Margo Crawford
|
ff26c424ae
|
Remove unused role binding
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-15 10:19:56 -07:00 |
|
Margo Crawford
|
424f925a14
|
Merge branch 'dynamic_clients' into client-secret-api-noop
|
2022-06-15 09:38:55 -07:00 |
|
Margo Crawford
|
c117329553
|
Updates based on code review
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-15 09:38:21 -07:00 |
|
Margo Crawford
|
4d0c2e16f4
|
require groups scope to get groups back from supervisor
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-15 08:00:17 -07:00 |
|
Mo Khan
|
c77bee67c1
|
Merge pull request #1189 from vmware-tanzu/token_exchange_aud
Disallow certain requested audience strings in token exchange
|
2022-06-14 16:41:51 -04:00 |
|
Margo Crawford
|
c95efad180
|
Merge branch 'dynamic_clients' into client-secret-api-noop
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-13 17:12:00 -07:00 |
|
Ryan Richard
|
268e1108d1
|
Merge pull request #1194 from vmware-tanzu/config_oidcclient
Move oidcclient into config.supervisor.pinniped.dev
|
2022-06-13 16:03:05 -07:00 |
|
Margo Crawford
|
104e08b0f6
|
Merge branch 'dynamic_clients' into client-secret-api-noop
|
2022-06-13 15:52:34 -07:00 |
|
Margo Crawford
|
0c1f48cbc1
|
Move oidcclient into config.supervisor.pinniped.dev
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-13 15:48:54 -07:00 |
|
Margo Crawford
|
8f4285dbff
|
Change group names
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-13 14:28:05 -07:00 |
|
Ryan Richard
|
aceea7888b
|
Merge branch 'main' into dynamic_clients
|
2022-06-13 12:29:09 -07:00 |
|
Ryan Richard
|
b9272b2729
|
Reserve all of *.pinniped.dev for requested aud in token exchanges
Our previous plan was to reserve only *.oauth.pinniped.dev but we
changed our minds during PR review.
|
2022-06-13 12:08:11 -07:00 |
|
Margo Crawford
|
ba371423d9
|
Add integration test for OIDCClientSecretRequest
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-10 13:56:15 -07:00 |
|
Margo Crawford
|
018bdacc6d
|
Merge pull request #1191 from vmware-tanzu/codegen-docker-pull-always
Always attempt to docker pull before codegen
|
2022-06-10 13:31:47 -07:00 |
|
Ryan Richard
|
e7096c61a8
|
Merge branch 'main' into dynamic_clients
|
2022-06-10 12:52:59 -07:00 |
|
Margo Crawford
|
b3ad29fe1c
|
Always attempt to docker pull before codegen
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-10 12:26:40 -07:00 |
|
Margo Crawford
|
479b6c421d
|
fix out of date codegen images
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-10 09:51:37 -07:00 |
|
Margo Crawford
|
157b5a7079
|
Update 1.24 codegen
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-10 07:55:46 -07:00 |
|
Margo Crawford
|
37884e7015
|
reran update.sh to get the codegen up to date
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-09 14:39:06 -07:00 |
|
Margo Crawford
|
889348e999
|
WIP aggregated api for oidcclientsecretrequest
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-09 13:47:19 -07:00 |
|
Ryan Richard
|
484c8f4bf3
|
Merge pull request #1183 from anjaltelang/main
Blog for v0.18.0
|
2022-06-08 15:14:31 -07:00 |
|
Ryan Richard
|
221f174768
|
Update v0.18.0 blog post date
|
2022-06-08 15:14:02 -07:00 |
|
Pinny
|
3ebf5ad4c3
|
Updated versions in docs for v0.18.0 release
|
2022-06-08 22:13:13 +00:00 |
|
Ryan Richard
|
ec533cd781
|
Skip some recently added integration tests when LDAP is unavailable
Also refactor to use shared test helper for skipping LDAP and AD tests.
|
2022-06-08 12:57:00 -07:00 |
|
Ryan Richard
|
1f505fc065
|
Update audience confusion section of proposal doc
|
2022-06-08 11:36:50 -07:00 |
|
Ryan Richard
|
dd61ada540
|
Allow new warning messages about GCP plugin in TestGetPinnipedCategory
|
2022-06-08 10:22:15 -07:00 |
|
Ryan Richard
|
0b6b8b4fcd
|
Merge branch 'dynamic_clients' into token_exchange_aud
|
2022-06-08 09:58:38 -07:00 |
|
Ryan Richard
|
77f37b5a57
|
run codegen
|
2022-06-08 09:41:35 -07:00 |
|
Ryan Richard
|
321abfc98d
|
Merge branch 'dynamic_clients' into token_exchange_aud
|
2022-06-08 09:03:29 -07:00 |
|
Ryan Richard
|
97d17bbda8
|
Merge branch 'main' into dynamic_clients
|
2022-06-08 09:03:06 -07:00 |
|
Mo Khan
|
cc1163e326
|
Merge pull request #1179 from vmware-tanzu/auth_handler_form_post_csp
Fix bug in certain error handling for authorize endpoint when response_mode=form_post is requested
|
2022-06-08 08:47:56 -04:00 |
|
Ryan Richard
|
ea45e5dfef
|
Disallow certain requested audience strings in token exchange
|
2022-06-07 16:32:19 -07:00 |
|
Mo Khan
|
472ab229e7
|
Merge branch 'main' into auth_handler_form_post_csp
|
2022-06-07 18:26:52 -04:00 |
|
Mo Khan
|
2c7b52dce8
|
Merge pull request #1186 from vmware-tanzu/bump_deps
Bump all project dependencies
|
2022-06-07 18:25:12 -04:00 |
|
Ryan Richard
|
2c048bcb4f
|
Bump all deps to latest
Signed-off-by: Monis Khan <mok@vmware.com>
|
2022-06-07 15:26:30 -04:00 |
|
Ryan Richard
|
e78c7d4e0e
|
update kube codegen versions and add 1.24 codegen
Signed-off-by: Monis Khan <mok@vmware.com>
|
2022-06-07 15:26:30 -04:00 |
|
Ryan Richard
|
7751c0bf59
|
Bump project deps, including kube 0.23.6->0.24.1 and Go 1.18.1->1.18.3
Several API changes in Kube required changes in Pinniped code.
Signed-off-by: Monis Khan <mok@vmware.com>
|
2022-06-07 15:26:30 -04:00 |
|
Ryan Richard
|
8170889aef
|
Update CSP header expectations in TestSupervisorLogin_Browser int test
|
2022-06-07 11:20:59 -07:00 |
|
Mo Khan
|
38bfdd6b70
|
Merge branch 'main' into auth_handler_form_post_csp
|
2022-06-07 11:42:09 -04:00 |
|
Margo Crawford
|
e5a96e353c
|
Merge pull request #1185 from vmware-tanzu/oidc_client_crd
OIDC client crd
|
2022-06-06 14:16:10 -07:00 |
|
Anjali Telang
|
52bbbcf7e8
|
margo's suggestions
|
2022-06-06 17:03:52 -04:00 |
|
Mo Khan
|
a3ec15862d
|
Run CodeQL on dynamic_clients branch
|
2022-06-06 16:41:38 -04:00 |
|
Ryan Richard
|
98c45fefe9
|
Merge branch 'main' into auth_handler_form_post_csp
|
2022-06-06 11:51:51 -07:00 |
|
Margo Crawford
|
d6442ed53d
|
Merge pull request #1180 from vmware-tanzu/cli_flow_env_var
Allow `PINNIPED_UPSTREAM_IDENTITY_PROVIDER_FLOW` env var to override `--upstream-identity-provider-flow` CLI flag
|
2022-06-06 11:49:00 -07:00 |
|
Margo Crawford
|
0dec2eee32
|
Add enum validation for scopes and grant types
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-06 10:15:25 -07:00 |
|
Ryan Richard
|
fd9d641b5c
|
Add doc for PINNIPED_UPSTREAM_IDENTITY_PROVIDER_FLOW env var
|
2022-06-06 09:47:50 -07:00 |
|
Ryan Richard
|
326cc194e9
|
Merge branch 'main' into cli_flow_env_var
|
2022-06-06 09:38:57 -07:00 |
|
Margo Crawford
|
3cacb5b022
|
Fix typo in oidcclient spec and status descriptions
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-06 07:38:57 -07:00 |
|
Margo Crawford
|
ca3da0bc90
|
Fix some disallowed kubebuilder annotations, fix kube api discovery test
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-04 21:04:40 -07:00 |
|
Margo Crawford
|
cd47ba53c2
|
Add CRD for OIDCClient
Signed-off-by: Margo Crawford <margaretc@vmware.com>
|
2022-06-03 16:22:15 -07:00 |
|