Commit Graph

1813 Commits

Author SHA1 Message Date
Matt Moyer
c7931bc6d5
Remove our main module dependency on golangci-lint.
We will still pin this in CI via an image dependency.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 17:01:32 -06:00
Ryan Richard
b27e3e1a89 Put a Type on the Secrets that we create for FederationDomain JWKS
Signed-off-by: Aram Price <pricear@vmware.com>
2020-12-17 14:48:49 -08:00
Matt Moyer
8db9331fed
Update ExpectedAuthorizeCodeSessionJSONFromFuzzing.
We stared at this very carefully and we don't think there are any structural changes. Maybe something small happened to get the RNG off by one?

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 16:31:08 -06:00
Matt Moyer
3e15e184ef
Update test assertions related to spf13/cobra.
It now correctly prints errors to stderr (https://github.com/spf13/cobra/pull/894).

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 16:31:08 -06:00
Matt Moyer
6a457466df
Update generated k8s code for 1.19.5.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 16:31:08 -06:00
Matt Moyer
3a81fbd1b4
Update fosite error usage.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 16:31:08 -06:00
Matt Moyer
421c17c421
Update all modules.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 16:31:08 -06:00
Ryan Richard
780d236d89
Merge pull request #300 from vmware-tanzu/even-more-opc-renames
Even more "op" and "opc" local variable renames
2020-12-17 13:51:54 -08:00
Aram Price
55483b726b More "op" and "opc" local variable renames
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-12-17 13:49:53 -08:00
Andrew Keesler
157d041b6a
README.md: first draft of Supervisor additions
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2020-12-17 15:36:33 -05:00
Ryan Richard
32602f579b
Merge pull request #298 from vmware-tanzu/more-opc-rename
Rename all "op" and "opc" usages
2020-12-17 12:31:52 -08:00
Ryan Richard
65e7df1417
Merge branch 'main' into more-opc-rename 2020-12-17 12:10:19 -08:00
Ryan Richard
b96d49df0f Rename all "op" and "opc" usages
Signed-off-by: Aram Price <pricear@vmware.com>
2020-12-17 11:34:49 -08:00
Margo Crawford
152838e998
CONTRIBUTING.md: add missing integration test dependencies
Also alphabetize dependencies because sorting wins.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-12-17 13:59:23 -05:00
Matt Moyer
9183c3897f
Merge pull request #281 from mattmoyer/upgrade-dex
Upgrade the Dex we use for local testing to v2.27.0.
2020-12-17 12:50:36 -06:00
Andrew Keesler
b009cee877
Add Margo and Mo as maintainers of Pinniped
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2020-12-17 13:37:20 -05:00
Matt Moyer
41832369fd
Upgrade the Dex we use for local testing to v2.27.0.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 12:04:09 -06:00
Matt Moyer
cc5cb394e0
Merge pull request #143 from enj/enj/i/cache_mutation_detector_unit
Enable cache mutation detector in unit tests
2020-12-17 10:09:02 -06:00
Matt Moyer
b60542f0d1
Clean this test up a trivial amount using require.Implementsf().
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-17 08:38:16 -06:00
Monis Khan
dc8e7a2f39
Enable cache mutation detector in unit tests
Signed-off-by: Monis Khan <mok@vmware.com>
2020-12-17 08:38:15 -06:00
Matt Moyer
34e6e7567f
Merge pull request #295 from ankeesler/fix-secret-status
Only set single secret status field in FederationDomainSecretsController
2020-12-17 08:26:23 -06:00
Andrew Keesler
04d54e622a
Only set single secret status field in FederationDomainSecretsController
This implementation is janky because I wanted to make the smallest change
possible to try to get the code back to stable so we can release.

Also deep copy an object so we aren't mutating the cache.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-12-17 07:41:53 -05:00
Ryan Richard
4c6e1e5fb3 supervisor_login_test.go: wait for the /jwks.json endpoint to be ready
- Also fail in a more obvious way if the token exchanged failed by
  adding an assertion about its status code
2020-12-16 17:59:39 -08:00
Ryan Richard
b2b906f4fe supervisor_discovery_test.go: make test timeouts longer to avoid flakes 2020-12-16 15:13:02 -08:00
Margo Crawford
40586b255c
Merge pull request #293 from vmware-tanzu/rename-oidcprovider-and-upstreamoidcprovider
Rename OIDCProvider -> FederationDomain and UpstreamOIDCProvider -> OIDCIdentityProvider
2020-12-16 14:58:33 -08:00
Margo Crawford
196e43aa48 Rename off of main
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-12-16 14:27:09 -08:00
Matt Moyer
fbe1a202c2
Merge pull request #283 from vmware-tanzu/username-and-subject-claims
Adjust subject and username claims
2020-12-16 15:23:34 -06:00
Matt Moyer
7dae166a69
Merge branch 'main' into username-and-subject-claims 2020-12-16 15:23:19 -06:00
Matt Moyer
72ce69410e
Merge pull request #273 from vmware-tanzu/secret-generation
Generate secrets for Pinniped Supervisor
2020-12-16 15:22:23 -06:00
Matt Moyer
7bb0d649c0
Merge pull request #290 from mattmoyer/rename-token-exchange-scope
Rename the "pinniped.sts.unrestricted" scope to "pinniped:request-audience".
2020-12-16 15:22:05 -06:00
Matt Moyer
c110e173ac
Merge pull request #286 from mattmoyer/upgrade-debian-base-image
Upgrade base images to Debian 10.7-slim.
2020-12-16 15:21:31 -06:00
Matt Moyer
111f6513ac
Upgrade base images to Debian 10.7-slim.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 15:16:31 -06:00
Matt Moyer
5367fd9fcb
Trigger CI 2020-12-16 15:13:28 -06:00
Andrew Keesler
095ba14cc8
Merge remote-tracking branch 'upstream/main' into secret-generation 2020-12-16 15:40:34 -05:00
Andrew Keesler
446863ad96
Merge pull request #292 from ankeesler/golang-debian-bump
Upgrade golang (1.15.5 -> 1.15.6)
2020-12-16 15:38:12 -05:00
Matt Moyer
8527c363bb
Rename the "pinniped.sts.unrestricted" scope to "pinniped:request-audience".
This is a bit more clear. We're changing this now because it is a non-backwards-compatible change that we can make now since none of this RFC8693 token exchange stuff has been released yet.

There is also a small typo fix in some flag usages (s/RF8693/RFC8693/)

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 14:24:13 -06:00
Matt Moyer
05127f4cfb
Merge pull request #291 from mattmoyer/tweak-oidcclient-timeouts
Tweak timeouts in oidcclient package.
2020-12-16 14:23:32 -06:00
Ryan Richard
653224c2ad types_jwt.go.tmpl: Replace spaces with tabs 2020-12-16 12:21:30 -08:00
Margo Crawford
406fc95501 Empty commit to trigger CI
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-12-16 11:49:59 -08:00
Matt Moyer
01b6bf7850
Tweak timeouts in oidcclient package.
- The overall timeout for logins is increased to 90 minutes.
- The timeout for token refresh is increased from 30 seconds to 60 seconds to be a bit more tolerant of extremely slow networks.
- A new, matching timeout of 60 seconds has been added for the OIDC discovery, auth code exchange, and RFC8693 token exchange operations.

The new code uses the `http.Client.Timeout` field rather than managing contexts on individual requests. This is easier because the OIDC package stores a context at creation time and tries to use it later when performing key refresh operations.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 13:47:08 -06:00
Matt Moyer
2840e4e152
Merge pull request #288 from mattmoyer/fixup-securityheaders
Fix a regression in securityheaders package and add tests.
2020-12-16 13:46:28 -06:00
Matt Moyer
3948bb76d8
Be more lax in some of our test assertions.
Fosite overrides the `Cache-Control` header we set, which is basically fine even though it's not exactly what we want.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 13:15:38 -06:00
Matt Moyer
24c01d3e54
Add an integration test to verify security headers on the supervisor authorize endpoint.
It would be great to do this for the supervisor's callback endpoint as well, but it's difficult to get at those since the request happens inside the spawned browser.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 12:41:06 -06:00
Matt Moyer
74e52187a3
Simplify securityheader package by merging header fields.
From RFC2616 (https://www.w3.org/Protocols/rfc2616/rfc2616-sec4.html#sec4.2):
 > It MUST be possible to combine the multiple header fields into one "field-name: field-value" pair,
 > without changing the semantics of the message, by appending each subsequent field-value to the first,
 > each separated by a comma.

This was correct before, but this simplifes a bit and shaves off a few bytes from the response.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 12:41:05 -06:00
Matt Moyer
602f3c59ba
Fix a regression in securityheader package.
The bug itself has to do with when headers are streamed to the client. Once a wrapped handler has sent any bytes to the `http.ResponseWriter`, the value of the map returned from `w.Header()` no longer matters for the response. The fix is fairly trivial, which is to add those response headers before invoking the wrapped handler.

The existing unit test didn't catch this due to limitations in `httptest.NewRecorder()`. It is now replaced with a new test that runs a full HTTP test server, which catches the previous bug.

Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-12-16 12:41:05 -06:00
Aram Price
a33dace80b
Upgrade golang (1.15.5 -> 1.15.6)
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-12-16 13:31:54 -05:00
Margo Crawford
1d4012cabf jwtcachefiller_test.go: don't assert about time zones in errors
Because the library that we are using which returns that error
formats the timestamp in localtime, which is LMT when running
on a laptop, but is UTC when running in CI.

Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-12-16 10:17:17 -08:00
Ryan Richard
dcb19150fc Nest claim configs one level deeper in JWTAuthenticatorSpec
Signed-off-by: Margo Crawford <margaretc@vmware.com>
2020-12-16 09:42:19 -08:00
Matt Moyer
bc1dc0805e
Merge pull request #289 from mattmoyer/fix-secret-type-doc-comment
Fix documentation comment for the UpstreamOIDCProvider's spec.client.secretName type.
2020-12-16 10:09:05 -06:00
Andrew Keesler
fec80113c7
Revert "Retry a couple of times if we fail to get a token from the Supervisor"
This reverts commit be4e34d0c0.

Roll back this change that was supposed to make the test more robust. If we
retry multiple token exchanges with the same auth code, of course we are going
to get failures on the second try onwards because the auth code was invalidated
on the first try.

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-12-16 09:04:29 -05:00