TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-16 12:58:00 +00:00
Code Issues Packages Projects Releases Wiki Activity
e6fae1b352
zitadel/internal/repository
History
Stefan Benz 7caa43ab23
feat: action v2 signing (#8779) 
# Which Problems Are Solved

The action v2 messages were didn't contain anything providing security
for the sent content.

# How the Problems Are Solved

Each Target now has a SigningKey, which can also be newly generated
through the API and returned at creation and through the Get-Endpoints.
There is now a HTTP header "Zitadel-Signature", which is generated with
the SigningKey and Payload, and also contains a timestamp to check with
a tolerance if the message took to long to sent.

# Additional Changes

The functionality to create and check the signature is provided in the
pkg/actions package, and can be reused in the SDK.

# Additional Context

Closes #7924

---------

Co-authored-by: Livio Spring <livio.a@gmail.com>
2024-11-28 10:06:52 +00:00
..
action fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
asset refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
authrequest fix(oidc): store requested response_mode (#8145) 2024-06-17 09:50:12 +00:00
debug_events feat: add debug events API (#8533) 2024-09-11 08:24:00 +00:00
deviceauth feat(oidc): sid claim for id_tokens issued through login V1 (#8525) 2024-09-03 13:19:00 +00:00
execution feat(v3alpha): write actions (#8225) 2024-07-31 14:42:12 +02:00
feature feat(OIDC): add back channel logout (#8837) 2024-10-31 15:57:17 +01:00
flow refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
idp feat(saml): allow setting nameid-format and alternative mapping for transient format (#7979) 2024-05-23 05:04:07 +00:00
idpconfig refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
idpintent fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
instance feat: Add Twilio Verification Service (#8678) 2024-09-26 09:14:33 +02:00
keypair feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00
limits fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
member refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
metadata refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
milestone fix(milestones): use previous spelling for milestone types (#8886) 2024-11-11 11:28:27 +00:00
notification feat(notification): use event worker pool (#8962) 2024-11-27 15:01:17 +00:00
oidcsession perf(oidc): optimize token creation (#7822) 2024-05-16 07:07:56 +02:00
org fix(eventstore): cleanup org fields on remove (#8946) 2024-11-26 15:26:41 +00:00
policy feat(cnsl): docs link can be customized and custom button is available (#7840) 2024-05-13 16:01:50 +02:00
project feat(OIDC): add back channel logout (#8837) 2024-10-31 15:57:17 +01:00
pseudo feat: push telemetry (#6027) 2023-07-06 08:38:13 +02:00
quota fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
restrictions fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
session feat(OIDC): add back channel logout (#8837) 2024-10-31 15:57:17 +01:00
sessionlogout feat(OIDC): add back channel logout (#8837) 2024-10-31 15:57:17 +01:00
settings refactor: rename package errors to zerrors (#7039) 2023-12-08 15:30:55 +01:00
target feat: action v2 signing (#8779) 2024-11-28 10:06:52 +00:00
user feat(OIDC): add back channel logout (#8837) 2024-10-31 15:57:17 +01:00
usergrant refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
webkey feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00