TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-03-31 05:02:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
dab5d9e756
zitadel/internal/repository
History
Stefan Benz 7caa43ab23
feat: action v2 signing () 
# Which Problems Are Solved

The action v2 messages were didn't contain anything providing security
for the sent content.

# How the Problems Are Solved

Each Target now has a SigningKey, which can also be newly generated
through the API and returned at creation and through the Get-Endpoints.
There is now a HTTP header "Zitadel-Signature", which is generated with
the SigningKey and Payload, and also contains a timestamp to check with
a tolerance if the message took to long to sent.

# Additional Changes

The functionality to create and check the signature is provided in the
pkg/actions package, and can be reused in the SDK.

# Additional Context

Closes 

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-11-28 10:06:52 +00:00
..
action
fix(setup): init projections ()
2024-01-25 17:28:20 +01:00
asset
refactor: rename package errors to zerrors ()
2023-12-08 15:30:55 +01:00
authrequest
fix(oidc): store requested response_mode ()
2024-06-17 09:50:12 +00:00
debug_events
feat: add debug events API ()
2024-09-11 08:24:00 +00:00
deviceauth
feat(oidc): sid claim for id_tokens issued through login V1 ()
2024-09-03 13:19:00 +00:00
execution
feat(v3alpha): write actions ()
2024-07-31 14:42:12 +02:00
feature
feat(OIDC): add back channel logout ()
2024-10-31 15:57:17 +01:00
flow
refactor: rename package errors to zerrors ()
2023-12-08 15:30:55 +01:00
idp
feat(saml): allow setting nameid-format and alternative mapping for transient format ()
2024-05-23 05:04:07 +00:00
idpconfig
refactor: rename package errors to zerrors ()
2023-12-08 15:30:55 +01:00
idpintent
fix(setup): init projections ()
2024-01-25 17:28:20 +01:00
instance
feat: Add Twilio Verification Service ()
2024-09-26 09:14:33 +02:00
keypair
feat(v3alpha): web key resource ()
2024-08-14 14:18:14 +00:00
limits
fix(setup): init projections ()
2024-01-25 17:28:20 +01:00
member
refactor: rename package errors to zerrors ()
2023-12-08 15:30:55 +01:00
metadata
refactor: rename package errors to zerrors ()
2023-12-08 15:30:55 +01:00
milestone
fix(milestones): use previous spelling for milestone types ()
2024-11-11 11:28:27 +00:00
notification
feat(notification): use event worker pool ()
2024-11-27 15:01:17 +00:00
oidcsession
perf(oidc): optimize token creation ()
2024-05-16 07:07:56 +02:00
org
fix(eventstore): cleanup org fields on remove ()
2024-11-26 15:26:41 +00:00
policy
feat(cnsl): docs link can be customized and custom button is available ()
2024-05-13 16:01:50 +02:00
project
feat(OIDC): add back channel logout ()
2024-10-31 15:57:17 +01:00
pseudo
feat: push telemetry ()
2023-07-06 08:38:13 +02:00
quota
fix(setup): init projections ()
2024-01-25 17:28:20 +01:00
restrictions
fix(setup): init projections ()
2024-01-25 17:28:20 +01:00
session
feat(OIDC): add back channel logout ()
2024-10-31 15:57:17 +01:00
sessionlogout
feat(OIDC): add back channel logout ()
2024-10-31 15:57:17 +01:00
settings
refactor: rename package errors to zerrors ()
2023-12-08 15:30:55 +01:00
target
feat: action v2 signing ()
2024-11-28 10:06:52 +00:00
user
feat(OIDC): add back channel logout ()
2024-10-31 15:57:17 +01:00
usergrant
refactor(fmt): run gci on complete project ()
2024-04-03 10:43:43 +00:00
webkey
feat(v3alpha): web key resource ()
2024-08-14 14:18:14 +00:00