mirror of
https://github.com/zitadel/zitadel.git
synced 2025-01-07 15:17:55 +00:00
320679467b
* feat: change login to command side * feat: change login to command side * fix: fix push on user * feat: user command side * feat: sign out * feat: command side login * feat: command side login * feat: fix register user * feat: fix register user * feat: fix web auth n events * feat: add machine keys * feat: send codes * feat: move authrequest to domain * feat: move authrequest to domain * feat: webauthn working * feat: external users * feat: external users login * feat: notify users * fix: tests * feat: cascade remove user grants on project remove * fix: webauthn * fix: pr requests * fix: register human with member * fix: fix bugs * fix: fix bugs
180 lines
4.6 KiB
Go
180 lines
4.6 KiB
Go
package user
|
|
|
|
import (
|
|
"context"
|
|
"encoding/json"
|
|
"github.com/caos/zitadel/internal/crypto"
|
|
"github.com/caos/zitadel/internal/errors"
|
|
"github.com/caos/zitadel/internal/eventstore/v2"
|
|
"github.com/caos/zitadel/internal/eventstore/v2/repository"
|
|
)
|
|
|
|
const (
|
|
otpEventPrefix = mfaEventPrefix + "otp."
|
|
HumanMFAOTPAddedType = otpEventPrefix + "added"
|
|
HumanMFAOTPVerifiedType = otpEventPrefix + "verified"
|
|
HumanMFAOTPRemovedType = otpEventPrefix + "removed"
|
|
HumanMFAOTPCheckSucceededType = otpEventPrefix + "check.succeeded"
|
|
HumanMFAOTPCheckFailedType = otpEventPrefix + "check.failed"
|
|
)
|
|
|
|
type HumanOTPAddedEvent struct {
|
|
eventstore.BaseEvent `json:"-"`
|
|
|
|
Secret *crypto.CryptoValue `json:"otpSecret,omitempty"`
|
|
}
|
|
|
|
func (e *HumanOTPAddedEvent) Data() interface{} {
|
|
return e
|
|
}
|
|
|
|
func (e *HumanOTPAddedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
return nil
|
|
}
|
|
|
|
func NewHumanOTPAddedEvent(ctx context.Context,
|
|
secret *crypto.CryptoValue) *HumanOTPAddedEvent {
|
|
return &HumanOTPAddedEvent{
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
ctx,
|
|
HumanMFAOTPAddedType,
|
|
),
|
|
Secret: secret,
|
|
}
|
|
}
|
|
|
|
func HumanOTPAddedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
|
|
otpAdded := &HumanOTPAddedEvent{
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
}
|
|
err := json.Unmarshal(event.Data, otpAdded)
|
|
if err != nil {
|
|
return nil, errors.ThrowInternal(err, "USER-Ns9df", "unable to unmarshal human otp added")
|
|
}
|
|
return otpAdded, nil
|
|
}
|
|
|
|
type HumanOTPVerifiedEvent struct {
|
|
eventstore.BaseEvent `json:"-"`
|
|
UserAgentID string `json:"userAgentID,omitempty"`
|
|
}
|
|
|
|
func (e *HumanOTPVerifiedEvent) Data() interface{} {
|
|
return nil
|
|
}
|
|
|
|
func (e *HumanOTPVerifiedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
return nil
|
|
}
|
|
|
|
func NewHumanOTPVerifiedEvent(ctx context.Context, userAgentID string) *HumanOTPVerifiedEvent {
|
|
return &HumanOTPVerifiedEvent{
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
ctx,
|
|
HumanMFAOTPVerifiedType,
|
|
),
|
|
UserAgentID: userAgentID,
|
|
}
|
|
}
|
|
|
|
func HumanOTPVerifiedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
|
|
return &HumanOTPVerifiedEvent{
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
}, nil
|
|
}
|
|
|
|
type HumanOTPRemovedEvent struct {
|
|
eventstore.BaseEvent `json:"-"`
|
|
}
|
|
|
|
func (e *HumanOTPRemovedEvent) Data() interface{} {
|
|
return nil
|
|
}
|
|
|
|
func (e *HumanOTPRemovedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
return nil
|
|
}
|
|
|
|
func NewHumanOTPRemovedEvent(ctx context.Context) *HumanOTPRemovedEvent {
|
|
return &HumanOTPRemovedEvent{
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
ctx,
|
|
HumanMFAOTPRemovedType,
|
|
),
|
|
}
|
|
}
|
|
|
|
func HumanOTPRemovedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
|
|
return &HumanOTPRemovedEvent{
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
}, nil
|
|
}
|
|
|
|
type HumanOTPCheckSucceededEvent struct {
|
|
eventstore.BaseEvent `json:"-"`
|
|
*AuthRequestInfo
|
|
}
|
|
|
|
func (e *HumanOTPCheckSucceededEvent) Data() interface{} {
|
|
return e
|
|
}
|
|
|
|
func (e *HumanOTPCheckSucceededEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
return nil
|
|
}
|
|
|
|
func NewHumanOTPCheckSucceededEvent(ctx context.Context, info *AuthRequestInfo) *HumanOTPCheckSucceededEvent {
|
|
return &HumanOTPCheckSucceededEvent{
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
ctx,
|
|
HumanMFAOTPCheckSucceededType,
|
|
),
|
|
AuthRequestInfo: info,
|
|
}
|
|
}
|
|
|
|
func HumanOTPCheckSucceededEventMapper(event *repository.Event) (eventstore.EventReader, error) {
|
|
otpAdded := &HumanOTPCheckSucceededEvent{
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
}
|
|
err := json.Unmarshal(event.Data, otpAdded)
|
|
if err != nil {
|
|
return nil, errors.ThrowInternal(err, "USER-Ns9df", "unable to unmarshal human otp check succeeded")
|
|
}
|
|
return otpAdded, nil
|
|
}
|
|
|
|
type HumanOTPCheckFailedEvent struct {
|
|
eventstore.BaseEvent `json:"-"`
|
|
*AuthRequestInfo
|
|
}
|
|
|
|
func (e *HumanOTPCheckFailedEvent) Data() interface{} {
|
|
return e
|
|
}
|
|
|
|
func (e *HumanOTPCheckFailedEvent) UniqueConstraints() []*eventstore.EventUniqueConstraint {
|
|
return nil
|
|
}
|
|
|
|
func NewHumanOTPCheckFailedEvent(ctx context.Context, info *AuthRequestInfo) *HumanOTPCheckFailedEvent {
|
|
return &HumanOTPCheckFailedEvent{
|
|
BaseEvent: *eventstore.NewBaseEventForPush(
|
|
ctx,
|
|
HumanMFAOTPCheckFailedType,
|
|
),
|
|
AuthRequestInfo: info,
|
|
}
|
|
}
|
|
|
|
func HumanOTPCheckFailedEventMapper(event *repository.Event) (eventstore.EventReader, error) {
|
|
otpAdded := &HumanOTPCheckFailedEvent{
|
|
BaseEvent: *eventstore.BaseEventFromRepo(event),
|
|
}
|
|
err := json.Unmarshal(event.Data, otpAdded)
|
|
if err != nil {
|
|
return nil, errors.ThrowInternal(err, "USER-Ns9df", "unable to unmarshal human otp check failed")
|
|
}
|
|
return otpAdded, nil
|
|
}
|