mirror of
https://github.com/zitadel/zitadel.git
synced 2024-12-12 11:04:25 +00:00
2089992d75
* feat(crypto): use passwap for machine and app secrets * fix command package tests * add hash generator command test * naming convention, fix query tests * rename PasswordHasher and cleanup start commands * add reducer tests * fix intergration tests, cleanup old config * add app secret unit tests * solve setup panics * fix push of updated events * add missing event translations * update documentation * solve linter errors * remove nolint:SA1019 as it doesn't seem to help anyway * add nolint to deprecated filter usage * update users migration version * remove unused ClientSecret from APIConfigChangedEvent --------- Co-authored-by: Livio Spring <livio.a@gmail.com>
81 lines
2.0 KiB
Go
81 lines
2.0 KiB
Go
package query
|
|
|
|
import (
|
|
"context"
|
|
"database/sql"
|
|
_ "embed"
|
|
"sync"
|
|
|
|
"github.com/zitadel/zitadel/internal/api/authz"
|
|
"github.com/zitadel/zitadel/internal/database"
|
|
"github.com/zitadel/zitadel/internal/eventstore/handler/v2"
|
|
"github.com/zitadel/zitadel/internal/query/projection"
|
|
"github.com/zitadel/zitadel/internal/telemetry/tracing"
|
|
)
|
|
|
|
// introspectionTriggerHandlers slice can only be created after zitadel
|
|
// is fully initialized, otherwise the handlers are nil.
|
|
// OnceValue takes care of creating the slice on the first request
|
|
// and than will always return the same slice on subsequent requests.
|
|
var introspectionTriggerHandlers = sync.OnceValue(func() []*handler.Handler {
|
|
return append(oidcUserInfoTriggerHandlers(),
|
|
projection.AppProjection,
|
|
projection.OIDCSettingsProjection,
|
|
projection.AuthNKeyProjection,
|
|
)
|
|
})
|
|
|
|
func TriggerIntrospectionProjections(ctx context.Context) {
|
|
triggerBatch(ctx, introspectionTriggerHandlers()...)
|
|
}
|
|
|
|
type AppType string
|
|
|
|
const (
|
|
AppTypeAPI = "api"
|
|
AppTypeOIDC = "oidc"
|
|
)
|
|
|
|
type IntrospectionClient struct {
|
|
AppID string
|
|
ClientID string
|
|
HashedSecret string
|
|
AppType AppType
|
|
ProjectID string
|
|
ResourceOwner string
|
|
PublicKeys database.Map[[]byte]
|
|
}
|
|
|
|
//go:embed embed/introspection_client_by_id.sql
|
|
var introspectionClientByIDQuery string
|
|
|
|
func (q *Queries) GetIntrospectionClientByID(ctx context.Context, clientID string, getKeys bool) (_ *IntrospectionClient, err error) {
|
|
ctx, span := tracing.NewSpan(ctx)
|
|
defer func() { span.EndWithError(err) }()
|
|
|
|
var (
|
|
instanceID = authz.GetInstance(ctx).InstanceID()
|
|
client = new(IntrospectionClient)
|
|
)
|
|
|
|
err = q.client.QueryRowContext(ctx, func(row *sql.Row) error {
|
|
return row.Scan(
|
|
&client.AppID,
|
|
&client.ClientID,
|
|
&client.HashedSecret,
|
|
&client.AppType,
|
|
&client.ProjectID,
|
|
&client.ResourceOwner,
|
|
&client.PublicKeys,
|
|
)
|
|
},
|
|
introspectionClientByIDQuery,
|
|
instanceID, clientID, getKeys,
|
|
)
|
|
if err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return client, nil
|
|
}
|