mirrors/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel synced 2024-11-22 00:39:36 +00:00
Code Issues Packages Projects Releases Wiki Activity
5b40af79f0
zitadel/internal
History
Livio Spring 5b40af79f0
fix: correctly check user state (#8631) 
# Which Problems Are Solved

ZITADEL's user account deactivation mechanism did not work correctly
with service accounts. Deactivated service accounts retained the ability
to request tokens, which could lead to unauthorized access to
applications and resources.

# How the Problems Are Solved

Additionally to checking the user state on the session API and login UI,
the state is checked on all oidc session methods resulting in a new
token or when returning the user information (userinfo, introspection,
id_token / access_token and saml attributes)
2024-09-17 13:21:49 +00:00
..
actions feat(actions): allow getting metadata of organizations from user grants (#7782) 2024-04-22 11:34:23 +00:00
activity feat: trusted (instance) domains (#8369) 2024-07-31 18:00:38 +03:00
admin/repository/eventsourcing feat(cmd): mirror (#7004) 2024-05-30 09:35:30 +00:00
api fix: correctly check user state (#8631) 2024-09-17 13:21:49 +00:00
auth/repository fix: user grants deactivation (#8634) 2024-09-17 12:18:29 +00:00
auth_request/repository fix(login): correctly reload policies on auth request (#7839) 2024-04-24 08:44:55 +00:00
authz fix: internal check of JWT access tokens (#8486) 2024-08-26 09:26:13 +00:00
command fix: correctly check user state (#8631) 2024-09-17 13:21:49 +00:00
config feat(v3alpha): read actions (#8357) 2024-08-12 22:32:01 +02:00
crypto feat(v3alpha): web key resource (#8262) 2024-08-14 14:18:14 +00:00
database fix(eventstore): precise decimal (#8527) 2024-09-06 12:19:19 +03:00
domain feat: invite user link (#8578) 2024-09-11 10:53:55 +00:00
eventstore feat: add debug events API (#8533) 2024-09-11 08:24:00 +00:00
execution feat: add schema user create and remove (#8494) 2024-08-28 19:46:45 +00:00
feature feat(oidc): end session by id_token_hint and without cookie (#8542) 2024-09-04 10:14:50 +00:00
form
i18n fix(middleware): init translation messages (#7778) 2024-04-16 12:08:18 +00:00
iam refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
id feat(cmd): Added machine ID mode to zitadel start up logs (#8251) 2024-07-16 09:53:57 +00:00
idp fix: encode ldap values to make valid UTF8 (#8210) 2024-06-28 13:46:54 +00:00
integration fix: correctly check user state (#8631) 2024-09-17 13:21:49 +00:00
logstore
migration fix(setup): init projections (#7194) 2024-01-25 17:28:20 +01:00
net
notification feat: add http as smtp provider (#8545) 2024-09-12 06:27:29 +02:00
org refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
project refactor: cleanup unused code (#7130) 2024-01-02 14:26:31 +00:00
protoc
qrcode
query fix: correctly check user state (#8631) 2024-09-17 13:21:49 +00:00
renderer fix(login): (re)allow HTML in custom login texts (#7575) 2024-03-15 16:29:10 +01:00
repository feat: user v3 api update (#8582) 2024-09-17 08:27:48 +00:00
static feat: invite user link (#8578) 2024-09-11 10:53:55 +00:00
statik
telemetry feat: enable application performance profiling (#8442) 2024-08-16 13:26:53 +00:00
test refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
user feat(oidc): end session by id_token_hint and without cookie (#8542) 2024-09-04 10:14:50 +00:00
v2 fix(eventstore): precise decimal (#8527) 2024-09-06 12:19:19 +03:00
view/repository refactor(fmt): run gci on complete project (#7557) 2024-04-03 10:43:43 +00:00
webauthn chore(tests): use a coverage server binary (#8407) 2024-09-06 14:47:57 +02:00
zerrors fix(crypto): reject decrypted strings with non-UTF8 characters. (#8374) 2024-08-02 08:38:37 +00:00