Skip to content

Commit

Permalink
refactor: zitadel server
Browse files Browse the repository at this point in the history
Signed-off-by: Yordis Prieto <[email protected]>
  • Loading branch information
yordis committed Apr 7, 2024
1 parent 862df4b commit 7b7c28a
Show file tree
Hide file tree
Showing 68 changed files with 541 additions and 1,031 deletions.
2 changes: 1 addition & 1 deletion CONTRIBUTING.md
Original file line number Diff line number Diff line change
Expand Up @@ -57,6 +57,7 @@ export $(cat ./apps/login/.env.acceptance | xargs)
### Developing Against Your ZITADEL Cloud Instance

Configure your shell by exporting the following environment variables:

```sh
export ZITADEL_API_URL=<your cloud instance URL here>
export ZITADEL_ORG_ID=<your service accounts organization id here>
Expand Down Expand Up @@ -93,5 +94,4 @@ In apps/login, these commands also spin up the application and a ZITADEL gRPC AP
If you want to run the integration tests standalone against an environment of your choice, navigate to ./apps/login, [configure your shell as you like](# Developing Against Your ZITADEL Cloud Instance) and run `pnpm test:integration:run` or `pnpm test:integration:open`.
Then you need to lifecycle the mock process using the command `pnpm mock` or the more fine grained commands `pnpm mock:build`, `pnpm mock:build:nocache`, `pnpm mock:run` and `pnpm mock:destroy`.


That's it! 🎉
67 changes: 39 additions & 28 deletions README.md
Original file line number Diff line number Diff line change
@@ -1,14 +1,17 @@
# ZITADEL typescript with Turborepo and Changesets

This repository contains all TypeScript and JavaScript packages and applications you need to create your own ZITADEL Login UI.
The repo makes use of the [build system Turbo](https://turbo.build/repo) and the [Changesets CLI for versioning the packages](https://github.com/changesets/changesets).
This repository contains all TypeScript and JavaScript packages and applications you need to create your own ZITADEL
Login UI.
The repo makes use of the [build system Turbo](https://turbo.build/repo) and
the [Changesets CLI for versioning the packages](https://github.com/changesets/changesets).

**⚠️ This repo and packages are in alpha state and subject to change ⚠️**

The scope of functionality of this repo and packages is limited and under active development.
Once the package structure is set and all APIs are fully implemented we'll move this repo to beta state.
You can read the [contribution guide](/CONTRIBUTING.md) on how to contribute.
Questions can be raised in our [Discord channel](https://discord.gg/erh5Brh7jE) or as a [GitHub issue](https://github.com/zitadel/typescript/issues).
Questions can be raised in our [Discord channel](https://discord.gg/erh5Brh7jE) or as
a [GitHub issue](https://github.com/zitadel/typescript/issues).

## Developing Your Own ZITADEL Login UI

Expand Down Expand Up @@ -36,16 +39,18 @@ Each package and app is 100% [TypeScript](https://www.typescriptlang.org/).

### Login

The login is currently in a work in progress state.
The goal is to implement a login UI, using the session API of ZITADEL, which also implements the OIDC Standard and is ready to use for everyone.
The login is currently in a work in progress state.
The goal is to implement a login UI, using the session API of ZITADEL, which also implements the OIDC Standard and is
ready to use for everyone.

In the first phase we want to have a MVP login ready with the OIDC Standard and a basic feature set. In a second step the features will be extended.
In the first phase we want to have a MVP login ready with the OIDC Standard and a basic feature set. In a second step
the features will be extended.

This list should show the current implementation state, and also what is missing.
You can already use the current state, and extend it with your needs.

- [x] Local User Registration (with Password)
- [ ] User Registration and Login with external Provider
- [ ] User Registration and Login with external Provider
- [ ] Google
- [ ] GitHub
- [ ] GitHub Enterprise
Expand All @@ -67,21 +72,21 @@ You can already use the current state, and extend it with your needs.
- [ ] Domain Discovery
- [ ] Branding
- OIDC Standard
- [ ] Authorization Code Flow with PKCE
- [ ] AuthRequest `hintUserId`
- [ ] AuthRequest `loginHint`
- [ ] AuthRequest `prompt`
- [x] Login
- [x] Select Account
- [ ] Consent
- [ ] Create
- Scopes
- [ ] `openid email profile address``
- [ ] `offline access`
- [ ] `urn:zitadel:iam:org:idp:id:{idp_id}`
- [ ] `urn:zitadel:iam:org:project:id:zitadel:aud`
- [ ] `urn:zitadel:iam:org:id:{orgid}`
- [ ] AuthRequest UI locales
- [ ] Authorization Code Flow with PKCE
- [ ] AuthRequest `hintUserId`
- [ ] AuthRequest `loginHint`
- [ ] AuthRequest `prompt`
- [x] Login
- [x] Select Account
- [ ] Consent
- [ ] Create
- Scopes
- [ ] `openid email profile address``
- [ ] `offline access`
- [ ] `urn:zitadel:iam:org:idp:id:{idp_id}`
- [ ] `urn:zitadel:iam:org:project:id:zitadel:aud`
- [ ] `urn:zitadel:iam:org:id:{orgid}`
- [ ] AuthRequest UI locales

## Tooling

Expand All @@ -103,11 +108,14 @@ You can already use the current state, and extend it with your needs.
## Versioning And Publishing Packages

Package publishing has been configured using [Changesets](https://github.com/changesets/changesets).
Here is their [documentation](https://github.com/changesets/changesets#documentation) for more information about the workflow.
Here is their [documentation](https://github.com/changesets/changesets#documentation) for more information about the
workflow.

The [GitHub Action](https://github.com/changesets/action) needs an `NPM_TOKEN` and `GITHUB_TOKEN` in the repository settings. The [Changesets bot](https://github.com/apps/changeset-bot) should also be installed on the GitHub repository.
The [GitHub Action](https://github.com/changesets/action) needs an `NPM_TOKEN` and `GITHUB_TOKEN` in the repository
settings. The [Changesets bot](https://github.com/apps/changeset-bot) should also be installed on the GitHub repository.

Read the [changesets documentation](https://github.com/changesets/changesets/blob/main/docs/automating-changesets.md) for more information about this automation
Read the [changesets documentation](https://github.com/changesets/changesets/blob/main/docs/automating-changesets.md)
for more information about this automation

### NPM

Expand All @@ -134,8 +142,10 @@ pnpm install
```

then setup the environment for the login application which needs a `.env.local` in `/apps/login`.
Go to your instance and create a service user for the application having the IAM_OWNER manager role.
This user is required to have access to create users on your primary organization and reading policy data so it can be restricted to your personal use case but we'll stick with IAM_OWNER for convenience. Create a PAT and copy the value to paste it under the `ZITADEL_SERVICE_USER_TOKEN` key.
Go to your instance and create a service user for the application having the `IAM_OWNER` manager role.
This user is required to have access to create users on your primary organization and reading policy data so it can be
restricted to your personal use case but we'll stick with `IAM_OWNER` for convenience. Create a PAT and copy the value to
paste it under the `ZITADEL_SERVICE_USER_TOKEN` key.
The file should look as follows:

```
Expand All @@ -162,7 +172,8 @@ Open the login application with your favorite browser at `localhost:3000`.

To deploy your own version on Vercel, navigate to your instance and create a service user.
Copy its id from the overview and set it as ZITADEL_SERVICE_USER_ID.
Then create a personal access token (PAT), copy and set it as ZITADEL_SERVICE_USER_TOKEN, then navigate to your instance settings and make sure it gets IAM_OWNER permissions.
Then create a personal access token (PAT), copy and set it as ZITADEL_SERVICE_USER_TOKEN, then navigate to your instance
settings and make sure it gets IAM_OWNER permissions.
Finally set your instance url as ZITADEL_API_URL. Make sure to set it without trailing slash.

[![Deploy with Vercel](https://vercel.com/button)](https://vercel.com/new/clone?repository-url=https%3A%2F%2Fgithub.com%2Fzitadel%2Ftypescript&env=ZITADEL_API_URL,ZITADEL_SERVICE_USER_ID,ZITADEL_SERVICE_USER_TOKEN&root-directory=apps/login&envDescription=Setup%20a%20service%20account%20with%20IAM_OWNER%20membership%20on%20your%20instance%20and%20provide%20its%20id%20and%20personal%20access%20token.&project-name=zitadel-login&repository-name=zitadel-login)
7 changes: 3 additions & 4 deletions apps/login/app/(login)/accounts/page.tsx
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
import { Session } from "@zitadel/server";
import { getBrandingSettings, listSessions, server } from "#/lib/zitadel";
import { Session } from "@zitadel/server/v2beta";
import { getBrandingSettings, listSessions } from "#/lib/zitadel";
import { getAllSessionCookieIds } from "#/utils/cookies";
import { UserPlusIcon } from "@heroicons/react/24/outline";
import Link from "next/link";
Expand All @@ -11,7 +11,6 @@ async function loadSessions(): Promise<Session[]> {

if (ids && ids.length) {
const response = await listSessions(
server,
ids.filter((id: string | undefined) => !!id)
);
return response?.sessions ?? [];
Expand All @@ -31,7 +30,7 @@ export default async function Page({

let sessions = await loadSessions();

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

return (
<DynamicTheme branding={branding}>
Expand Down
14 changes: 2 additions & 12 deletions apps/login/app/(login)/idp/[provider]/failure/page.tsx
Original file line number Diff line number Diff line change
@@ -1,16 +1,6 @@
import { ProviderSlug } from "#/lib/demos";
import { getBrandingSettings, server } from "#/lib/zitadel";
import Alert, { AlertType } from "#/ui/Alert";
import { getBrandingSettings } from "#/lib/zitadel";
import DynamicTheme from "#/ui/DynamicTheme";
import IdpSignin from "#/ui/IdpSignin";
import {
AddHumanUserRequest,
IDPInformation,
RetrieveIdentityProviderIntentResponse,
user,
IDPLink,
} from "@zitadel/server";
import { ClientError } from "nice-grpc";

const PROVIDER_NAME_MAPPING: {
[provider: string]: string;
Expand All @@ -29,7 +19,7 @@ export default async function Page({
const { id, token, authRequestId, organization } = searchParams;
const { provider } = params;

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

if (provider) {
return (
Expand Down
7 changes: 2 additions & 5 deletions apps/login/app/(login)/idp/[provider]/success/page.tsx
Original file line number Diff line number Diff line change
@@ -1,13 +1,12 @@
import { ProviderSlug } from "#/lib/demos";
import { getBrandingSettings, server } from "#/lib/zitadel";
import { getBrandingSettings, userService } from "#/lib/zitadel";
import Alert, { AlertType } from "#/ui/Alert";
import DynamicTheme from "#/ui/DynamicTheme";
import IdpSignin from "#/ui/IdpSignin";
import {
AddHumanUserRequest,
IDPInformation,
RetrieveIdentityProviderIntentResponse,
user,
IDPLink,
} from "@zitadel/server";
import { ClientError } from "nice-grpc";
Expand Down Expand Up @@ -65,7 +64,6 @@ function retrieveIDPIntent(
id: string,
token: string
): Promise<RetrieveIdentityProviderIntentResponse> {
const userService = user.getUser(server);
return userService.retrieveIdentityProviderIntent(
{ idpIntentId: id, idpIntentToken: token },
{}
Expand All @@ -77,7 +75,6 @@ function createUser(
info: IDPInformation
): Promise<string> {
const userData = PROVIDER_MAPPING[provider](info);
const userService = user.getUser(server);
return userService.addHumanUser(userData, {}).then((resp) => resp.userId);
}

Expand All @@ -91,7 +88,7 @@ export default async function Page({
const { id, token, authRequestId, organization } = searchParams;
const { provider } = params;

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

if (provider && id && token) {
return retrieveIDPIntent(id, token)
Expand Down
12 changes: 4 additions & 8 deletions apps/login/app/(login)/idp/page.tsx
Original file line number Diff line number Diff line change
@@ -1,22 +1,18 @@
import {
getBrandingSettings,
getLegalAndSupportSettings,
server,
settingsService,
} from "#/lib/zitadel";
import DynamicTheme from "#/ui/DynamicTheme";
import { SignInWithIDP } from "#/ui/SignInWithIDP";
import {
GetActiveIdentityProvidersResponse,
IdentityProvider,
ZitadelServer,
settings,
} from "@zitadel/server";

function getIdentityProviders(
server: ZitadelServer,
orgId?: string
): Promise<IdentityProvider[] | undefined> {
const settingsService = settings.getSettings(server);
return settingsService
.getActiveIdentityProviders(
orgId ? { ctx: { orgId } } : { ctx: { instance: true } },
Expand All @@ -35,15 +31,15 @@ export default async function Page({
const authRequestId = searchParams?.authRequestId;
const organization = searchParams?.organization;

const legal = await getLegalAndSupportSettings(server, organization);
const legal = await getLegalAndSupportSettings(organization);

const identityProviders = await getIdentityProviders(server, organization);
const identityProviders = await getIdentityProviders(organization);

const host = process.env.VERCEL_URL
? `https://${process.env.VERCEL_URL}`
: "http://localhost:3000";

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

return (
<DynamicTheme branding={branding}>
Expand Down
12 changes: 5 additions & 7 deletions apps/login/app/(login)/loginname/page.tsx
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@ import {
getBrandingSettings,
getLegalAndSupportSettings,
getLoginSettings,
server,
settingsService,
} from "#/lib/zitadel";
import DynamicTheme from "#/ui/DynamicTheme";
import { SignInWithIDP } from "#/ui/SignInWithIDP";
Expand All @@ -11,14 +11,12 @@ import {
GetActiveIdentityProvidersResponse,
IdentityProvider,
ZitadelServer,
settings,
} from "@zitadel/server";

function getIdentityProviders(
server: ZitadelServer,
orgId?: string
): Promise<IdentityProvider[] | undefined> {
const settingsService = settings.getSettings(server);
return settingsService
.getActiveIdentityProviders(
orgId ? { ctx: { orgId } } : { ctx: { instance: true } },
Expand All @@ -39,16 +37,16 @@ export default async function Page({
const organization = searchParams?.organization;
const submit: boolean = searchParams?.submit === "true";

const loginSettings = await getLoginSettings(server, organization);
const legal = await getLegalAndSupportSettings(server);
const loginSettings = await getLoginSettings(organization);
const legal = await getLegalAndSupportSettings();

const identityProviders = await getIdentityProviders(server, organization);
const identityProviders = await getIdentityProviders(organization);

const host = process.env.VERCEL_URL
? `https://${process.env.VERCEL_URL}`
: "http://localhost:3000";

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

return (
<DynamicTheme branding={branding}>
Expand Down
6 changes: 3 additions & 3 deletions apps/login/app/(login)/passkey/add/page.tsx
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { getBrandingSettings, getSession, server } from "#/lib/zitadel";
import { getBrandingSettings, getSession } from "#/lib/zitadel";
import Alert, { AlertType } from "#/ui/Alert";
import DynamicTheme from "#/ui/DynamicTheme";
import RegisterPasskey from "#/ui/RegisterPasskey";
Expand All @@ -20,7 +20,7 @@ export default async function Page({
loginName,
organization
);
return getSession(server, recent.id, recent.token).then((response) => {
return getSession(recent.id, recent.token).then((response) => {
if (response?.session) {
return response.session;
}
Expand All @@ -33,7 +33,7 @@ export default async function Page({
? "When set up, you will be able to authenticate without a password."
: "Your device will ask for your fingerprint, face, or screen lock";

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

return (
<DynamicTheme branding={branding}>
Expand Down
8 changes: 4 additions & 4 deletions apps/login/app/(login)/passkey/login/page.tsx
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { getBrandingSettings, getSession, server } from "#/lib/zitadel";
import { getBrandingSettings, getSession } from "#/lib/zitadel";
import Alert from "#/ui/Alert";
import DynamicTheme from "#/ui/DynamicTheme";
import LoginPasskey from "#/ui/LoginPasskey";
Expand Down Expand Up @@ -32,7 +32,7 @@ export default async function Page({
loginName,
organization
);
return getSession(server, recent.id, recent.token).then((response) => {
return getSession(recent.id, recent.token).then((response) => {
if (response?.session) {
return response.session;
}
Expand All @@ -41,14 +41,14 @@ export default async function Page({

async function loadSessionById(sessionId: string, organization?: string) {
const recent = await getSessionCookieById(sessionId, organization);
return getSession(server, recent.id, recent.token).then((response) => {
return getSession(recent.id, recent.token).then((response) => {
if (response?.session) {
return response.session;
}
});
}

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

return (
<DynamicTheme branding={branding}>
Expand Down
6 changes: 3 additions & 3 deletions apps/login/app/(login)/password/page.tsx
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
import { getBrandingSettings, getSession, server } from "#/lib/zitadel";
import { getBrandingSettings, getSession } from "#/lib/zitadel";
import Alert from "#/ui/Alert";
import DynamicTheme from "#/ui/DynamicTheme";
import PasswordForm from "#/ui/PasswordForm";
Expand All @@ -20,14 +20,14 @@ export default async function Page({
organization
);

return getSession(server, recent.id, recent.token).then((response) => {
return getSession(recent.id, recent.token).then((response) => {
if (response?.session) {
return response.session;
}
});
}

const branding = await getBrandingSettings(server, organization);
const branding = await getBrandingSettings(organization);

return (
<DynamicTheme branding={branding}>
Expand Down
Loading

0 comments on commit 7b7c28a

Please sign in to comment.