Matt Moyer
821190004c
Remove extraneous internal packages for CRD APIs.
...
These only really make sense for aggregated API types where we need `conversion-gen` to do version conversion.
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-12 14:04:53 -06:00
Andrew Keesler
8321773a22
auth_handler.go: fix lint error
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-12 12:24:40 -05:00
Andrew Keesler
3a943a3b9a
auth_handler.go: ignore encoding timestamp for deterministic tests
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-12 12:14:50 -05:00
Ryan Richard
6d380c629a
auth_handler.go: use encryption in tests
...
Our unit tests are gonna touch a lot more corner cases than our
integration tests, so let's make them run as close to the real
implementation as possible.
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-12 12:14:49 -05:00
Matt Moyer
5fd105496f
Merge pull request #201 from amymanion/am-dev
...
Style updates
2020-11-12 09:12:24 -06:00
Matt Moyer
b3e622c914
Merge pull request #200 from jonasrosland/website-fixes
...
Website fixes for broken links, formatting, and more
2020-11-12 09:10:28 -06:00
Amy Manion
c4ed768c9e
Adjust hero font size
2020-11-12 09:46:44 -05:00
Amy Manion
ef11f97a75
Style updates
...
-adjust font sizes
-fix ordered lists
Signed-off-by: Amy Manion <amy.manion@principlestudios.com>
2020-11-12 09:35:17 -05:00
Jonas Rosland
0b41469527
Website fixes for broken links, formatting, and more
...
Signed-off-by: Jonas Rosland <jrosland@vmware.com>
2020-11-11 21:40:49 -05:00
Mo Khan
8859172025
Merge pull request #198 from enj/enj/i/multi_api_service
...
Prevent multiple pinnipeds from thrashing on the API service
2020-11-11 20:44:42 -05:00
Monis Khan
9c8b081906
Prevent multiple pinnipeds from thrashing on the API service
...
Signed-off-by: Monis Khan <mok@vmware.com>
2020-11-11 20:09:49 -05:00
Ryan Richard
300d522eb0
Merge pull request #185 from vmware-tanzu/authorize_endpoint
2020-11-11 16:03:15 -08:00
Ryan Richard
203e040be1
Remove an unfinished integration test
...
This commit is meant to be reverted when we are unblocked and
ready to start working on this integration test again. Temporarily
remove it so we can merge this PR to main.
Note: I had tried using t.Skip() in the test, but then that caused lint
failures, so decided to just remove it for now.
2020-11-11 15:40:40 -08:00
Matt Moyer
fdcea0de05
Merge pull request #197 from jonasrosland/a-seal-of-approval
...
Add first blog post
2020-11-11 17:33:40 -06:00
Monis Khan
db6fc234b7
Add NullStorage for the authorize endpoint to use
...
We want to run all of the fosite validations in the authorize
endpoint, but we don't need to store anything yet because
we are storing what we need for later in the upstream state
parameter.
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-11 14:49:24 -08:00
jonasrosland
e6838ace6b
Add first blog post
...
Signed-off-by: jonasrosland <jrosland@vmware.com>
2020-11-11 17:06:36 -05:00
Ryan Richard
4b8c1de647
Add unit test to auth_handler_test.go for non-openid authorize requests
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-11 13:13:57 -08:00
Andrew Keesler
c2262773e6
Finish the WIP from the previous commit for saving authorize endpoint state
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-11 12:29:14 -08:00
Andrew Keesler
f806768039
Merge pull request #196 from ankeesler/ytt-logging
...
Add YTT template value for log level
2020-11-11 09:29:24 -05:00
Andrew Keesler
83a156d72b
Enable debug logging in all testing scenarios
...
It is really helpful to have verbose logs during test debugging.
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-11 09:01:43 -05:00
Andrew Keesler
724c0d3eb0
Add YTT template value for setting log level
...
This is helpful for us, amongst other users, because we want to enable "debug"
logging whenever we deploy components for testing.
See a5643e3
for addition of log level.
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-11 09:01:38 -05:00
Monis Khan
dd190dede6
WIP for saving authorize endpoint state into upstream state param
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-10 17:58:00 -08:00
Matt Moyer
5b8e0c4d99
Merge pull request #195 from mattmoyer/fix-links
...
Fix some links on the community page.
2020-11-10 17:22:37 -06:00
Matt Moyer
b2b8d5457d
Fix some links on the community page.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-10 17:19:30 -06:00
Matt Moyer
16ef0b2d41
Merge pull request #194 from jonasrosland/website-fixes
...
Minor website fixes and adding netlify configs
2020-11-10 16:24:51 -06:00
jonasrosland
d097de7fdf
Minor website fixes and adding netlify configs
...
Signed-off-by: jonasrosland <jrosland@vmware.com>
2020-11-10 16:03:07 -05:00
Matt Moyer
101394c714
Merge pull request #188 from smalltalk-ai/main
...
Hugo version of Pinniped site
2020-11-10 14:51:45 -06:00
Matt Moyer
06df825dab
Merge pull request #193 from mattmoyer/add-extra-sites
...
Add Netlify configs for extra redirect domains.
2020-11-10 14:03:37 -06:00
Matt Moyer
f7efc360a0
Add Netlify configs for extra redirect domains.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-10 13:58:31 -06:00
Amy Manion
ad74f259de
Content updates
...
-remove extra blog posts
-remove extra images
-replace Andrew’s picture
2020-11-10 13:39:13 -05:00
Andrew Keesler
005225d5f9
Use the new plog pkg in auth_handler.go
...
- Add a new helper method to plog to make a consistent way to log
expected errors at the info level (as opposed to unexpected
system errors that would be logged using plog.Error)
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-10 10:33:52 -08:00
Ryan Richard
b9726615dd
Merge branch 'main' into authorize_endpoint
2020-11-10 09:29:21 -08:00
Ryan Richard
01941d6b2a
Run Tilt containers as root because live-reload breaks otherwise
2020-11-10 09:27:44 -08:00
Ryan Richard
b21c27b219
Merge branch 'main' into authorize_endpoint
2020-11-10 09:24:19 -08:00
Mo Khan
9bfcaa33c6
Merge pull request #190 from enj/enj/f/klog_levels
...
Add log level support
2020-11-10 12:14:02 -05:00
Monis Khan
1c60e09f13
Make race detector happy by removing parallelism
...
Signed-off-by: Monis Khan <mok@vmware.com>
2020-11-10 11:23:42 -05:00
Monis Khan
15a5332428
Reduce log spam
...
Signed-off-by: Monis Khan <mok@vmware.com>
2020-11-10 10:22:27 -05:00
Monis Khan
a5643e3738
Add log level support
...
Signed-off-by: Monis Khan <mok@vmware.com>
2020-11-10 10:22:27 -05:00
Monis Khan
9356f64c55
Remove global klog --log-flush-frequency flag
...
Signed-off-by: Monis Khan <mok@vmware.com>
2020-11-10 08:48:42 -05:00
Ryan Richard
246471bc91
Also run OIDC validations in supervisor authorize endpoint
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-06 14:44:58 -08:00
Adam Powell
896e1b45f0
Hugo version of Pinniped site
2020-11-06 12:42:57 -10:00
Andrew Keesler
4032ed32ae
Auth endpoint integration test initial thoughts
...
This is awaiting the new upstream OIDC provider CRD in order
to pass, however hopefully this is a starting point for us.
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-05 11:00:05 -05:00
Ryan Richard
33ce79f89d
Expose the Supervisor OIDC authorization endpoint to the public
2020-11-04 17:06:47 -08:00
Andrew Keesler
3bc13517b2
prepare-for-integration-tests.sh: add check for chromedriver
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-04 15:53:32 -08:00
Andrew Keesler
a36f7c6c07
Test that the port of localhost redirect URI is ignored during validation
...
Also move definition of our oauth client and the general fosite
configuration to a helper so we can use the same config to construct
the handler for both test and production code.
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-04 15:04:50 -08:00
Ryan Richard
ba688f56aa
Supervisor authorize endpoint errors when PKCE code_challenge_method is invalid
...
Signed-off-by: Andrew Keesler <akeesler@vmware.com>
2020-11-04 12:29:43 -08:00
Matt Moyer
8684f8f628
Merge pull request #139 from enj/enj/i/use_parent_func
...
Use parent func to indicate when the controller queue is a singleton
2020-11-04 14:21:50 -06:00
Andrew Keesler
2564d1be42
Supervisor authorize endpoint errors when missing PKCE params
...
Signed-off-by: Ryan Richard <richardry@vmware.com>
2020-11-04 12:19:07 -08:00
Matt Moyer
4da3d93f6e
The supervisor JWKS observer and TLS cert controllers use the ctx after all, whoops.
...
Signed-off-by: Matt Moyer <moyerm@vmware.com>
2020-11-04 13:08:50 -06:00
Ryan Richard
0045ce4286
Refactor auth_handler_test.go's creation of paths and urls to use helpers
2020-11-04 09:58:40 -08:00