:21:21 +03:00
instance_features.go refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
instance_idp_config_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_idp_config_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_idp_config.go fix: check idp existence by org id (#7667) 2024-04-09 19:32:00 +00:00
instance_idp_jwt_config_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_idp_jwt_config_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_idp_jwt_config.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_idp_model.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
instance_idp_oidc_config_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
instance_idp_oidc_config_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_idp_oidc_config.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_idp_test.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
instance_idp.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
instance_member_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
instance_member_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_member.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_model.go feat: SMTP Templates (#6932) 2024-04-11 09:16:10 +02:00
instance_oidc_settings_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
instance_oidc_settings_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_oidc_settings.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_domain_model.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_domain_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_domain.go feat: user service v2 create, update and remove (#6996) 2023-12-21 10:03:37 +01:00
instance_policy_label_model.go feat: add attribute to only enable specific themes (#6798) 2023-10-26 05:54:09 +00:00
instance_policy_label_test.go fix: setup instance with human an machine user at creation (#7997) 2024-05-23 12:28:46 +02:00
instance_policy_label.go fix: setup instance with human an machine user at creation (#7997) 2024-05-23 12:28:46 +02:00
instance_policy_login_factors_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
instance_policy_login_identity_provider_model.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
instance_policy_login_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_policy_login_test.go fix: keep user idp links (#7079) 2023-12-19 10:25:50 +00:00
instance_policy_login.go fix: keep user idp links (#7079) 2023-12-19 10:25:50 +00:00
instance_policy_mail_template_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_policy_mail_template_test.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_policy_mail_template.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_notification_model.go feat: add notification policy and password change message (#5065) 2023-01-25 09:49:41 +01:00
instance_policy_notification_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_notification.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_password_age_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_policy_password_age_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_password_age.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_password_complexity_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
instance_policy_password_complexity_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_password_complexity.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_policy_password_lockout_model.go feat: provide option to limit (T)OTP checks (#7693) 2024-04-10 09:14:55 +00:00
instance_policy_password_lockout_test.go feat: provide option to limit (T)OTP checks (#7693) 2024-04-10 09:14:55 +00:00
instance_policy_password_lockout.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
instance_policy_privacy_model.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
instance_policy_privacy_test.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
instance_policy_privacy.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
instance_policy_security_model.go feat(oidc): token exchange impersonation (#7516) 2024-03-20 10:18:46 +00:00
instance_policy_security.go feat: impersonation roles (#7442) 2024-02-28 10:21:11 +00:00
instance_secret_generator_model.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
instance_settings_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_settings.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
instance_smtp_config_model.go feat: SMTP Templates (#6932) 2024-04-11 09:16:10 +02:00
instance_test.go feat(6222): remove @ and project from OIDC client ID (#8178) 2024-07-04 08:31:40 +00:00
instance_trusted_domain_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
instance_trusted_domain.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
instance_trusted_domains_model.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
instance.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
jwt_config_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
key_pair_model.go feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
key_pair.go feat(saml): implementation of saml for ZITADEL v2 (#3618) 2022-09-12 18:18:08 +02:00
limits_bulk_model.go feat: block instances (#7129) 2024-01-17 10:16:48 +00:00
limits_model.go feat: block instances (#7129) 2024-01-17 10:16:48 +00:00
limits_test.go feat: block instances (#7129) 2024-01-17 10:16:48 +00:00
limits.go feat: block instances (#7129) 2024-01-17 10:16:48 +00:00
main_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
member_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
metadata_model.go fix(metadata): corrected handling of remove metadata events (#4505) 2022-10-07 09:44:28 +00:00
milestone.go feat: push telemetry (#6027) 2023-07-06 08:38:13 +02:00
oidc_config_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
oidc_session_model.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
oidc_session_test.go fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
oidc_session.go fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374) 2024-08-02 08:38:37 +00:00
org_action_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_action_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_action.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_converter.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
org_custom_login_text_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_custom_login_text_test.go feat: password age policy (#8132) 2024-06-18 11:27:44 +00:00
org_custom_login_text.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_custom_message_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_custom_message_text_test.go fix: empty custom text changes push no events (#8054) 2024-06-17 12:47:38 +00:00
org_custom_message_text.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_domain_model.go fix(eventstore): prevent allocation of filtered events (#6749) 2023-10-19 15:21:31 +00:00
org_domain_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
org_domain.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
org_flow_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_flow_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_flow.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_idp_config_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_idp_config_test.go feat: api v2beta to api v2 (#8283) 2024-07-26 22:39:55 +02:00
org_idp_config.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_idp_jwt_config_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_idp_jwt_config_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_idp_jwt_config.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_idp_model.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
org_idp_oidc_config_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
org_idp_oidc_config_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_idp_oidc_config.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_idp_test.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
org_idp.go feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
org_member_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_member_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_member.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_metadata_model.go feat(org): add org metadata functionality (#4234) 2022-09-20 14:32:09 +00:00
org_metadata_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_metadata.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_model.go feat: remove org (#4148) 2022-11-30 17:01:17 +01:00
org_policy_domain_model.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_domain_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_domain.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_policy_label_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_policy_label_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_label.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_policy_lockout_model.go feat: provide option to limit (T)OTP checks (#7693) 2024-04-10 09:14:55 +00:00
org_policy_lockout_test.go feat: provide option to limit (T)OTP checks (#7693) 2024-04-10 09:14:55 +00:00
org_policy_lockout.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_policy_login_factors_model.go feat: remove org (#4148) 2022-11-30 17:01:17 +01:00
org_policy_login_identity_provider_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
org_policy_login_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_policy_login_test.go fix: check idp existence by org id (#7667) 2024-04-09 19:32:00 +00:00
org_policy_login.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_policy_mail_template_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_policy_mail_template_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_mail_template.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_notification_model.go feat: add notification policy and password change message (#5065) 2023-01-25 09:49:41 +01:00
org_policy_notification_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_notification.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_password_age_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_policy_password_age_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_password_age.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_password_complexity_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
org_policy_password_complexity_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
org_policy_password_complexity.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_policy_privacy_model.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
org_policy_privacy_test.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
org_policy_privacy.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
org_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
org.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
phone_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
phone.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
policy_label_model.go feat: add attribute to only enable specific themes (#6798) 2023-10-26 05:54:09 +00:00
policy_login_factors_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_login_model.go feat: allow to force MFA local only (#6234) 2023-07-20 04:06:16 +00:00
policy_mail_template_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_notification_model.go feat: add notification policy and password change message (#5065) 2023-01-25 09:49:41 +01:00
policy_org_model.go fix: remove domain and user correctly in DomainPolicyUsernamesWriteModel (#4850) 2022-12-08 08:11:49 +01:00
policy_password_age_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
policy_password_complexity_model.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
policy_password_lockout_model.go feat: provide option to limit (T)OTP checks (#7693) 2024-04-10 09:14:55 +00:00
policy_privacy_model.go feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
preparation_test.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
project_application_api_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
project_application_api_test.go feat(6222): remove @ and project from OIDC client ID (#8178) 2024-07-04 08:31:40 +00:00
project_application_api.go feat(6222): remove @ and project from OIDC client ID (#8178) 2024-07-04 08:31:40 +00:00
project_application_key_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
project_application_key_test.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
project_application_key.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
project_application_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project_application_oidc_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
project_application_oidc_test.go feat(6222): remove @ and project from OIDC client ID (#8178) 2024-07-04 08:31:40 +00:00
project_application_oidc.go feat(6222): remove @ and project from OIDC client ID (#8178) 2024-07-04 08:31:40 +00:00
project_application_saml_model.go fix(saml): correct handling of remove (#5606) 2023-04-05 11:42:00 +00:00
project_application_saml_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project_application_saml.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project_application_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project_application.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
project_converter.go feat: allow skip of success page for native apps (#5627) 2023-04-11 15:07:32 +00:00
project_grant_member_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project_grant_member_test.go perf(import): do not check for existing grant ID (#8164) 2024-06-20 13:31:58 +00:00
project_grant_member.go perf(import): do not check for existing grant ID (#8164) 2024-06-20 13:31:58 +00:00
project_grant_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project_grant_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project_grant.go perf(command): user grant pre-condition check using the search table (#8230) 2024-07-04 16:18:43 +00:00
project_member_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project_member_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project_member.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
project_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project_old.go feat(eventstore): add search table (#8191) 2024-07-03 15:00:56 +00:00
project_role_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
project_role_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project_role.go feat(eventstore): add search table (#8191) 2024-07-03 15:00:56 +00:00
project_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
project.go feat(eventstore): add search table (#8191) 2024-07-03 15:00:56 +00:00
quota_model_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
quota_model.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
quota_report_test.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
quota_report.go perf: project quotas and usages (#6441) 2023-09-15 16:58:45 +02:00
quota_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
quota.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
resource_ower_model.go fix: correctly delete sessions created before 2.42 (#7050) 2023-12-09 08:59:51 +00:00
restrictions_model.go feat: restrict languages (#6931) 2023-12-05 11:12:01 +00:00
restrictions_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
restrictions.go chore: fix function names in comment (#7723) 2024-04-08 08:15:44 +00:00
session_model_test.go feat(api/v2): implement U2F session check (#6339) 2023-08-11 15:36:18 +00:00
session_model.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
session_otp_test.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
session_otp.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
session_test.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
session_webauhtn.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
session_webauthn_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
session.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
sms_config_model.go feat(eventstore): increase parallel write capabilities (#5940) 2023-10-19 12:19:10 +02:00
sms_config_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
sms_config.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
smtp_test.go feat: send test mail (#7968) 2024-06-20 19:51:42 +00:00
smtp.go feat: send test mail (#7968) 2024-06-20 19:51:42 +00:00
statics.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
system_features_model.go refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
system_features_test.go fix: add action v2 execution to features (#7597) 2024-04-09 20:21:21 +03:00
system_features.go refactor(query): use new packages for org by id query (#7826) 2024-05-24 13:32:57 +02:00
system_model.go fix(eventstore): prevent allocation of filtered events (#6749) 2023-10-19 15:21:31 +00:00
unique_constraints_model.go refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
user_converter.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
user_domain_policy_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_domain_policy.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
user_grant_converter.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
user_grant_model.go fix: improve user grants precondition checks (#4237) 2022-08-24 11:38:59 +02:00
user_grant_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_grant.go perf(command): user grant pre-condition check using the search table (#8230) 2024-07-04 16:18:43 +00:00
user_human_access_token_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_human_address_model.go chore(v2): move to new org (#3499) 2022-04-26 23:01:45 +00:00
user_human_address.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_adress_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_avatar_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_avatar.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_email_model.go feat: pass and handle auth request context for email links (#7815) 2024-04-24 17:50:58 +02:00
user_human_email_test.go fix: allow login with user created through v2 api without password (#8291) 2024-07-17 06:43:07 +02:00
user_human_email.go fix: allow login with user created through v2 api without password (#8291) 2024-07-17 06:43:07 +02:00
user_human_init_model.go feat: pass and handle auth request context for email links (#7815) 2024-04-24 17:50:58 +02:00
user_human_init_test.go feat: pass and handle auth request context for email links (#7815) 2024-04-24 17:50:58 +02:00
user_human_init.go fix: check password complexity policy and respect changeRequired on password change (#7884) 2024-05-02 11:50:13 +02:00
user_human_model.go fix: handle password data correct on user creation (#6515) 2023-09-07 14:06:11 +00:00
user_human_otp_model.go feat(session api): respect lockout policy (#8027) 2024-05-30 22:08:48 +00:00
user_human_otp_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
user_human_otp.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
user_human_password_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_human_password_test.go fix: allow login with user created through v2 api without password (#8291) 2024-07-17 06:43:07 +02:00
user_human_password.go fix: prevent error reason leakage in case of IgnoreUnknownUsernames (#8372) 2024-07-31 14:23:57 +02:00
user_human_phone_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_human_phone_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_phone.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_human_profile_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_human_profile_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_profile.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_human_refresh_token_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_human_refresh_token_test.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
user_human_refresh_token.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
user_human_test.go fix(login): prevent init mail on idp registration (#7895) 2024-05-03 07:23:40 +00:00
user_human_webauthn_model.go feat(api/v2): implement U2F session check (#6339) 2023-08-11 15:36:18 +00:00
user_human_webauthn.go feat: api v2beta to api v2 (#8283) 2024-07-26 22:39:55 +02:00
user_human.go perf(import): optimize search for domains claimed by other organizations (#8200) 2024-07-05 09:36:00 +02:00
user_idp_link_model.go fix: migrate external id of federated users (#6312) 2023-08-04 11:35:36 +02:00
user_idp_link_test.go feat: api v2beta to api v2 (#8283) 2024-07-26 22:39:55 +02:00
user_idp_link.go feat: api v2beta to api v2 (#8283) 2024-07-26 22:39:55 +02:00
user_machine_key_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_machine_key_test.go feat: allow using a local RSA key for machine keys (#7671) 2024-04-23 09:38:07 +00:00
user_machine_key.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
user_machine_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_machine_secret_test.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_machine_secret.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_machine_test.go feat: allow machine user id to be set during creation (#8265) 2024-07-16 09:27:37 +02:00
user_machine.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
user_membership.go fix(notify): notify user in projection (#3889) 2022-07-06 14:09:49 +02:00
user_metadata_model.go feat: remove org (#4148) 2022-11-30 17:01:17 +01:00
user_metadata_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_metadata.go fix(import): add tracing spans to all import related functions (#8160) 2024-06-19 12:56:33 +02:00
user_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_password_complexity_policy_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_password_complexity_policy.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_personal_access_token_model.go refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user_personal_access_token_test.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_personal_access_token.go refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
user_schema_model.go feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
user_schema_test.go feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
user_schema.go feat: implement user schema management (#7416) 2024-03-12 13:50:13 +00:00
user_test.go perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
user_v2_email_test.go fix(login): prevent init mail on idp registration (#7895) 2024-05-03 07:23:40 +00:00
user_v2_email.go fix(login): prevent init mail on idp registration (#7895) 2024-05-03 07:23:40 +00:00
user_v2_human_test.go fix: allow login with user created through v2 api without password (#8291) 2024-07-17 06:43:07 +02:00
user_v2_human.go perf(import): optimize search for domains claimed by other organizations (#8200) 2024-07-05 09:36:00 +02:00
user_v2_model_test.go fix(login): prevent init mail on idp registration (#7895) 2024-05-03 07:23:40 +00:00
user_v2_model.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_v2_passkey_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
user_v2_passkey.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_v2_password_test.go feat: pass and handle auth request context for email links (#7815) 2024-04-24 17:50:58 +02:00
user_v2_password.go feat(crypto): use passwap for machine and app secrets (#7657) 2024-04-05 09:35:49 +00:00
user_v2_phone_test.go feat: add implementation for resend of email and phone code (#7348) 2024-02-14 07:22:55 +00:00
user_v2_phone.go feat: add delete phone endpoint to v2 api (#8321) 2024-07-24 13:46:07 +00:00
user_v2_test.go feat: pass and handle auth request context for email links (#7815) 2024-04-24 17:50:58 +02:00
user_v2_totp_test.go fix: import totp in add human user with secret (#7936) 2024-05-14 09:20:31 +02:00
user_v2_totp.go fix: allow other users to set up MFAs (#7914) 2024-05-07 05:38:26 +00:00
user_v2_u2f_test.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
user_v2_u2f.go fix: allow other users to set up MFAs (#7914) 2024-05-07 05:38:26 +00:00
user_v2_username.go perf(import): optimize search for domains claimed by other organizations (#8200) 2024-07-05 09:36:00 +02:00
user_v2.go feat: user service v2 create, update and remove (#6996) 2023-12-21 10:03:37 +01:00
user.go feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00