mirrors/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel synced 2024-11-22 00:39:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
3,374 Commits 163 Branches 1,921 Tags 628 MiB
fca6b28a97
Commit Graph

56 Commits

Author SHA1 Message Date
Tim Möhlmann
e167365548 chore: test server for direct resource access 2023-04-24 20:40:31 +03:00
Livio Spring
12d4d3ea0b
fix: enable env vars in setup steps (and deprecate admin subcommand) (#3871) 
* fix: enable env vars in setup steps (and deprecate admin subcommand)

* fix tests and error text
 2022-06-27 10:32:34 +00:00
Livio Spring
ed5721d39e
feat: TLS support (#3862) 
* feat: TLS support

* add comment

* fix comment
 2022-06-24 12:38:22 +00:00
Max Peintner
70a108deeb
chore(console): add customer portal link (#3837) 
* feat: add customer portal link

* add customer portal to environment.json from backend

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-06-24 11:18:54 +00:00
Livio Spring
504d91d424
fix: allow env vars to override setup defaults (#3800) 2022-06-10 13:34:52 +00:00
Livio Spring
5e4b38d69b
fix: improve oidc issuer / endpoints (#3753) 
* fix: improve oidc issuer / endpoints

* docs: update endpoints
 2022-06-07 10:04:51 +02:00
Livio Amstutz
3a1569bd94
fix: grpc gateway interceptors (#3767) 2022-06-03 12:44:04 +00:00
Livio Amstutz
32afa77b97
fix: compatibility for cockroach v22.1 (#3754) 
* fix: compatability for cockroach v22.1

* update cr version in docs and compose

* bind dev cockroach to 127.0.0.1

* Revert "bind dev cockroach to 127.0.0.1"

This reverts commit 1c7c6304ae.

* remove --listen-addr flag

* use v2.0.0-v2-alpha.16

* use v2.0.0-v2-alpha.17

Co-authored-by: Elio Bischof <eliobischof@gmail.com>
 2022-06-01 11:41:01 +02:00
Silvan
ed36680ea1
fix(query): show views and failed events (#3743) 
* fix(system): show views and failed events

* fix: set correct database on failed events and views
 2022-05-31 16:33:50 +02:00
Livio Amstutz
81c0ca3337
fix: use issuer for jwt profile check on system api (#3741) 2022-05-31 13:11:49 +02:00
Livio Amstutz
2fc39c0da0
feat: system api requires authenticated requests (#3570) 
* begin auth

* feat: system api requires authenticated requests

* fix tests
 2022-05-30 13:38:30 +02:00
Livio Amstutz
41d78ef523
fix: return absolute url for avatar in user sessions (#3724) 
* fix: return absolute url for avatar in user sessions

* fix: refresh token unique constraint
 2022-05-30 11:27:52 +00:00
Livio Amstutz
737e01bfd2
fix: fix and improve primary keys on projections (#3708) 
* fix: org_domain projection

* fix: projection reset

* fix test

* improve foreign keys on suffixed tables
 2022-05-25 14:15:13 +02:00
Livio Amstutz
79452da7d6
fix: check membership from projection (#3710) 
* fix: check membership from projection

* remove authz setup
 2022-05-25 14:07:16 +02:00
Alexei-Barnes
09b021b257
feat: Configurable Unique Machine Identification (#3626) 
* feat: Configurable Unique Machine Identification

This change fixes Segfault on AWS App Runner with v2 #3625

The change introduces two new dependencies:

* github.com/drone/envsubst for supporting AWS ECS, which has its metadata endpoint described by an environment variable
* github.com/jarcoal/jpath so that only relevant data from a metadata response is used to identify the machine.

The change ads new configuration (see `defaults.yaml`):

* `Machine.Identification` enables configuration of how machines are uniquely identified - I'm not sure about the top level category `Machine`, as I don't have anything else to add to it. Happy to hear suggestions for better naming or structure here.
* `Machine.Identifiation.PrivateId` turns on or off the existing private IP based identification. Default is on.
* `Machine.Identification.Hostname` turns on or off using the OS hostname to identify the machine. Great for most cloud environments, where this tends to be set to something that identifies the machine uniquely. Enabled by default.
* `Machine.Identification.Webhook` configures identification based on the response to an HTTP GET request.  Request headers can be configured, a JSONPath can be set for processing the response (no JSON parsing is done if this is not set), and the URL is allowed to contain environment variables in the format `"${var}"`.

The new flow for getting a unique machine id is:

1. PrivateIP (if enabled)
2. Hostname (if enabled)
3. Webhook (if enabled, to configured URL)
4. Give up and error out.

It's important that init configures machine identity first. Otherwise we could try to get an ID before configuring it. To prevent this from causing difficult to debug issues, where for example the default configuration was used, I've ensured that
the application will generate an error if the module hasn't been configured and you try to get an ID.

Misc changes:

* Spelling and gramatical corrections to `init.go::New()` long description.
* Spelling corrections to `verify_zitadel.go::newZitadel()`.
* Updated `production.md` and `development.md` based on the new build process. I think the run instructions are also out of date, but I'll leave that for someone else.
* `id.SonyFlakeGenerator` is now a function, which sets `id.sonyFlakeGenerator`, this allows us to defer initialization until configuration has been read.

* Update internal/id/config.go

Co-authored-by: Alexei-Barnes <82444470+Alexei-Barnes@users.noreply.github.com>

* Fix authored by @livio-a for tests

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-05-24 16:57:57 +02:00
mffap
4d30d3a7e1
chore: various typos (#3686) 
* fix(cli): typo in clis

* chore: fix typos in guides and readme

* markdown lint

* readme typos

* markdown lint

* typos in security.md

* login de

* login en

* console de

* console en

* Apply suggestions from code review

E-Mail instead of Email

Co-authored-by: Florian Forster <florian@caos.ch>

Co-authored-by: Florian Forster <florian@caos.ch>
 2022-05-21 10:44:09 +00:00
Livio Amstutz
62c4a4d08d
fix: return absolute asset urls (#3676) 2022-05-20 10:30:12 +02:00
Livio Amstutz
3a63fb765a
fix: cleanup some todos (#3642) 
* cleanup todo

* fix: some todos
 2022-05-16 16:35:49 +02:00
Livio Amstutz
024eedc1b5
feat: enable default smtp config on setup (#3622) 
* feat: enable default smtp config on setup

* fix tests

* fix channel order

Co-authored-by: Fabi <38692350+fgerschwiler@users.noreply.github.com>
 2022-05-13 12:13:07 +00:00
Livio Amstutz
79db247801
feat: set default language on instance (#3594) 2022-05-03 15:58:38 +02:00
Livio Amstutz
06a1b52adf
fix: improve interceptor handling (#3578) 
* fix: improve interceptor handling

* fix: improve interceptor handling

Co-authored-by: Florian Forster <florian@caos.ch>
 2022-05-02 15:26:54 +00:00
Livio Amstutz
ef6fd5a843
fix: remove 3rd party assets from mail (#3569) 2022-05-02 14:41:57 +00:00
Livio Amstutz
861cf07700
feat: permit all features to every instance and organisation (#3566) 2022-05-02 11:18:17 +02:00
Silvan
8e7f73c6a6
fix(cli): error if no sub command set on zitadel admin (#3565) 2022-05-02 10:55:50 +02:00
Livio Amstutz
44a2b81bef
feat: enable tracing (#3528) 2022-04-28 14:44:13 +02:00
Livio Amstutz
00f7dbe875
fix: setup instance domain handling (#3529) 2022-04-28 10:30:41 +02:00
Florian Forster
fa9f581d56
chore(v2): move to new org (#3499) 
* chore: move to new org

* logging

* fix: org rename caos -> zitadel

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
 2022-04-26 23:01:45 +00:00
Silvan
388ef6b93b
fix(cli): overwrite setups (#3488) 
* fix(cli): possibility to overwrite setup steps

* chore: update cockroach version in go-dep

* fix(cli): init masterkey flags once

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-04-25 15:05:20 +00:00
Livio Amstutz
2c4799c223
feat: complete dynamic domain handling (#3482) 
* feat: dynamic issuer

* feat: default language from context

* remove zitadel docs from defaults

* remove ConsoleOverwriteDir

* remove notification endpoints from defaults

* custom domains in emails

* remove (external) domain

* external domain completely removed, console handling fixed

* fix test

* fix defaults.yaml
 2022-04-25 11:16:36 +02:00
Livio Amstutz
75ec73ca4a
feat: dynamic issuer (#3481) 
* feat: dynamic issuer

* dynamic domain handling

* key rotation durations

* feat: dynamic issuer

* make webauthn displayname dynamic
 2022-04-25 10:01:17 +02:00
Fabi
3d5891eb11
feat: System api (#3461) 
* feat: start system api

* feat: remove auth

* feat: change gitignore

* feat: run system api

* feat: remove clear view form admin api

* feat: search instances

* feat: add instance

* fix: set primary domain

* Update .gitignore

* fix: add instance

* fix: add instance

* fix: handle errors

* fix: handle instance name

* fix: test

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-04-21 12:37:39 +02:00
Livio Amstutz
a7816a43b1
refactor: remove commandNew struct (#3465) 
* refactor: remove commandNew struct

* requested fixes
 2022-04-20 14:59:37 +00:00
Livio Amstutz
1305c14e49
feat: handle instanceID in projections (#3442) 
* feat: handle instanceID in projections

* rename functions

* fix key lock

* fix import
 2022-04-19 08:26:12 +02:00
Fabi
820a21dce3
feat: validate org domains (#3387) 
* feat: validate org domain command side

* feat: validate org domain query side

* fix: create domain policy

* feat: add reading domain policy on addorg domain
 2022-04-13 11:24:03 +02:00
Silvan
db554536a1
fix: v2 setup sequence (#3437) 
* add/register human command done

* validations

* crypto

* move clientid

* keys

* fix: clientID

* remove v2 package

* tests

* tests running

* fix: add init instance to eventstore

* fix: mig

* test(eventstore): create instance

* revert old code

* instance domain from ctx

* chore: rename zitadel app ids

* comments

* fix: test

* fix: mock

* fix: test
 2022-04-13 05:42:48 +00:00
Silvan
cea2567e22
fix: v2 human command (#3435) 
* add/register human command done

* validations

* crypto

* move clientid

* keys

* fix: clientID

* remove v2 package

* tests

* tests running

* revert old code

* instance domain from ctx

* chore: rename zitadel app ids

* comments

* fix: test
 2022-04-12 16:20:17 +02:00
Livio Amstutz
4a0d61d75a
feat: store assets in database (#3290) 
* feat: use database as asset storage

* being only uploading assets if allowed

* tests

* fixes

* cleanup after merge

* renaming

* various fixes

* fix: change to repository event types and removed unused code

* feat: set default features

* error handling

* error handling and naming

* fix tests

* fix tests

* fix merge

* rename
 2022-04-06 06:13:40 +00:00
Livio Amstutz
b949b8fc65
chore(deps): update oidc to 1.2.0 (#3363) 
* chore(deps): update oidc to 1.2.0

* add comment
 2022-04-05 07:22:00 +00:00
Livio Amstutz
7d6a10015a
feat: read masterkey from file or env (#3389) 
* feat: read masterkey from file

* add read from env
 2022-04-04 08:10:57 +00:00
Livio Amstutz
5112aae177
feat: embed console into go binary (#3391) 2022-04-04 09:51:35 +02:00
Livio Amstutz
87560157c1
fix: change to repository event types and removed unused code (#3386) 
* fix: change to repository event types and removed unused code

* some fixes

* remove unused code
 2022-03-31 11:36:26 +02:00
Livio Amstutz
958362e6c9
feat: handle instance from context (#3382) 
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* fix tokens view

* fix steps.yaml and defaults.yaml

* fix projections

* change instance context to interface

* instance interceptors and additional events in setup

* cleanup

* tests for interceptors

* fix label policy

* add todo

* single api endpoint in environment.json

Co-authored-by: adlerhurst <silvan.reusser@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
 2022-03-29 11:53:19 +02:00
Silvan
c5b99274d7
feat(cli): setup (#3267) 
* commander

* commander

* selber!

* move to packages

* fix(errors): implement Is interface

* test: command

* test: commands

* add init steps

* setup tenant

* add default step yaml

* possibility to set password

* merge v2 into v2-commander

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: search query builder can filter events in memory

* fix: filters for add member

* fix(setup): add `ExternalSecure` to config

* chore: name iam to instance

* fix: matching

* remove unsued func

* base url

* base url

* test(command): filter funcs

* test: commands

* fix: rename orgiampolicy to domain policy

* start from init

* commands

* config

* fix indexes and add constraints

* fixes

* fix: merge conflicts

* fix: protos

* fix: md files

* setup

* add deprecated org iam policy again

* typo

* fix search query

* fix filter

* Apply suggestions from code review

* remove custom org from org setup

* add todos for verification

* change apps creation

* simplify package structure

* fix error

* move preparation helper for tests

* fix unique constraints

* fix config mapping in setup

* fix error handling in encryption_keys.go

* fix projection config

* fix query from old views to projection

* fix setup of mgmt api

* set iam project and fix instance projection

* imports

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
Co-authored-by: fabi <fabienne.gerschwiler@gmail.com>
 2022-03-28 10:05:09 +02:00
Fabi
9d4f296c62
fix: rename iam to instance (#3345) 
* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename iam command side to instance

* fix: rename orgiampolicy to domain policy

* fix: merge conflicts

* fix: protos

* fix: md files

* implement deprecated org iam policy again

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-03-24 16:21:34 +00:00
Livio Amstutz
56b916a2b0
feat: projections auto create their tables (#3324) 
* begin init checks for projections

* first projection checks

* debug notification providers with query fixes

* more projections and first index

* more projections

* more projections

* finish projections

* fix tests (remove db name)

* create tables in setup

* fix logging / error handling

* add tenant to views

* rename tenant to instance_id

* add instance_id to all projections

* add instance_id to all queries

* correct instance_id on projections

* add instance_id to failed_events

* use separate context for instance

* implement features projection

* implement features projection

* remove unique constraint from setup when migration failed

* add error to failed setup event

* add instance_id to primary keys

* fix IAM projection

* remove old migrations folder

* fix keysFromYAML test
 2022-03-23 09:02:39 +01:00
Fabi
5132ebe07c
feat: add tenant column to eventstore (#3314) 
* feat: add tenant column to eventstore

* feat: read tenant from context on push and filter

* Update 07_events_table.sql

* pass tenant to queryFactory

* fix some query tests

* init in tests

* add missing sql files

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-03-15 07:19:02 +01:00
Livio Amstutz
5463244376
feat: encryption keys in database (#3265) 
* enable overwrite of adminUser fields in defaults.yaml

* create schema and table

* cli: create keys

* cli: create keys

* read encryptionkey from db

* merge v2

* file names

* cleanup defaults.yaml

* remove custom errors

* load encryptionKeys on start

* cleanup

* fix merge

* update system defaults

* fix error message
 2022-03-14 07:55:09 +01:00
Fabi
7899a0b851
feat: Notification providers config (#3212) 
* feat: add login check lifetimes to login policy

* feat: org features test

* feat: debug notificatiaon events

* feat: debug notification file/log commands

* feat: add requests to proto

* feat: add api for debug notification providers file/log

* feat: add projection for debug notifiication providers

* feat: requests

* feat: merge v2

* feat: add settings proto to generate

* feat: notifiaction providers

* fix: remove unused code

* Update iam_converter.go

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-03-07 14:22:37 +01:00
Fabi
7d235e3eed
feat: Default configs sms provider (#3187) 
* feat: sms config

* feat: twilio as sms provider

* feat:sms projection

* feat: sms queries

* feat: sms queries test

* feat: sms configs

* feat: sms configs sql file

* fix merge

* fix: rename from to sendername

* fix: proto comments

* fix: token as crypto

* fix: tests

* fix: sms config sender name to sender number

* fix: sms config sender name to sender number

* Update email.go

* Update channel.go

* Update V1.111__settings.sql

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-02-21 12:22:20 +00:00
Fabi
e3528ff0b2
feat: Config to eventstore (#3158) 
* feat: add default language to eventstore

* feat: add secret generator configs events

* feat: tests

* feat: secret generators in eventstore

* feat: secret generators in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* feat: smtp config in eventstore

* fix: migrations

* fix migration version

* fix test

* feat: change secret generator type to enum

* feat: change smtp attribute names

* feat: change smtp attribute names

* feat: remove engryption algorithms from command side

* feat: remove engryption algorithms from command side

* feat: smtp config

* feat: smtp config

* format smtp from header

Co-authored-by: Livio Amstutz <livio.a@gmail.com>
 2022-02-16 15:49:17 +00:00