Livio Spring f0ce5d537c fix: correctly check user state (#8631) ... # Which Problems Are Solved ZITADEL's user account deactivation mechanism did not work correctly with service accounts. Deactivated service accounts retained the ability to request tokens, which could lead to unauthorized access to applications and resources. # How the Problems Are Solved Additionally to checking the user state on the session API and login UI, the state is checked on all oidc session methods resulting in a new token or when returning the user information (userinfo, introspection, id_token / access_token and saml attributes) (cherry picked from commit 5b40af79f0)		2024-09-17 15:35:40 +02:00
..
actions	feat(actions): allow getting metadata of organizations from user grants (#7782)	2024-04-22 11:34:23 +00:00
activity	feat: trusted (instance) domains (#8369)	2024-07-31 18:00:38 +03:00
admin/repository/eventsourcing	feat(cmd): mirror (#7004)	2024-05-30 09:35:30 +00:00
api	fix: correctly check user state (#8631)	2024-09-17 15:35:40 +02:00
auth/repository	fix: user grants deactivation (#8634)	2024-09-17 15:35:36 +02:00
auth_request/repository	fix(login): correctly reload policies on auth request (#7839)	2024-04-24 10:54:55 +02:00
authz	fix: internal check of JWT access tokens (#8486)	2024-08-26 09:26:13 +00:00
command	fix: correctly check user state (#8631)	2024-09-17 15:35:40 +02:00
config	feat(v3alpha): read actions (#8357)	2024-08-12 22:32:01 +02:00
crypto	feat(v3alpha): web key resource (#8262)	2024-08-14 14:18:14 +00:00
database	fix(eventstore): precise decimal (#8527)	2024-09-06 12:19:19 +03:00
domain	feat: invite user link (#8578)	2024-09-11 10:53:55 +00:00
eventstore	feat: add debug events API (#8533)	2024-09-11 08:24:00 +00:00
execution	feat: add schema user create and remove (#8494)	2024-08-28 19:46:45 +00:00
feature	feat(oidc): end session by id_token_hint and without cookie (#8542)	2024-09-04 10:14:50 +00:00
form	refactor: rename package errors to zerrors (#7039)	2023-12-08 15:30:55 +01:00
i18n	fix(middleware): init translation messages (#7778)	2024-04-16 15:46:13 +02:00
iam	refactor: cleanup unused code (#7130)	2024-01-02 14:26:31 +00:00
id	feat(cmd): Added machine ID mode to zitadel start up logs (#8251)	2024-07-16 09:53:57 +00:00
idp	fix: encode ldap values to make valid UTF8 (#8210)	2024-06-28 13:46:54 +00:00
integration	fix: correctly check user state (#8631)	2024-09-17 15:35:40 +02:00
logstore	perf: project quotas and usages (#6441)	2023-09-15 16:58:45 +02:00
migration	fix(setup): init projections (#7194)	2024-01-25 17:28:20 +01:00
net	perf: project quotas and usages (#6441)	2023-09-15 16:58:45 +02:00
notification	feat: add http as smtp provider (#8545)	2024-09-12 06:27:29 +02:00
org	refactor: cleanup unused code (#7130)	2024-01-02 14:26:31 +00:00
project	refactor: cleanup unused code (#7130)	2024-01-02 14:26:31 +00:00
protoc	merge main into next	2023-10-19 12:34:00 +02:00
qrcode	docs(legal): Updated agreements and policies v2 (#3823)	2022-06-15 08:30:58 +02:00
query	fix: correctly check user state (#8631)	2024-09-17 15:35:40 +02:00
renderer	fix(login): (re)allow HTML in custom login texts (#7575)	2024-03-15 16:29:10 +01:00
repository	feat: add http as smtp provider (#8545)	2024-09-12 06:27:29 +02:00
static	Merge branch 'main' into next	2024-09-17 07:10:11 +02:00
statik	chore: initial version of a devcontainer (#6352)	2023-08-15 10:49:05 +02:00
telemetry	feat: enable application performance profiling (#8442)	2024-08-16 13:26:53 +00:00
test	refactor(fmt): run gci on complete project (#7557)	2024-04-03 10:43:43 +00:00
user	feat(oidc): end session by id_token_hint and without cookie (#8542)	2024-09-04 10:14:50 +00:00
v2	fix(eventstore): precise decimal (#8527)	2024-09-06 12:19:19 +03:00
view/repository	refactor(fmt): run gci on complete project (#7557)	2024-04-03 10:43:43 +00:00
webauthn	chore(tests): use a coverage server binary (#8407)	2024-09-06 14:47:57 +02:00
zerrors	fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374)	2024-08-06 13:58:53 +02:00